Repository: sentry Updated Branches: refs/heads/master 844b03722 -> 441a4f64a
SENTRY-1505: CommitContext isn't used by anything and should be removed (Alexander Kolbasov, reviewed by Li Li, Colin Ma) Change-Id: I7e0ccf13da1155602865755da2444d730c521916 Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/441a4f64 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/441a4f64 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/441a4f64 Branch: refs/heads/master Commit: 441a4f64aa624310d180eae821c12fea1c2f437b Parents: 844b037 Author: lili <[email protected]> Authored: Fri Nov 4 15:22:47 2016 -0700 Committer: lili <[email protected]> Committed: Fri Nov 4 15:22:47 2016 -0700 ---------------------------------------------------------------------- .../service/persistent/DelegateSentryStore.java | 55 ++++++------ .../service/persistent/SentryStoreLayer.java | 25 ++---- .../service/thrift/NotificationHandler.java | 20 ++--- .../thrift/NotificationHandlerInvoker.java | 45 +++++----- .../thrift/SentryGenericPolicyProcessor.java | 91 +++++++++++--------- .../db/service/persistent/CommitContext.java | 42 --------- .../db/service/persistent/SentryStore.java | 84 +++++++----------- .../db/service/thrift/NotificationHandler.java | 32 +++---- .../thrift/NotificationHandlerInvoker.java | 62 ++++++------- .../thrift/SentryPolicyStoreProcessor.java | 48 +++++------ .../TestSentryGenericPolicyProcessor.java | 26 ------ .../thrift/TestNotificationHandlerInvoker.java | 40 ++++----- 12 files changed, 225 insertions(+), 345 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java index f090042..12245ec 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java @@ -22,7 +22,6 @@ import java.util.HashSet; import java.util.LinkedList; import java.util.List; import java.util.Set; -import java.util.UUID; import javax.jdo.PersistenceManager; import javax.jdo.Query; @@ -37,7 +36,6 @@ import org.apache.sentry.core.common.exception.SentryNoSuchObjectException; import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege; import org.apache.sentry.provider.db.service.model.MSentryGroup; import org.apache.sentry.provider.db.service.model.MSentryRole; -import org.apache.sentry.provider.db.service.persistent.CommitContext; import org.apache.sentry.provider.db.service.persistent.SentryStore; import org.apache.sentry.provider.db.service.persistent.TransactionBlock; import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor; @@ -60,7 +58,6 @@ import com.google.common.collect.Sets; * resourceName2=cl1,resourceType2=COLUMN ) of generic privilege table */ public class DelegateSentryStore implements SentryStoreLayer { - private static final UUID SERVER_UUID = UUID.randomUUID(); private SentryStore delegate; private Configuration conf; private Set<String> adminGroups; @@ -82,9 +79,10 @@ public class DelegateSentryStore implements SentryStoreLayer { } @Override - public CommitContext createRole(String component, String role, + public Object createRole(String component, String role, String requestor) throws Exception { - return delegate.createSentryRole(role); + delegate.createSentryRole(role); + return null; } /** @@ -92,9 +90,9 @@ public class DelegateSentryStore implements SentryStoreLayer { * privileges, so delete role will remove all privileges related to it. */ @Override - public CommitContext dropRole(final String component, final String role, final String requestor) + public Object dropRole(final String component, final String role, final String requestor) throws Exception { - return (CommitContext)delegate.getTransactionManager().executeTransactionWithRetry( + delegate.getTransactionManager().executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { String trimmedRole = toTrimmedLower(role); @@ -111,9 +109,10 @@ public class DelegateSentryStore implements SentryStoreLayer { sentryRole.removePrivileges(); pm.deletePersistent(sentryRole); } - return new CommitContext(SERVER_UUID, 0l); + return null; } }); + return null; } @Override @@ -122,23 +121,25 @@ public class DelegateSentryStore implements SentryStoreLayer { } @Override - public CommitContext alterRoleAddGroups(String component, String role, + public Object alterRoleAddGroups(String component, String role, Set<String> groups, String requestor) throws Exception { - return delegate.alterSentryRoleAddGroups(requestor, role, toTSentryGroups(groups)); + delegate.alterSentryRoleAddGroups(requestor, role, toTSentryGroups(groups)); + return null; } @Override - public CommitContext alterRoleDeleteGroups(String component, String role, + public Object alterRoleDeleteGroups(String component, String role, Set<String> groups, String requestor) throws Exception { //called to old sentryStore - return delegate.alterSentryRoleDeleteGroups(role, toTSentryGroups(groups)); + delegate.alterSentryRoleDeleteGroups(role, toTSentryGroups(groups)); + return null; } @Override - public CommitContext alterRoleGrantPrivilege(final String component, final String role, + public Object alterRoleGrantPrivilege(final String component, final String role, final PrivilegeObject privilege, final String grantorPrincipal) throws Exception { - return (CommitContext)delegate.getTransactionManager().executeTransactionWithRetry( + delegate.getTransactionManager().executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { String trimmedRole = toTrimmedLower(role); @@ -152,17 +153,17 @@ public class DelegateSentryStore implements SentryStoreLayer { grantOptionCheck(privilege, grantorPrincipal, pm); privilegeOperator.grantPrivilege(privilege, mRole, pm); - - return new CommitContext(SERVER_UUID, 0l); + return null; } }); + return null; } @Override - public CommitContext alterRoleRevokePrivilege(final String component, + public Object alterRoleRevokePrivilege(final String component, final String role, final PrivilegeObject privilege, final String grantorPrincipal) throws Exception { - return (CommitContext)delegate.getTransactionManager().executeTransactionWithRetry( + delegate.getTransactionManager().executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { String trimmedRole = toTrimmedLower(role); @@ -176,14 +177,14 @@ public class DelegateSentryStore implements SentryStoreLayer { grantOptionCheck(privilege, grantorPrincipal, pm); privilegeOperator.revokePrivilege(privilege, mRole, pm); - - return new CommitContext(SERVER_UUID, 0l); + return null; } }); + return null; } @Override - public CommitContext renamePrivilege(final String component, final String service, + public Object renamePrivilege(final String component, final String service, final List<? extends Authorizable> oldAuthorizables, final List<? extends Authorizable> newAuthorizables, final String requestor) throws Exception { @@ -199,28 +200,30 @@ public class DelegateSentryStore implements SentryStoreLayer { + "newAuthorizables:" + Arrays.toString(newAuthorizables.toArray())); } - return (CommitContext)delegate.getTransactionManager().executeTransactionWithRetry( + delegate.getTransactionManager().executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { privilegeOperator.renamePrivilege(toTrimmedLower(component), toTrimmedLower(service), oldAuthorizables, newAuthorizables, requestor, pm); - return new CommitContext(SERVER_UUID, 0l); + return null; } }); + return null; } @Override - public CommitContext dropPrivilege(final String component, + public Object dropPrivilege(final String component, final PrivilegeObject privilege, final String requestor) throws Exception { Preconditions.checkNotNull(requestor); - return (CommitContext)delegate.getTransactionManager().executeTransactionWithRetry( + delegate.getTransactionManager().executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { privilegeOperator.dropPrivilege(privilege, pm); - return new CommitContext(SERVER_UUID, 0l); + return null; } }); + return null; } /** http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java index 687a7e0..f717f38 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java @@ -22,7 +22,6 @@ import java.util.Set; import org.apache.sentry.core.common.Authorizable; import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege; -import org.apache.sentry.provider.db.service.persistent.CommitContext; /** * Sentry store for persistent the authorize object to database @@ -33,10 +32,9 @@ public interface SentryStoreLayer { * @param component: The request respond to which component * @param role: The name of role * @param requestor: User on whose behalf the request is launched - * @returns commit context used for notification handlers * @throws Exception */ - CommitContext createRole(String component, String role, + Object createRole(String component, String role, String requestor) throws Exception; /** @@ -44,10 +42,9 @@ public interface SentryStoreLayer { * @param component: The request respond to which component * @param role: The name of role * @param requestor: user on whose behalf the request is launched - * @returns commit context used for notification handlers * @throws Exception */ - CommitContext dropRole(String component, String role, + Object dropRole(String component, String role, String requestor) throws Exception; /** @@ -56,10 +53,9 @@ public interface SentryStoreLayer { * @param role: The name of role * @param groups: The name of groups * @param requestor: User on whose behalf the request is issued - * @returns commit context used for notification handlers * @throws Exception */ - CommitContext alterRoleAddGroups(String component, String role, + Object alterRoleAddGroups(String component, String role, Set<String> groups, String requestor) throws Exception; /** @@ -68,10 +64,9 @@ public interface SentryStoreLayer { * @param role: The name of role * @param groups: The name of groups * @param requestor: User on whose behalf the request is launched - * @returns commit context used for notification handlers * @throws Exception */ - CommitContext alterRoleDeleteGroups(String component, String role, + Object alterRoleDeleteGroups(String component, String role, Set<String> groups, String requestor) throws Exception; /** @@ -80,10 +75,9 @@ public interface SentryStoreLayer { * @param role: The name of role * @param privilege: The privilege object will be granted * @param grantorPrincipal: User on whose behalf the request is launched - * @returns commit context Used for notification handlers * @throws Exception */ - CommitContext alterRoleGrantPrivilege(String component, String role, + Object alterRoleGrantPrivilege(String component, String role, PrivilegeObject privilege, String grantorPrincipal) throws Exception; /** @@ -92,10 +86,9 @@ public interface SentryStoreLayer { * @param role: The name of role * @param privilege: The privilege object will revoked * @param grantorPrincipal: User on whose behalf the request is launched - * @returns commit context used for notification handlers * @throws Exception */ - CommitContext alterRoleRevokePrivilege(String component, String role, + Object alterRoleRevokePrivilege(String component, String role, PrivilegeObject privilege, String grantorPrincipal) throws Exception; /** @@ -106,10 +99,9 @@ public interface SentryStoreLayer { * @param oldAuthorizables: The old list of authorize objects * @param newAuthorizables: The new list of authorize objects * @param requestor: User on whose behalf the request is launched - * @returns commit context used for notification handlers * @throws Exception */ - CommitContext renamePrivilege( + Object renamePrivilege( String component, String service, List<? extends Authorizable> oldAuthorizables, List<? extends Authorizable> newAuthorizables, String requestor) throws Exception; @@ -118,10 +110,9 @@ public interface SentryStoreLayer { * @param component: The request respond to which component * @param privilege: The privilege will be dropped * @param requestor: User on whose behalf the request is launched - * @returns commit context used for notification handlers * @throws Exception */ - CommitContext dropPrivilege(String component, PrivilegeObject privilege, + Object dropPrivilege(String component, PrivilegeObject privilege, String requestor) throws Exception; /** http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java index e0a5f03..23731bd 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java @@ -17,31 +17,29 @@ */ package org.apache.sentry.provider.db.generic.service.thrift; -import org.apache.sentry.provider.db.service.persistent.CommitContext; - public interface NotificationHandler { - void create_sentry_role(CommitContext context, - TCreateSentryRoleRequest request, TCreateSentryRoleResponse response); + void create_sentry_role(TCreateSentryRoleRequest request, + TCreateSentryRoleResponse response); - void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request, + void drop_sentry_role(TDropSentryRoleRequest request, TDropSentryRoleResponse response); - void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request, + void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request, TAlterSentryRoleGrantPrivilegeResponse response); - void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request, + void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request, TAlterSentryRoleRevokePrivilegeResponse response); - void alter_sentry_role_add_groups(CommitContext context,TAlterSentryRoleAddGroupsRequest request, + void alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request, TAlterSentryRoleAddGroupsResponse response); - void alter_sentry_role_delete_groups(CommitContext context, TAlterSentryRoleDeleteGroupsRequest request, + void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request, TAlterSentryRoleDeleteGroupsResponse response); - void drop_sentry_privilege(CommitContext context, TDropPrivilegesRequest request, + void drop_sentry_privilege(TDropPrivilegesRequest request, TDropPrivilegesResponse response); - void rename_sentry_privilege(CommitContext context, TRenamePrivilegesRequest request, + void rename_sentry_privilege(TRenamePrivilegesRequest request, TRenamePrivilegesResponse response); } http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java index 1d9c246..6a8e7f3 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java @@ -19,7 +19,6 @@ package org.apache.sentry.provider.db.generic.service.thrift; import java.util.List; -import org.apache.sentry.provider.db.service.persistent.CommitContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -38,12 +37,12 @@ public class NotificationHandlerInvoker implements NotificationHandler { this.handlers = handlers; } @Override - public void create_sentry_role(CommitContext context, - TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { + public void create_sentry_role(TCreateSentryRoleRequest request, + TCreateSentryRoleResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.create_sentry_role(context, new TCreateSentryRoleRequest(request), + handler.create_sentry_role(new TCreateSentryRoleRequest(request), new TCreateSentryRoleResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -53,12 +52,12 @@ public class NotificationHandlerInvoker implements NotificationHandler { } @Override - public void drop_sentry_role(CommitContext context, - TDropSentryRoleRequest request, TDropSentryRoleResponse response) { + public void drop_sentry_role(TDropSentryRoleRequest request, + TDropSentryRoleResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.drop_sentry_role(context, new TDropSentryRoleRequest(request), + handler.drop_sentry_role(new TDropSentryRoleRequest(request), new TDropSentryRoleResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -68,13 +67,13 @@ public class NotificationHandlerInvoker implements NotificationHandler { } @Override - public void alter_sentry_role_grant_privilege(CommitContext context, - TAlterSentryRoleGrantPrivilegeRequest request, - TAlterSentryRoleGrantPrivilegeResponse response) { + public void alter_sentry_role_grant_privilege( + TAlterSentryRoleGrantPrivilegeRequest request, + TAlterSentryRoleGrantPrivilegeResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_grant_privilege(context, + handler.alter_sentry_role_grant_privilege( new TAlterSentryRoleGrantPrivilegeRequest(request), new TAlterSentryRoleGrantPrivilegeResponse(response)); } catch (Exception ex) { @@ -85,13 +84,13 @@ public class NotificationHandlerInvoker implements NotificationHandler { } @Override - public void alter_sentry_role_revoke_privilege(CommitContext context, + public void alter_sentry_role_revoke_privilege( TAlterSentryRoleRevokePrivilegeRequest request, TAlterSentryRoleRevokePrivilegeResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_revoke_privilege(context, + handler.alter_sentry_role_revoke_privilege( new TAlterSentryRoleRevokePrivilegeRequest(request), new TAlterSentryRoleRevokePrivilegeResponse(response)); } catch (Exception ex) { @@ -102,13 +101,13 @@ public class NotificationHandlerInvoker implements NotificationHandler { } @Override - public void alter_sentry_role_add_groups(CommitContext context, + public void alter_sentry_role_add_groups( TAlterSentryRoleAddGroupsRequest request, TAlterSentryRoleAddGroupsResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_add_groups(context, new TAlterSentryRoleAddGroupsRequest(request), + handler.alter_sentry_role_add_groups(new TAlterSentryRoleAddGroupsRequest(request), new TAlterSentryRoleAddGroupsResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -118,13 +117,13 @@ public class NotificationHandlerInvoker implements NotificationHandler { } @Override - public void alter_sentry_role_delete_groups(CommitContext context, + public void alter_sentry_role_delete_groups( TAlterSentryRoleDeleteGroupsRequest request, TAlterSentryRoleDeleteGroupsResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_delete_groups(context, new TAlterSentryRoleDeleteGroupsRequest(request), + handler.alter_sentry_role_delete_groups(new TAlterSentryRoleDeleteGroupsRequest(request), new TAlterSentryRoleDeleteGroupsResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -133,12 +132,12 @@ public class NotificationHandlerInvoker implements NotificationHandler { } } @Override - public void drop_sentry_privilege(CommitContext context, + public void drop_sentry_privilege( TDropPrivilegesRequest request, TDropPrivilegesResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.drop_sentry_privilege(context, new TDropPrivilegesRequest(request), + handler.drop_sentry_privilege(new TDropPrivilegesRequest(request), new TDropPrivilegesResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -147,13 +146,13 @@ public class NotificationHandlerInvoker implements NotificationHandler { } } @Override - public void rename_sentry_privilege(CommitContext context, - TRenamePrivilegesRequest request, TRenamePrivilegesResponse response) { + public void rename_sentry_privilege(TRenamePrivilegesRequest request, + TRenamePrivilegesResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.rename_sentry_privilege(context, new TRenamePrivilegesRequest(request), - new TRenamePrivilegesResponse(response)); + handler.rename_sentry_privilege(new TRenamePrivilegesRequest(request), + new TRenamePrivilegesResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: " + response, ex); http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java index e59d12a..b638be7 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java @@ -46,7 +46,6 @@ import org.apache.sentry.provider.db.log.entity.JsonLogEntityFactory; import org.apache.sentry.provider.db.log.util.Constants; import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege; import org.apache.sentry.provider.db.service.model.MSentryRole; -import org.apache.sentry.provider.db.service.persistent.CommitContext; import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants; import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor; import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; @@ -399,14 +398,15 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); - CommitContext context = store.createRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName()); - return new Response<Void>(Status.OK(), context); + store.createRole(request.getComponent(), request.getRoleName(), + request.getRequestorUserName()); + return new Response<Void>(Status.OK()); } }); TCreateSentryRoleResponse tResponse = new TCreateSentryRoleResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.create_sentry_role(respose.context, request, tResponse); + handerInvoker.create_sentry_role(request, tResponse); } try { @@ -429,14 +429,15 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); - CommitContext context = store.dropRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName()); - return new Response<Void>(Status.OK(), context); + store.dropRole(request.getComponent(), request.getRoleName(), + request.getRequestorUserName()); + return new Response<Void>(Status.OK()); } }); TDropSentryRoleResponse tResponse = new TDropSentryRoleResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.drop_sentry_role(respose.context, request, tResponse); + handerInvoker.drop_sentry_role(request, tResponse); } try { @@ -457,14 +458,17 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); - CommitContext context = store.alterRoleGrantPrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); - return new