Repository: sentry Updated Branches: refs/heads/SENTRY-999 637f6dc2b -> bfed0f34b
SENTRY-1158: Remove unnecessary sentry-policy-xxx(Colin Ma, reviewed by Dapeng Sun) Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/bfed0f34 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/bfed0f34 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/bfed0f34 Branch: refs/heads/SENTRY-999 Commit: bfed0f34bfd26892e253bfde7001d838f368282c Parents: 637f6dc Author: Colin Ma <[email protected]> Authored: Tue Mar 29 11:09:15 2016 +0800 Committer: Colin Ma <[email protected]> Committed: Tue Mar 29 11:09:15 2016 +0800 ---------------------------------------------------------------------- pom.xml | 15 -- sentry-binding/sentry-binding-hive/pom.xml | 4 - sentry-binding/sentry-binding-solr/pom.xml | 4 - sentry-binding/sentry-binding-sqoop/pom.xml | 4 - sentry-dist/pom.xml | 12 -- sentry-policy/pom.xml | 3 - sentry-policy/sentry-policy-db/pom.xml | 98 ----------- .../sentry/policy/db/DBWildcardPrivilege.java | 166 ------------------- .../sentry/policy/db/SimpleDBPolicyEngine.java | 86 ---------- .../src/test/resources/log4j.properties | 31 ---- sentry-policy/sentry-policy-search/pom.xml | 87 ---------- .../policy/search/SearchWildcardPrivilege.java | 146 ---------------- .../policy/search/SimpleSearchPolicyEngine.java | 91 ---------- .../src/test/resources/log4j.properties | 31 ---- sentry-policy/sentry-policy-sqoop/pom.xml | 80 --------- .../policy/sqoop/SimpleSqoopPolicyEngine.java | 79 --------- .../policy/sqoop/SqoopWildcardPrivilege.java | 124 -------------- .../src/test/resources/log4j.properties | 31 ---- sentry-provider/sentry-provider-db/pom.xml | 4 - sentry-solr/solr-sentry-handlers/pom.xml | 4 - sentry-tests/sentry-tests-hive/pom.xml | 5 - .../tests/e2e/hive/TestPerDBConfiguration.java | 10 +- 22 files changed, 5 insertions(+), 1110 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 0075b47..cf65369 100644 --- a/pom.xml +++ b/pom.xml @@ -467,26 +467,11 @@ limitations under the License. </dependency> <dependency> <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-db</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> <artifactId>sentry-policy-indexer</artifactId> <version>${project.version}</version> </dependency> <dependency> <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-search</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-sqoop</artifactId> - <version>${project.version}</version> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> <artifactId>sentry-dist</artifactId> <version>${project.version}</version> </dependency> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-binding/sentry-binding-hive/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-hive/pom.xml b/sentry-binding/sentry-binding-hive/pom.xml index 4a25670..3fcbadf 100644 --- a/sentry-binding/sentry-binding-hive/pom.xml +++ b/sentry-binding/sentry-binding-hive/pom.xml @@ -78,10 +78,6 @@ limitations under the License. <artifactId>sentry-provider-cache</artifactId> </dependency> <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-db</artifactId> - </dependency> - <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-common</artifactId> <scope>provided</scope> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-binding/sentry-binding-solr/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-solr/pom.xml b/sentry-binding/sentry-binding-solr/pom.xml index e8e3013..f8b51a6 100644 --- a/sentry-binding/sentry-binding-solr/pom.xml +++ b/sentry-binding/sentry-binding-solr/pom.xml @@ -56,10 +56,6 @@ limitations under the License. <scope>test</scope> </dependency> <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-search</artifactId> - </dependency> - <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-common</artifactId> <scope>provided</scope> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-binding/sentry-binding-sqoop/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-binding/sentry-binding-sqoop/pom.xml b/sentry-binding/sentry-binding-sqoop/pom.xml index a3a6a77..488f69e 100644 --- a/sentry-binding/sentry-binding-sqoop/pom.xml +++ b/sentry-binding/sentry-binding-sqoop/pom.xml @@ -59,10 +59,6 @@ limitations under the License. <artifactId>sentry-policy-common</artifactId> </dependency> <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-sqoop</artifactId> - </dependency> - <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-common</artifactId> <scope>provided</scope> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-dist/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-dist/pom.xml b/sentry-dist/pom.xml index 4e078f0..b03ce7b 100644 --- a/sentry-dist/pom.xml +++ b/sentry-dist/pom.xml @@ -88,20 +88,8 @@ limitations under the License. </dependency> <dependency> <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-db</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> <artifactId>sentry-policy-indexer</artifactId> </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-search</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-sqoop</artifactId> - </dependency> </dependencies> <build> <plugins> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-policy/pom.xml b/sentry-policy/pom.xml index e888a93..a8f0463 100644 --- a/sentry-policy/pom.xml +++ b/sentry-policy/pom.xml @@ -32,10 +32,7 @@ limitations under the License. <modules> <module>sentry-policy-common</module> <module>sentry-policy-engine</module> - <module>sentry-policy-db</module> <module>sentry-policy-indexer</module> - <module>sentry-policy-search</module> - <module>sentry-policy-sqoop</module> </modules> </project> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-db/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-db/pom.xml b/sentry-policy/sentry-policy-db/pom.xml deleted file mode 100644 index 1b1ae43..0000000 --- a/sentry-policy/sentry-policy-db/pom.xml +++ /dev/null @@ -1,98 +0,0 @@ -<?xml version="1.0"?> -<!-- -Licensed to the Apache Software Foundation (ASF) under one or more -contributor license agreements. See the NOTICE file distributed with -this work for additional information regarding copyright ownership. -The ASF licenses this file to You under the Apache License, Version 2.0 -(the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. ---> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; xmlns="http://maven.apache.org/POM/4.0.0"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy</artifactId> - <version>1.7.0-incubating-SNAPSHOT</version> - </parent> - - <artifactId>sentry-policy-db</artifactId> - <name>Sentry Policy for Databases</name> - - <dependencies> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-common</artifactId> - <scope>provided</scope> - </dependency> - - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-minicluster</artifactId> - <scope>test</scope> - </dependency> - - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <dependency> - <groupId>com.google.guava</groupId> - <artifactId>guava</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </dependency> - <dependency> - <groupId>org.apache.hive</groupId> - <artifactId>hive-beeline</artifactId> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-core-common</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-core-model-db</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-common</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-file</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-common</artifactId> - <scope>test</scope> - <type>test-jar</type> - <version>${project.version}</version> - </dependency> - </dependencies> - -</project> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java deleted file mode 100644 index a8d16fa..0000000 --- a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java +++ /dev/null @@ -1,166 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -// copied from apache shiro - -package org.apache.sentry.policy.db; - -import java.util.List; - -import org.apache.sentry.core.common.Model; -import org.apache.sentry.core.common.utils.PathUtils; -import org.apache.sentry.core.common.utils.SentryConstants; -import org.apache.sentry.core.model.db.AccessConstants; -import org.apache.sentry.core.model.db.DBModelAuthorizable.AuthorizableType; -import org.apache.sentry.policy.common.Privilege; -import org.apache.sentry.policy.common.PrivilegeFactory; -import org.apache.sentry.core.common.utils.KeyValue; - -import com.google.common.annotations.VisibleForTesting; -import com.google.common.base.Preconditions; -import com.google.common.base.Strings; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.Lists; - -// XXX this class is made ugly by the fact that Action is not a Authorizable. -// todo: DBWildcardPrivilege is replaced by CommonPrivilege, it should be removed -public class DBWildcardPrivilege implements Privilege { - - private final ImmutableList<KeyValue> parts; - - public DBWildcardPrivilege(String wildcardString) { - wildcardString = Strings.nullToEmpty(wildcardString).trim(); - if (wildcardString.isEmpty()) { - throw new IllegalArgumentException("Wildcard string cannot be null or empty."); - } - List<KeyValue>parts = Lists.newArrayList(); - for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.trimResults().split( - wildcardString)) { - if (authorizable.isEmpty()) { - throw new IllegalArgumentException("Privilege '" + wildcardString + "' has an empty section"); - } - parts.add(new KeyValue(authorizable)); - } - if (parts.isEmpty()) { - throw new AssertionError("Should never occur: " + wildcardString); - } - this.parts = ImmutableList.copyOf(parts); - } - - - @Override - public boolean implies(Privilege p, Model model) { - // By default only supports comparisons with other DBWildcardPermissions - if (!