Repository: sentry Updated Branches: refs/heads/master c2013f236 -> 5f850cc8a
SENTRY-1548: Setting GrantOption to UNSET upsets Sentry (Kalyan Kumar Kalvagadda, Reviewed by: Alex Kolbasov) Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/5f850cc8 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/5f850cc8 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/5f850cc8 Branch: refs/heads/master Commit: 5f850cc8ac4800995bb31ed2fc61d8341d8efcdc Parents: c2013f2 Author: Alexander Kolbasov <[email protected]> Authored: Mon Mar 6 12:03:51 2017 -0800 Committer: Alexander Kolbasov <[email protected]> Committed: Mon Mar 6 12:03:51 2017 -0800 ---------------------------------------------------------------------- .../thrift/SentryPolicyStoreProcessor.java | 15 ++-- .../GrantPrivilegeRequestValidator.java | 91 ++++++++++++++++++++ .../RevokePrivilegeRequestValidator.java | 46 ++++++++++ 3 files changed, 145 insertions(+), 7 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/5f850cc8/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java index b10c2f2..2ebdf81 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java @@ -49,6 +49,8 @@ import org.apache.sentry.provider.db.service.persistent.HAContext; import org.apache.sentry.provider.db.service.persistent.SentryStore; import org.apache.sentry.provider.db.service.persistent.ServiceRegister; import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig; +import org.apache.sentry.provider.db.service.thrift.validator.GrantPrivilegeRequestValidator; +import org.apache.sentry.provider.db.service.thrift.validator.RevokePrivilegeRequestValidator; import org.apache.sentry.service.thrift.SentryServiceUtil; import org.apache.sentry.service.thrift.ServiceConstants; import org.apache.sentry.service.thrift.ServiceConstants.ConfUtilties; @@ -253,7 +255,6 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege (TAlterSentryRoleGrantPrivilegeRequest request) throws TException { final Timer.Context timerContext = sentryMetrics.grantTimer.time(); - TAlterSentryRoleGrantPrivilegeResponse response = new TAlterSentryRoleGrantPrivilegeResponse(); try { validateClientVersion(request.getProtocol_version()); @@ -265,6 +266,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { if (request.isSetPrivilege()) { request.setPrivileges(Sets.newHashSet(request.getPrivilege())); } + GrantPrivilegeRequestValidator.validate(request); sentryStore.alterSentryRoleGrantPrivileges(request.getRequestorUserName(), request.getRoleName(), request.getPrivileges()); response.setStatus(Status.OK()); @@ -283,9 +285,8 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { LOGGER.error(msg, e); response.setStatus(Status.NoSuchObject(msg, e)); } catch (SentryInvalidInputException e) { - String msg = "Invalid input privilege object"; - LOGGER.error(msg, e); - response.setStatus(Status.InvalidInput(msg, e)); + LOGGER.error(e.getMessage(), e); + response.setStatus(Status.InvalidInput(e.getMessage(), e)); } catch (SentryAccessDeniedException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.AccessDenied(e.getMessage(), e)); @@ -329,6 +330,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { if (request.isSetPrivilege()) { request.setPrivileges(Sets.newHashSet(request.getPrivilege())); } + RevokePrivilegeRequestValidator.validate(request); sentryStore.alterSentryRoleRevokePrivileges(request.getRequestorUserName(), request.getRoleName(), request.getPrivileges()); response.setStatus(Status.OK()); @@ -358,9 +360,8 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { LOGGER.error(msg.toString(), e); response.setStatus(Status.NoSuchObject(msg.toString(), e)); } catch (SentryInvalidInputException e) { - String msg = "Invalid input privilege object"; - LOGGER.error(msg, e); - response.setStatus(Status.InvalidInput(msg, e)); + LOGGER.error(e.getMessage(), e); + response.setStatus(Status.InvalidInput(e.getMessage(), e)); } catch (SentryAccessDeniedException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.AccessDenied(e.getMessage(), e)); http://git-wip-us.apache.org/repos/asf/sentry/blob/5f850cc8/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/GrantPrivilegeRequestValidator.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/GrantPrivilegeRequestValidator.