http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java new file mode 100644 index 0000000..f43a6d5 --- /dev/null +++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java @@ -0,0 +1,641 @@ +/** + * Autogenerated by Thrift Compiler (0.9.0) + * + * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING + * @generated + */ +package org.apache.sentry.provider.db.service.thrift; + +import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.thrift.scheme.IScheme; +import org.apache.thrift.scheme.SchemeFactory; +import org.apache.thrift.scheme.StandardScheme; + +import org.apache.thrift.scheme.TupleScheme; +import org.apache.thrift.protocol.TTupleProtocol; +import org.apache.thrift.protocol.TProtocolException; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.TException; +import java.util.List; +import java.util.ArrayList; +import java.util.Map; +import java.util.HashMap; +import java.util.EnumMap; +import java.util.Set; +import java.util.HashSet; +import java.util.EnumSet; +import java.util.Collections; +import java.util.BitSet; +import java.nio.ByteBuffer; +import java.util.Arrays; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentryRole._Fields>, java.io.Serializable, Cloneable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryRole"); + + private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)1); + private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)2); + private static final org.apache.thrift.protocol.TField GRANTOR_PRINCIPAL_FIELD_DESC = new org.apache.thrift.protocol.TField("grantorPrincipal", org.apache.thrift.protocol.TType.STRING, (short)3); + + private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>(); + static { + schemes.put(StandardScheme.class, new TSentryRoleStandardSchemeFactory()); + schemes.put(TupleScheme.class, new TSentryRoleTupleSchemeFactory()); + } + + private String roleName; // required + private Set<TSentryGroup> groups; // required + private String grantorPrincipal; // required + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + public enum _Fields implements org.apache.thrift.TFieldIdEnum { + ROLE_NAME((short)1, "roleName"), + GROUPS((short)2, "groups"), + GRANTOR_PRINCIPAL((short)3, "grantorPrincipal"); + + private static final Map<String, _Fields> byName = new HashMap<String, _Fields>(); + + static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { + byName.put(field.getFieldName(), field); + } + } + + /** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ + public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { + case 1: // ROLE_NAME + return ROLE_NAME; + case 2: // GROUPS + return GROUPS; + case 3: // GRANTOR_PRINCIPAL + return GRANTOR_PRINCIPAL; + default: + return null; + } + } + + /** + * Find the _Fields constant that matches fieldId, throwing an exception + * if it is not found. + */ + public static _Fields findByThriftIdOrThrow(int fieldId) { + _Fields fields = findByThriftId(fieldId); + if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!"); + return fields; + } + + /** + * Find the _Fields constant that matches name, or null if its not found. + */ + public static _Fields findByName(String name) { + return byName.get(name); + } + + private final short _thriftId; + private final String _fieldName; + + _Fields(short thriftId, String fieldName) { + _thriftId = thriftId; + _fieldName = fieldName; + } + + public short getThriftFieldId() { + return _thriftId; + } + + public String getFieldName() { + return _fieldName; + } + } + + // isset id assignments + public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; + static { + Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); + tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryGroup.class)))); + tmpMap.put(_Fields.GRANTOR_PRINCIPAL, new org.apache.thrift.meta_data.FieldMetaData("grantorPrincipal", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + metaDataMap = Collections.unmodifiableMap(tmpMap); + org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryRole.class, metaDataMap); + } + + public TSentryRole() { + } + + public TSentryRole( + String roleName, + Set<TSentryGroup> groups, + String grantorPrincipal) + { + this(); + this.roleName = roleName; + this.groups = groups; + this.grantorPrincipal = grantorPrincipal; + } + + /** + * Performs a deep copy on <i>other</i>. + */ + public TSentryRole(TSentryRole other) { + if (other.isSetRoleName()) { + this.roleName = other.roleName; + } + if (other.isSetGroups()) { + Set<TSentryGroup> __this__groups = new HashSet<TSentryGroup>(); + for (TSentryGroup other_element : other.groups) { + __this__groups.add(new TSentryGroup(other_element)); + } + this.groups = __this__groups; + } + if (other.isSetGrantorPrincipal()) { + this.grantorPrincipal = other.grantorPrincipal; + } + } + + public TSentryRole deepCopy() { + return new TSentryRole(this); + } + + @Override + public void clear() { + this.roleName = null; + this.groups = null; + this.grantorPrincipal = null; + } + + public String getRoleName() { + return this.roleName; + } + + public void setRoleName(String roleName) { + this.roleName = roleName; + } + + public void unsetRoleName() { + this.roleName = null; + } + + /** Returns true if field roleName is set (has been assigned a value) and false otherwise */ + public boolean isSetRoleName() { + return this.roleName != null; + } + + public void setRoleNameIsSet(boolean value) { + if (!value) { + this.roleName = null; + } + } + + public int getGroupsSize() { + return (this.groups == null) ? 