(p instanceof DBWildcardPrivilege)) { - return false; - } - - DBWildcardPrivilege wp = (DBWildcardPrivilege) p; - - List<KeyValue> otherParts = wp.parts; - if(equals(wp)) { - return true; - } - int index = 0; - for (KeyValue otherPart : otherParts) { - // If this privilege has less parts than the other privilege, everything - // after the number of parts contained - // in this privilege is automatically implied, so return true - if (parts.size() - 1 < index) { - return true; - } else { - KeyValue part = parts.get(index); - // Support for action inheritance from parent to child (eg. Db -> Table) - if (part.getKey().equalsIgnoreCase("action") && !(otherPart.getKey().equalsIgnoreCase("action"))) { - continue; - } - // are the keys even equal - if(!part.getKey().equalsIgnoreCase(otherPart.getKey())) { - return false; - } - if (!impliesKeyValue(part, otherPart)) { - return false; - } - index++; - } - } - // If this privilege has more parts than - // the other parts, only imply it if - // all of the other parts are wildcards - for (; index < parts.size(); index++) { - KeyValue part = parts.get(index); - if (!part.getValue().equals(AccessConstants.ALL)) { - return false; - } - } - - return true; - } - - private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) { - Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()), - "Please report, this method should not be called with two different keys"); - if(policyPart.getValue().equals(AccessConstants.ALL) || - policyPart.getValue().equalsIgnoreCase("ALL")) { - return true; - } else if (!SentryConstants.PRIVILEGE_NAME.equalsIgnoreCase(policyPart.getKey()) - && AccessConstants.ALL.equalsIgnoreCase(requestPart.getValue())) { - /* privilege request is to match with any object of given type */ - return true; - } else if (!SentryConstants.PRIVILEGE_NAME.equalsIgnoreCase(policyPart.getKey()) - && AccessConstants.SOME.equalsIgnoreCase(requestPart.getValue())) { - /* privilege request is to match with any object of given type */ - return true; - } else if(policyPart.getKey().equalsIgnoreCase(AuthorizableType.URI.name())) { - return impliesURI(policyPart.getValue(), requestPart.getValue()); - } - return policyPart.equals(requestPart); - } - - @VisibleForTesting - protected static boolean impliesURI(String privilege, String request) { - return PathUtils.impliesURI(privilege, request); - } - - @Override - public String toString() { - return SentryConstants.AUTHORIZABLE_JOINER.join(parts); - } - - @Override - public boolean equals(Object o) { - if (o instanceof DBWildcardPrivilege) { - DBWildcardPrivilege wp = (DBWildcardPrivilege) o; - return parts.equals(wp.parts); - } - return false; - } - - @Override - public int hashCode() { - return parts.hashCode(); - } - - public static class DBWildcardPrivilegeFactory implements PrivilegeFactory { - @Override - public Privilege createPrivilege(String privilege) { - return new DBWildcardPrivilege(privilege); - } - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java deleted file mode 100644 index b1f041b..0000000 --- a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.policy.db; - -import java.util.Set; - -import org.apache.sentry.core.common.ActiveRoleSet; -import org.apache.sentry.core.common.Authorizable; -import org.apache.sentry.core.common.SentryConfigurationException; -import org.apache.sentry.policy.common.PrivilegeFactory; -import org.apache.sentry.policy.common.PolicyEngine; -import org.apache.sentry.provider.common.ProviderBackend; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.collect.ImmutableSet; - -public class SimpleDBPolicyEngine implements PolicyEngine { - - private static final Logger LOGGER = LoggerFactory - .getLogger(SimpleDBPolicyEngine.class); - - public final static String ACCESS_ALLOW_URI_PER_DB_POLICYFILE = "sentry.allow.uri.db.policyfile"; - - private final ProviderBackend providerBackend; - - public SimpleDBPolicyEngine(ProviderBackend providerBackend) { - this.providerBackend = providerBackend; - } - - /** - * {@inheritDoc} - */ - @Override - public PrivilegeFactory getPrivilegeFactory() { - return new DBWildcardPrivilege.DBWildcardPrivilegeFactory(); - } - - @Override - public ImmutableSet<String> getAllPrivileges(Set<String> groups, - ActiveRoleSet roleSet) throws SentryConfigurationException { - return getPrivileges(groups, roleSet); - } - - /** - * {@inheritDoc} - */ - @Override - public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) - throws SentryConfigurationException { - if(LOGGER.isDebugEnabled()) { - LOGGER.debug("Getting permissions for {}", groups); - } - ImmutableSet<String> result = providerBackend.getPrivileges(groups, roleSet, authorizableHierarchy); - if(LOGGER.isDebugEnabled()) { - LOGGER.debug("result = " + result); - } - return result; - } - - @Override - public void validatePolicy(boolean strictValidation) throws SentryConfigurationException { - this.providerBackend.validatePolicy(strictValidation); - } - - @Override - public void close() { - if (providerBackend != null) { - providerBackend.close(); - } - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-db/src/test/resources/log4j.properties ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-db/src/test/resources/log4j.properties b/sentry-policy/sentry-policy-db/src/test/resources/log4j.properties deleted file mode 100644 index c41373c..0000000 --- a/sentry-policy/sentry-policy-db/src/test/resources/log4j.properties +++ /dev/null @@ -1,31 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -# Define some default values that can be overridden by system properties. -# -# For testing, it may also be convenient to specify - -log4j.rootLogger=DEBUG,console - -log4j.appender.console=org.apache.log4j.ConsoleAppender -log4j.appender.console.target=System.err -log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n - -log4j.logger.org.apache.hadoop.conf.Configuration=INFO http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-search/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-search/pom.xml b/sentry-policy/sentry-policy-search/pom.xml deleted file mode 100644 index 673c615..0000000 --- a/sentry-policy/sentry-policy-search/pom.xml +++ /dev/null @@ -1,87 +0,0 @@ -<?xml version="1.0"?> -<!-- -Licensed to the Apache Software Foundation (ASF) under one or more -contributor license agreements. See the NOTICE file distributed with -this work for additional information regarding copyright ownership. -The ASF licenses this file to You under the Apache License, Version 2.0 -(the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. ---> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; xmlns="http://maven.apache.org/POM/4.0.0"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy</artifactId> - <version>1.7.0-incubating-SNAPSHOT</version> - </parent> - - <artifactId>sentry-policy-search</artifactId> - <name>Sentry Policy for Search</name> - - <dependencies> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-common</artifactId> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-minicluster</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <dependency> - <groupId>com.google.guava</groupId> - <artifactId>guava</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-core-model-search</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-common</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-file</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-common</artifactId> - <scope>test</scope> - <type>test-jar</type> - <version>${project.version}</version> - </dependency> - </dependencies> - -</project> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SearchWildcardPrivilege.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SearchWildcardPrivilege.java b/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SearchWildcardPrivilege.java deleted file mode 100644 index 8670197..0000000 --- a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SearchWildcardPrivilege.java +++ /dev/null @@ -1,146 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -// copied from apache shiro - -package org.apache.sentry.policy.search; - -import java.util.List; - -import org.apache.sentry.core.common.Model; -import org.apache.sentry.core.common.utils.SentryConstants; -import org.apache.sentry.core.model.search.SearchConstants; -import org.apache.sentry.policy.common.Privilege; -import org.apache.sentry.policy.common.PrivilegeFactory; -import org.apache.sentry.core.common.utils.KeyValue; - -import com.google.common.base.Preconditions; -import com.google.common.base.Strings; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.Lists; - -// todo: SearchWildcardPrivilege is replaced by CommonPrivilege, it should be removed -public class SearchWildcardPrivilege implements Privilege { - - private final ImmutableList<KeyValue> parts; - - public SearchWildcardPrivilege(String wildcardString) { - wildcardString = Strings.nullToEmpty(wildcardString).trim(); - if (wildcardString.isEmpty()) { - throw new IllegalArgumentException("Wildcard string cannot be null or empty."); - } - List<KeyValue>parts = Lists.newArrayList(); - for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.trimResults().split( - wildcardString)) { - if (authorizable.isEmpty()) { - throw new IllegalArgumentException("Privilege '" + wildcardString + "' has an empty section"); - } - parts.add(new KeyValue(authorizable)); - } - if (parts.isEmpty()) { - throw new AssertionError("Should never occur: " + wildcardString); - } - this.parts = ImmutableList.copyOf(parts); - } - - - @Override - public boolean implies(Privilege p, Model model) { - // By default only supports comparisons with other SearchWildcardPermissions - if (!