Repository: sentry Updated Branches: refs/heads/sentry-ha-redesign 5d09e7e25 -> 445eeae67
SENTRY-1744: Simplify creation of DelegateSentryStore (Alex Kolbasov, reviewed by Vamsee Yarlagadda and Na Li) Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/445eeae6 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/445eeae6 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/445eeae6 Branch: refs/heads/sentry-ha-redesign Commit: 445eeae674928db87d1e08faf896e1c6524ce259 Parents: 5d09e7e Author: Alexander Kolbasov <[email protected]> Authored: Fri Jun 2 16:47:56 2017 -0700 Committer: Alexander Kolbasov <[email protected]> Committed: Fri Jun 2 16:47:56 2017 -0700 ---------------------------------------------------------------------- .../core/common/utils/PolicyStoreConstants.java | 3 -- .../service/persistent/DelegateSentryStore.java | 2 +- .../thrift/SentryGenericPolicyProcessor.java | 47 +++++++------------- .../TestSentryGenericPolicyProcessor.java | 7 --- 4 files changed, 17 insertions(+), 42 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/445eeae6/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyStoreConstants.java ---------------------------------------------------------------------- diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyStoreConstants.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyStoreConstants.java index 97604de..e031dea 100644 --- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyStoreConstants.java +++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyStoreConstants.java @@ -19,9 +19,6 @@ package org.apache.sentry.core.common.utils; public final class PolicyStoreConstants { public static final String SENTRY_GENERIC_POLICY_NOTIFICATION = "sentry.generic.policy.notification"; - public static final String SENTRY_GENERIC_POLICY_STORE = "sentry.generic.policy.store"; - public static final String SENTRY_GENERIC_POLICY_STORE_DEFAULT = - "org.apache.sentry.provider.db.generic.service.persistent.DelegateSentryStore"; public static class PolicyStoreServerConfig { public static final String NOTIFICATION_HANDLERS = "sentry.policy.store.notification.handlers"; } http://git-wip-us.apache.org/repos/asf/sentry/blob/445eeae6/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java index ff46298..4cb46ab 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java @@ -61,7 +61,7 @@ public class DelegateSentryStore implements SentryStoreLayer { private Set<String> adminGroups; private PrivilegeOperatePersistence privilegeOperator; - DelegateSentryStore(Configuration conf) throws Exception { + public DelegateSentryStore(Configuration conf) throws Exception { this.privilegeOperator = new PrivilegeOperatePersistence(conf); this.conf = conf; //delegated old sentryStore http://git-wip-us.apache.org/repos/asf/sentry/blob/445eeae6/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java index 0c51cc6..18be0fa 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java @@ -21,6 +21,7 @@ import static org.apache.sentry.core.common.utils.SentryConstants.AUTHORIZABLE_J import static org.apache.sentry.core.common.utils.SentryConstants.KV_JOINER; import java.lang.reflect.Constructor; +import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Map; @@ -39,6 +40,8 @@ import org.apache.sentry.core.common.exception.SentryAlreadyExistsException; import org.apache.sentry.core.common.exception.SentryInvalidInputException; import org.apache.sentry.core.common.exception.SentryNoSuchObjectException; import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException; +import org.apache.sentry.core.model.search.Collection; +import org.apache.sentry.provider.db.generic.service.persistent.DelegateSentryStore; import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject; import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder; import org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer; @@ -77,8 +80,8 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. public static final String SENTRY_GENERIC_SERVICE_NAME = "SentryGenericPolicyService"; private static final String ACCESS_DENIAL_MESSAGE = "Access denied to "; - public SentryGenericPolicyProcessor(Configuration conf) throws Exception { - this.store = createStore(conf); + SentryGenericPolicyProcessor(Configuration conf) throws Exception { + this.store = new DelegateSentryStore(conf); this.handerInvoker = new NotificationHandlerInvoker(createHandlers(conf)); this.conf = conf; adminGroups = ImmutableSet.copyOf((Sets.newHashSet(conf.getStrings( @@ -86,7 +89,7 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. } @VisibleForTesting - public SentryGenericPolicyProcessor(Configuration conf, SentryStoreLayer store) throws Exception { + SentryGenericPolicyProcessor(Configuration conf, SentryStoreLayer store) throws Exception { this.store = store; this.handerInvoker = new NotificationHandlerInvoker(createHandlers(conf)); this.conf = conf; @@ -105,10 +108,10 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. } private Set<String> toTrimmedLower(Set<String> s) { - if (null == s) { - return new HashSet<String>(); + if (s == null) { + return Collections.emptySet(); } - Set<String> result = Sets.newHashSet(); + Set<String> result = new HashSet<>(s.size()); for (String v : s) { result.add(v.trim().toLowerCase()); } @@ -116,10 +119,10 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. } private Set<String> toTrimmed(Set<String> s) { - if (null == s) { - return new HashSet<String>(); + if (s == null) { + return Collections.emptySet(); } - Set<String> result = Sets.newHashSet(); + Set<String> result = new HashSet<>(s.size()); for (String v : s) { result.add(v.trim()); } @@ -133,33 +136,15 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. return s.trim().toLowerCase(); } - public static Set<String> getRequestorGroups(Configuration conf, String userName) throws SentryUserException { + private static Set<String> getRequestorGroups(Configuration conf, String userName) throws SentryUserException { return SentryPolicyStoreProcessor.getGroupsFromUserName(conf, userName); } private boolean inAdminGroups(Set<String> requestorGroups) { - if (Sets.intersection(adminGroups, requestorGroups).isEmpty()) { - return false; - } - return true; - } - - public static SentryStoreLayer createStore(Configuration conf) throws SentrySiteConfigurationException { - SentryStoreLayer storeLayer = null; - String store = conf.get(PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE, PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE_DEFAULT); - - if (Strings.isNullOrEmpty(store)) { - throw new SentrySiteConfigurationException("sentry.generic.policy.store can not be empty"); - } - try { - storeLayer = createInstance(store, conf, SentryStoreLayer.class); - } catch (Exception e) { - throw new SentrySiteConfigurationException("Create sentryStore error: " + e.getMessage(), e); - } - return storeLayer; + return !Sets.intersection(adminGroups, requestorGroups).isEmpty(); } - public static List<NotificationHandler> createHandlers(Configuration conf) throws SentrySiteConfigurationException { + static List<NotificationHandler> createHandlers(Configuration conf) throws SentrySiteConfigurationException { List<NotificationHandler> handlers = Lists.newArrayList(); Iterable<String> notificationHandlers = Splitter.onPattern("[\\s,]").trimResults() @@ -175,7 +160,7 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService. } @SuppressWarnings("unchecked") - public static <T> T createInstance(String className, Configuration conf, Class<T> iface) throws Exception { + private static <T> T createInstance(String className, Configuration conf, Class<T> iface) throws Exception { T result; try { Class<?> clazz = Class.forName(className); http://git-wip-us.apache.org/repos/asf/sentry/blob/445eeae6/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java index ac93e25..b7f0774 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java @@ -304,13 +304,6 @@ public class TestSentryGenericPolicyProcessor extends org.junit.Assert { SentryGenericPolicyProcessor.createHandlers(conf); } - @Test(expected=SentrySiteConfigurationException.class) - public void testConfigCannotCreateSentryStore() throws Exception { - Configuration conf = new Configuration(); - conf.set(PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE,"junk"); - SentryGenericPolicyProcessor.createStore(conf); - } - public static class MockGroupMapping implements GroupMappingService { public MockGroupMapping(Configuration conf, String resource) { //NOPMD }
