SENTRY-1973 - Use KafkaPrivilegeModel to retrieve Kafka validators
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/06073221 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/06073221 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/06073221 Branch: refs/heads/akolb-cli Commit: 06073221d466b1079457ff6b697a648237b35c23 Parents: d7a6667 Author: Colm O hEigeartaigh <[email protected]> Authored: Thu Oct 5 09:53:01 2017 +0100 Committer: Colm O hEigeartaigh <[email protected]> Committed: Thu Oct 5 09:53:01 2017 +0100 ---------------------------------------------------------------------- .../tools/KafkaTSentryPrivilegeConverter.java | 16 +++++++++++++--- .../tools/SolrTSentryPrivilegeConverter.java | 2 +- .../db/generic/tools/TestSentryShellKafka.java | 7 +++---- 3 files changed, 17 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java index 688bc9e..c1aac6a 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java @@ -21,15 +21,17 @@ package org.apache.sentry.provider.db.generic.tools; import com.google.common.collect.Lists; import org.apache.sentry.core.common.utils.KeyValue; import org.apache.sentry.core.common.utils.SentryConstants; +import org.apache.sentry.core.common.validator.PrivilegeValidator; import org.apache.sentry.core.common.validator.PrivilegeValidatorContext; import org.apache.sentry.core.model.kafka.KafkaAuthorizable; import org.apache.sentry.core.model.kafka.KafkaModelAuthorizables; -import org.apache.sentry.core.model.kafka.validator.KafkaPrivilegeValidator; +import org.apache.sentry.core.model.kafka.KafkaPrivilegeModel; import org.apache.sentry.core.common.utils.PolicyFileConstants; import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable; import org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption; import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege; import org.apache.sentry.provider.db.generic.tools.command.TSentryPrivilegeConverter; +import org.apache.shiro.config.ConfigurationException; import java.util.Iterator; import java.util.LinkedList; @@ -112,7 +114,15 @@ public class KafkaTSentryPrivilegeConverter implements TSentryPrivilegeConverte return SentryConstants.AUTHORIZABLE_JOINER.join(privileges); } - private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception { - new KafkaPrivilegeValidator().validate(new PrivilegeValidatorContext(privilegeStr)); + private static void validatePrivilegeHierarchy(String privilegeStr) { + List<PrivilegeValidator> validators = KafkaPrivilegeModel.getInstance().getPrivilegeValidators(); + PrivilegeValidatorContext context = new PrivilegeValidatorContext(null, privilegeStr); + for (PrivilegeValidator validator : validators) { + try { + validator.validate(context); + } catch (ConfigurationException e) { + throw new IllegalArgumentException(e); + } + } } } http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java index 92c6c59..f24ebed 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java @@ -123,7 +123,7 @@ public class SolrTSentryPrivilegeConverter implements TSentryPrivilegeConverter return SentryConstants.AUTHORIZABLE_JOINER.join(privileges); } - private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception { + private static void validatePrivilegeHierarchy(String privilegeStr) { List<PrivilegeValidator> validators = SearchPrivilegeModel.getInstance().getPrivilegeValidators(); PrivilegeValidatorContext context = new PrivilegeValidatorContext(null, privilegeStr); for (PrivilegeValidator validator : validators) { http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java index 183e83d..f3febc3 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java @@ -27,7 +27,6 @@ import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericService import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege; import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole; import org.apache.sentry.provider.db.tools.SentryShellCommon; -import org.apache.shiro.config.ConfigurationException; import org.junit.After; import org.junit.Before; import org.junit.Test; @@ -367,7 +366,7 @@ public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase { try { sentryShell.executeShell(args); fail("Exception should be thrown for the error privilege format, invalid key value."); - } catch (ConfigurationException e) { + } catch (IllegalArgumentException e) { // expected exception } catch (Exception e) { fail ("Unexpected exception received. " + e); @@ -446,8 +445,8 @@ public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase { try { getShellResultWithOSRedirect(sentryShell, args, false); fail("Expected IllegalArgumentException"); - } catch (ConfigurationException e) { - assert(("Kafka privilege must end with a valid action.\n" + KafkaPrivilegeValidator.KafkaPrivilegeHelpMsg).equals(e.getMessage())); + } catch (IllegalArgumentException e) { + assert(("Kafka privilege must end with a valid action.\n" + KafkaPrivilegeValidator.KafkaPrivilegeHelpMsg).equals(e.getCause().getMessage())); } catch (Exception e) { fail ("Unexpected exception received. " + e); }