(p instanceof SearchWildcardPrivilege)) { - return false; - } - - SearchWildcardPrivilege wp = (SearchWildcardPrivilege) p; - - List<KeyValue> otherParts = wp.parts; - if(equals(wp)) { - return true; - } - int index = 0; - for (KeyValue otherPart : otherParts) { - // If this privilege has less parts than the other privilege, everything - // after the number of parts contained - // in this privilege is automatically implied, so return true - if (parts.size() - 1 < index) { - return true; - } else { - KeyValue part = parts.get(index); - // are the keys even equal - if(!part.getKey().equalsIgnoreCase(otherPart.getKey())) { - return false; - } - if (!impliesKeyValue(part, otherPart)) { - return false; - } - index++; - } - } - // If this privilege has more parts than - // the other parts, only imply it if - // all of the other parts are wildcards - for (; index < parts.size(); index++) { - KeyValue part = parts.get(index); - if (!part.getValue().equals(SearchConstants.ALL)) { - return false; - } - } - - return true; - } - - private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) { - Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()), - "Please report, this method should not be called with two different keys"); - if(policyPart.getValue().equals(SearchConstants.ALL) || policyPart.equals(requestPart)) { - return true; - } else if (!SentryConstants.PRIVILEGE_NAME.equalsIgnoreCase(policyPart.getKey()) - && SearchConstants.ALL.equalsIgnoreCase(requestPart.getValue())) { - /* privilege request is to match with any object of given type */ - return true; - } - return false; - } - - @Override - public String toString() { - return SentryConstants.AUTHORIZABLE_JOINER.join(parts); - } - - @Override - public boolean equals(Object o) { - if (o instanceof SearchWildcardPrivilege) { - SearchWildcardPrivilege wp = (SearchWildcardPrivilege) o; - return parts.equals(wp.parts); - } - return false; - } - - @Override - public int hashCode() { - return parts.hashCode(); - } - - public static class SearchWildcardPrivilegeFactory implements PrivilegeFactory { - @Override - public Privilege createPrivilege(String privilege) { - return new SearchWildcardPrivilege(privilege); - } - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java b/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java deleted file mode 100644 index cde0e7a..0000000 --- a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.policy.search; - -import java.util.Set; - -import org.apache.sentry.core.common.ActiveRoleSet; -import org.apache.sentry.core.common.Authorizable; -import org.apache.sentry.core.common.SentryConfigurationException; -import org.apache.sentry.policy.common.PrivilegeFactory; -import org.apache.sentry.policy.common.PolicyEngine; -import org.apache.sentry.provider.common.ProviderBackend; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.collect.ImmutableSet; - -/** - * A PolicyEngine for a search service. - */ -public class SimpleSearchPolicyEngine implements PolicyEngine { - - private static final Logger LOGGER = LoggerFactory - .getLogger(SimpleSearchPolicyEngine.class); - - private final ProviderBackend providerBackend; - - public SimpleSearchPolicyEngine(ProviderBackend providerBackend) { - this.providerBackend = providerBackend; - } - - /** - * {@inheritDoc} - */ - @Override - public PrivilegeFactory getPrivilegeFactory() { - return new SearchWildcardPrivilege.SearchWildcardPrivilegeFactory(); - } - - /** - * {@inheritDoc} - */ - @Override - public ImmutableSet<String> getAllPrivileges(Set<String> groups, - ActiveRoleSet roleSet) throws SentryConfigurationException { - return getPrivileges(groups, roleSet); - } - - /** - * {@inheritDoc} - */ - @Override - public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizationHierarchy ) { - if(LOGGER.isDebugEnabled()) { - LOGGER.debug("Getting permissions for {}", groups); - } - ImmutableSet<String> result = providerBackend.getPrivileges(groups, roleSet); - if(LOGGER.isDebugEnabled()) { - LOGGER.debug("result = " + result); - } - return result; - } - - @Override - public void validatePolicy(boolean strictValidation) - throws SentryConfigurationException { - providerBackend.validatePolicy(strictValidation); - } - - @Override - public void close() { - if (providerBackend != null) { - providerBackend.close(); - } - } - -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-search/src/test/resources/log4j.properties ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-search/src/test/resources/log4j.properties b/sentry-policy/sentry-policy-search/src/test/resources/log4j.properties deleted file mode 100644 index c41373c..0000000 --- a/sentry-policy/sentry-policy-search/src/test/resources/log4j.properties +++ /dev/null @@ -1,31 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -# Define some default values that can be overridden by system properties. -# -# For testing, it may also be convenient to specify - -log4j.rootLogger=DEBUG,console - -log4j.appender.console=org.apache.log4j.ConsoleAppender -log4j.appender.console.target=System.err -log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n - -log4j.logger.org.apache.hadoop.conf.Configuration=INFO http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-sqoop/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-sqoop/pom.xml b/sentry-policy/sentry-policy-sqoop/pom.xml deleted file mode 100644 index 13112bf..0000000 --- a/sentry-policy/sentry-policy-sqoop/pom.xml +++ /dev/null @@ -1,80 +0,0 @@ -<?xml version="1.0"?> -<!-- -Licensed to the Apache Software Foundation (ASF) under one or more -contributor license agreements. See the NOTICE file distributed with -this work for additional information regarding copyright ownership. -The ASF licenses this file to You under the Apache License, Version 2.0 -(the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. ---> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; xmlns="http://maven.apache.org/POM/4.0.0"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy</artifactId> - <version>1.7.0-incubating-SNAPSHOT</version> - </parent> - - <artifactId>sentry-policy-sqoop</artifactId> - <name>Sentry Policy for Sqoop</name> - - <dependencies> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-common</artifactId> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.apache.hadoop</groupId> - <artifactId>hadoop-minicluster</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <dependency> - <groupId>com.google.guava</groupId> - <artifactId>guava</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-core-model-sqoop</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-common</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-provider-file</artifactId> - </dependency> - </dependencies> - -</project> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java deleted file mode 100644 index 33f6c77..0000000 --- a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SimpleSqoopPolicyEngine.java +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.policy.sqoop; - -import java.util.Set; - -import org.apache.sentry.core.common.ActiveRoleSet; -import org.apache.sentry.core.common.Authorizable; -import org.apache.sentry.core.common.SentryConfigurationException; -import org.apache.sentry.policy.common.PolicyEngine; -import org.apache.sentry.policy.common.PrivilegeFactory; -import org.apache.sentry.provider.common.ProviderBackend; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import com.google.common.collect.ImmutableSet; - -public class SimpleSqoopPolicyEngine implements PolicyEngine { - private static final Logger LOGGER = LoggerFactory.getLogger(SimpleSqoopPolicyEngine.class); - private final ProviderBackend providerBackend; - - public SimpleSqoopPolicyEngine(ProviderBackend providerBackend) { - this.providerBackend = providerBackend; - } - @Override - public PrivilegeFactory getPrivilegeFactory() { - return new SqoopWildcardPrivilege.Factory(); - } - - @Override - public ImmutableSet<String> getAllPrivileges(Set<String> groups, - ActiveRoleSet roleSet) throws SentryConfigurationException { - return getPrivileges(groups, roleSet); - } - - @Override - public ImmutableSet<String> getPrivileges(Set<String> groups, - ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) - throws SentryConfigurationException { - if(LOGGER.isDebugEnabled()) { - LOGGER.debug("Getting permissions for {}", groups); - } - ImmutableSet<String> result = providerBackend.getPrivileges(groups, roleSet); - if(LOGGER.isDebugEnabled()) { - LOGGER.debug("result = " + result); - } - return result; - } - - @Override - public void close() { - if (providerBackend != null) { - providerBackend.close(); - } - } - - @Override - public void validatePolicy(boolean strictValidation) - throws SentryConfigurationException { - if (providerBackend != null) { - providerBackend.validatePolicy(strictValidation); - } - } - -} http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SqoopWildcardPrivilege.