private boolean isPrivilegeStale(MSentryPrivilege privilege) { if (privilege.getUsers().isEmpty() && privilege.getRoles().isEmpty()) { return true; } return false; }
getMSentryPrivilegesByAuth(SentryPrincipalType.USER, userNames, authHierarchy); for (MSentryPrivilege priv : mSentryPrivileges) { for (MSentryUser user : priv.getUsers()) { TSentryPrivilege tPriv = convertToTSentryPrivilege(priv); if (resultPrivilegeMap.containsKey(user.getUserName())) {
if ((!persistedPriv.getRoles().isEmpty() || !persistedPriv.getUsers().isEmpty()) && mEntity != null) { persistedPriv.removePrincipal(mEntity);
/** * List the Owners for an authorizable * @param authorizable Authorizable * @return List of owner for an authorizable * @throws Exception */ public List<SentryOwnerInfo> listOwnersByAuthorizable(TSentryAuthorizable authorizable) throws Exception { List<SentryOwnerInfo> ownerInfolist = new ArrayList<>(); return tm.executeTransaction( pm -> { List<MSentryPrivilege> mSentryPrivileges = getMSentryOwnerPrivilegesByAuth(pm, authorizable); for (MSentryPrivilege priv : mSentryPrivileges) { for (PrivilegePrincipal user : priv.getUsers()) { ownerInfolist.add(new SentryOwnerInfo(user.getPrincipalType(), user.getPrincipalName())); } for (PrivilegePrincipal role : priv.getRoles()) { ownerInfolist.add(new SentryOwnerInfo(role.getPrincipalType(), role.getPrincipalName())); } } return ownerInfolist; }); }
public void revokeOwnerPrivilegesCore(PersistenceManager pm, final TSentryAuthorizable tAuthorizable) throws Exception{ TSentryPrivilege tOwnerPrivilege = toSentryPrivilege(tAuthorizable); tOwnerPrivilege.setAction(AccessConstants.OWNER); // Finding owner privileges and removing them. List<MSentryPrivilege> mOwnerPrivileges = getMSentryPrivilegesExactMatch(tOwnerPrivilege, pm); for(MSentryPrivilege mOwnerPriv : mOwnerPrivileges) { Set<MSentryUser> users; users = mOwnerPriv.getUsers(); // Making sure of removing stale users. for (MSentryUser user : users) { user.removePrivilege(mOwnerPriv); persistEntity(pm, SentryPrincipalType.USER, user); } } pm.deletePersistentAll(mOwnerPrivileges); }
for (MSentryPrivilege mPrivilege : mPrivileges) { entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getRoles())); entitySet.addAll(ImmutableSet.copyOf(mPrivilege.getUsers()));
pUpdate = addPrivilegeEntry (mPriv, TPrivilegePrincipalType.ROLE, mRole.getRoleName(), pUpdate); for (MSentryUser mUser : mPriv.getUsers()) { pUpdate = addPrivilegeEntry (mPriv, TPrivilegePrincipalType.USER, mUser.getUserName(), pUpdate);