0 : this.groups.size(); + } + + public java.util.Iterator<TSentryGroup> getGroupsIterator() { + return (this.groups == null) ? null : this.groups.iterator(); + } + + public void addToGroups(TSentryGroup elem) { + if (this.groups == null) { + this.groups = new HashSet<TSentryGroup>(); + } + this.groups.add(elem); + } + + public Set<TSentryGroup> getGroups() { + return this.groups; + } + + public void setGroups(Set<TSentryGroup> groups) { + this.groups = groups; + } + + public void unsetGroups() { + this.groups = null; + } + + /** Returns true if field groups is set (has been assigned a value) and false otherwise */ + public boolean isSetGroups() { + return this.groups != null; + } + + public void setGroupsIsSet(boolean value) { + if (!value) { + this.groups = null; + } + } + + public String getGrantorPrincipal() { + return this.grantorPrincipal; + } + + public void setGrantorPrincipal(String grantorPrincipal) { + this.grantorPrincipal = grantorPrincipal; + } + + public void unsetGrantorPrincipal() { + this.grantorPrincipal = null; + } + + /** Returns true if field grantorPrincipal is set (has been assigned a value) and false otherwise */ + public boolean isSetGrantorPrincipal() { + return this.grantorPrincipal != null; + } + + public void setGrantorPrincipalIsSet(boolean value) { + if (!value) { + this.grantorPrincipal = null; + } + } + + public void setFieldValue(_Fields field, Object value) { + switch (field) { + case ROLE_NAME: + if (value == null) { + unsetRoleName(); + } else { + setRoleName((String)value); + } + break; + + case GROUPS: + if (value == null) { + unsetGroups(); + } else { + setGroups((Set<TSentryGroup>)value); + } + break; + + case GRANTOR_PRINCIPAL: + if (value == null) { + unsetGrantorPrincipal(); + } else { + setGrantorPrincipal((String)value); + } + break; + + } + } + + public Object getFieldValue(_Fields field) { + switch (field) { + case ROLE_NAME: + return getRoleName(); + + case GROUPS: + return getGroups(); + + case GRANTOR_PRINCIPAL: + return getGrantorPrincipal(); + + } + throw new IllegalStateException(); + } + + /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ + public boolean isSet(_Fields field) { + if (field == null) { + throw new IllegalArgumentException(); + } + + switch (field) { + case ROLE_NAME: + return isSetRoleName(); + case GROUPS: + return isSetGroups(); + case GRANTOR_PRINCIPAL: + return isSetGrantorPrincipal(); + } + throw new IllegalStateException(); + } + + @Override + public boolean equals(Object that) { + if (that == null) + return false; + if (that instanceof TSentryRole) + return this.equals((TSentryRole)that); + return false; + } + + public boolean equals(TSentryRole that) { + if (that == null) + return false; + + boolean this_present_roleName = true && this.isSetRoleName(); + boolean that_present_roleName = true && that.isSetRoleName(); + if (this_present_roleName || that_present_roleName) { + if (!(this_present_roleName && that_present_roleName)) + return false; + if (!this.roleName.equals(that.roleName)) + return false; + } + + boolean this_present_groups = true && this.isSetGroups(); + boolean that_present_groups = true && that.isSetGroups(); + if (this_present_groups || that_present_groups) { + if (!(this_present_groups && that_present_groups)) + return false; + if (!this.groups.equals(that.groups)) + return false; + } + + boolean this_present_grantorPrincipal = true && this.isSetGrantorPrincipal(); + boolean that_present_grantorPrincipal = true && that.isSetGrantorPrincipal(); + if (this_present_grantorPrincipal || that_present_grantorPrincipal) { + if (!(this_present_grantorPrincipal && that_present_grantorPrincipal)) + return false; + if (!this.grantorPrincipal.equals(that.grantorPrincipal)) + return false; + } + + return true; + } + + @Override + public int hashCode() { + HashCodeBuilder builder = new HashCodeBuilder(); + + boolean present_roleName = true && (isSetRoleName()); + builder.append(present_roleName); + if (present_roleName) + builder.append(roleName); + + boolean present_groups = true && (isSetGroups()); + builder.append(present_groups); + if (present_groups) + builder.append(groups); + + boolean present_grantorPrincipal = true && (isSetGrantorPrincipal()); + builder.append(present_grantorPrincipal); + if (present_grantorPrincipal) + builder.append(grantorPrincipal); + + return builder.toHashCode(); + } + + public int compareTo(TSentryRole other) { + if (!getClass().equals(other.getClass())) { + return getClass().getName().compareTo(other.getClass().getName()); + } + + int lastComparison = 0; + TSentryRole typedOther = (TSentryRole)other; + + lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetRoleName()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetGroups()).compareTo(typedOther.isSetGroups()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetGroups()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, typedOther.groups); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetGrantorPrincipal()).compareTo(typedOther.isSetGrantorPrincipal()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetGrantorPrincipal()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantorPrincipal, typedOther.grantorPrincipal); + if (lastComparison != 0) { + return lastComparison; + } + } + return 0; + } + + public _Fields fieldForId(int fieldId) { + return _Fields.findByThriftId(fieldId); + } + + public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException { + schemes.get(iprot.getScheme()).getScheme().read(iprot, this); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { + schemes.get(oprot.getScheme()).getScheme().write(oprot, this); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("TSentryRole("); + boolean first = true; + + sb.append("roleName:"); + if (this.roleName == null) { + sb.append("null"); + } else { + sb.append(this.roleName); + } + first = false; + if (!first) sb.append(", "); + sb.append("groups:"); + if (this.groups == null) { + sb.append("null"); + } else { + sb.append(this.groups); + } + first = false; + if (!first) sb.append(", "); + sb.append("grantorPrincipal:"); + if (this.grantorPrincipal == null) { + sb.append("null"); + } else { + sb.append(this.grantorPrincipal); + } + first = false; + sb.append(")"); + return sb.toString(); + } + + public void validate() throws org.apache.thrift.TException { + // check for required fields + if (!isSetRoleName()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString()); + } + + if (!isSetGroups()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString()); + } + + if (!isSetGrantorPrincipal()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'grantorPrincipal' is unset! Struct:" + toString()); + } + + // check for sub-struct validity + } + + private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { + try { + write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException { + try { + read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private static class TSentryRoleStandardSchemeFactory implements SchemeFactory { + public TSentryRoleStandardScheme getScheme() { + return new TSentryRoleStandardScheme(); + } + } + + private static class TSentryRoleStandardScheme extends StandardScheme<TSentryRole> { + + public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryRole