public TSentryAuthorizable deepCopy() { return new TSentryAuthorizable(this); }
/** * Performs a deep copy on <i>other</i>. */ public TRenamePrivilegesRequest(TRenamePrivilegesRequest other) { __isset_bitfield = other.__isset_bitfield; this.protocol_version = other.protocol_version; if (other.isSetRequestorUserName()) { this.requestorUserName = other.requestorUserName; } if (other.isSetOldAuthorizable()) { this.oldAuthorizable = new TSentryAuthorizable(other.oldAuthorizable); } if (other.isSetNewAuthorizable()) { this.newAuthorizable = new TSentryAuthorizable(other.newAuthorizable); } }
/** * Performs a deep copy on <i>other</i>. */ public TDropPrivilegesRequest(TDropPrivilegesRequest other) { __isset_bitfield = other.__isset_bitfield; this.protocol_version = other.protocol_version; if (other.isSetRequestorUserName()) { this.requestorUserName = other.requestorUserName; } if (other.isSetAuthorizable()) { this.authorizable = new TSentryAuthorizable(other.authorizable); } }
/** * Performs a deep copy on <i>other</i>. */ public TListSentryPrivilegesByAuthResponse(TListSentryPrivilegesByAuthResponse other) { if (other.isSetStatus()) { this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status); } if (other.isSetPrivilegesMapByAuth()) { Map<TSentryAuthorizable,TSentryPrivilegeMap> __this__privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>(); for (Map.Entry<TSentryAuthorizable, TSentryPrivilegeMap> other_element : other.privilegesMapByAuth.entrySet()) { TSentryAuthorizable other_element_key = other_element.getKey(); TSentryPrivilegeMap other_element_value = other_element.getValue(); TSentryAuthorizable __this__privilegesMapByAuth_copy_key = new TSentryAuthorizable(other_element_key); TSentryPrivilegeMap __this__privilegesMapByAuth_copy_value = new TSentryPrivilegeMap(other_element_value); __this__privilegesMapByAuth.put(__this__privilegesMapByAuth_copy_key, __this__privilegesMapByAuth_copy_value); } this.privilegesMapByAuth = __this__privilegesMapByAuth; } }
/** * Performs a deep copy on <i>other</i>. */ public TListSentryPrivilegesForProviderRequest(TListSentryPrivilegesForProviderRequest other) { __isset_bitfield = other.__isset_bitfield; this.protocol_version = other.protocol_version; if (other.isSetGroups()) { Set<String> __this__groups = new HashSet<String>(); for (String other_element : other.groups) { __this__groups.add(other_element); } this.groups = __this__groups; } if (other.isSetRoleSet()) { this.roleSet = new TSentryActiveRoleSet(other.roleSet); } if (other.isSetAuthorizableHierarchy()) { this.authorizableHierarchy = new TSentryAuthorizable(other.authorizableHierarchy); } }
/** * Performs a deep copy on <i>other</i>. */ public TListSentryPrivilegesByAuthRequest(TListSentryPrivilegesByAuthRequest other) { __isset_bitfield = other.__isset_bitfield; this.protocol_version = other.protocol_version; if (other.isSetRequestorUserName()) { this.requestorUserName = other.requestorUserName; } if (other.isSetAuthorizableSet()) { Set<TSentryAuthorizable> __this__authorizableSet = new HashSet<TSentryAuthorizable>(); for (TSentryAuthorizable other_element : other.authorizableSet) { __this__authorizableSet.add(new TSentryAuthorizable(other_element)); } this.authorizableSet = __this__authorizableSet; } if (other.isSetGroups()) { Set<String> __this__groups = new HashSet<String>(); for (String other_element : other.groups) { __this__groups.add(other_element); } this.groups = __this__groups; } if (other.isSetRoleSet()) { this.roleSet = new TSentryActiveRoleSet(other.roleSet); } }
case 3: // AUTHORIZABLE if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) { struct.authorizable = new TSentryAuthorizable(); struct.authorizable.read(iprot); struct.setAuthorizableIsSet(true);
/** * Performs a deep copy on <i>other</i>. */ public TListSentryPrivilegesRequest(TListSentryPrivilegesRequest other) { __isset_bitfield = other.__isset_bitfield; this.protocol_version = other.protocol_version; if (other.isSetRequestorUserName()) { this.requestorUserName = other.requestorUserName; } if (other.isSetRoleName()) { this.roleName = other.roleName; } if (other.isSetAuthorizableHierarchy()) { this.authorizableHierarchy = new TSentryAuthorizable(other.authorizableHierarchy); } }
@Override public void read(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; struct.protocol_version = iprot.readI32(); struct.setProtocol_versionIsSet(true); struct.requestorUserName = iprot.readString(); struct.setRequestorUserNameIsSet(true); struct.oldAuthorizable = new TSentryAuthorizable(); struct.oldAuthorizable.read(iprot); struct.setOldAuthorizableIsSet(true); struct.newAuthorizable = new TSentryAuthorizable(); struct.newAuthorizable.read(iprot); struct.setNewAuthorizableIsSet(true); } }
_key124 = new TSentryAuthorizable(); _key124.read(iprot); _val125 = new TSentryPrivilegeMap();
@Override public void read(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; struct.protocol_version = iprot.readI32(); struct.setProtocol_versionIsSet(true); struct.requestorUserName = iprot.readString(); struct.setRequestorUserNameIsSet(true); struct.authorizable = new TSentryAuthorizable(); struct.authorizable.read(iprot); struct.setAuthorizableIsSet(true); } }
@Override public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(); struct.status.read(iprot); struct.setStatusIsSet(true); BitSet incoming = iprot.readBitSet(1); if (incoming.get(0)) { { org.apache.thrift.protocol.TMap _map128 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRUCT, org.apache.thrift.protocol.TType.STRUCT, iprot.readI32()); struct.privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>(2*_map128.size); for (int _i129 = 0; _i129 < _map128.size; ++_i129) { TSentryAuthorizable _key130; // required TSentryPrivilegeMap _val131; // required _key130 = new TSentryAuthorizable(); _key130.read(iprot); _val131 = new TSentryPrivilegeMap(); _val131.read(iprot); struct.privilegesMapByAuth.put(_key130, _val131); } } struct.setPrivilegesMapByAuthIsSet(true); } } }
