@Override public TDropPrivilegesResponse drop_sentry_privilege( TDropPrivilegesRequest request) throws TException { final Timer.Context timerContext = sentryMetrics.dropPrivilegeTimer.time(); TDropPrivilegesResponse response = new TDropPrivilegesResponse(); try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), adminGroups); sentryStore.dropPrivilege(request.getAuthorizable()); for (SentryPolicyStorePlugin plugin : sentryPlugins) { plugin.onDropSentryPrivilege(request); } response.setStatus(Status.OK()); } catch (SentryAccessDeniedException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.AccessDenied(e.getMessage(), e)); } catch (SentryThriftAPIMismatchException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e)); } catch (Exception e) { String msg = "Unknown error for request: " + request + ", message: " + e.getMessage(); LOGGER.error(msg, e); response.setStatus(Status.RuntimeError(msg, e)); } finally { timerContext.stop(); } return response; }
try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); CommitContext commitContext = sentryStore.createSentryRole(request.getRoleName());
try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); CommitContext commitContext = sentryStore.dropSentryRole(request.getRoleName());
try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); CommitContext commitContext = sentryStore.alterSentryRoleAddGroups(request.getRequestorUserName(),
try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); CommitContext commitContext = sentryStore.alterSentryRoleDeleteGroups(request.getRoleName(),
@Override public TRenamePrivilegesResponse rename_sentry_privilege( TRenamePrivilegesRequest request) throws TException { final Timer.Context timerContext = sentryMetrics.renamePrivilegeTimer.time(); TRenamePrivilegesResponse response = new TRenamePrivilegesResponse(); try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), adminGroups); sentryStore.renamePrivilege(request.getOldAuthorizable(), request.getNewAuthorizable()); for (SentryPolicyStorePlugin plugin : sentryPlugins) { plugin.onRenameSentryPrivilege(request); } response.setStatus(Status.OK()); } catch (SentryAccessDeniedException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.AccessDenied(e.getMessage(), e)); } catch (SentryThriftAPIMismatchException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e)); } catch (Exception e) { String msg = "Unknown error for request: " + request + ", message: " + e.getMessage(); LOGGER.error(msg, e); response.setStatus(Status.RuntimeError(msg, e)); } finally { timerContext.close(); } return response; }