struct) throws org.apache.thrift.TException { + org.apache.thrift.protocol.TField schemeField; + iprot.readStructBegin(); + while (true) + { + schemeField = iprot.readFieldBegin(); + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + break; + } + switch (schemeField.id) { + case 1: // ROLE_NAME + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.roleName = iprot.readString(); + struct.setRoleNameIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 2: // GROUPS + if (schemeField.type == org.apache.thrift.protocol.TType.SET) { + { + org.apache.thrift.protocol.TSet _set16 = iprot.readSetBegin(); + struct.groups = new HashSet<TSentryGroup>(2*_set16.size); + for (int _i17 = 0; _i17 < _set16.size; ++_i17) + { + TSentryGroup _elem18; // required + _elem18 = new TSentryGroup(); + _elem18.read(iprot); + struct.groups.add(_elem18); + } + iprot.readSetEnd(); + } + struct.setGroupsIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 3: // GRANTOR_PRINCIPAL + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.grantorPrincipal = iprot.readString(); + struct.setGrantorPrincipalIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + default: + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + iprot.readFieldEnd(); + } + iprot.readStructEnd(); + struct.validate(); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryRole struct) throws org.apache.thrift.TException { + struct.validate(); + + oprot.writeStructBegin(STRUCT_DESC); + if (struct.roleName != null) { + oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC); + oprot.writeString(struct.roleName); + oprot.writeFieldEnd(); + } + if (struct.groups != null) { + oprot.writeFieldBegin(GROUPS_FIELD_DESC); + { + oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.groups.size())); + for (TSentryGroup _iter19 : struct.groups) + { + _iter19.write(oprot); + } + oprot.writeSetEnd(); + } + oprot.writeFieldEnd(); + } + if (struct.grantorPrincipal != null) { + oprot.writeFieldBegin(GRANTOR_PRINCIPAL_FIELD_DESC); + oprot.writeString(struct.grantorPrincipal); + oprot.writeFieldEnd(); + } + oprot.writeFieldStop(); + oprot.writeStructEnd(); + } + + } + + private static class TSentryRoleTupleSchemeFactory implements SchemeFactory { + public TSentryRoleTupleScheme getScheme() { + return new TSentryRoleTupleScheme(); + } + } + + private static class TSentryRoleTupleScheme extends TupleScheme<TSentryRole> { + + @Override + public void write(org.apache.thrift.protocol.TProtocol prot, TSentryRole struct) throws org.apache.thrift.TException { + TTupleProtocol oprot = (TTupleProtocol) prot; + oprot.writeString(struct.roleName); + { + oprot.writeI32(struct.groups.size()); + for (TSentryGroup _iter20 : struct.groups) + { + _iter20.write(oprot); + } + } + oprot.writeString(struct.grantorPrincipal); + } + + @Override + public void read(org.apache.thrift.protocol.TProtocol prot, TSentryRole struct) throws org.apache.thrift.TException { + TTupleProtocol iprot = (TTupleProtocol) prot; + struct.roleName = iprot.readString(); + struct.setRoleNameIsSet(true); + { + org.apache.thrift.protocol.TSet _set21 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32()); + struct.groups = new HashSet<TSentryGroup>(2*_set21.size); + for (int _i22 = 0; _i22 < _set21.size; ++_i22) + { + TSentryGroup _elem23; // required + _elem23 = new TSentryGroup(); + _elem23.read(iprot); + struct.groups.add(_elem23); + } + } + struct.setGroupsIsSet(true); + struct.grantorPrincipal = iprot.readString(); + struct.setGrantorPrincipalIsSet(true); + } + } + +} +
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java new file mode 100644 index 0000000..81abd90 --- /dev/null +++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java @@ -0,0 +1,594 @@ +/** + * Autogenerated by Thrift Compiler (0.9.0) + * + * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING + * @generated + */ +package org.apache.sentry.service.thrift; + +import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.thrift.scheme.IScheme; +import org.apache.thrift.scheme.SchemeFactory; +import org.apache.thrift.scheme.StandardScheme; + +import org.apache.thrift.scheme.TupleScheme; +import org.apache.thrift.protocol.TTupleProtocol; +import org.apache.thrift.protocol.TProtocolException; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.TException; +import java.util.List; +import java.util.ArrayList; +import java.util.Map; +import java.util.HashMap; +import java.util.EnumMap; +import java.util.Set; +import java.util.HashSet; +import java.util.EnumSet; +import java.util.Collections; +import java.util.BitSet; +import java.nio.ByteBuffer; +import java.util.Arrays; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class TSentryResponseStatus implements org.apache.thrift.TBase<TSentryResponseStatus, TSentryResponseStatus._Fields>, java.io.Serializable, Cloneable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryResponseStatus"); + + private static final org.apache.thrift.protocol.TField VALUE_FIELD_DESC = new org.apache.thrift.protocol.TField("value", org.apache.thrift.protocol.TType.I32, (short)1); + private static final org.apache.thrift.protocol.TField MESSAGE_FIELD_DESC = new org.apache.thrift.protocol.TField("message", org.apache.thrift.protocol.TType.STRING, (short)2); + private static final org.apache.thrift.protocol.TField STACK_FIELD_DESC = new org.apache.thrift.protocol.TField("stack", org.apache.thrift.protocol.TType.STRING, (short)3); + + private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>(); + static { + schemes.put(StandardScheme.class, new TSentryResponseStatusStandardSchemeFactory()); + schemes.put(TupleScheme.class, new TSentryResponseStatusTupleSchemeFactory()); + } + + private int value; // required + private String message; // required + private String stack; // optional + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + public enum _Fields implements org.apache.thrift.TFieldIdEnum { + VALUE((short)1, "value"), + MESSAGE((short)2, "message"), + STACK((short)3, "stack"); + + private static final Map<String, _Fields> byName = new HashMap<String, _Fields>(); + + static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { + byName.put(field.getFieldName(), field); + } + } + + /** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ + public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { + case 1: // VALUE + return VALUE; + case 2: // MESSAGE + return