Repository: sentry Updated Branches: refs/heads/master eceaaf8e0 -> 36cb81a8e
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java index 57ea7b4..a3053ff 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java @@ -147,13 +147,13 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. public static SentryStoreLayer createStore(Configuration conf) throws SentryConfigurationException { SentryStoreLayer storeLayer = null; - String Store = conf.get(PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE, PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE_DEFAULT); + String store = conf.get(PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE, PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE_DEFAULT); - if (Strings.isNullOrEmpty(Store)) { + if (Strings.isNullOrEmpty(store)) { throw new SentryConfigurationException("sentry.generic.policy.store can not be empty"); } try { - storeLayer = createInstance(Store, conf, SentryStoreLayer.class); + storeLayer = createInstance(store, conf, SentryStoreLayer.class); } catch (Exception e) { throw new SentryConfigurationException("Create sentryStore error: " + e.getMessage(), e); } @@ -179,7 +179,7 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. public static <T> T createInstance(String className, Configuration conf, Class<T> iface) throws Exception { T result; try { - Class clazz = Class.forName(className); + Class<?> clazz = Class.forName(className); if (!iface.isAssignableFrom(clazz)) { throw new IllegalArgumentException("Class " + clazz + " is not a " + iface.getName()); @@ -800,9 +800,9 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. } private static class Response<T> { - TSentryResponseStatus status; - CommitContext context; - T content; + private TSentryResponseStatus status; + private CommitContext context; + private T content; Response() { } @@ -825,10 +825,10 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. Response<T> handle() throws Exception ; } - private static void validateClientVersion(int protocol_version) throws SentryThriftAPIMismatchException { - if (ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT != protocol_version) { + private static void validateClientVersion(int protocolVersion) throws SentryThriftAPIMismatchException { + if (ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT != protocolVersion) { String msg = "Sentry thrift API protocol version mismatch: Client thrift version " + - "is: " + protocol_version + " , server thrift verion " + + "is: " + protocolVersion + " , server thrift version " + "is " + ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT; throw new SentryThriftAPIMismatchException(msg); } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java index b070c6d..980d930 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java @@ -22,7 +22,7 @@ import org.apache.hadoop.conf.Configuration; /** * SentryGenericServiceClientFactory is a public class for the components which using Generic Model to create sentry client. */ -public class SentryGenericServiceClientFactory { +public final class SentryGenericServiceClientFactory { private SentryGenericServiceClientFactory() { } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java index 6eb1f0a..8000ebd 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java @@ -28,7 +28,7 @@ import com.google.common.annotations.VisibleForTesting; @VisibleForTesting public class AuditLoggerTestAppender extends AppenderSkeleton { - public static List<LoggingEvent> events = new ArrayList<LoggingEvent>(); + public static final List<LoggingEvent> events = new ArrayList<LoggingEvent>(); public void close() { } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java index f3eb95b..a5fe4ec 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java @@ -29,16 +29,16 @@ import org.codehaus.jackson.node.ContainerNode; abstract public class AuditMetadataLogEntity implements JsonLogEntity { static final JsonFactory factory = new MappingJsonFactory(); - String serviceName; - String userName; - String impersonator; - String ipAddress; - String operation; - String eventTime; - String operationText; - String allowed; - String objectType; - String component; + private String serviceName; + private String userName; + private String impersonator; + private String ipAddress; + private String operation; + private String eventTime; + private String operationText; + private String allowed; + private String objectType; + private String component; void setCommonAttr(String serviceName, String userName, String impersonator, String ipAddress, String operation, String eventTime, String operationText, String allowed, String objectType, http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java index 2381326..4949ac7 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java @@ -88,19 +88,19 @@ public class DBAuditMetadataLogEntity extends AuditMetadataLogEntity { try { json = factory.createJsonGenerator(stringWriter); json.writeStartObject(); - json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, serviceName); - json.writeStringField(Constants.LOG_FIELD_USER_NAME, userName); - json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, impersonator); - json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, ipAddress); - json.writeStringField(Constants.LOG_FIELD_OPERATION, operation); - json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, eventTime); - json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, operationText); - json.writeStringField(Constants.LOG_FIELD_ALLOWED, allowed); + json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, getServiceName()); + json.writeStringField(Constants.LOG_FIELD_USER_NAME, getUserName()); + json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, getImpersonator()); + json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, getIpAddress()); + json.writeStringField(Constants.LOG_FIELD_OPERATION, getOperation()); + json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, getEventTime()); + json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, getOperationText()); + json.writeStringField(Constants.LOG_FIELD_ALLOWED, getAllowed()); json.writeStringField(Constants.LOG_FIELD_DATABASE_NAME, databaseName); json.writeStringField(Constants.LOG_FIELD_TABLE_NAME, tableName); json.writeStringField(Constants.LOG_FIELD_COLUMN_NAME, columnName); json.writeStringField(Constants.LOG_FIELD_RESOURCE_PATH, resourcePath); - json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, objectType); + json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, getObjectType()); json.writeEndObject(); json.flush(); } catch (IOException e) { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java index 4db91f3..6911772 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java @@ -52,19 +52,19 @@ public class GMAuditMetadataLogEntity extends AuditMetadataLogEntity { try { json = factory.createJsonGenerator(stringWriter); json.writeStartObject(); - json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, serviceName); - json.writeStringField(Constants.LOG_FIELD_USER_NAME, userName); - json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, impersonator); - json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, ipAddress); - json.writeStringField(Constants.LOG_FIELD_OPERATION, operation); - json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, eventTime); - json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, operationText); - json.writeStringField(Constants.LOG_FIELD_ALLOWED, allowed); + json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, getServiceName()); + json.writeStringField(Constants.LOG_FIELD_USER_NAME, getUserName()); + json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, getImpersonator()); + json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, getIpAddress()); + json.writeStringField(Constants.LOG_FIELD_OPERATION, getOperation()); + json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, getEventTime()); + json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, getOperationText()); + json.writeStringField(Constants.LOG_FIELD_ALLOWED, getAllowed()); for (Map.Entry<String, String> entry : privilegesMap.entrySet()) { json.writeStringField(entry.getKey(), entry.getValue()); } - json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, objectType); - json.writeStringField(Constants.LOG_FIELD_COMPONENT, component); + json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, getObjectType()); + json.writeStringField(Constants.LOG_FIELD_COMPONENT, getComponent()); json.writeEndObject(); json.flush(); } catch (IOException e) { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java index 71402d3..f6bb8a5 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java @@ -54,12 +54,12 @@ import org.apache.sentry.service.thrift.TSentryResponseStatus; import com.google.common.base.Joiner; import com.google.common.collect.ImmutableSet; -public class JsonLogEntityFactory { +public final class JsonLogEntityFactory { private static JsonLogEntityFactory factory = new JsonLogEntityFactory(); private JsonLogEntityFactory() { - }; + } public static JsonLogEntityFactory getInstance() { return factory; http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java index c2c8e4e..328bbbb 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java @@ -35,7 +35,11 @@ import org.datanucleus.util.StringUtils; import com.google.common.annotations.VisibleForTesting; -public class CommandUtil { +public final class CommandUtil { + + public CommandUtil() { + // Make constructor private to avoid instantiation + } public static String createCmdForCreateOrDropRole(String roleName, boolean isCreate) { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java index 1a470ab..2e71ce0 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java @@ -23,7 +23,7 @@ import java.util.Map; import org.apache.sentry.provider.db.service.thrift.*; -public class Constants { +public final class Constants { public final static String AUDIT_LOGGER_NAME = "sentry.hive.authorization.ddl.logger"; public final static String AUDIT_LOGGER_NAME_GENERIC = "sentry.generic.authorization.ddl.logger"; @@ -154,4 +154,9 @@ public class Constants { org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest.class .getName(), Constants.OBJECT_TYPE_PRINCIPAL); } + + private Constants() { + // Make constructor private to avoid instantiation + } + } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java index 59161f0..55b61ac 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java @@ -300,16 +300,16 @@ public class MSentryGMPrivilege { } List<? extends Authorizable> authorizables = getAuthorizables(); - List<? extends Authorizable> other_authorizables = other.getAuthorizables(); + List<? extends Authorizable> otherAuthorizables = other.getAuthorizables(); - if (authorizables.size() != other_authorizables.size()) { + if (authorizables.size() != otherAuthorizables.size()) { return false; } for (int i = 0; i < authorizables.size(); i++) { String o1 = KV_JOINER.join(authorizables.get(i).getTypeName(), authorizables.get(i).getName()); - String o2 = KV_JOINER.join(other_authorizables.get(i).getTypeName(), - other_authorizables.get(i).getName()); + String o2 = KV_JOINER.join(otherAuthorizables.get(i).getTypeName(), + otherAuthorizables.get(i).getName()); if (!o1.equals(o2)) { return false; } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java index 7bce741..cacc29f 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java @@ -200,16 +200,16 @@ public class HAContext { // and set the ACLs for them. This is done just once at the startup // We can't get the namespace znode through curator; have to go through zk client startCuratorFramework(); - String namespace = "/" + curatorFramework.getNamespace(); - if (curatorFramework.getZookeeperClient().getZooKeeper().exists(namespace, null) != null) { - List<ACL> acls = curatorFramework.getZookeeperClient().getZooKeeper().getACL(namespace, new Stat()); + String newNamespace = "/" + curatorFramework.getNamespace(); + if (curatorFramework.getZookeeperClient().getZooKeeper().exists(newNamespace, null) != null) { + List<ACL> acls = curatorFramework.getZookeeperClient().getZooKeeper().getACL(newNamespace, new Stat()); if (acls.isEmpty() || !acls.get(0).getId().getScheme().equals("sasl")) { LOGGER.info("'sasl' ACLs not set; setting..."); - List<String> children = curatorFramework.getZookeeperClient().getZooKeeper().getChildren(namespace, null); + List<String> children = curatorFramework.getZookeeperClient().getZooKeeper().getChildren(newNamespace, null); for (String child : children) { checkAndSetACLs("/" + child); } - curatorFramework.getZookeeperClient().getZooKeeper().setACL(namespace, saslACL, -1); + curatorFramework.getZookeeperClient().getZooKeeper().setACL(newNamespace, saslACL, -1); } } aclChecked = true; http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java index ae8b974..2a3bdfb 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java @@ -98,7 +98,7 @@ public class SentryStore { private static final Logger LOGGER = LoggerFactory .getLogger(SentryStore.class); - public static String NULL_COL = "__NULL__"; + public static final String NULL_COL = "__NULL__"; public static int INDEX_GROUP_ROLES_MAP = 0; public static int INDEX_USER_ROLES_MAP = 1; static final String DEFAULT_DATA_DIR = "sentry_policy_db"; @@ -293,8 +293,7 @@ public class SentryStore { query.setFilter("this.roleName == t"); query.declareParameters("java.lang.String t"); query.setUnique(true); - MSentryRole sentryRole = (MSentryRole) query.execute(roleName); - return sentryRole; + return (MSentryRole) query.execute(roleName); } /** @@ -328,13 +327,13 @@ public class SentryStore { private void createSentryRoleCore(PersistenceManager pm, String roleName) throws SentryAlreadyExistsException { - roleName = trimAndLower(roleName); - MSentryRole mSentryRole = getMSentryRole(pm, roleName); + String trimmedRoleName = trimAndLower(roleName); + MSentryRole mSentryRole = getMSentryRole(pm, trimmedRoleName); if (mSentryRole == null) { - MSentryRole mRole = new MSentryRole(roleName, System.currentTimeMillis()); + MSentryRole mRole = new MSentryRole(trimmedRoleName, System.currentTimeMillis()); pm.makePersistent(mRole); } else { - throw new SentryAlreadyExistsException("Role: " + roleName); + throw new SentryAlreadyExistsException("Role: " + trimmedRoleName); } } @@ -432,14 +431,14 @@ public class SentryStore { throws SentryUserException { boolean rollbackTransaction = true; PersistenceManager pm = null; - roleName = trimAndLower(roleName); + String trimmedRoleName = trimAndLower(roleName); try { pm = openTransaction(); for (TSentryPrivilege privilege : privileges) { // first do grant check grantOptionCheck(pm, grantorPrincipal, privilege); - MSentryPrivilege mPrivilege = alterSentryRoleGrantPrivilegeCore(pm, roleName, privilege); + MSentryPrivilege mPrivilege = alterSentryRoleGrantPrivilegeCore(pm, trimmedRoleName, privilege); if (mPrivilege != null) { convertToTSentryPrivilege(mPrivilege, privilege); @@ -523,14 +522,14 @@ public class SentryStore { String roleName, Set<TSentryPrivilege> tPrivileges) throws SentryUserException { boolean rollbackTransaction = true; PersistenceManager pm = null; - roleName = safeTrimLower(roleName); + String trimmedRoleName = safeTrimLower(roleName); try { pm = openTransaction(); for (TSentryPrivilege tPrivilege : tPrivileges) { // first do revoke check grantOptionCheck(pm, grantorPrincipal, tPrivilege); - alterSentryRoleRevokePrivilegeCore(pm, roleName, tPrivilege); + alterSentryRoleRevokePrivilegeCore(pm, trimmedRoleName, tPrivilege); } CommitContext commit = commitUpdateTransaction(pm); @@ -706,7 +705,7 @@ public class SentryStore { query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role"); List<String> rolesFiler = new LinkedList<String>(); for (String rName : roleNames) { - rolesFiler.add("role.roleName == \"" + rName.trim().toLowerCase() + "\""); + rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\""); } StringBuilder filters = new StringBuilder("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ")"); @@ -762,8 +761,7 @@ public class SentryStore { filters.append("&& this.action == \"" + toNULLCol(safeTrimLower(tPriv.getAction())) + "\""); query.setFilter(filters.toString()); - List<MSentryPrivilege> privileges = (List<MSentryPrivilege>) query.execute(); - return privileges; + return (List<MSentryPrivilege>) query.execute(); } private MSentryPrivilege getMSentryPrivilege(TSentryPrivilege tPriv, PersistenceManager pm) { @@ -809,7 +807,7 @@ public class SentryStore { private void dropSentryRoleCore(PersistenceManager pm, String roleName) throws SentryNoSuchObjectException { - String lRoleName = roleName.trim().toLowerCase(); + String lRoleName = trimAndLower(roleName); Query query = pm.newQuery(MSentryRole.class); query.setFilter("this.roleName == t"); query.declareParameters("java.lang.String t"); @@ -848,7 +846,7 @@ public class SentryStore { private void alterSentryRoleAddGroupsCore(PersistenceManager pm, String roleName, Set<TSentryGroup> groupNames) throws SentryNoSuchObjectException { - String lRoleName = roleName.trim().toLowerCase(); + String lRoleName = trimAndLower(roleName); Query query = pm.newQuery(MSentryRole.class); query.setFilter("this.roleName == t"); query.declareParameters("java.lang.String t"); @@ -894,10 +892,10 @@ public class SentryStore { private void alterSentryRoleAddUsersCore(PersistenceManager pm, String roleName, Set<String> userNames) throws SentryNoSuchObjectException { - roleName = roleName.trim().toLowerCase(); - MSentryRole role = getMSentryRole(pm, roleName); + String trimmedRoleName = trimAndLower(roleName); + MSentryRole role = getMSentryRole(pm, trimmedRoleName); if (role == null) { - throw new SentryNoSuchObjectException("Role: " + roleName); + throw new SentryNoSuchObjectException("Role: " + trimmedRoleName); } else { Query query = pm.newQuery(MSentryUser.class); query.setFilter("this.userName == t"); @@ -921,12 +919,12 @@ public class SentryStore { throws SentryNoSuchObjectException { boolean rollbackTransaction = true; PersistenceManager pm = null; - roleName = roleName.trim().toLowerCase(); + String trimmedRoleName = trimAndLower(roleName); try { pm = openTransaction(); - MSentryRole role = getMSentryRole(pm, roleName); + MSentryRole role = getMSentryRole(pm, trimmedRoleName); if (role == null) { - throw new SentryNoSuchObjectException("Role: " + roleName); + throw new SentryNoSuchObjectException("Role: " + trimmedRoleName); } else { Query query = pm.newQuery(MSentryUser.class); query.setFilter("this.userName == t"); @@ -958,16 +956,16 @@ public class SentryStore { throws SentryNoSuchObjectException { boolean rollbackTransaction = true; PersistenceManager pm = null; - roleName = roleName.trim().toLowerCase(); + String trimmedRoleName = trimAndLower(roleName); try { pm = openTransaction(); Query query = pm.newQuery(MSentryRole.class); query.setFilter("this.roleName == t"); query.declareParameters("java.lang.String t"); query.setUnique(true); - MSentryRole role = (MSentryRole) query.execute(roleName); + MSentryRole role = (MSentryRole) query.execute(trimmedRoleName); if (role == null) { - throw new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"); + throw new SentryNoSuchObjectException("Role: " + trimmedRoleName + " doesn't exist"); } else { query = pm.newQuery(MSentryGroup.class); query.setFilter("this.groupName == t"); @@ -999,16 +997,16 @@ public class SentryStore { throws SentryNoSuchObjectException { boolean rollbackTransaction = true; PersistenceManager pm = null; - roleName = roleName.trim().toLowerCase(); + String trimmedRoleName = trimAndLower(roleName); try { pm = openTransaction(); Query query = pm.newQuery(MSentryRole.class); query.setFilter("this.roleName == t"); query.declareParameters("java.lang.String t"); query.setUnique(true); - MSentryRole sentryRole = (MSentryRole) query.execute(roleName); + MSentryRole sentryRole = (MSentryRole) query.execute(trimmedRoleName); if (sentryRole == null) { - throw new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"); + throw new SentryNoSuchObjectException("Role: " + trimmedRoleName + " doesn't exist"); } else { pm.retrieve(sentryRole); } @@ -1034,11 +1032,11 @@ public class SentryStore { query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role"); List<String> rolesFiler = new LinkedList<String>(); for (String rName : roleNames) { - rolesFiler.add("role.roleName == \"" + rName.trim().toLowerCase() + "\""); + rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\""); } StringBuilder filters = new StringBuilder("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ") "); - filters.append("&& serverName == \"" + serverName.trim().toLowerCase() + "\""); + filters.append("&& serverName == \"" + trimAndLower(serverName) + "\""); query.setFilter(filters.toString()); query.setResult("count(this)"); @@ -1065,7 +1063,7 @@ public class SentryStore { query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role"); List<String> rolesFiler = new LinkedList<String>(); for (String rName : roleNames) { - rolesFiler.add("role.roleName == \"" + rName.trim().toLowerCase() + "\""); + rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\""); } StringBuilder filters = new StringBuilder("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ") "); @@ -1114,7 +1112,7 @@ public class SentryStore { query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role"); List<String> rolesFiler = new LinkedList<String>(); for (String rName : roleNames) { - rolesFiler.add("role.roleName == \"" + rName.trim().toLowerCase() + "\""); + rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\""); } filters.append("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ") "); @@ -1250,13 +1248,13 @@ public class SentryStore { } else { Query query = pm.newQuery(MSentryGroup.class); MSentryGroup sentryGroup; - groupName = groupName.trim(); + String trimmedGroupName = groupName.trim(); query.setFilter("this.groupName == t"); query.declareParameters("java.lang.String t"); query.setUnique(true); - sentryGroup = (MSentryGroup) query.execute(groupName); + sentryGroup = (MSentryGroup) query.execute(trimmedGroupName); if (sentryGroup == null) { - throw