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SqoopWildcardPrivilege.java b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SqoopWildcardPrivilege.java deleted file mode 100644 index 4509979..0000000 --- a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/SqoopWildcardPrivilege.java +++ /dev/null @@ -1,124 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.policy.sqoop; - -import static org.apache.sentry.core.common.utils.SentryConstants.AUTHORIZABLE_SPLITTER; - -import java.util.List; - -import org.apache.sentry.core.common.Model; -import org.apache.sentry.core.model.sqoop.SqoopActionConstant; -import org.apache.sentry.policy.common.Privilege; -import org.apache.sentry.policy.common.PrivilegeFactory; -import org.apache.sentry.core.common.utils.KeyValue; - -import com.google.common.base.Preconditions; -import com.google.common.base.Strings; -import com.google.common.collect.ImmutableList; -import com.google.common.collect.Lists; - -// todo: SqoopWildcardPrivilege is replaced by CommonPrivilege, it should be removed -public class SqoopWildcardPrivilege implements Privilege { - - public static class Factory implements PrivilegeFactory { - @Override - public Privilege createPrivilege(String permission) { - return new SqoopWildcardPrivilege(permission); - } - } - - private final ImmutableList<KeyValue> parts; - - public SqoopWildcardPrivilege(String permission) { - if (Strings.isNullOrEmpty(permission)) { - throw new IllegalArgumentException("permission string cannot be null or empty."); - } - List<KeyValue>parts = Lists.newArrayList(); - for (String authorizable : AUTHORIZABLE_SPLITTER.trimResults().split(permission.trim())) { - if (authorizable.isEmpty()) { - throw new IllegalArgumentException("Privilege '" + permission + "' has an empty section"); - } - parts.add(new KeyValue(authorizable)); - } - if (parts.isEmpty()) { - throw new AssertionError("Should never occur: " + permission); - } - this.parts = ImmutableList.copyOf(parts); - } - - @Override - public boolean implies(Privilege p, Model model) { - if (!(p instanceof SqoopWildcardPrivilege)) { - return false; - } - SqoopWildcardPrivilege wp = (SqoopWildcardPrivilege)p; - List<KeyValue> otherParts = wp.parts; - if(equals(wp)) { - return true; - } - int index = 0; - for (KeyValue otherPart : otherParts) { - // If this privilege has less parts than the other privilege, everything - // after the number of parts contained - // in this privilege is automatically implied, so return true - if (parts.size() - 1 < index) { - return true; - } else { - KeyValue part = parts.get(index); - // Support for action inheritance from parent to child - if (part.getKey().equalsIgnoreCase(SqoopActionConstant.NAME) - && !(otherPart.getKey().equalsIgnoreCase(SqoopActionConstant.NAME))) { - continue; - } - // are the keys even equal - if(!part.getKey().equalsIgnoreCase(otherPart.getKey())) { - return false; - } - if (!impliesKeyValue(part, otherPart)) { - return false; - } - index++; - } - } - // If this privilege has more parts than - // the other parts, only imply it if - // all of the other parts are "*" or "ALL" - for (; index < parts.size(); index++) { - KeyValue part = parts.get(index); - if (!part.getValue().equals(SqoopActionConstant.ALL)) { - return false; - } - } - return true; - } - - private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) { - Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()), - "Please report, this method should not be called with two different keys"); - if(policyPart.getValue().equalsIgnoreCase(SqoopActionConstant.ALL) || - policyPart.getValue().equalsIgnoreCase(SqoopActionConstant.ALL_NAME) || - policyPart.equals(requestPart)) { - return true; - } else if (!SqoopActionConstant.NAME.equalsIgnoreCase(policyPart.getKey()) - && SqoopActionConstant.ALL.equalsIgnoreCase(requestPart.getValue())) { - /* privilege request is to match with any object of given type */ - return true; - } - return false; - - } -} http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-policy/sentry-policy-sqoop/src/test/resources/log4j.properties ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-sqoop/src/test/resources/log4j.properties b/sentry-policy/sentry-policy-sqoop/src/test/resources/log4j.properties deleted file mode 100644 index 7703069..0000000 --- a/sentry-policy/sentry-policy-sqoop/src/test/resources/log4j.properties +++ /dev/null @@ -1,31 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -# Define some default values that can be overridden by system properties. -# -# For testing, it may also be convenient to specify - -log4j.rootLogger=DEBUG,console - -log4j.appender.console=org.apache.log4j.ConsoleAppender -log4j.appender.console.target=System.err -log4j.appender.console.layout=org.apache.log4j.PatternLayout -log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n - -log4j.logger.org.apache.hadoop.conf.Configuration=INFO \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-provider/sentry-provider-db/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml index f9236e8..3a6999c 100644 --- a/sentry-provider/sentry-provider-db/pom.xml +++ b/sentry-provider/sentry-provider-db/pom.xml @@ -104,10 +104,6 @@ limitations under the License. <artifactId>sentry-policy-engine</artifactId> </dependency> <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-search</artifactId> - </dependency> - <dependency> <groupId>org.apache.hive</groupId> <artifactId>hive-shims</artifactId> <scope>provided</scope> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-solr/solr-sentry-handlers/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-solr/solr-sentry-handlers/pom.xml b/sentry-solr/solr-sentry-handlers/pom.xml index 07d95fa..4c3a21a 100644 --- a/sentry-solr/solr-sentry-handlers/pom.xml +++ b/sentry-solr/solr-sentry-handlers/pom.xml @@ -67,10 +67,6 @@ limitations under the License. </dependency> <dependency> <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-search</artifactId> - </dependency> - <dependency> - <groupId>org.apache.sentry</groupId> <artifactId>solr-sentry-core</artifactId> </dependency> <dependency> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-tests/sentry-tests-hive/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/pom.xml b/sentry-tests/sentry-tests-hive/pom.xml index 472cce7..7aca2b5 100644 --- a/sentry-tests/sentry-tests-hive/pom.xml +++ b/sentry-tests/sentry-tests-hive/pom.xml @@ -224,11 +224,6 @@ limitations under the License. <scope>test</scope> </dependency> <dependency> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry-policy-db</artifactId> - <scope>test</scope> - </dependency> - <dependency> <groupId>org.apache.hadoop</groupId> <artifactId>hadoop-minicluster</artifactId> <scope>test</scope> http://git-wip-us.apache.org/repos/asf/sentry/blob/bfed0f34/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java index 985f969..d1a34a8 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestPerDBConfiguration.java @@ -26,7 +26,7 @@ import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; -import org.apache.sentry.policy.db.SimpleDBPolicyEngine; +import org.apache.sentry.core.common.utils.SentryConstants; import org.apache.sentry.provider.file.PolicyFile; import org.junit.After; import org.junit.Before; @@ -116,7 +116,7 @@ public class TestPerDBConfiguration extends AbstractTestWithStaticConfiguration @After public void teardown() throws Exception { // one test turns this on so let's disable it in the teardown method - System.setProperty(SimpleDBPolicyEngine.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "false"); + System.setProperty(SentryConstants.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "false"); } @Test @@ -261,7 +261,7 @@ public class TestPerDBConfiguration extends AbstractTestWithStaticConfiguration // ugly hack: needs to go away once this becomes a config property. Note that this property // will not be set with external HS and this test will fail. Hope is this fix will go away // by then. - System.setProperty(SimpleDBPolicyEngine.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "true"); + System.setProperty(SentryConstants.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "true"); // test execution Connection connection = context.createConnection(USER1_1); Statement statement = context.createStatement(connection); @@ -290,11 +290,11 @@ public class TestPerDBConfiguration extends AbstractTestWithStaticConfiguration context.assertAuthzException(statement, "USE " + DB1); // once we disable this property all queries should fail - System.setProperty(SimpleDBPolicyEngine.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "false"); + System.setProperty(SentryConstants.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "false"); context.assertAuthzException(statement, "USE " + DB2); // re-enable for clean - System.setProperty(SimpleDBPolicyEngine.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "true"); + System.setProperty(SentryConstants.ACCESS_ALLOW_URI_PER_DB_POLICYFILE, "true"); statement.close(); connection.close();