Response<Void>(Status.OK(), context); + store.alterRoleGrantPrivilege(request.getComponent(), + request.getRoleName(), + toPrivilegeObject(request.getPrivilege()), + request.getRequestorUserName()); + return new Response<Void>(Status.OK()); } }); TAlterSentryRoleGrantPrivilegeResponse tResponse = new TAlterSentryRoleGrantPrivilegeResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.alter_sentry_role_grant_privilege(respose.context, request, tResponse); + handerInvoker.alter_sentry_role_grant_privilege(request, tResponse); } try { @@ -485,14 +489,18 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. @Override public Response<Void> handle() throws Exception { validateClientVersion(request.getProtocol_version()); - CommitContext context = store.alterRoleRevokePrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); - return new Response<Void>(Status.OK(), context); + store.alterRoleRevokePrivilege(request.getComponent(), + request.getRoleName(), + toPrivilegeObject(request.getPrivilege()), + request.getRequestorUserName()); + return new Response<Void>(Status.OK()); } }); - TAlterSentryRoleRevokePrivilegeResponse tResponse = new TAlterSentryRoleRevokePrivilegeResponse(respose.status); + TAlterSentryRoleRevokePrivilegeResponse tResponse = + new TAlterSentryRoleRevokePrivilegeResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.alter_sentry_role_revoke_privilege(respose.context, request, tResponse); + handerInvoker.alter_sentry_role_revoke_privilege(request, tResponse); } try { @@ -515,14 +523,18 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); - CommitContext context = store.alterRoleAddGroups(request.getComponent(), request.getRoleName(), request.getGroups(), request.getRequestorUserName()); - return new Response<Void>(Status.OK(), context); + store.alterRoleAddGroups(request.getComponent(), + request.getRoleName(), + request.getGroups(), + request.getRequestorUserName()); + return new Response<Void>(Status.OK()); } }); - TAlterSentryRoleAddGroupsResponse tResponse = new TAlterSentryRoleAddGroupsResponse(respose.status); + TAlterSentryRoleAddGroupsResponse tResponse = + new TAlterSentryRoleAddGroupsResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.alter_sentry_role_add_groups(respose.context, request, tResponse); + handerInvoker.alter_sentry_role_add_groups(request, tResponse); } try { @@ -545,14 +557,18 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); - CommitContext context = store.alterRoleDeleteGroups(request.getComponent(), request.getRoleName(), request.getGroups(), request.getRequestorUserName()); - return new Response<Void>(Status.OK(), context); + store.alterRoleDeleteGroups(request.getComponent(), + request.getRoleName(), + request.getGroups(), + request.getRequestorUserName()); + return new Response<Void>(Status.OK()); } }); - TAlterSentryRoleDeleteGroupsResponse tResponse = new TAlterSentryRoleDeleteGroupsResponse(respose.status); + TAlterSentryRoleDeleteGroupsResponse tResponse = + new TAlterSentryRoleDeleteGroupsResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.alter_sentry_role_delete_groups(respose.context, request, tResponse); + handerInvoker.alter_sentry_role_delete_groups(request, tResponse); } try { @@ -560,7 +576,8 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog()); } catch (Exception e) { // if any exception, log the exception. - String msg = "Error in creating audit log for delete role from group: " + e.getMessage(); + String msg = "Error in creating audit log for delete role from group: " + + e.getMessage(); LOGGER.error(msg, e); } return tResponse; @@ -760,16 +777,16 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); - CommitContext context = store.dropPrivilege(request.getComponent(), + store.dropPrivilege(request.getComponent(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName()); - return new Response<Void>(Status.OK(), context); + return new Response<Void>(Status.OK()); } }); TDropPrivilegesResponse tResponse = new TDropPrivilegesResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.drop_sentry_privilege(respose.context, request, tResponse); + handerInvoker.drop_sentry_privilege(request, tResponse); } return tResponse; } @@ -783,40 +800,34 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(conf, request.getRequestorUserName())); - CommitContext context = store.renamePrivilege(request.getComponent(), request.getServiceName(), - toAuthorizables(request.getOldAuthorizables()), - toAuthorizables(request.getNewAuthorizables()), - request.getRequestorUserName()); - return new Response<Void>(Status.OK(),context); + store.renamePrivilege(request.getComponent(), request.getServiceName(), + toAuthorizables(request.getOldAuthorizables()), + toAuthorizables(request.getNewAuthorizables()), + request.getRequestorUserName()); + return new Response<Void>(Status.OK()); } }); TRenamePrivilegesResponse tResponse = new TRenamePrivilegesResponse(respose.status); if (Status.OK.getCode() == respose.status.getValue()) { - handerInvoker.rename_sentry_privilege(respose.context, request, tResponse); + handerInvoker.rename_sentry_privilege(request, tResponse); } return tResponse; } private static class Response<T> { private TSentryResponseStatus status; - private CommitContext context; private T content; Response() { } - Response(TSentryResponseStatus status, CommitContext context) { - this(status,context,null); + Response(TSentryResponseStatus status) { + this(status, null); } Response(TSentryResponseStatus status, T content) { - this(status,null,content); - } - - Response(TSentryResponseStatus status, CommitContext context, T content) { this.status = status; - this.context = context; this.content = content; } } http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java deleted file mode 100644 index c74dbf3..0000000 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java +++ /dev/null @@ -1,42 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -package org.apache.sentry.provider.db.service.persistent; - -import java.util.UUID; - -/** - * Stores the UUID associated with the server who processed - * a commit and a commit order sequence id. - */ -public class CommitContext { - - private final String serverUUID; - private final long sequenceId; - - public CommitContext(UUID serverUUID, long sequenceId) { - this.serverUUID = serverUUID.toString(); - this.sequenceId = sequenceId; - } - public String getServerUUID() { - return serverUUID; - } - public long getSequenceId() { - return sequenceId; - } -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java index 17113e6..742798d 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java @@ -93,7 +93,6 @@ import com.google.common.collect.Sets; * in addition to starting and ending whitespace. */ public class SentryStore { - private static final UUID SERVER_UUID = UUID.randomUUID(); private static final Logger LOGGER = LoggerFactory .getLogger(SentryStore.class); @@ -113,14 +112,6 @@ public class SentryStore { private static final Set<String> PARTIAL_REVOKE_ACTIONS = Sets.newHashSet(AccessConstants.ALL, AccessConstants.ACTION_ALL.toLowerCase(), AccessConstants.SELECT, AccessConstants.INSERT); - /** - * Commit