new SentryNoSuchObjectException("Group: " + groupName + " doesn't exist"); + throw new SentryNoSuchObjectException("Group: " + trimmedGroupName + " doesn't exist"); } else { pm.retrieve(sentryGroup); } @@ -1433,9 +1431,8 @@ public class SentryStore { roleNames.addAll(toTrimedLower(getRoleNamesForUsersCore(pm, users))); rollbackTransaction = false; commitTransaction(pm); - Set<String> rolesToQuery = roleSet.isAll() ? roleNames : Sets.intersection(activeRoleNames, + return roleSet.isAll() ? roleNames : Sets.intersection(activeRoleNames, roleNames); - return rolesToQuery; } finally { if (rollbackTransaction) { rollbackTransaction(pm); @@ -2630,15 +2627,15 @@ public class SentryStore { new Function<String, String>() { @Override public String apply(String input) { - return input.toString().toLowerCase(); + return input.toLowerCase(); } }); newSentryGroupRolesMap.put(entry.getKey(), Sets.newHashSet(lowcaseRoles)); } // for mapping data [role,privilege] - for (String roleName : sentryRolePrivilegesMap.keySet()) { - newSentryRolePrivilegesMap.put(roleName.toLowerCase(), sentryRolePrivilegesMap.get(roleName)); + for (Map.Entry<String,Set<TSentryPrivilege>> entry : sentryRolePrivilegesMap.entrySet()) { + newSentryRolePrivilegesMap.put(entry.getKey().toLowerCase(), entry.getValue()); } tSentryMappingData.setGroupRolesMap(newSentryGroupRolesMap); http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java index 543e3df..7b98dc9 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java @@ -29,10 +29,10 @@ import java.util.List; import org.apache.sentry.SentryUserException; public class SentryStoreSchemaInfo { - private static String SQL_FILE_EXTENSION = ".sql"; - private static String UPGRADE_FILE_PREFIX = "upgrade-"; - private static String INIT_FILE_PREFIX = "sentry-"; - private static String VERSION_UPGRADE_LIST = "upgrade.order"; + private static final String SQL_FILE_EXTENSION = ".sql"; + private static final String UPGRADE_FILE_PREFIX = "upgrade-"; + private static final String INIT_FILE_PREFIX = "sentry-"; + private static final String VERSION_UPGRADE_LIST = "upgrade.order"; private final String dbType; private final String sentrySchemaVersions[]; private final String sentryScriptDir; @@ -105,16 +105,17 @@ public class SentryStoreSchemaInfo { */ public String generateInitFileName(String toVersion) throws SentryUserException { - if (toVersion == null) { - toVersion = getSentryVersion(); + String version = toVersion; + if (version == null) { + version = getSentryVersion(); } - String initScriptName = INIT_FILE_PREFIX + dbType + "-" + toVersion + String initScriptName = INIT_FILE_PREFIX + dbType + "-" + version + SQL_FILE_EXTENSION; // check if the file exists if (!(new File(getSentryStoreScriptDir() + File.separatorChar + initScriptName).exists())) { throw new SentryUserException( - "Unknown version specified for initialization: " + toVersion); + "Unknown version specified for initialization: " + version); } return initScriptName; } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java index 1a1c0b7..8cf1c1a 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java @@ -17,7 +17,7 @@ */ package org.apache.sentry.provider.db.service.thrift; -public class PolicyStoreConstants { +public final class PolicyStoreConstants { public static final String SENTRY_GENERIC_POLICY_NOTIFICATION = "sentry.generic.policy.notification"; public static final String SENTRY_GENERIC_POLICY_STORE = "sentry.generic.policy.store"; public static final String SENTRY_GENERIC_POLICY_STORE_DEFAULT = @@ -25,4 +25,8 @@ public class PolicyStoreConstants { public static class PolicyStoreServerConfig { public static final String NOTIFICATION_HANDLERS = "sentry.policy.store.notification.handlers"; } + + private PolicyStoreConstants() { + // Make constructor private to avoid instantiation + } } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java index 388e329..c1cfc1b 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java @@ -42,7 +42,7 @@ import com.google.common.collect.Sets; */ public class SentryAuthFilter extends AuthenticationFilter { - private static Logger LOG = LoggerFactory.getLogger(SentryAuthFilter.class); + private static final Logger LOG = LoggerFactory.getLogger(SentryAuthFilter.class); public static final String ALLOW_WEB_CONNECT_USERS = ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS; @@ -83,9 +83,10 @@ public class SentryAuthFilter extends AuthenticationFilter { } private static Set<String> parseConnectUsersFromConf(String value) { - if (value != null) { - value = value.toLowerCase(); + String lcValue = value; + if (lcValue != null) { + lcValue = lcValue.toLowerCase(); } - return Sets.newHashSet(StringUtils.getStrings(value)); + return Sets.newHashSet(StringUtils.getStrings(lcValue)); } } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java index 6eb00a1..c6d4d02 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java @@ -39,7 +39,7 @@ import java.util.concurrent.TimeUnit; /** * A singleton class which holds metrics related utility functions as well as the list of metrics */ -public class SentryMetrics { +public final class SentryMetrics { private static SentryMetrics sentryMetrics = null; private boolean reportingInitialized = false; private boolean gaugesAdded = false; @@ -74,21 +74,21 @@ public class SentryMetrics { /** * Return a Timer with name. */ - public final Timer getTimer(String name) { + public Timer getTimer(String name) { return SentryMetricsServletContextListener.METRIC_REGISTRY.timer(name); } /** * Return a Histogram with name. */ - public final Histogram getHistogram(String name) { + public Histogram getHistogram(String name) { return SentryMetricsServletContextListener.METRIC_REGISTRY.histogram(name); } /** * Return a Counter with name. */ - public final Counter getCounter(String name) { + public Counter getCounter(String name) { return SentryMetricsServletContextListener.METRIC_REGISTRY.counter(name); } @@ -159,4 +159,4 @@ public class SentryMetrics { JMX, CONSOLE; } -} \ No newline at end of file +} http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java index d7c387d..bc453c3 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java @@ -208,12 +208,10 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { } private boolean inAdminGroups(Set<String> requestorGroups) { - requestorGroups = toTrimedLower(requestorGroups); - if (Sets.intersection(adminGroups, requestorGroups).isEmpty()) { - return false; - } - return true; + Set<String> trimmedRequestorGroups = toTrimedLower(requestorGroups); + return !Sets.intersection(adminGroups, trimmedRequestorGroups).isEmpty(); } + private void authorize(String requestorUser, Set<String> requestorGroups) throws SentryAccessDeniedException { if (!inAdminGroups(requestorGroups)) { @@ -1028,10 +1026,10 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { } @VisibleForTesting - static void validateClientVersion(int protocol_version) throws SentryThriftAPIMismatchException { - if (ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT != protocol_version) { + static void validateClientVersion(int protocolVersion) throws SentryThriftAPIMismatchException { + if (ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT != protocolVersion) { String msg = "Sentry thrift API protocol version mismatch: Client thrift version " + - "is: " + protocol_version + " , server thrift verion " + + "is: " + protocolVersion + " , server thrift verion " + "is " + ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT; throw new SentryThriftAPIMismatchException(msg); } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java index ab852dc..a42f395 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java @@ -60,11 +60,9 @@ public class SentryWebServer { private static final String RESOURCE_DIR = "/webapp"; private static final String WELCOME_PAGE = "SentryService.html"; - Server server; - int port; + private Server server; public SentryWebServer(List<EventListener> listeners, int port, Configuration conf) { - this.port = port; server = new Server(); // Create a channel connector for "http/https" requests http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java index a5d7ca9..3a96d0b 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java @@ -28,7 +28,7 @@ import org.slf4j.LoggerFactory; import com.google.common.base.Preconditions; -public class ThriftUtil { +public final class ThriftUtil { private static final Logger LOGGER = LoggerFactory.getLogger(ThriftUtil.class); @@ -105,4 +105,8 @@ public class ThriftUtil { public static String getImpersonator() { return threadLocalImpersonator.get(); } + + private ThriftUtil() { + // Make constructor private to avoid instantiation + } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java index e5768c6..cf1c725 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java @@ -19,7 +19,7 @@ package org.apache.sentry.provider.db.tools; import java.util.IllegalFormatException; -public class SentrySchemaHelper { +public final class SentrySchemaHelper { public static final String DB_DERBY = "derby"; public static final String DB_MYSQL = "mysql"; public static final String DB_POSTGRACE = "postgres"; @@ -102,12 +102,8 @@ public class SentrySchemaHelper { if (dbCommand == null || dbCommand.isEmpty()) { throw new IllegalArgumentException("invalid command line " + dbCommand); } - dbCommand = dbCommand.trim(); - if (dbCommand.endsWith(getDelimiter()) || isNonExecCommand(dbCommand)) { - return false; - } else { - return true; - } + String trimmedDbCommand = dbCommand.trim(); + return !(trimmedDbCommand.endsWith(getDelimiter()) || isNonExecCommand(trimmedDbCommand)); } @Override @@ -148,7 +144,7 @@ public class SentrySchemaHelper { // Derby commandline parser public static class DerbyCommandParser extends AbstractCommandParser { - private static String DERBY_NESTING_TOKEN = "RUN"; + private static final String DERBY_NESTING_TOKEN = "RUN"; @Override public String getScriptName(String dbCommand) throws IllegalArgumentException { @@ -227,10 +223,10 @@ public class SentrySchemaHelper { // Postgres specific parser public static class PostgresCommandParser extends AbstractCommandParser { - public static String POSTGRES_STRING_COMMAND_FILTER = "SET standard_conforming_strings"; - public static String POSTGRES_STRING_CLIENT_ENCODING = "SET client_encoding"; - public static String POSTGRES_SKIP_STANDARD_STRING = "postgres.filter.81"; - private static String POSTGRES_NESTING_TOKEN = "\\i"; + public static final String POSTGRES_STRING_COMMAND_FILTER = "SET standard_conforming_strings"; + public static final String POSTGRES_STRING_CLIENT_ENCODING = "SET client_encoding"; + public static final String POSTGRES_SKIP_STANDARD_STRING = "postgres.filter.81"; + private static final String POSTGRES_NESTING_TOKEN = "\\i"; @Override public String getScriptName(String dbCommand) throws IllegalArgumentException { @@ -265,7 +261,7 @@ public class SentrySchemaHelper { //Oracle specific parser public static class OracleCommandParser extends AbstractCommandParser { - private static String ORACLE_NESTING_TOKEN = "@"; + private static final String ORACLE_NESTING_TOKEN = "@"; @Override public String getScriptName(String dbCommand) throws IllegalArgumentException { if (!isNestedScript(dbCommand)) { @@ -312,4 +308,8 @@ public class SentrySchemaHelper { throw new IllegalArgumentException("Unknown dbType " + dbName); } } + + private SentrySchemaHelper() { + // Make constructor private to avoid instantiation + } } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java index d974d7b..77655a2 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java @@ -66,7 +66,7 @@ public class SentrySchemaTool { private boolean verbose = false; private final Configuration sentryConf; private final String dbType; - private final SentryStoreSchemaInfo SentryStoreSchemaInfo; + private final SentryStoreSchemaInfo sentryStoreSchemaInfo; public SentrySchemaTool(Configuration sentryConf, String dbType) throws SentryUserException, IOException { @@ -80,7 +80,7 @@ public class SentrySchemaTool { } this.sentryConf = sentryConf; this.dbType = dbType; - this.SentryStoreSchemaInfo = new SentryStoreSchemaInfo(sentryScripPath, + this.sentryStoreSchemaInfo = new SentryStoreSchemaInfo(sentryScripPath, dbType); userName = sentryConf.get(ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_USER, ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_USER_DEFAULT); @@ -166,9 +166,8 @@ public class SentrySchemaTool { } else { versionQuery = "select t.SCHEMA_VERSION from SENTRY_VERSION t"; } - try { - Statement stmt = sentryStoreConn.createStatement(); - ResultSet res = stmt.executeQuery(versionQuery); + try (Statement stmt = sentryStoreConn.createStatement(); + ResultSet res = stmt.executeQuery(versionQuery)) { if (!res.next()) { throw new SentryUserException("Didn't find version data in sentry store"); } @@ -182,8 +181,7 @@ public class SentrySchemaTool { // test the connection sentry store using the config property private void testConnectionToMetastore() throws SentryUserException { - Connection conn = getConnectionToMetastore(true); - try { + try (Connection conn = getConnectionToMetastore(true)) { conn.close(); } catch (SQLException e) { throw new SentryUserException("Failed to close sentry store connection", e); @@ -227,7 +225,7 @@ public class SentrySchemaTool { String newSchemaVersion = getMetaStoreSchemaVersion(getConnectionToMetastore(false)); // verify that the new version is added to schema - if (!SentryStoreSchemaInfo.getSentrySchemaVersion().equalsIgnoreCase( + if (!sentryStoreSchemaInfo.getSentrySchemaVersion().equalsIgnoreCase( newSchemaVersion)) { throw new SentryUserException("Found unexpected schema version " + newSchemaVersion); @@ -257,18 +255,18 @@ public class SentrySchemaTool { * @throws SentryUserException */ public void doUpgrade(String fromSchemaVer) throws SentryUserException { - if (SentryStoreSchemaInfo.getSentrySchemaVersion().equals(fromSchemaVer)) { + if (sentryStoreSchemaInfo.getSentrySchemaVersion().equals(fromSchemaVer)) { System.out.println("No schema upgrade required from version " + fromSchemaVer); return; } // Find the list of scripts to execute for this upgrade List<String> upgradeScripts = - SentryStoreSchemaInfo.getUpgradeScripts(fromSchemaVer); + sentryStoreSchemaInfo.getUpgradeScripts(fromSchemaVer); testConnectionToMetastore(); System.out.println("Starting upgrade sentry store schema from version " + fromSchemaVer + " to " - + SentryStoreSchemaInfo.getSentrySchemaVersion()); - String scriptDir = SentryStoreSchemaInfo.getSentryStoreScriptDir(); + + sentryStoreSchemaInfo.getSentrySchemaVersion()); + String scriptDir = sentryStoreSchemaInfo.getSentryStoreScriptDir(); try { for (String scriptFile : upgradeScripts) { System.out.println("Upgrade script " + scriptFile); @@ -292,7 +290,7 @@ public