/** * Creates an audit log for the drop role event. * * @param request The drop role request received by the Sentry server. * @param response The drop role response generated by the Sentry server. */ public void onDropRole(TDropSentryRoleRequest request, TDropSentryRoleResponse response) { try { info(JSON_LOG_ENTITY.createJsonLogEntity(request, response, conf)); } catch (Exception e) { String msg = "Cannot generate an audit log for creating a role: " + e.getMessage(); ERROR_LOGGER.error(msg, e); } }
/** * Creates an audit log for the role add groups event. * * @param request The role add groups request received by the Sentry server. * @param response The role add groups response generated by the Sentry server. */ public void onGrantRoleToGroup(TAlterSentryRoleAddGroupsRequest request, TAlterSentryRoleAddGroupsResponse response) { try { info(JSON_LOG_ENTITY.createJsonLogEntity(request, response, conf)); } catch (Exception e) { String msg = "Cannot generate an audit log for adding groups to a role: " + e.getMessage(); ERROR_LOGGER.error(msg, e); } }
/** * Creates an audit log for the role delete users event. * * @param request The role delete users request received by the Sentry server. * @param response The role delete users response generated by the Sentry server. */ public void onRevokeRoleFromUser(TAlterSentryRoleDeleteUsersRequest request, TAlterSentryRoleDeleteUsersResponse response) { try { info(JSON_LOG_ENTITY.createJsonLogEntity(request, response, conf)); } catch (Exception e) { String msg = "Cannot generate an audit log for deleting users from a role: " + e.getMessage(); ERROR_LOGGER.error(msg, e); } }
/** * Creates an audit log for the create role event. * * @param request The create role request received by the Sentry server. * @param response The create role response generated by the Sentry server. */ public void onCreateRole(TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { try { info(JSON_LOG_ENTITY.createJsonLogEntity(request, response, conf)); } catch (Exception e) { String msg = "Cannot generate an audit log for creating a role: " + e.getMessage(); ERROR_LOGGER.error(msg, e); } }
/** * Creates an audit log for the role delete groups event. * * @param request The role delete groups request received by the Sentry server. * @param response The role delete groups response generated by the Sentry server. */ public void onRevokeRoleFromGroup(TAlterSentryRoleDeleteGroupsRequest request, TAlterSentryRoleDeleteGroupsResponse response) { try { info(JSON_LOG_ENTITY.createJsonLogEntity(request, response, conf)); } catch (Exception e) { String msg = "Cannot generate an audit log for deleting groups from a role: " + e.getMessage(); ERROR_LOGGER.error(msg, e); } }
/** * Creates an audit log for the role add users event. * * @param request The role add users request received by the Sentry server. * @param response The role add users response generated by the Sentry server. */ public void onGrantRoleToUser(TAlterSentryRoleAddUsersRequest request, TAlterSentryRoleAddUsersResponse response) { try { info(JSON_LOG_ENTITY.createJsonLogEntity(request, response, conf)); } catch (Exception e) { String msg = "Cannot generate an audit log for adding users to a role: " + e.getMessage(); ERROR_LOGGER.error(msg, e); } }
public Set<JsonLogEntity> createJsonLogEntities( TAlterSentryRoleRevokePrivilegeRequest request, TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) { ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder(); if (request.isSetPrivileges()) { for (TSentryPrivilege privilege : request.getPrivileges()) { JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf); setBuilder.add(logEntity); } } return setBuilder.build(); }
public Set<JsonLogEntity> createJsonLogEntitys( TAlterSentryRoleRevokePrivilegeRequest request, TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) { ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder(); if (request.isSetPrivileges()) { for (TSentryPrivilege privilege : request.getPrivileges()) { JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf); setBuilder.add(logEntity); } } return setBuilder.build(); }
public Set<JsonLogEntity> createJsonLogEntities( TAlterSentryRoleGrantPrivilegeRequest request, TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) { ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder(); if (request.isSetPrivileges()) { for (TSentryPrivilege privilege : request.getPrivileges()) { JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf); setBuilder.add(logEntity); } } return setBuilder.build(); }
public Set<JsonLogEntity> createJsonLogEntitys( TAlterSentryRoleGrantPrivilegeRequest request, TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) { ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder(); if (request.isSetPrivileges()) { for (TSentryPrivilege privilege : request.getPrivileges()) { JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf); setBuilder.add(logEntity); } } return setBuilder.build(); }
/** * Creates an audit log for the grant owner privilege event. * * @param status The response status of Sentry when granting the privilege. * @param requestorUserName The user name on behalf this grant is made * @param ownerType The principal type who to grant the owner privilege. * @param ownerName The name of the owner who to grant the owner privilege. * @param authorizable The authorizable object where to grant the owner privilege. */ public void onGrantOwnerPrivilege(TSentryResponseStatus status, String requestorUserName, TSentryPrincipalType ownerType, String ownerName, TSentryAuthorizable authorizable) { try { info(JSON_LOG_ENTITY.createJsonLogEntity(Constants.OPERATION_GRANT_OWNER_PRIVILEGE, Constants.OBJECT_TYPE_PRINCIPAL, requestorUserName, status, authorizable, ownerType, ownerName, conf)); } catch (Exception e) { String msg = "Cannot generate an audit log for grant owner privilege: " + e.getMessage(); ERROR_LOGGER.error(msg, e); } }
@Test public void testDropRole() { TDropSentryRoleRequest request = new TDropSentryRoleRequest(); TDropSentryRoleResponse response = new TDropSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory .getInstance().createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); response.setStatus(Status.InvalidInput("", null)); amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity( request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); }
@Test public void testDropRole() { TDropSentryRoleRequest request = new TDropSentryRoleRequest(); TDropSentryRoleResponse response = new TDropSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory .getInstance().createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); response.setStatus(Status.InvalidInput("", null)); amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity( request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); }
@Test public void testCreateRole() { TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); TCreateSentryRoleResponse response = new TCreateSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); response.setStatus(Status.InvalidInput("", null)); amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity( request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); }
@Test public void testCreateRole() { TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); TCreateSentryRoleResponse response = new TCreateSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); response.setStatus(Status.InvalidInput("", null)); amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity( request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>()); }
@Test public void testCreateRole() { TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); TCreateSentryRoleResponse response = new TCreateSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory .getInstance().createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); response.setStatus(Status.InvalidInput("", null)); amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); }
@Test public void testDropRole() { TDropSentryRoleRequest request = new TDropSentryRoleRequest(); TDropSentryRoleResponse response = new TDropSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory .getInstance().createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); response.setStatus(Status.InvalidInput("", null)); amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); }
@Test public void testDropRole() { TDropSentryRoleRequest request = new TDropSentryRoleRequest(); TDropSentryRoleResponse response = new TDropSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory .getInstance().createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); response.setStatus(Status.InvalidInput("", null)); amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); }
@Test public void testCreateRole() { TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); TCreateSentryRoleResponse response = new TCreateSentryRoleResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); response.setStatus(Status.OK()); DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory .getInstance().createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); response.setStatus(Status.InvalidInput("", null)); amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE); }
@Test public void testDeleteRole() { TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest(); TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse(); request.setRequestorUserName(TEST_USER_NAME); request.setRoleName(TEST_ROLE_NAME); request.setGroups(getGroups()); response.setStatus(Status.OK()); DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory .getInstance().createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.TRUE, Constants.OPERATION_DELETE_ROLE, "REVOKE ROLE testRole FROM GROUP testGroup", null, null, null, Constants.OBJECT_TYPE_ROLE); response.setStatus(Status.InvalidInput("", null)); amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, response, conf); assertCommon(amle, Constants.FALSE, Constants.OPERATION_DELETE_ROLE, "REVOKE ROLE testRole FROM GROUP testGroup", null, null, null, Constants.OBJECT_TYPE_ROLE); }