client.createRole(requestorUserName, roleName1); client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table1", "col1", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table1", "col2", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table2", "col1", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table2", "col2", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db2", "table1", "col1", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db2", "table2", "col1", "ALL"); client.createRole(requestorUserName, roleName2); client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table1", "col1", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table1", "col2", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table2", "col1", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table2", "col2", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db2", "table1", "col1", "ALL"); client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db2", "table2", "col1", "ALL");
@Override public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception { TSentryPrivilege tSentryPrivilege = CommandUtil.convertToTSentryPrivilege(privilegeStr); boolean grantOption = tSentryPrivilege.getGrantOption().equals(TSentryGrantOption.TRUE) ? true : false; if (ServiceConstants.PrivilegeScope.SERVER.toString().equals(tSentryPrivilege.getPrivilegeScope())) { client.grantServerPrivilege(requestorName, roleName, tSentryPrivilege.getServerName(), tSentryPrivilege.getAction(), grantOption); } else if (ServiceConstants.PrivilegeScope.DATABASE.toString().equals(tSentryPrivilege.getPrivilegeScope())) { client.grantDatabasePrivilege(requestorName, roleName, tSentryPrivilege.getServerName(), tSentryPrivilege.getDbName(), tSentryPrivilege.getAction(), grantOption); } else if (ServiceConstants.PrivilegeScope.TABLE.toString().equals(tSentryPrivilege.getPrivilegeScope())) { client.grantTablePrivilege(requestorName, roleName, tSentryPrivilege.getServerName(), tSentryPrivilege.getDbName(), tSentryPrivilege.getTableName(), tSentryPrivilege.getAction(), grantOption); } else if (ServiceConstants.PrivilegeScope.COLUMN.toString().equals(tSentryPrivilege.getPrivilegeScope())) { client.grantColumnPrivilege(requestorName, roleName, tSentryPrivilege.getServerName(), tSentryPrivilege.getDbName(), tSentryPrivilege.getTableName(), tSentryPrivilege.getColumnName(), tSentryPrivilege.getAction(), grantOption); } else if (ServiceConstants.PrivilegeScope.URI.toString().equals(tSentryPrivilege.getPrivilegeScope())) { client.grantURIPrivilege(requestorName, roleName, tSentryPrivilege.getServerName(), tSentryPrivilege.getURI(), grantOption); } } }