class SentrySchemaTool { * @throws SentryUserException */ public void doInit() throws SentryUserException { - doInit(SentryStoreSchemaInfo.getSentrySchemaVersion()); + doInit(sentryStoreSchemaInfo.getSentrySchemaVersion()); // Revalidated the new version after upgrade verifySchemaVersion(); @@ -309,8 +307,8 @@ public class SentrySchemaTool { testConnectionToMetastore(); System.out.println("Starting sentry store schema initialization to " + toVersion); - String initScriptDir = SentryStoreSchemaInfo.getSentryStoreScriptDir(); - String initScriptFile = SentryStoreSchemaInfo.generateInitFileName(toVersion); + String initScriptDir = sentryStoreSchemaInfo.getSentryStoreScriptDir(); + String initScriptFile = sentryStoreSchemaInfo.generateInitFileName(toVersion); try { System.out.println("Initialization script " + initScriptFile); @@ -381,18 +379,19 @@ public class SentrySchemaTool { tmpFile.deleteOnExit(); // write out the buffer into a file. Add beeline commands for autocommit and close - FileWriter fstream = new FileWriter(tmpFile.getPath()); - BufferedWriter out = new BufferedWriter(fstream); - - out.write("!set Silent " + verbose + System.getProperty("line.separator")); - out.write("!autocommit on" + System.getProperty("line.separator")); - out.write("!set Isolation TRANSACTION_READ_COMMITTED" - + System.getProperty("line.separator")); - out.write("!set AllowMultiLineCommand false" - + System.getProperty("line.separator")); - out.write(sqlCommands); - out.write("!closeall" + System.getProperty("line.separator")); - out.close(); + try (FileWriter fstream = new FileWriter(tmpFile.getPath()); + BufferedWriter out = new BufferedWriter(fstream)) { + + out.write("!set Silent " + verbose + System.getProperty("line.separator")); + out.write("!autocommit on" + System.getProperty("line.separator")); + out.write("!set Isolation TRANSACTION_READ_COMMITTED" + + System.getProperty("line.separator")); + out.write("!set AllowMultiLineCommand false" + + System.getProperty("line.separator")); + out.write(sqlCommands); + out.write("!closeall" + System.getProperty("line.separator")); + out.close(); + } runBeeLine(tmpFile.getPath()); } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java index 93811f3..2d2dcb5 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java @@ -25,9 +25,13 @@ import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption; import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege; import org.apache.sentry.service.thrift.ServiceConstants; -public class CommandUtil { +public final class CommandUtil { public static final String SPLIT_CHAR = ","; + + private CommandUtil() { + // Make constructor private to avoid instantiation + } // parse the privilege in String and get the TSentryPrivilege as result public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) throws Exception { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java index 9405037..f3da6c4 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java @@ -28,7 +28,7 @@ import org.apache.sentry.service.thrift.ServiceConstants; public class RevokePrivilegeFromRoleCmd implements Command { private String roleName; - String privilegeStr; + private String privilegeStr; public RevokePrivilegeFromRoleCmd(String roleName, String privilegeStr) { this.roleName = roleName; http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java index 64ecae2..a79ce5f 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java @@ -32,7 +32,7 @@ import javax.security.auth.login.Configuration; * JaasConfiguration.addEntry("Client", principal, keytabFile); * javax.security.auth.login.Configuration.setConfiguration(JaasConfiguration.getInstance()); */ -public class JaasConfiguration extends Configuration { +public final class JaasConfiguration extends Configuration { private static Map<String, AppConfigurationEntry> entries = new HashMap<String, AppConfigurationEntry>(); private static JaasConfiguration me = null; private static final String krb5LoginModuleName; http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java index b4056e9..c466839 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java @@ -106,11 +106,11 @@ public class PoolClientInvocationHandler extends SentryClientInvocationHandler { // Get the target exception, check if SentryUserException or TTransportException is wrapped. // TTransportException means there has connection problem with the pool. Throwable targetException = e.getCause(); - if (targetException != null && targetException instanceof SentryUserException) { + if (targetException instanceof SentryUserException) { Throwable sentryTargetException = targetException.getCause(); // If there has connection problem, eg, invalid connection if the service restarted, // sentryTargetException instanceof TTransportException = true. - if (sentryTargetException != null && sentryTargetException instanceof TTransportException) { + if (sentryTargetException instanceof TTransportException) { // If the exception is caused by connection problem, destroy the instance and // remove it from the commons-pool. Throw the TTransportException for reconnect. pool.invalidateObject(client); http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java index 26a32e4..d8edf93 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java @@ -197,11 +197,11 @@ public class SentryService implements Callable { LOGGER.info("ProcessorFactory being used: " + clazz.getCanonicalName()); ProcessorFactory factory = (ProcessorFactory) constructor .newInstance(conf); - boolean status = factory.register(processor); - if(!status) { + boolean registerStatus = factory.register(processor); + if (!registerStatus) { LOGGER.error("Failed to register " + clazz.getCanonicalName()); } - registeredProcessor = status || registeredProcessor; + registeredProcessor = registerStatus || registeredProcessor; } catch (Exception e) { throw new IllegalStateException("Could not create " + processorFactory, e); @@ -312,11 +312,12 @@ public class SentryService implements Callable { } private MultiException addMultiException(MultiException exception, Exception e) { - if(exception == null){ - exception = new MultiException(); + MultiException newException = exception; + if (newException == null) { + newException = new MultiException(); } - exception.add(e); - return exception; + newException.add(e); + return newException; } private boolean isWebServerRunning() { @@ -339,7 +340,6 @@ public class SentryService implements Callable { throw new IllegalStateException("Unable to find a port after 1000 attempts"); } - @SuppressWarnings("deprecation") public static Configuration loadConfig(String configFileName) throws MalformedURLException { File configFile = null; @@ -353,7 +353,7 @@ public class SentryService implements Callable { + configFile); } Configuration conf = new Configuration(false); - conf.addResource(configFile.toURL()); + conf.addResource(configFile.toURI().toURL()); return conf; } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java index 09fe42e..48ee66a 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java @@ -26,7 +26,7 @@ import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient; import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl; import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig; -public class SentryServiceClientFactory { +public final class SentryServiceClientFactory { private