@Override public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; struct.protocol_version = iprot.readI32(); struct.setProtocol_versionIsSet(true); struct.requestorUserName = iprot.readString(); struct.setRequestorUserNameIsSet(true); struct.roleName = iprot.readString(); struct.setRoleNameIsSet(true); BitSet incoming = iprot.readBitSet(1); if (incoming.get(0)) { struct.authorizableHierarchy = new TSentryAuthorizable(); struct.authorizableHierarchy.read(iprot); struct.setAuthorizableHierarchyIsSet(true); } } }
@Override public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException { TTupleProtocol iprot = (TTupleProtocol) prot; struct.protocol_version = iprot.readI32(); struct.setProtocol_versionIsSet(true); { org.apache.thrift.protocol.TSet _set77 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32()); struct.groups = new HashSet<String>(2*_set77.size); for (int _i78 = 0; _i78 < _set77.size; ++_i78) { String _elem79; // required _elem79 = iprot.readString(); struct.groups.add(_elem79); } } struct.setGroupsIsSet(true); struct.roleSet = new TSentryActiveRoleSet(); struct.roleSet.read(iprot); struct.setRoleSetIsSet(true); BitSet incoming = iprot.readBitSet(1); if (incoming.get(0)) { struct.authorizableHierarchy = new TSentryAuthorizable(); struct.authorizableHierarchy.read(iprot); struct.setAuthorizableHierarchyIsSet(true); } } }
@VisibleForTesting public static TSentryAuthorizable setupSentryAuthorizable( List<? extends Authorizable> authorizable) { TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); for (Authorizable authzble : authorizable) { if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Server.toString())) { tSentryAuthorizable.setServer(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.URI.toString())) { tSentryAuthorizable.setUri(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Db.toString())) { tSentryAuthorizable.setDb(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Table.toString())) { tSentryAuthorizable.setTable(authzble.getName()); } else if (authzble.getTypeName().equalsIgnoreCase( DBModelAuthorizable.AuthorizableType.Column.toString())) { tSentryAuthorizable.setColumn(authzble.getName()); } } return tSentryAuthorizable; }
_elem118 = new TSentryAuthorizable(); _elem118.read(iprot); struct.authorizableSet.add(_elem118);
@Test public void testURI() throws Exception { String roleName = "test-dup-role"; String grantor = "g1"; String uri = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat"; sentryStore.createSentryRole(roleName); TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("URI", "server1", "ALL"); tSentryPrivilege.setURI(uri); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege); TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); tSentryAuthorizable.setUri(uri); tSentryAuthorizable.setServer("server1"); Set<TSentryPrivilege> privileges = sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable); assertTrue(privileges.size() == 1); Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>(); tSentryGroups.add(new TSentryGroup("group1")); sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups); TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName))); Set<String> privs = sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("group1")), thriftRoleSet, tSentryAuthorizable); assertTrue(privs.size()==1); assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all")); }
@Test public void testSentryTablePrivilegeSome() throws Exception { String roleName = "test-table-privilege-some"; String grantor = "g1"; String dbName = "db1"; String table = "tb1"; sentryStore.createSentryRole(roleName); TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("TABLE", "server1", "ALL"); tSentryPrivilege.setDbName(dbName); tSentryPrivilege.setTableName(table); sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege); TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); tSentryAuthorizable.setDb(dbName); tSentryAuthorizable.setTable(AccessConstants.SOME); tSentryAuthorizable.setServer("server1"); Set<TSentryPrivilege> privileges = sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable); assertTrue(privileges.size() == 1); Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>(); tSentryGroups.add(new TSentryGroup("group1")); sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups); TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName))); Set<String> privs = sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("group1")), thriftRoleSet, tSentryAuthorizable); assertTrue(privs.size()==1); assertTrue(privs.contains("server=server1->db=" + dbName + "->table=" + table + "->action=all")); }
sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege); TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); tSentryAuthorizable.setDb(dbName); tSentryAuthorizable.setTable(table);
private TSentryAuthorizable toTSentryAuthorizable( TSentryPrivilege tSentryPrivilege) { TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable(); tSentryAuthorizable.setServer(tSentryPrivilege.getServerName()); tSentryAuthorizable.setDb(tSentryPrivilege.getDbName()); tSentryAuthorizable.setTable(tSentryPrivilege.getTableName()); tSentryAuthorizable.setUri(tSentryPrivilege.getURI()); return tSentryAuthorizable; }