MESSAGE; + case 3: // STACK + return STACK; + default: + return null; + } + } + + /** + * Find the _Fields constant that matches fieldId, throwing an exception + * if it is not found. + */ + public static _Fields findByThriftIdOrThrow(int fieldId) { + _Fields fields = findByThriftId(fieldId); + if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!"); + return fields; + } + + /** + * Find the _Fields constant that matches name, or null if its not found. + */ + public static _Fields findByName(String name) { + return byName.get(name); + } + + private final short _thriftId; + private final String _fieldName; + + _Fields(short thriftId, String fieldName) { + _thriftId = thriftId; + _fieldName = fieldName; + } + + public short getThriftFieldId() { + return _thriftId; + } + + public String getFieldName() { + return _fieldName; + } + } + + // isset id assignments + private static final int __VALUE_ISSET_ID = 0; + private byte __isset_bitfield = 0; + private _Fields optionals[] = {_Fields.STACK}; + public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; + static { + Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); + tmpMap.put(_Fields.VALUE, new org.apache.thrift.meta_data.FieldMetaData("value", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32))); + tmpMap.put(_Fields.MESSAGE, new org.apache.thrift.meta_data.FieldMetaData("message", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.STACK, new org.apache.thrift.meta_data.FieldMetaData("stack", org.apache.thrift.TFieldRequirementType.OPTIONAL, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + metaDataMap = Collections.unmodifiableMap(tmpMap); + org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryResponseStatus.class, metaDataMap); + } + + public TSentryResponseStatus() { + } + + public TSentryResponseStatus( + int value, + String message) + { + this(); + this.value = value; + setValueIsSet(true); + this.message = message; + } + + /** + * Performs a deep copy on <i>other</i>. + */ + public TSentryResponseStatus(TSentryResponseStatus other) { + __isset_bitfield = other.__isset_bitfield; + this.value = other.value; + if (other.isSetMessage()) { + this.message = other.message; + } + if (other.isSetStack()) { + this.stack = other.stack; + } + } + + public TSentryResponseStatus deepCopy() { + return new TSentryResponseStatus(this); + } + + @Override + public void clear() { + setValueIsSet(false); + this.value = 0; + this.message = null; + this.stack = null; + } + + public int getValue() { + return this.value; + } + + public void setValue(int value) { + this.value = value; + setValueIsSet(true); + } + + public void unsetValue() { + __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __VALUE_ISSET_ID); + } + + /** Returns true if field value is set (has been assigned a value) and false otherwise */ + public boolean isSetValue() { + return EncodingUtils.testBit(__isset_bitfield, __VALUE_ISSET_ID); + } + + public void setValueIsSet(boolean value) { + __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __VALUE_ISSET_ID, value); + } + + public String getMessage() { + return this.message; + } + + public void setMessage(String message) { + this.message = message; + } + + public void unsetMessage() { + this.message = null; + } + + /** Returns true if field message is set (has been assigned a value) and false otherwise */ + public boolean isSetMessage() { + return this.message != null; + } + + public void setMessageIsSet(boolean value) { + if (!value) { + this.message = null; + } + } + + public String getStack() { + return this.stack; + } + + public void setStack(String stack) { + this.stack = stack; + } + + public void unsetStack() { + this.stack = null; + } + + /** Returns true if field stack is set (has been assigned a value) and false otherwise */ + public boolean isSetStack() { + return this.stack != null; + } + + public void setStackIsSet(boolean value) { + if (!value) { + this.stack = null; + } + } + + public void setFieldValue(_Fields field, Object value) { + switch (field) { + case VALUE: + if (value == null) { + unsetValue(); + } else { + setValue((Integer)value); + } + break; + + case MESSAGE: + if (value == null) { + unsetMessage(); + } else { + setMessage((String)value); + } + break; + + case STACK: + if (value == null) { + unsetStack(); + } else { + setStack((String)value); + } + break; + + } + } + + public Object getFieldValue(_Fields field) { + switch (field) { + case VALUE: + return Integer.valueOf(getValue()); + + case MESSAGE: + return getMessage(); + + case STACK: + return getStack(); + + } + throw new IllegalStateException(); + } + + /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ + public boolean isSet(_Fields field) { + if (field == null) { + throw new IllegalArgumentException(); + } + + switch (field) { + case VALUE: + return isSetValue(); + case MESSAGE: + return isSetMessage(); + case STACK: + return isSetStack(); + } + throw new IllegalStateException(); + } + + @Override + public boolean equals(Object that) { + if (that == null) + return false; + if (that instanceof TSentryResponseStatus) + return this.equals((TSentryResponseStatus)that); + return false; + } + + public boolean equals(TSentryResponseStatus that) { + if (that == null) + return false; + + boolean this_present_value = true; + boolean that_present_value = true; + if (this_present_value || that_present_value) { + if (!(this_present_value && that_present_value)) + return false; + if (this.value != that.value) + return false; + } + + boolean this_present_message = true && this.isSetMessage(); + boolean that_present_message = true && that.isSetMessage(); + if (this_present_message || that_present_message) { + if (!(this_present_message && that_present_message)) + return false; + if (!this.message.equals(that.message)) + return false; + } + + boolean this_present_stack = true && this.isSetStack(); + boolean that_present_stack = true && that.isSetStack(); + if (this_present_stack || that_present_stack) { + if (!