SentryServiceClientFactory() { } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java index bd7e447..1685702 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java @@ -22,8 +22,7 @@ import org.apache.hadoop.conf.Configuration; public class SentryServiceFactory { public SentryService create(Configuration conf) throws Exception { - SentryService server = new SentryService(conf); - return server; + return new SentryService(conf); } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java index 02ae071..ce73358 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java @@ -32,7 +32,7 @@ import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope; import com.google.common.collect.Lists; -public class SentryServiceUtil { +public final class SentryServiceUtil { // parse the privilege in String and get the TSentryPrivilege as result public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) { @@ -150,4 +150,9 @@ public class SentryServiceUtil { } return SentryConstants.AUTHORIZABLE_JOINER.join(privileges); } + + private SentryServiceUtil() { + // Make constructor private to avoid instantiation + } + } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java index d7ccc45..42eb1bb 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java @@ -178,8 +178,8 @@ public class ServiceConstants { public static final String SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS = SENTRY_WEB_SECURITY_PREFIX + ".allow.connect.users"; // max message size for thrift messages - public static String SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.server.thrift.max.message.size"; - public static long SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024; + public static final String SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.server.thrift.max.message.size"; + public static final long SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024; // action factories for external components public static final String SENTRY_COMPONENT_ACTION_FACTORY_FORMAT = "sentry.%s.action.factory"; @@ -218,8 +218,8 @@ public class ServiceConstants { public static final int SENTRY_POOL_RETRY_TOTAL_DEFAULT = 3; // max message size for thrift messages - public static String SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.client.thrift.max.message.size"; - public static long SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024; + public static final String SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.client.thrift.max.message.size"; + public static final long SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024; // client retry settings public static final String RETRY_COUNT_CONF = "sentry.provider.backend.db.retry.count"; http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java index 4a9531d..6a77827 100644 --- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java +++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java @@ -57,9 +57,9 @@ public class PolicyFile { private final Map<String, String> databasesToPolicyFiles = Maps.newHashMap(); private final Multimap<String, String> usersToGroups = ArrayListMultimap.create(); - protected final Multimap<String, String> groupsToRoles = ArrayListMultimap + private final Multimap<String, String> groupsToRoles = ArrayListMultimap .create(); - protected final Multimap<String, String> rolesToPermissions = ArrayListMultimap + private final Multimap<String, String> rolesToPermissions = ArrayListMultimap .create(); public Multimap<String, String> getGroupsToRoles() { @@ -96,8 +96,8 @@ public class PolicyFile { return this; } public PolicyFile addDatabase(String databaseName, String path) { - String oldPath; - if((oldPath = databasesToPolicyFiles.put(databaseName, path)) != null) { + String oldPath = databasesToPolicyFiles.put(databaseName, path); + if (oldPath != null) { throw new IllegalStateException("Database " + databaseName + " already existed in " + databasesToPolicyFiles + " with value of " + oldPath); } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java index 378f63c..f8be739 100644 --- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java +++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java @@ -33,7 +33,7 @@ import org.slf4j.LoggerFactory; import com.google.common.io.ByteStreams; import com.google.common.io.Resources; -public class PolicyFiles { +public final class PolicyFiles { private static final Logger LOGGER = LoggerFactory .getLogger(PolicyFiles.class); @@ -90,4 +90,7 @@ public class PolicyFiles { } } + private PolicyFiles() { + // Make constructor private to avoid instantiation + } } http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java ---------------------------------------------------------------------- diff --git a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java index 245fe78..8bd93ad 100644 --- a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java +++ b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java @@ -36,7 +36,7 @@ import org.slf4j.LoggerFactory; public class SentryIndexAuthorizationSingleton { - private static Logger log = + private static final Logger LOG = LoggerFactory.getLogger(SentryIndexAuthorizationSingleton.class); /** @@ -66,13 +66,13 @@ public class SentryIndexAuthorizationSingleton { if (sentrySiteLocation != null && sentrySiteLocation.length() > 0) { tmpBinding = new SolrAuthzBinding(new SolrAuthzConf(new URL("file://" + sentrySiteLocation))); - log.info("SolrAuthzBinding created successfully"); + LOG.info("SolrAuthzBinding created successfully"); } else { - log.info("SolrAuthzBinding not created because " + propertyName + LOG.info("SolrAuthzBinding not created because " + propertyName + " not set, sentry not enabled"); } } catch (Exception ex) { - log.error("Unable to create SolrAuthzBinding", ex); + LOG.error("Unable to create SolrAuthzBinding", ex); } binding = tmpBinding; } @@ -153,7 +153,8 @@ public class SentryIndexAuthorizationSingleton { } } - if (collectionName == null) { + String newCollectionName = collectionName; + if (newCollectionName == null) { SolrCore solrCore = req.getCore(); if (solrCore == null) { String msg = "Unable to locate collection for sentry to authorize because " @@ -163,28 +164,28 @@ public class SentryIndexAuthorizationSingleton { operation, paramString, eventTime, AuditLogger.UNAUTHORIZED, ""); throw new SolrException(SolrException.ErrorCode.UNAUTHORIZED, msg); } else { // just warn - log.warn(msg); + LOG.warn(msg); auditLogger.log(userName.getName(), impersonator, ipAddress, operation, paramString, eventTime, AuditLogger.ALLOWED, ""); return; } } - collectionName = solrCore.getCoreDescriptor().getCloudDescriptor().getCollectionName(); + newCollectionName = solrCore.getCoreDescriptor().getCloudDescriptor().getCollectionName(); } - Collection collection = new Collection(collectionName); + Collection collection = new Collection(newCollectionName); try { if (!superUser.getName().equals(userName.getName())) { binding.authorizeCollection(userName, collection, actions); } } catch (SentrySolrAuthorizationException ex) { auditLogger.log(userName.getName(), impersonator, ipAddress, - operation, paramString, eventTime, AuditLogger.UNAUTHORIZED, collectionName); + operation, paramString, eventTime, AuditLogger.UNAUTHORIZED, newCollectionName); throw new SolrException(SolrException.ErrorCode.UNAUTHORIZED, ex); } auditLogger.log(userName.getName(), impersonator, ipAddress, - operation, paramString, eventTime, AuditLogger.ALLOWED, collectionName); + operation, paramString, eventTime, AuditLogger.ALLOWED, newCollectionName); } /** @@ -217,8 +218,8 @@ public class SentryIndexAuthorizationSingleton { // http request associated with it. if (httpServletRequest == null && !