order sequence id. This is used by notification handlers - * to know the order in which events where committed to the database. - * This instance variable is incremented in incrementGetSequenceId - * and read in commitUpdateTransaction. Synchronization on this - * is required to read commitSequenceId. - */ - private long commitSequenceId; private final PersistenceManagerFactory pmf; private Configuration conf; private PrivCleaner privCleaner = null; @@ -128,7 +119,6 @@ public class SentryStore { private final TransactionManager tm; public SentryStore(Configuration conf) throws Exception { - commitSequenceId = 0; this.conf = conf; Properties prop = new Properties(); prop.putAll(ServerConfig.SENTRY_STORE_DEFAULTS); @@ -226,16 +216,6 @@ public class SentryStore { } } - /** - * Increments commitSequenceId which should not be modified outside - * this method. - * - * @return sequence id - */ - private synchronized long incrementGetSequenceId() { - return ++commitSequenceId; - } - public void rollbackTransaction(PersistenceManager pm) { if (pm == null || pm.isClosed()) { return; @@ -270,15 +250,14 @@ public class SentryStore { /** * Create a sentry role and persist it. * @param roleName: Name of the role being persisted - * @returns commit context used for notification handlers - * @throws SentryAlreadyExistsException + * @throws Exception */ - public CommitContext createSentryRole(final String roleName) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + public void createSentryRole(final String roleName) throws Exception { + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { createSentryRoleCore(pm, roleName); - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); + return null; } }); } @@ -377,15 +356,15 @@ public class SentryStore { } } - public CommitContext alterSentryRoleGrantPrivilege(String grantorPrincipal, + public void alterSentryRoleGrantPrivilege(String grantorPrincipal, String roleName, TSentryPrivilege privilege) throws Exception { - return alterSentryRoleGrantPrivileges(grantorPrincipal, - roleName, Sets.newHashSet(privilege)); + alterSentryRoleGrantPrivileges(grantorPrincipal, roleName, + Sets.newHashSet(privilege)); } - public CommitContext alterSentryRoleGrantPrivileges(final String grantorPrincipal, + public void alterSentryRoleGrantPrivileges(final String grantorPrincipal, final String roleName, final Set<TSentryPrivilege> privileges) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { String trimmedRoleName = trimAndLower(roleName); @@ -398,7 +377,7 @@ public class SentryStore { convertToTSentryPrivilege(mPrivilege, privilege); } } - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); + return null; } }); } @@ -461,15 +440,15 @@ public class SentryStore { return mPrivilege; } - public CommitContext alterSentryRoleRevokePrivilege(String grantorPrincipal, + public void alterSentryRoleRevokePrivilege(String grantorPrincipal, String roleName, TSentryPrivilege tPrivilege) throws Exception { - return alterSentryRoleRevokePrivileges(grantorPrincipal, - roleName, Sets.newHashSet(tPrivilege)); + alterSentryRoleRevokePrivileges(grantorPrincipal, roleName, + Sets.newHashSet(tPrivilege)); } - public CommitContext alterSentryRoleRevokePrivileges(final String grantorPrincipal, + public void alterSentryRoleRevokePrivileges(final String grantorPrincipal, final String roleName, final Set<TSentryPrivilege> tPrivileges) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { String trimmedRoleName = safeTrimLower(roleName); @@ -478,7 +457,7 @@ public class SentryStore { grantOptionCheck(pm, grantorPrincipal, tPrivilege); alterSentryRoleRevokePrivilegeCore(pm, trimmedRoleName, tPrivilege); } - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); + return null; } }); } @@ -729,12 +708,12 @@ public class SentryStore { return null; } - public CommitContext dropSentryRole(final String roleName) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + public void dropSentryRole(final String roleName) throws Exception { + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { dropSentryRoleCore(pm, roleName); - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); + return null; } }); } @@ -760,13 +739,13 @@ public class SentryStore { } } - public CommitContext alterSentryRoleAddGroups(final String grantorPrincipal, + public void alterSentryRoleAddGroups(final String grantorPrincipal, final String roleName, final Set<TSentryGroup> groupNames) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { alterSentryRoleAddGroupsCore(pm, roleName, groupNames); - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); + return null; } }); } @@ -800,13 +779,13 @@ public class SentryStore { } } - public CommitContext alterSentryRoleAddUsers(final String roleName, + public void alterSentryRoleAddUsers(final String roleName, final Set<String> userNames) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { alterSentryRoleAddUsersCore(pm, roleName, userNames); - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); + return null; } }); } @@ -836,9 +815,9 @@ public class SentryStore { } } - public CommitContext alterSentryRoleDeleteUsers(final String roleName, + public void alterSentryRoleDeleteUsers(final String roleName, final Set<String> userNames) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { String trimmedRoleName = trimAndLower(roleName); @@ -860,16 +839,15 @@ public class SentryStore { } } pm.makePersistentAll(users); - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); } + return null; } }); - } - public CommitContext alterSentryRoleDeleteGroups(final String roleName, + public void alterSentryRoleDeleteGroups(final String roleName, final Set<TSentryGroup> groupNames) throws Exception { - return (CommitContext)tm.executeTransactionWithRetry( + tm.executeTransactionWithRetry( new TransactionBlock() { public Object execute(PersistenceManager pm) throws Exception { String trimmedRoleName = trimAndLower(roleName); @@ -895,8 +873,8 @@ public class SentryStore { } } pm.makePersistentAll(groups); - return new CommitContext(SERVER_UUID, incrementGetSequenceId()); } + return null; } }); } http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java index b1a4b7f..e853394 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java @@ -19,7 +19,6 @@ package org.apache.sentry.provider.db.service.thrift; import org.apache.hadoop.conf.Configuration; -import org.apache.sentry.provider.db.service.persistent.CommitContext; /** * Users wishing to be notified when a metadata changing event occurs @@ -27,7 +26,6 @@ import org.apache.sentry.provider.db.service.persistent.CommitContext; * metadata in SentryPolicyStoreProcessor will have a corresponding method * on this class. Each method will contain a copy of the request and response * object. Therefore any change to the request or response object will be ignored. - * Additionally each method will be passed a CommitContext. * * Sub-classes should be thread-safe. */ @@ -43,37 +41,33 @@ public abstract class NotificationHandler { return config; } - public void create_sentry_role(CommitContext context, - TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { + public void create_sentry_role(TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { } - public void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request, - TDropSentryRoleResponse response) { + public void drop_sentry_role(TDropSentryRoleRequest request, TDropSentryRoleResponse response) { } - public void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request, - TAlterSentryRoleGrantPrivilegeResponse response) { + public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request, + TAlterSentryRoleGrantPrivilegeResponse response) { } - public void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request, + public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request, TAlterSentryRoleRevokePrivilegeResponse response) { } - public void alter_sentry_role_add_groups(CommitContext context, - TAlterSentryRoleAddGroupsRequest request, - TAlterSentryRoleAddGroupsResponse response) { + public void alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request, + TAlterSentryRoleAddGroupsResponse response) { } - public void alter_sentry_role_delete_groups( - CommitContext context, TAlterSentryRoleDeleteGroupsRequest request, - TAlterSentryRoleDeleteGroupsResponse response) { + public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request, + TAlterSentryRoleDeleteGroupsResponse response) { } - public void alter_sentry_role_add_users(CommitContext context, - TAlterSentryRoleAddUsersRequest request, TAlterSentryRoleAddUsersResponse response) { + public void alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request, + TAlterSentryRoleAddUsersResponse response) { } - public void alter_sentry_role_delete_users(CommitContext context, - TAlterSentryRoleDeleteUsersRequest request, TAlterSentryRoleDeleteUsersResponse response) { + public void alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request, + TAlterSentryRoleDeleteUsersResponse response) { } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java index 856ef9a..75b4260 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java @@ -21,7 +21,6 @@ package org.apache.sentry.provider.db.service.thrift; import java.util.List; import org.apache.hadoop.conf.Configuration; -import org.apache.sentry.provider.db.service.persistent.CommitContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -37,11 +36,6 @@ public class NotificationHandlerInvoker extends NotificationHandler { private final ImmutableList<NotificationHandler> handlers; - public NotificationHandlerInvoker(Configuration conf, NotificationHandler handler) - throws Exception { - this(conf, ImmutableList.of(handler)); - } - public NotificationHandlerInvoker(Configuration conf, List<NotificationHandler> handlers) throws Exception { super(conf); @@ -49,12 +43,11 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void create_sentry_role(CommitContext context, - TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { + public void create_sentry_role(TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.create_sentry_role(context, new TCreateSentryRoleRequest(request), + handler.create_sentry_role(new TCreateSentryRoleRequest(request), new TCreateSentryRoleResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -64,12 +57,12 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request, + public void drop_sentry_role(TDropSentryRoleRequest request, TDropSentryRoleResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.drop_sentry_role(context, new TDropSentryRoleRequest(request), + handler.drop_sentry_role(new TDropSentryRoleRequest(request), new TDropSentryRoleResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -79,15 +72,13 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void alter_sentry_role_grant_privilege(CommitContext context, - TAlterSentryRoleGrantPrivilegeRequest request, - TAlterSentryRoleGrantPrivilegeResponse response) { + public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request, + TAlterSentryRoleGrantPrivilegeResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_grant_privilege(context, - new TAlterSentryRoleGrantPrivilegeRequest(request), - new TAlterSentryRoleGrantPrivilegeResponse(response)); + handler.alter_sentry_role_grant_privilege(new TAlterSentryRoleGrantPrivilegeRequest(request), + new TAlterSentryRoleGrantPrivilegeResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: " + response, ex); @@ -96,15 +87,13 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void alter_sentry_role_revoke_privilege(CommitContext context, - TAlterSentryRoleRevokePrivilegeRequest request, - TAlterSentryRoleRevokePrivilegeResponse response) { + public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request, + TAlterSentryRoleRevokePrivilegeResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_revoke_privilege(context, - new TAlterSentryRoleRevokePrivilegeRequest(request), - new TAlterSentryRoleRevokePrivilegeResponse(response)); + handler.alter_sentry_role_revoke_privilege(new TAlterSentryRoleRevokePrivilegeRequest(request), + new TAlterSentryRoleRevokePrivilegeResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: " + response, ex); @@ -113,13 +102,13 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void alter_sentry_role_add_groups(CommitContext context, + public void alter_sentry_role_add_groups( TAlterSentryRoleAddGroupsRequest request, TAlterSentryRoleAddGroupsResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_add_groups(context, new TAlterSentryRoleAddGroupsRequest(request), + handler.alter_sentry_role_add_groups(new TAlterSentryRoleAddGroupsRequest(request), new TAlterSentryRoleAddGroupsResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -129,13 +118,12 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void alter_sentry_role_delete_groups( - CommitContext context, TAlterSentryRoleDeleteGroupsRequest request, - TAlterSentryRoleDeleteGroupsResponse response) { + public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request, + TAlterSentryRoleDeleteGroupsResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_delete_groups(context, new TAlterSentryRoleDeleteGroupsRequest(request), + handler.alter_sentry_role_delete_groups(new TAlterSentryRoleDeleteGroupsRequest(request), new TAlterSentryRoleDeleteGroupsResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " @@ -145,13 +133,13 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void alter_sentry_role_add_users(CommitContext context, - TAlterSentryRoleAddUsersRequest request, TAlterSentryRoleAddUsersResponse response) { + public void alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request, + TAlterSentryRoleAddUsersResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_add_users(context, new TAlterSentryRoleAddUsersRequest(request), - new TAlterSentryRoleAddUsersResponse(response)); + handler.alter_sentry_role_add_users(new TAlterSentryRoleAddUsersRequest(request), + new TAlterSentryRoleAddUsersResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: " + response, ex); @@ -160,12 +148,12 @@ public class NotificationHandlerInvoker