(this_present_stack && that_present_stack)) + return false; + if (!this.stack.equals(that.stack)) + return false; + } + + return true; + } + + @Override + public int hashCode() { + HashCodeBuilder builder = new HashCodeBuilder(); + + boolean present_value = true; + builder.append(present_value); + if (present_value) + builder.append(value); + + boolean present_message = true && (isSetMessage()); + builder.append(present_message); + if (present_message) + builder.append(message); + + boolean present_stack = true && (isSetStack()); + builder.append(present_stack); + if (present_stack) + builder.append(stack); + + return builder.toHashCode(); + } + + public int compareTo(TSentryResponseStatus other) { + if (!getClass().equals(other.getClass())) { + return getClass().getName().compareTo(other.getClass().getName()); + } + + int lastComparison = 0; + TSentryResponseStatus typedOther = (TSentryResponseStatus)other; + + lastComparison = Boolean.valueOf(isSetValue()).compareTo(typedOther.isSetValue()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetValue()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.value, typedOther.value); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetMessage()).compareTo(typedOther.isSetMessage()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetMessage()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.message, typedOther.message); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetStack()).compareTo(typedOther.isSetStack()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetStack()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.stack, typedOther.stack); + if (lastComparison != 0) { + return lastComparison; + } + } + return 0; + } + + public _Fields fieldForId(int fieldId) { + return _Fields.findByThriftId(fieldId); + } + + public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException { + schemes.get(iprot.getScheme()).getScheme().read(iprot, this); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { + schemes.get(oprot.getScheme()).getScheme().write(oprot, this); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("TSentryResponseStatus("); + boolean first = true; + + sb.append("value:"); + sb.append(this.value); + first = false; + if (!first) sb.append(", "); + sb.append("message:"); + if (this.message == null) { + sb.append("null"); + } else { + sb.append(this.message); + } + first = false; + if (isSetStack()) { + if (!first) sb.append(", "); + sb.append("stack:"); + if (this.stack == null) { + sb.append("null"); + } else { + sb.append(this.stack); + } + first = false; + } + sb.append(")"); + return sb.toString(); + } + + public void validate() throws org.apache.thrift.TException { + // check for required fields + if (!isSetValue()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'value' is unset! Struct:" + toString()); + } + + if (!isSetMessage()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'message' is unset! Struct:" + toString()); + } + + // check for sub-struct validity + } + + private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { + try { + write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException { + try { + // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor. + __isset_bitfield = 0; + read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private static class TSentryResponseStatusStandardSchemeFactory implements SchemeFactory { + public TSentryResponseStatusStandardScheme getScheme() { + return new TSentryResponseStatusStandardScheme(); + } + } + + private static class TSentryResponseStatusStandardScheme extends StandardScheme<TSentryResponseStatus> { + + public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryResponseStatus struct) throws org.apache.thrift.TException { + org.apache.thrift.protocol.TField schemeField; + iprot.readStructBegin(); + while (true) + { + schemeField = iprot.readFieldBegin(); + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + break; + } + switch (schemeField.id) { + case 1: // VALUE + if (schemeField.type == org.apache.thrift.protocol.TType.I32) { + struct.value = iprot.readI32(); + struct.setValueIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 2: // MESSAGE + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.message = iprot.readString(); + struct.setMessageIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 3: // STACK + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.stack = iprot.readString(); + struct.setStackIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + default: + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + iprot.readFieldEnd(); + } + iprot.readStructEnd(); + struct.validate(); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryResponseStatus struct) throws org.apache.thrift.TException { + struct.validate(); + + oprot.writeStructBegin(STRUCT_DESC); + oprot.writeFieldBegin(VALUE_FIELD_DESC); + oprot.writeI32(struct.value); + oprot.writeFieldEnd(); + if (struct.message != null) { + oprot.writeFieldBegin(MESSAGE_FIELD_DESC); + oprot.writeString(struct.message); + oprot.writeFieldEnd(); + } + if (struct.stack != null) { + if (struct.isSetStack()) { + oprot.writeFieldBegin(STACK_FIELD_DESC); + oprot.writeString(struct.stack); + oprot.writeFieldEnd(); + } + } + oprot.writeFieldStop(); + oprot.writeStructEnd(); + } + + } + + private static class TSentryResponseStatusTupleSchemeFactory implements SchemeFactory { + public TSentryResponseStatusTupleScheme getScheme() { + return new TSentryResponseStatusTupleScheme(); + } + } + + private static class TSentryResponseStatusTupleScheme extends TupleScheme<TSentryResponseStatus> { + + @Override + public void write(org.apache.thrift.protocol.TProtocol prot, TSentryResponseStatus struct) throws org.apache.thrift.TException { + TTupleProtocol oprot = (TTupleProtocol) prot; + oprot.writeI32(struct.value); + oprot.writeString(struct.message); + BitSet optionals = new BitSet(); + if (struct.isSetStack()) { + optionals.set(0); + } + oprot.writeBitSet(optionals, 1); + if (struct.isSetStack()) { + oprot.writeString(struct.stack); + } + } + + @Override + public void read(org.apache.thrift.protocol.TProtocol prot, TSentryResponseStatus struct) throws org.apache.thrift.TException { + TTupleProtocol iprot = (TTupleProtocol) prot; + struct.value = iprot.readI32(); + struct.setValueIsSet(true); + struct.message = iprot.readString(); + struct.setMessageIsSet(true); + BitSet incoming = iprot.readBitSet(1); + if (incoming.get(0)) { + struct.stack = iprot.readString(); + struct.setStackIsSet(true); + } + } + } + +} + http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java new file mode 100644 index 0000000..4fdeaeb --- /dev/null +++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java @@ -0,0 +1,50 @@ +/** + * Autogenerated by Thrift