(req instanceof LocalSolrQueryRequest)) { StringBuilder builder = new StringBuilder("Unable to locate HttpServletRequest"); - if (solrCore != null && solrCore.getSolrConfig().getBool( - "requestDispatcher/requestParsers/@addHttpRequestToContext", true) == false) { + if (solrCore != null && !solrCore.getSolrConfig().getBool( + "requestDispatcher/requestParsers/@addHttpRequestToContext", true)) { builder.append(", ensure requestDispatcher/requestParsers/@addHttpRequestToContext is set to true"); } throw new SolrException(SolrException.ErrorCode.UNAUTHORIZED, builder.toString()); @@ -228,7 +229,7 @@ public class SentryIndexAuthorizationSingleton { // If a local request, treat it like a super user request; i.e. it is equivalent to an // http request from the same process. return req instanceof LocalSolrQueryRequest? - superUser:(String)httpServletRequest.getAttribute(USER_NAME); + superUser : (String)httpServletRequest.getAttribute(USER_NAME); } private String getImpersonatorName(SolrQueryRequest req) { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java ---------------------------------------------------------------------- diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java index 98354e5..44db3b4 100644 --- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java +++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java @@ -35,8 +35,8 @@ import org.apache.zookeeper.KeeperException; public class SecureAdminHandlers extends AdminHandlers { protected static class StandardHandler { - final String name; - final SolrRequestHandler handler; + private final String name; + private final SolrRequestHandler handler; public StandardHandler( String n, SolrRequestHandler h ) { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java ---------------------------------------------------------------------- diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java index be46a85..933db43 100644 --- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java +++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java @@ -36,12 +36,12 @@ import java.util.Set; public class QueryDocAuthorizationComponent extends SearchComponent { - private static Logger log = + private static final Logger LOG = LoggerFactory.getLogger(QueryDocAuthorizationComponent.class); - public static String AUTH_FIELD_PROP = "sentryAuthField"; - public static String DEFAULT_AUTH_FIELD = "sentry_auth"; - public static String ALL_ROLES_TOKEN_PROP = "allRolesToken"; - public static String ENABLED_PROP = "enabled"; + public static final String AUTH_FIELD_PROP = "sentryAuthField"; + public static final String DEFAULT_AUTH_FIELD = "sentry_auth"; + public static final String ALL_ROLES_TOKEN_PROP = "allRolesToken"; + public static final String ENABLED_PROP = "enabled"; private SentryIndexAuthorizationSingleton sentryInstance; private String authField; private String allRolesToken; @@ -61,11 +61,11 @@ public class QueryDocAuthorizationComponent extends SearchComponent public void init(NamedList args) { SolrParams params = SolrParams.toSolrParams(args); this.authField = params.get(AUTH_FIELD_PROP, DEFAULT_AUTH_FIELD); - log.info("QueryDocAuthorizationComponent authField: " + this.authField); + LOG.info("QueryDocAuthorizationComponent authField: " + this.authField); this.allRolesToken = params.get(ALL_ROLES_TOKEN_PROP, ""); - log.info("QueryDocAuthorizationComponent allRolesToken: " + this.allRolesToken); + LOG.info("QueryDocAuthorizationComponent allRolesToken: " + this.allRolesToken); this.enabled = params.getBool(ENABLED_PROP, false); - log.info("QueryDocAuthorizationComponent enabled: " + this.enabled); + LOG.info("QueryDocAuthorizationComponent enabled: " + this.enabled); } private void addRawClause(StringBuilder builder, String authField, String value) { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/SecureRealTimeGetComponent.java ---------------------------------------------------------------------- diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/SecureRealTimeGetComponent.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/SecureRealTimeGetComponent.java index ff86b56..1ac9ccc 100644 --- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/SecureRealTimeGetComponent.java +++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/SecureRealTimeGetComponent.java @@ -64,9 +64,9 @@ import java.util.Set; public class SecureRealTimeGetComponent extends SearchComponent { - private static Logger log = + private static final Logger LOG = LoggerFactory.getLogger(SecureRealTimeGetComponent.class); - public static String ID_FIELD_NAME = "_reserved_sentry_id"; + public static final String ID_FIELD_NAME = "_reserved_sentry_id"; public static final String COMPONENT_NAME = "secureGet"; private SentryIndexAuthorizationSingleton sentryInstance; @@ -96,7 +96,7 @@ public class SecureRealTimeGetComponent extends SearchComponent SolrReturnFields savedReturnFields = (SolrReturnFields)rb.rsp.getReturnFields(); if (savedReturnFields == null) { throw new SolrException(SolrException.ErrorCode.SERVER_ERROR, - "Not able to authorize request because ReturnFields is invalid: " + savedReturnFields); + "Not able to authorize request because ReturnFields is null"); } DocTransformer savedTransformer = savedReturnFields.getTransformer(); Query filterQuery = docComponent.getFilterQuery(roles); @@ -124,7 +124,7 @@ public class SecureRealTimeGetComponent extends SearchComponent @Override public void process(ResponseBuilder rb) throws IOException { if (!(rb.rsp.getReturnFields() instanceof AddDocIdReturnFields)) { - log.info("Skipping application of SecureRealTimeGetComponent because " + LOG.info("Skipping application of SecureRealTimeGetComponent because " + " return field wasn't applied in prepare phase"); return; } @@ -334,7 +334,7 @@ public class SecureRealTimeGetComponent extends SearchComponent // we do here. private static class DocIdAugmenter extends DocTransformer { - final String name; + private final String name; public DocIdAugmenter( String display ) { http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java ---------------------------------------------------------------------- diff --git a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java index 1302316..c3e0b17 100644 --- a/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java +++ b/sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/metastore/SentryPolicyProviderForDb.java @@ -76,7 +76,7 @@ public class SentryPolicyProviderForDb extends PolicyFile { } // create roles and add privileges - for (Entry<String, Collection<String>> roleEntry : rolesToPermissions + for (Entry<String, Collection<String>> roleEntry : getRolesToPermissions() .asMap().entrySet()) { sentryClient.createRole(StaticUserGroup.ADMIN1, roleEntry.getKey()); for (String privilege : roleEntry.getValue()) { @@ -85,7 +85,7 @@ public class SentryPolicyProviderForDb extends PolicyFile { } // grant roles to groups - for (Entry<String, Collection<String>> groupEntry : groupsToRoles.asMap() + for (Entry<String, Collection<String>> groupEntry : getGroupsToRoles().asMap() .entrySet()) { for (String roleNames : groupEntry.getValue()) { for (String roleName : roleNames.split(",")) {