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/GrantPrivilegeRequestValidator.java new file mode 100644 index 0000000..f714d5d --- /dev/null +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/GrantPrivilegeRequestValidator.java @@ -0,0 +1,91 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.sentry.provider.db.service.thrift.validator; + +import java.util.Set; + +import org.apache.sentry.core.common.exception.SentryInvalidInputException; +import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest; +import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption; +import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege; + +/** + * Check's for mandatory fields in the privileges and + * checks to see if the UNSET option is present. + */ +public final class GrantPrivilegeRequestValidator { + private GrantPrivilegeRequestValidator() { + } + + /** + * Validates privileges in input request by making sure mandatory fields like + * server name and action in the privileges are not empty and see all the values in the + * request are valid. + * + * @param request to be validated. + * @throws SentryInvalidInputException If all the mandatory fields in the privileges are + * not present [OR] invalid fields a provided in request. + */ + public static void validate(TAlterSentryRoleGrantPrivilegeRequest request) + throws SentryInvalidInputException { + if (request.isSetPrivileges() && (!request.getPrivileges().isEmpty())) { + checkForMandatoryFieldsInPrivileges(request.getPrivileges()); + validateGrantOptionInprivileges(request.getPrivileges()); + } + } + + /** + * Checks for mandatory fields "serverName" and "action" in all the privileges + * in the set are not empty. + * + * @param privileges Set of <code>TSentryPrivileges</code> to be inspected + * @throws SentryInvalidInputException If all the mandatory fields in the privileges are + * not present + */ + static void checkForMandatoryFieldsInPrivileges(Set<TSentryPrivilege> privileges) + throws SentryInvalidInputException { + for (TSentryPrivilege privilege : privileges) { + if (privilege.getServerName() == null || + privilege.getServerName().trim().isEmpty()) { + throw new SentryInvalidInputException("Invalid Privilege input: Server Name is missing"); + } + if (privilege.getAction() == null || + privilege.getAction().trim().isEmpty()) { + throw new SentryInvalidInputException("Invalid Privilege input: Action is missing"); + } + } + } + + /** + * Validates grant option in all the privileges. + * + * @param privileges Set of privileges to be validated + * @throws SentryInvalidInputException If the validation for grant option fails for any + * of the privileges. + */ + private static void validateGrantOptionInprivileges(Set<TSentryPrivilege> privileges) + throws SentryInvalidInputException { + for (TSentryPrivilege privilege : privileges) { + if (privilege.getGrantOption() == TSentryGrantOption.UNSET) { + throw new SentryInvalidInputException("Invalid Privilege input," + + " UNSET option for GRANT <PRIVILEGE> is not valid"); + } + } + } +} http://git-wip-us.apache.org/repos/asf/sentry/blob/5f850cc8/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/RevokePrivilegeRequestValidator.java ---------------------------------------------------------------------- diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/RevokePrivilegeRequestValidator.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/RevokePrivilegeRequestValidator.java new file mode 100644 index 0000000..da4f0e9 --- /dev/null +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/thrift/validator/RevokePrivilegeRequestValidator.java @@ -0,0 +1,46 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * <p> + * http://www.apache.org/licenses/LICENSE-2.0 + * <p> + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.sentry.provider.db.service.thrift.validator; + +import org.apache.sentry.core.common.exception.SentryInvalidInputException; +import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest; + +/** + * Check's for mandatory fields in the privileges + */ +public final class RevokePrivilegeRequestValidator { + private RevokePrivilegeRequestValidator() { + } + + /** + * Validates privileges in input request by making sure mandatory fields like + * server name and action in the privileges are not empty and see all the values in the + * request are valid. + * + * @param request to be validated. + * @throws SentryInvalidInputException If all the mandatory fields in the privileges are + * not present [OR] invalid fields a provided in request. + */ + public static void validate(TAlterSentryRoleRevokePrivilegeRequest request) + throws SentryInvalidInputException { + if (request.isSetPrivileges() && (!request.getPrivileges().isEmpty())) { + GrantPrivilegeRequestValidator.checkForMandatoryFieldsInPrivileges(request.getPrivileges()); + } + } +}