Compiler (0.9.0) + * + * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING + * @generated + */ +package org.apache.sentry.service.thrift; + +import org.apache.commons.lang.builder.HashCodeBuilder; +import org.apache.thrift.scheme.IScheme; +import org.apache.thrift.scheme.SchemeFactory; +import org.apache.thrift.scheme.StandardScheme; + +import org.apache.thrift.scheme.TupleScheme; +import org.apache.thrift.protocol.TTupleProtocol; +import org.apache.thrift.protocol.TProtocolException; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.TException; +import java.util.List; +import java.util.ArrayList; +import java.util.Map; +import java.util.HashMap; +import java.util.EnumMap; +import java.util.Set; +import java.util.HashSet; +import java.util.EnumSet; +import java.util.Collections; +import java.util.BitSet; +import java.nio.ByteBuffer; +import java.util.Arrays; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +public class sentry_common_serviceConstants { + + public static final int TSENTRY_SERVICE_V1 = 1; + + public static final int TSENTRY_STATUS_OK = 0; + + public static final int TSENTRY_STATUS_ALREADY_EXISTS = 1; + + public static final int TSENTRY_STATUS_NO_SUCH_OBJECT = 2; + + public static final int TSENTRY_STATUS_RUNTIME_ERROR = 3; + + public static final int TSENTRY_STATUS_INVALID_INPUT = 4; + + public static final int TSENTRY_STATUS_ACCESS_DENIED = 5; + +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryMetastoreListenerPlugin.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryMetastoreListenerPlugin.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryMetastoreListenerPlugin.java index 2249940..7c67cd0 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryMetastoreListenerPlugin.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryMetastoreListenerPlugin.java @@ -20,6 +20,10 @@ package org.apache.sentry.provider.db; import java.util.LinkedList; import java.util.List; +/** + * Plugin interface providing hooks to implementing classes, which are invoked + * on path creation/updation and deletion + */ public abstract class SentryMetastoreListenerPlugin { private static List<SentryMetastoreListenerPlugin> registry = new LinkedList<SentryMetastoreListenerPlugin>(); @@ -32,6 +36,9 @@ public abstract class SentryMetastoreListenerPlugin { return registry; } + public abstract void renameAuthzObject(String oldName, String oldPath, + String newName, String newPath); + public abstract void addPath(String authzObj, String path); public abstract void removePath(String authzObj, String path); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java index b3cb487..7f4f2ca 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java @@ -26,6 +26,7 @@ import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroups import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest; import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest; import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest; +import org.apache.sentry.provider.db.service.thrift.TRenamePrivilegesRequest; public interface SentryPolicyStorePlugin { @@ -51,4 +52,6 @@ public interface SentryPolicyStorePlugin { public void onDropSentryRole(TDropSentryRoleRequest tRequest) throws SentryPluginException; + public void onRenameSentryPrivilege(TRenamePrivilegesRequest request) throws SentryPluginException; + } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java index ff549fe..5f34b4c 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java @@ -77,20 +77,28 @@ public class SimpleDBProviderBackend implements ProviderBackend { */ @Override public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) { + return getPrivileges(1, groups, roleSet, authorizableHierarchy); + } + + private ImmutableSet<String> getPrivileges(int retryCount, Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) { if (!initialized) { throw new IllegalStateException("Backend has not been properly initialized"); } try { return ImmutableSet.copyOf(getSentryClient().listPrivilegesForProvider(groups, roleSet, authorizableHierarchy)); - } catch (SentryUserException e) { - String msg = "Unable to obtain privileges from server: " + e.getMessage(); - LOGGER.error(msg, e); - try { - policyServiceClient.close(); - } catch (Exception ex) { - // Ignore - } + } catch (Exception e) { policyServiceClient = null; + if (retryCount > 0) { + return getPrivileges(retryCount - 1, groups, roleSet, authorizableHierarchy); + } else { + String msg = "Unable to obtain privileges from server: " + e.getMessage(); + LOGGER.error(msg, e); + try { + policyServiceClient.close(); + } catch (Exception ex2) { + // Ignore + } + } } return ImmutableSet.of(); } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java index ae8db7d..a28d889 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java @@ -1466,6 +1466,9 @@ public class SentryStore { ServerConfig.ADMIN_GROUPS, new String[]{})); } + /** + * This returns a Mapping of AuthZObj(db/table) -> (Role -> permission) + */ public Map<String, HashMap<String, String>> retrieveFullPrivilegeImage() { Map<String, HashMap<String, String>> retVal = new HashMap<String, HashMap<String,String>>(); boolean rollbackTransaction = true; @@ -1510,6 +1513,9 @@ public class SentryStore { } } + /** + * This returns a Mapping of Role -> [Groups] + */ public Map<String, LinkedList<String>> retrieveFullRoleImage() { Map<String, LinkedList<String>> retVal = new HashMap<String, LinkedList<String>>(); boolean rollbackTransaction = true; http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java index afc92d1..8fd7197 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java @@ -554,8 +554,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { try { authorize(request.getRequestorUserName(), adminGroups); sentryStore.dropPrivilege(request.getAuthorizable()); - response.setStatus(Status.OK()); - // TODO : Sentry - HDFS : Have to handle this + response.setStatus(Status.OK()); } catch (SentryAccessDeniedException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.AccessDenied(e.getMessage(), e)); @@ -576,8 +575,10 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { authorize(request.getRequestorUserName(), adminGroups); sentryStore.renamePrivilege(request.getOldAuthorizable(), request.getNewAuthorizable()); + for (SentryPolicyStorePlugin plugin : sentryPlugins) { + plugin.onRenameSentryPrivilege(request); + } response.setStatus(Status.OK()); - // TODO : Sentry - HDFS : Have to handle this } catch (SentryAccessDeniedException e) { LOGGER.error(e.getMessage(), e); response.setStatus(Status.AccessDenied(e.getMessage(), e)); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java new file mode 100644 index 0000000..b69b9c9 --- /dev/null +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java @@ -0,0 +1,157 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.service.thrift; + +import java.util.HashMap; +import java.util.Map; + +import javax.security.sasl.Sasl; + +import com.google.common.base.Splitter; +import com.google.common.collect.ImmutableMap; + +public class ServiceConstants { + + private static final ImmutableMap<String, String> SASL_PROPERTIES; + + static { + Map<String, String> saslProps = new HashMap<String, String>(); + saslProps.put(Sasl.SERVER_AUTH, "true"); + saslProps.put(Sasl.QOP, "auth-conf"); + SASL_PROPERTIES = ImmutableMap.copyOf(saslProps); + } + + public static class ConfUtilties { + public static final Splitter CLASS_SPLITTER = Splitter.onPattern("[\\s,]") + .trimResults().omitEmptyStrings(); + } + public static class ServiceArgs { + public static final String CONFIG_FILE_SHORT = "c"; + public static final String CONFIG_FILE_LONG = "conffile"; + } + + public static class ServerConfig { + public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES; + /** + * This configuration parameter is only meant to be used for testing purposes. + */ + public static final String SECURITY_MODE = "sentry.service.security.mode"; + public static final String SECURITY_MODE_KERBEROS = "kerberos"; + public static final String SECURITY_MODE_NONE = "none"; + public static final String SECURITY_USE_UGI_TRANSPORT = "sentry.service.security.use.ugi"; + public static final String ADMIN_GROUPS = "sentry.service.admin.group"; + public static final String PRINCIPAL = "sentry.service.server.principal"; + public static final String KEY_TAB = "sentry.service.server.keytab"; + public static final String RPC_PORT = "sentry.service.server.rpc-port"; + public static final int RPC_PORT_DEFAULT = 8038; + public static final String RPC_ADDRESS = "sentry.service.server.rpc-address"; + public static final String RPC_ADDRESS_DEFAULT = "0.0.0.0"; + public static final String RPC_MAX_THREADS = "sentry.service.server-max-threads"; + public static final int RPC_MAX_THREADS_DEFAULT = 500; + public static final String RPC_MIN_THREADS = "sentry.service.server-min-threads"; + public static final int RPC_MIN_THREADS_DEFAULT = 10; + public static final String ALLOW_CONNECT = "sentry.service.allow.connect"; + + public static final String SENTRY_POLICY_STORE_PLUGINS = "sentry.policy.store.plugins"; + public static final String SENTRY_POLICY_STORE_PLUGINS_DEFAULT = ""; + + public static final String SENTRY_METASTORE_PLUGINS = "sentry.metastore.plugins"; + public static final String SENTRY_METASTORE_PLUGINS_DEFAULT = ""; + + public static final String PROCESSOR_FACTORIES = "sentry.service.processor.factories"; + public static final String PROCESSOR_FACTORIES_DEFAULT = + "org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessorFactory"; + public static final String SENTRY_STORE_JDBC_URL = "sentry.store.jdbc.url"; + public static final String SENTRY_STORE_JDBC_USER = "sentry.store.jdbc.user"; + public static final String SENTRY_STORE_JDBC_USER_DEFAULT = "Sentry"; + public static final String SENTRY_STORE_JDBC_PASS = "sentry.store.jdbc.password"; + public static final String SENTRY_STORE_JDBC_PASS_DEFAULT = "Sentry"; + public static final String SENTRY_STORE_JDBC_DRIVER = "sentry.store.jdbc.driver"; + public static final String SENTRY_STORE_JDBC_DRIVER_DEFAULT = "org.apache.derby.jdbc.EmbeddedDriver"; + + public static final String JAVAX_JDO_URL = "javax.jdo.option.ConnectionURL"; + public static final String JAVAX_JDO_USER = "javax.jdo.option.ConnectionUserName"; + public static final String JAVAX_JDO_PASS = "javax.jdo.option.ConnectionPassword"; + public static final String JAVAX_JDO_DRIVER_NAME = "javax.jdo.option.ConnectionDriverName"; + + public static final String SENTRY_DB_PROPERTY_PREFIX = "sentry."; + public static final String SENTRY_JAVAX_JDO_PROPERTY_PREFIX = SENTRY_DB_PROPERTY_PREFIX + "javax.jdo"; + public static final String SENTRY_DATANUCLEUS_PROPERTY_PREFIX = SENTRY_DB_PROPERTY_PREFIX + "datanucleus"; + + public static final String SENTRY_VERIFY_SCHEM_VERSION = "sentry.verify.schema.version"; + public static final String SENTRY_VERIFY_SCHEM_VERSION_DEFAULT = "true"; + + public static final String SENTRY_SERVICE_NAME = "sentry.service.name"; + public static final String SENTRY_SERVICE_NAME_DEFAULT = "Sentry-Service"; + + public static final String SENTRY_STORE_GROUP_MAPPING = "sentry.store.group.mapping"; + public static final String SENTRY_STORE_GROUP_MAPPING_RESOURCE = "sentry.store.group.mapping.resource"; + public static final String SENTRY_STORE_HADOOP_GROUP_MAPPING = "org.apache.sentry.provider.common.HadoopGroupMappingService"; + public static final String SENTRY_STORE_LOCAL_GROUP_MAPPING = "org.apache.sentry.provider.file.LocalGroupMappingService"; + public static final String SENTRY_STORE_GROUP_MAPPING_DEFAULT = SENTRY_STORE_HADOOP_GROUP_MAPPING; + + public static final ImmutableMap<String, String> SENTRY_STORE_DEFAULTS = + ImmutableMap.<String, String>builder() + .put("datanucleus.connectionPoolingType", "BoneCP") + .put("datanucleus.validateTables", "false") + .put("datanucleus.validateColumns", "false") + .put("datanucleus.validateConstraints", "false") + .put("datanucleus.storeManagerType", "rdbms") + .put("datanucleus.autoCreateSchema", "false") + .put("datanucleus.fixedDatastore", "true") + .put("datanucleus.autoStartMechanismMode", "checked") + .put("datanucleus.transactionIsolation", "read-committed") + .put("datanucleus.cache.level2", "false") + .put("datanucleus.cache.level2.type", "none") + .put("datanucleus.identifierFactory", "datanucleus1") + .put("datanucleus.rdbms.useLegacyNativeValueStrategy", "true") + .put("datanucleus.plugin.pluginRegistryBundleCheck", "LOG") + .put("javax.jdo.PersistenceManagerFactoryClass", + "org.datanucleus.api.jdo.JDOPersistenceManagerFactory") + .put("javax.jdo.option.DetachAllOnCommit", "true") + .put("javax.jdo.option.NonTransactionalRead", "false") + .put("javax.jdo.option.NonTransactionalWrite", "false") + .put("javax.jdo.option.Multithreaded", "true") + .build(); + + } + public