org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer.getRolesByGroups java code examples

 @Override
 public Response<Set<TSentryRole>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
  if (!AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) {
   boolean admin = inAdminGroups(groups);
   //Only admin users can list all roles in the system ( groupname = null)
   //Non admin users are only allowed to list only groups which they belong to
   if(!admin && (request.getGroupName() == null || !groups.contains(request.getGroupName()))) {
    throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
   }
   groups.clear();
   groups.add(request.getGroupName());
  }
  Set<String> roleNames = store.getRolesByGroups(request.getComponent(), groups);
  Set<TSentryRole> tSentryRoles = Sets.newHashSet();
  for (String roleName : roleNames) {
   Set<String> groupsForRoleName = store.getGroupsByRoles(request.getComponent(), Sets.newHashSet(roleName));
   tSentryRoles.add(new TSentryRole(roleName, groupsForRoleName));
  }
  return new Response<Set<TSentryRole>>(Status.OK(), tSentryRoles);
 }
});

 @Override
 public Response<Set<TSentryPrivilege>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
  if (!inAdminGroups(groups)) {
   Set<String> roleNamesForGroups = toTrimmedLower(store.getRolesByGroups(request.getComponent(), groups));
   if (!roleNamesForGroups.contains(toTrimmedLower(request.getRoleName()))) {
    throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
   }
  }
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  Sets.newHashSet(request.getRoleName()),
                                  null, toAuthorizables(request.getAuthorizables()));
  Set<TSentryPrivilege> tSentryPrivileges = Sets.newHashSet();
  for (PrivilegeObject privilege : privileges) {
   tSentryPrivileges.add(fromPrivilegeObject(privilege));
  }
  return new Response<Set<TSentryPrivilege>>(Status.OK(), tSentryPrivileges);
 }
});

 @Override
 public Response<Set<TSentryPrivilege>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
  if (!inAdminGroups(groups)) {
   Set<String> roleNamesForGroups = toTrimmedLower(store.getRolesByGroups(request.getComponent(), groups));
   if (!roleNamesForGroups.contains(toTrimmedLower(request.getRoleName()))) {
    throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
   }
  }
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  Sets.newHashSet(request.getRoleName()),
                                  null, toAuthorizables(request.getAuthorizables()));
  Set<TSentryPrivilege> tSentryPrivileges = Sets.newHashSet();
  for (PrivilegeObject privilege : privileges) {
   tSentryPrivileges.add(fromPrivilegeObject(privilege));
  }
  return new Response<Set<TSentryPrivilege>>(Status.OK(), tSentryPrivileges);
 }
});

 @Override
 public Response<Set<String>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> activeRoleNames = toTrimmedLower(request.getRoleSet().getRoles());
  Set<String> roleNamesForGroups = store.getRolesByGroups(request.getComponent(), request.getGroups());
  Set<String> rolesToQuery = request.getRoleSet().isAll() ? roleNamesForGroups : Sets.intersection(activeRoleNames, roleNamesForGroups);
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  rolesToQuery, null,
                                  toAuthorizables(request.getAuthorizables()));
  return new Response<Set<String>>(Status.OK(), buildPermissions(privileges));
 }
});

 @Override
 public Response<Set<String>> handle() throws Exception {
  validateClientVersion(request.getProtocol_version());
  Set<String> activeRoleNames = toTrimmedLower(request.getRoleSet().getRoles());
  Set<String> roleNamesForGroups = store.getRolesByGroups(request.getComponent(), request.getGroups());
  Set<String> rolesToQuery = request.getRoleSet().isAll() ? roleNamesForGroups : Sets.intersection(activeRoleNames, roleNamesForGroups);
  Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
                                  request.getServiceName(),
                                  rolesToQuery, null,
                                  toAuthorizables(request.getAuthorizables()));
  return new Response<Set<String>>(Status.OK(), buildPermissions(privileges));
 }
});

 Set<String> grantedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 Set<String> activeRoleNames = toTrimmedLower(activeRoleSet.getRoles());
 validActiveRoles.addAll(activeRoleSet.isAll() ? allRoles : Sets.intersection(activeRoleNames, allRoles));
} else {
 Set<String> requestedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 validActiveRoles.addAll(activeRoleSet.isAll() ? allRoles : Sets.intersection(activeRoleNames, requestedRoles));

Set<String> grantedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
 requestedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));

mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
Mockito.when(mockStore.getRolesByGroups(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(roleName));

mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
Mockito.when(mockStore.getRolesByGroups(anyString(), anySetOf(String.class)))
.thenReturn(Sets.newHashSet(roleName));

Javadoc

Get roles

Popular methods of SentryStoreLayer

alterRoleAddGroups
Add a role to groups.
alterRoleDeleteGroups
Delete a role from groups.
alterRoleGrantPrivilege
Grant a privilege to role.
alterRoleRevokePrivilege
Revoke a privilege from role.
createRole
Create a role
dropPrivilege
Drop privilege
dropRole
Drop a role
getAllRoleNames
Get all roles name.
getPrivilegesByAuthorizable
Get sentry privileges based on valid active roles and the authorize objects.
getPrivilegesByProvider
get sentry privileges from provider as followings:
renamePrivilege
Rename privilege
getGroupsByRoles
Get groups

Popular in Java

Making http post requests using okhttp
onCreateOptionsMenu (Activity)
findViewById (Activity)
compareTo (BigDecimal)
URLConnection (java.net)
A connection to a URL for reading or writing. For HTTP connections, see HttpURLConnection for docume
NoSuchElementException (java.util)
Thrown when trying to retrieve an element past the end of an Enumeration or Iterator.
Random (java.util)
This class provides methods that return pseudo-random values.It is dangerous to seed Random with the
BlockingQueue (java.util.concurrent)
A java.util.Queue that additionally supports operations that wait for the queue to become non-empty
Executor (java.util.concurrent)
An object that executes submitted Runnable tasks. This interface provides a way of decoupling task s
Executors (java.util.concurrent)
Factory and utility methods for Executor, ExecutorService, ScheduledExecutorService, ThreadFactory,
CodeWhisperer alternatives

How to use getRolesByGroupsmethodin org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer

Best Java code snippets using org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer.getRolesByGroups (Showing top 9 results out of 315)

How to use
getRolesByGroups
method
in
org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer