public static Status fromCode(int code) { for (Status status : Status.values()) { if (status.getCode() == code) { return status; } } return Status.UNKNOWN; } public static TSentryResponseStatus OK() {
public static TSentryResponseStatus Create(Status value, String message, @Nullable Throwable t) { TSentryResponseStatus status = new TSentryResponseStatus(); status.setValue(value.getCode()); status.setMessage(message); if (t != null) { StringWriter stringWriter = new StringWriter(); PrintWriter printWriter = new PrintWriter(stringWriter); t.printStackTrace(printWriter); printWriter.close(); status.setStack(stringWriter.toString()); } return status; } public static void throwIfNotOk(TSentryResponseStatus thriftStatus)
@Override public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege( final TAlterSentryRoleGrantPrivilegeRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); CommitContext context = store.alterRoleGrantPrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } }); TAlterSentryRoleGrantPrivilegeResponse tResponse = new TAlterSentryRoleGrantPrivilegeResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.alter_sentry_role_grant_privilege(respose.context, request, tResponse); } try { AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog()); } catch (Exception e) { // if any exception, log the exception. String msg = "Error creating audit log for grant privilege to role: " + e.getMessage(); LOGGER.error(msg, e); } return tResponse; }
@Override public TCreateSentryRoleResponse create_sentry_role( final TCreateSentryRoleRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); CommitContext context = store.createRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } }); TCreateSentryRoleResponse tResponse = new TCreateSentryRoleResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.create_sentry_role(respose.context, request, tResponse); } try { AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog()); } catch (Exception e) { // if any exception, log the exception. String msg = "Error creating audit log for create role: " + e.getMessage(); LOGGER.error(msg, e); } return tResponse; }
@Override public TDropSentryRoleResponse drop_sentry_role(final TDropSentryRoleRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); CommitContext context = store.dropRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } }); TDropSentryRoleResponse tResponse = new TDropSentryRoleResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.drop_sentry_role(respose.context, request, tResponse); } try { AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog()); } catch (Exception e) { // if any exception, log the exception. String msg = "Error creating audit log for drop role: " + e.getMessage(); LOGGER.error(msg, e); } return tResponse; }
@Override public TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege( final TAlterSentryRoleRevokePrivilegeRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); CommitContext context = store.alterRoleRevokePrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } }); TAlterSentryRoleRevokePrivilegeResponse tResponse = new TAlterSentryRoleRevokePrivilegeResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.alter_sentry_role_revoke_privilege(respose.context, request, tResponse); } try { AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog()); } catch (Exception e) { // if any exception, log the exception. String msg = "Error creating audit log for revoke privilege from role: " + e.getMessage(); LOGGER.error(msg, e); } return tResponse; }
@Override public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups( final TAlterSentryRoleAddGroupsRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); CommitContext context = store.alterRoleAddGroups(request.getComponent(), request.getRoleName(), request.getGroups(), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } }); TAlterSentryRoleAddGroupsResponse tResponse = new TAlterSentryRoleAddGroupsResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.alter_sentry_role_add_groups(respose.context, request, tResponse); } try { AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog()); } catch (Exception e) { // if any exception, log the exception. String msg = "Error creating audit log for add role to group: " + e.getMessage(); LOGGER.error(msg, e); } return tResponse; }
@Override public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups( final TAlterSentryRoleDeleteGroupsRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); CommitContext context = store.alterRoleDeleteGroups(request.getComponent(), request.getRoleName(), request.getGroups(), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } }); TAlterSentryRoleDeleteGroupsResponse tResponse = new TAlterSentryRoleDeleteGroupsResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.alter_sentry_role_delete_groups(respose.context, request, tResponse); } try { AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance() .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog()); } catch (Exception e) { // if any exception, log the exception. String msg = "Error creating audit log for delete role from group: " + e.getMessage(); LOGGER.error(msg, e); } return tResponse; }
@Override public TDropPrivilegesResponse drop_sentry_privilege( final TDropPrivilegesRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); CommitContext context = store.dropPrivilege(request.getComponent(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); return new Response<Void>(Status.OK(), context); } }); TDropPrivilegesResponse tResponse = new TDropPrivilegesResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.drop_sentry_privilege(respose.context, request, tResponse); } return tResponse; }
@Override public TRenamePrivilegesResponse rename_sentry_privilege( final TRenamePrivilegesRequest request) throws TException { Response<Void> respose = requestHandle(new RequestHandler<Void>() { @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); CommitContext context = store.renamePrivilege(request.getComponent(), request.getServiceName(), toAuthorizables(request.getOldAuthorizables()), toAuthorizables(request.getNewAuthorizables()), request.getRequestorUserName()); return new Response<Void>(Status.OK(),context); } }); TRenamePrivilegesResponse tResponse = new TRenamePrivilegesResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { handerInvoker.rename_sentry_privilege(respose.context, request, tResponse); } return tResponse; }
protected static void assertStatus(Status status, TSentryResponseStatus resp) { if (resp.getValue() != status.getCode()) { String message = "Expected: " + status + ", Response: " + Status.fromCode(resp.getValue()) + ", Code: " + resp.getValue() + ", Message: " + resp.getMessage(); String stackTrace = Strings.nullToEmpty(resp.getStack()).trim(); if (!stackTrace.isEmpty()) { message += ", StackTrace: " + stackTrace; } Assert.fail(message); } }