static class ClientConfig { + public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES; + public static final String SERVER_RPC_PORT = "sentry.service.client.server.rpc-port"; + public static final int SERVER_RPC_PORT_DEFAULT = ServerConfig.RPC_PORT_DEFAULT; + public static final String SERVER_RPC_ADDRESS = "sentry.service.client.server.rpc-address"; + public static final String SERVER_RPC_CONN_TIMEOUT = "sentry.service.client.server.rpc-connection-timeout"; + public static final int SERVER_RPC_CONN_TIMEOUT_DEFAULT = 200000; + } + + /** + * Thrift generates terrible constant class names + */ + public static class ThriftConstants extends org.apache.sentry.service.thrift.sentry_common_serviceConstants { + public static final int TSENTRY_SERVICE_VERSION_CURRENT = TSENTRY_SERVICE_V1; + } + + /* Privilege operation scope */ + public static enum PrivilegeScope { + SERVER, + URI, + DATABASE, + TABLE, + COLUMN + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java index 14207de..ea4e967 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java @@ -32,7 +32,6 @@ public class TestSentryPolicyStoreProcessor { @Before public void setup() { conf = new Configuration(false); - conf.setBoolean(ServerConfig.SENTRY_HDFS_INTEGRATION_ENABLE, true); } @Test(expected=SentryConfigurationException.class) public void testConfigNotNotificationHandler() throws Exception { http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java index 9ba4aa1..777c6d8 100644 --- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java +++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java @@ -162,14 +162,4 @@ public class TestSentryServerWithoutKerberos extends SentryServiceIntegrationBas ActiveRoleSet.ALL).size()); } -// private void waitToCommit(Update hmsCache) throws InterruptedException { -// int counter = 0; -// while(!hmsCache.areAllUpdatesCommited()) { -// Thread.sleep(200); -// counter++; -// if (counter > 10000) { -// fail("Updates taking too long to commit !!"); -// } -// } -// } } \ No newline at end of file http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/d66ebb71/sentry-service-client/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-service-client/pom.xml b/sentry-service-client/pom.xml deleted file mode 100644 index 9c158aa..0000000 --- a/sentry-service-client/pom.xml +++ /dev/null @@ -1,164 +0,0 @@ -<?xml version="1.0"?> -<!-- -Licensed to the Apache Software Foundation (ASF) under one or more -contributor license agreements. See the NOTICE file distributed with -this work for additional information regarding copyright ownership. -The ASF licenses this file to You under the Apache License, Version 2.0 -(the "License"); you may not use this file except in compliance with -the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. ---> -<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; xmlns="http://maven.apache.org/POM/4.0.0"; - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.apache.sentry</groupId> - <artifactId>sentry</artifactId> - <version>1.5.0-incubating-SNAPSHOT</version> - <relativePath>..</relativePath> - </parent> - - <artifactId>sentry-service-client</artifactId> - <name>Sentry Thrift client</name> - - <dependencies> - <dependency> - <groupId>junit</groupId> - <artifactId>junit</artifactId> - <scope>test</scope> - </dependency> - <dependency> - <groupId>com.google.guava</groupId> - <artifactId>guava</artifactId> - </dependency> - <dependency> - <groupId>log4j</groupId> - <artifactId>log4j</artifactId> - </dependency> - <dependency> - <groupId>org.apache.shiro</groupId> - <artifactId>shiro-core</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-api</artifactId> - </dependency> - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - </dependency> - <dependency> - <groupId>org.apache.thrift</groupId> - <artifactId>libfb303</artifactId> - </dependency> - <dependency> - <groupId>org.apache.thrift</groupId> - <artifactId>libthrift</artifactId> - </dependency> - <dependency> - <groupId>ant-contrib</groupId> - <artifactId>ant-contrib</artifactId> - </dependency> - <dependency> - <groupId>org.mockito</groupId> - <artifactId>mockito-all</artifactId> - <scope>test</scope> - </dependency> - </dependencies> - - <build> - <sourceDirectory>${basedir}/src/main/java</sourceDirectory> - <testSourceDirectory>${basedir}/src/test/java</testSourceDirectory> - <plugins> - <plugin> - <groupId>org.codehaus.mojo</groupId> - <artifactId>build-helper-maven-plugin</artifactId> - <executions> - <execution> - <id>add-source</id> - <phase>generate-sources</phase> - <goals> - <goal>add-source</goal> - </goals> - <configuration> - <sources> - <source>src/gen/thrift/gen-javabean</source> - </sources> - </configuration> - </execution> - </executions> - </plugin> - </plugins> - </build> - <profiles> - <profile> - <id>thriftif</id> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-antrun-plugin</artifactId> - <executions> - <execution> - <id>generate-thrift-sources</id> - <phase>generate-sources</phase> - <configuration> - <target> - <taskdef name="for" classname="net.sf.antcontrib.logic.ForTask" - classpathref="maven.plugin.classpath" /> - <property name="thrift.args" value="-I ${thrift.home} --gen java:beans,hashcode"/> - <property name="thrift.gen.dir" value="${basedir}/src/gen/thrift"/> - <delete dir="${thrift.gen.dir}"/> - <mkdir dir="${thrift.gen.dir}"/> - <for param="thrift.file"> - <path> - <fileset dir="${basedir}/src/main/resources/" includes="**/*.thrift" /> - </path> - <sequential> - <echo message="Generating Thrift code for @{thrift.file}"/> - <exec executable="${thrift.home}/bin/thrift" failonerror="true" dir="."> - <arg line="${thrift.args} -I ${basedir}/src/main/resources/ -o ${thrift.gen.dir} @{thrift.file} " /> - </exec> - </sequential> - </for> - </target> - </configuration> - <goals> - <goal>run</goal> - </goals> - </execution> - </executions> - </plugin> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-enforcer-plugin</artifactId> - <executions> - <execution> - <id>enforce-property</id> - <goals> - <goal>enforce</goal> - </goals> - <configuration> - <rules> - <requireProperty> - <property>thrift.home</property> - </requireProperty> - </rules> - <fail>true</fail> - </configuration> - </execution> - </executions> - </plugin> - </plugins> - </build> - </profile> - </profiles> - -</project>
