public Object getFieldValue(_Fields field) { switch (field) { case SERVER: return getServer(); case URI: return getUri(); case DB: return getDb(); case TABLE: return getTable(); case COLUMN: return getColumn(); } throw new IllegalStateException(); }
private String getAuthzObj(TSentryAuthorizable authzble) { String authzObj = null; if (!SentryStore.isNULL(authzble.getDb())) { String dbName = authzble.getDb(); String tblName = authzble.getTable(); if (SentryStore.isNULL(tblName)) { authzObj = dbName; } else { authzObj = dbName + "." + tblName; } } return authzObj == null ? null : authzObj.toLowerCase(); } }
if (authHierarchy.getDb() != null) { filters.append(" && ((dbName == \"" + authHierarchy.getDb().toLowerCase() + "\") || (dbName == \"__NULL__\")) && (URI == \"__NULL__\")"); if (authHierarchy.getTable() != null && !AccessConstants.ALL.equalsIgnoreCase(authHierarchy.getTable())) { if (!AccessConstants.SOME.equalsIgnoreCase(authHierarchy.getTable())) { filters.append(" && ((tableName == \"" + authHierarchy.getTable().toLowerCase() + "\") || (tableName == \"__NULL__\")) && (URI == \"__NULL__\")");
/** * Gets sentry privilege objects for criteria from the persistence layer * @param roleNames : roleNames to look up (required) * @param authHierarchy : filter push down based on auth hierarchy (optional) * @return : Set of thrift sentry privilege objects * @throws SentryNoSuchObjectException */ public Set<TSentryPrivilege> getTSentryPrivileges(Set<String> roleNames, TSentryAuthorizable authHierarchy) throws SentryInvalidInputException { if (authHierarchy.getServer() == null) { throw new SentryInvalidInputException("serverName cannot be null !!"); } if (authHierarchy.getTable() != null && authHierarchy.getDb() == null) { throw new SentryInvalidInputException("dbName cannot be null when tableName is present !!"); } if (authHierarchy.getColumn() != null && authHierarchy.getTable() == null) { throw new SentryInvalidInputException("tableName cannot be null when columnName is present !!"); } if (authHierarchy.getUri() == null && authHierarchy.getDb() == null) { throw new SentryInvalidInputException("One of uri or dbName must not be null !!"); } return convertToTSentryPrivileges(getMSentryPrivileges(roleNames, authHierarchy)); }
private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable) throws SentryInvalidInputException { TSentryPrivilege tSentryPrivilege = new TSentryPrivilege(); tSentryPrivilege.setDbName(fromNULLCol(tAuthorizable.getDb())); tSentryPrivilege.setServerName(fromNULLCol(tAuthorizable.getServer())); tSentryPrivilege.setTableName(fromNULLCol(tAuthorizable.getTable())); tSentryPrivilege.setColumnName(fromNULLCol(tAuthorizable.getColumn())); tSentryPrivilege.setURI(fromNULLCol(tAuthorizable.getUri())); PrivilegeScope scope; if (!isNULL(tSentryPrivilege.getColumnName())) { scope = PrivilegeScope.COLUMN; } else if (!isNULL(tSentryPrivilege.getTableName())) { scope = PrivilegeScope.TABLE; } else if (!isNULL(tSentryPrivilege.getDbName())) { scope = PrivilegeScope.DATABASE; } else if (!isNULL(tSentryPrivilege.getURI())) { scope = PrivilegeScope.URI; } else { scope = PrivilegeScope.SERVER; } tSentryPrivilege.setPrivilegeScope(scope.name()); tSentryPrivilege.setAction(AccessConstants.ALL); return tSentryPrivilege; }