extends NotificationHandler { } @Override - public void alter_sentry_role_delete_users(CommitContext context, - TAlterSentryRoleDeleteUsersRequest request, TAlterSentryRoleDeleteUsersResponse response) { + public void alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request, + TAlterSentryRoleDeleteUsersResponse response) { for (NotificationHandler handler : handlers) { try { LOGGER.debug("Calling " + handler); - handler.alter_sentry_role_delete_users(context, new TAlterSentryRoleDeleteUsersRequest( + handler.alter_sentry_role_delete_users(new TAlterSentryRoleDeleteUsersRequest( request), new TAlterSentryRoleDeleteUsersResponse(response)); } catch (Exception ex) { LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: " @@ -173,4 +161,4 @@ public class NotificationHandlerInvoker extends NotificationHandler { } } } -} \ No newline at end of file +} http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java index 5dff12a..ff06582 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java @@ -45,7 +45,6 @@ import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException; import org.apache.sentry.provider.db.log.entity.JsonLogEntity; import org.apache.sentry.provider.db.log.entity.JsonLogEntityFactory; import org.apache.sentry.provider.db.log.util.Constants; -import org.apache.sentry.provider.db.service.persistent.CommitContext; import org.apache.sentry.provider.db.service.persistent.HAContext; import org.apache.sentry.provider.db.service.persistent.SentryStore; import org.apache.sentry.provider.db.service.persistent.ServiceRegister; @@ -230,10 +229,9 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); - CommitContext commitContext = sentryStore.createSentryRole(request.getRoleName()); + sentryStore.createSentryRole(request.getRoleName()); response.setStatus(Status.OK()); - notificationHandlerInvoker.create_sentry_role(commitContext, - request, response); + notificationHandlerInvoker.create_sentry_role(request, response); } catch (SentryAlreadyExistsException e) { String msg = "Role: " + request + " already exists."; LOGGER.error(msg, e); @@ -279,7 +277,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { if (request.isSetPrivilege()) { request.setPrivileges(Sets.newHashSet(request.getPrivilege())); } - CommitContext commitContext = sentryStore.alterSentryRoleGrantPrivileges(request.getRequestorUserName(), + sentryStore.alterSentryRoleGrantPrivileges(request.getRequestorUserName(), request.getRoleName(), request.getPrivileges()); response.setStatus(Status.OK()); response.setPrivileges(request.getPrivileges()); @@ -287,8 +285,8 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { if (response.isSetPrivileges() && response.getPrivileges().size() == 1) { response.setPrivilege(response.getPrivileges().iterator().next()); } - notificationHandlerInvoker.alter_sentry_role_grant_privilege(commitContext, - request, response); + notificationHandlerInvoker.alter_sentry_role_grant_privilege(request, + response); for (SentryPolicyStorePlugin plugin : sentryPlugins) { plugin.onAlterSentryRoleGrantPrivilege(request); } @@ -343,11 +341,11 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { if (request.isSetPrivilege()) { request.setPrivileges(Sets.newHashSet(request.getPrivilege())); } - CommitContext commitContext = sentryStore.alterSentryRoleRevokePrivileges(request.getRequestorUserName(), + sentryStore.alterSentryRoleRevokePrivileges(request.getRequestorUserName(), request.getRoleName(), request.getPrivileges()); response.setStatus(Status.OK()); - notificationHandlerInvoker.alter_sentry_role_revoke_privilege(commitContext, - request, response); + notificationHandlerInvoker.alter_sentry_role_revoke_privilege(request, + response); for (SentryPolicyStorePlugin plugin : sentryPlugins) { plugin.onAlterSentryRoleRevokePrivilege(request); } @@ -413,10 +411,9 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); - CommitContext commitContext = sentryStore.dropSentryRole(request.getRoleName()); + sentryStore.dropSentryRole(request.getRoleName()); response.setStatus(Status.OK()); - notificationHandlerInvoker.drop_sentry_role(commitContext, - request, response); + notificationHandlerInvoker.drop_sentry_role(request, response); for (SentryPolicyStorePlugin plugin : sentryPlugins) { plugin.onDropSentryRole(request); } @@ -458,12 +455,12 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); - CommitContext commitContext = sentryStore.alterSentryRoleAddGroups( + sentryStore.alterSentryRoleAddGroups( request.getRequestorUserName(), request.getRoleName(), request.getGroups()); response.setStatus(Status.OK()); - notificationHandlerInvoker.alter_sentry_role_add_groups(commitContext, - request, response); + notificationHandlerInvoker.alter_sentry_role_add_groups(request, + response); for (SentryPolicyStorePlugin plugin : sentryPlugins) { plugin.onAlterSentryRoleAddGroups(request); } @@ -504,10 +501,9 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); - CommitContext commitContext = sentryStore.alterSentryRoleAddUsers(request.getRoleName(), - request.getUsers()); + sentryStore.alterSentryRoleAddUsers(request.getRoleName(), request.getUsers()); response.setStatus(Status.OK()); - notificationHandlerInvoker.alter_sentry_role_add_users(commitContext, request, response); + notificationHandlerInvoker.alter_sentry_role_add_users(request, response); } catch (SentryNoSuchObjectException e) { String msg = "Role: " + request + " does not exist."; LOGGER.error(msg, e); @@ -545,10 +541,10 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { try { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); - CommitContext commitContext = sentryStore.alterSentryRoleDeleteUsers(request.getRoleName(), - request.getUsers()); + sentryStore.alterSentryRoleDeleteUsers(request.getRoleName(), + request.getUsers()); response.setStatus(Status.OK()); - notificationHandlerInvoker.alter_sentry_role_delete_users(commitContext, request, response); + notificationHandlerInvoker.alter_sentry_role_delete_users(request, response); } catch (SentryNoSuchObjectException e) { String msg = "Role: " + request + " does not exist."; LOGGER.error(msg, e); @@ -587,11 +583,11 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { validateClientVersion(request.getProtocol_version()); authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName())); - CommitContext commitContext = sentryStore.alterSentryRoleDeleteGroups(request.getRoleName(), - request.getGroups()); + sentryStore.alterSentryRoleDeleteGroups(request.getRoleName(), + request.getGroups()); response.setStatus(Status.OK()); - notificationHandlerInvoker.alter_sentry_role_delete_groups(commitContext, - request, response); + notificationHandlerInvoker.alter_sentry_role_delete_groups(request, + response); for (SentryPolicyStorePlugin plugin : sentryPlugins) { plugin.onAlterSentryRoleDeleteGroups(request); } http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java index 8b3599f..3881c11 100644 --- a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java +++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java @@ -35,7 +35,6 @@ import org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder; import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege; import org.apache.sentry.provider.db.service.model.MSentryRole; -import org.apache.sentry.provider.db.service.persistent.CommitContext; import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants; import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig; import org.apache.sentry.service.thrift.Status; @@ -50,8 +49,6 @@ import com.google.common.collect.Sets; public class TestSentryGenericPolicyProcessor extends org.junit.Assert { private static final String ADMIN_GROUP = "admin_group"; private static final String ADMIN_USER = "admin_user"; - private static final UUID SERVER_UUID = UUID.randomUUID(); - private static final long SEQ_ID = 10000; private SentryStoreLayer mockStore = Mockito.mock(SentryStoreLayer.class); private SentryGenericPolicyProcessor processor; @@ -110,34 +107,11 @@ public class TestSentryGenericPolicyProcessor extends org.junit.Assert { @Test public void testAdminOperation() throws Exception { - Mockito.when(mockStore.createRole(Matchers.anyString(), Matchers.anyString(), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID)); - - Mockito.when(mockStore.dropRole(Matchers.anyString(), Matchers.anyString(), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 1)); - - Mockito.when(mockStore.alterRoleAddGroups(Matchers.anyString(), Matchers.anyString(), Matchers.anySetOf(String.class), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 2)); - - Mockito.when(mockStore.alterRoleDeleteGroups(Matchers.anyString(), Matchers.anyString(), Matchers.anySetOf(String.class), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 3)); - - Mockito.when(mockStore.dropPrivilege(Matchers.anyString(), Matchers.any(PrivilegeObject.class), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 4)); - - Mockito.when(mockStore.renamePrivilege(Matchers.anyString(), Matchers.anyString(), Matchers.anyListOf(Authorizable.class), - Matchers.anyListOf(Authorizable.class), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 5)); testOperation(ADMIN_USER, Status.OK); } @Test public void testGrantAndRevokePrivilege() throws Exception { - Mockito.when(mockStore.alterRoleGrantPrivilege(Matchers.anyString(), Matchers.anyString(), Matchers.any(PrivilegeObject.class), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 6)); - - Mockito.when(mockStore.alterRoleRevokePrivilege(Matchers.anyString(), Matchers.anyString(), Matchers.any(PrivilegeObject.class), Matchers.anyString())) - .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 7)); setup(); TSentryPrivilege tprivilege = new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test"); http://git-wip-us.apache.org/repos/asf/sentry/blob/441a4f64/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java index 6a2f48f..54215ff 100644 --- a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java +++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java @@ -18,10 +18,7 @@ package org.apache.sentry.provider.db.service.thrift; -import java.util.UUID; - import org.apache.hadoop.conf.Configuration; -import org.apache.sentry.provider.db.service.persistent.CommitContext; import org.junit.Before; import org.junit.Test; import org.mockito.Mockito; @@ -31,14 +28,12 @@ import com.google.common.collect.Lists; public class TestNotificationHandlerInvoker { private Configuration conf; - private CommitContext commitContext; private NotificationHandler handler; private NotificationHandlerInvoker invoker; @Before public void setup() throws Exception { conf = new Configuration(false); - commitContext = new CommitContext(UUID.randomUUID(), 1L); handler = Mockito.spy(new NotificationHandler(conf) {}); invoker = new NotificationHandlerInvoker(conf, Lists.newArrayList(new ThrowingNotificationHandler(conf), handler)); @@ -48,18 +43,16 @@ public class TestNotificationHandlerInvoker { public void testCreateSentryRole() throws Exception { TCreateSentryRoleRequest request = new TCreateSentryRoleRequest(); TCreateSentryRoleResponse response = new TCreateSentryRoleResponse(); - invoker.create_sentry_role(commitContext, request, response); - Mockito.verify(handler).create_sentry_role(commitContext, - request, response); + invoker.create_sentry_role(request, response); + Mockito.verify(handler).create_sentry_role(request, response); } @Test public void testDropSentryRole() throws Exception { TDropSentryRoleRequest request = new TDropSentryRoleRequest(); TDropSentryRoleResponse response = new TDropSentryRoleResponse(); - invoker.drop_sentry_role(commitContext, request, response); - Mockito.verify(handler).drop_sentry_role(commitContext, - request, response); + invoker.drop_sentry_role(request, response); + Mockito.verify(handler).drop_sentry_role(request, response); } @@ -68,18 +61,16 @@ public class TestNotificationHandlerInvoker { public void testAlterSentryRoleAddGroups() throws Exception { TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest(); TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse(); - invoker.alter_sentry_role_add_groups(commitContext, request, response); - Mockito.verify(handler).alter_sentry_role_add_groups(commitContext, - request, response); + invoker.alter_sentry_role_add_groups(request, response); + Mockito.verify(handler).alter_sentry_role_add_groups(request, response); } @Test public void testAlterSentryRoleDeleteGroups() throws Exception { TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest(); TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse(); - invoker.alter_sentry_role_delete_groups(commitContext, request, response); - Mockito.verify(handler).alter_sentry_role_delete_groups(commitContext, - request, response); + invoker.alter_sentry_role_delete_groups(request, response); + Mockito.verify(handler).alter_sentry_role_delete_groups(request, response); } public static class ThrowingNotificationHandler extends NotificationHandler { @@ -87,24 +78,23 @@ public class TestNotificationHandlerInvoker { super(config); } @Override - public void create_sentry_role(CommitContext args, - TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) { + public void create_sentry_role(TCreateSentryRoleRequest request, + TCreateSentryRoleResponse response) { throw new RuntimeException(); } - public void drop_sentry_role(CommitContext context, - TDropSentryRoleRequest request, + public void drop_sentry_role(TDropSentryRoleRequest request, TDropSentryRoleResponse response) { throw new RuntimeException(); } @Override - public void alter_sentry_role_add_groups(CommitContext args, - TAlterSentryRoleAddGroupsRequest request, - TAlterSentryRoleAddGroupsResponse response) { + public void alter_sentry_role_add_groups( + TAlterSentryRoleAddGroupsRequest request, + TAlterSentryRoleAddGroupsResponse response) { throw new RuntimeException(); } @Override public void alter_sentry_role_delete_groups( - CommitContext args, TAlterSentryRoleDeleteGroupsRequest request, + TAlterSentryRoleDeleteGroupsRequest request, TAlterSentryRoleDeleteGroupsResponse response) { throw new RuntimeException(); }
