Repository: incubator-sentry Updated Branches: refs/heads/SENTRY-999 f81375c52 -> 041576221
SENTRY-1042: Create CommonPolicy for external component (Colin Ma, Reviewed by Dapeng Sun) Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/04157622 Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/04157622 Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/04157622 Branch: refs/heads/SENTRY-999 Commit: 041576221c4695d7f2858f8604e75e29c7bdd67e Parents: f81375c Author: Colin Ma <co...@apache.org> Authored: Mon Feb 22 15:47:43 2016 +0800 Committer: Colin Ma <co...@apache.org> Committed: Mon Feb 22 15:47:43 2016 +0800 ---------------------------------------------------------------------- sentry-policy/pom.xml | 1 + sentry-policy/sentry-policy-engine/pom.xml | 53 ++++++++++++ .../engine/common/CommonPolicyEngine.java | 86 ++++++++++++++++++++ .../engine/common/CommonPrivilegeFactory.java | 29 +++++++ 4 files changed, 169 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/04157622/sentry-policy/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-policy/pom.xml b/sentry-policy/pom.xml index ef938a6..e888a93 100644 --- a/sentry-policy/pom.xml +++ b/sentry-policy/pom.xml @@ -31,6 +31,7 @@ limitations under the License. <modules> <module>sentry-policy-common</module> + <module>sentry-policy-engine</module> <module>sentry-policy-db</module> <module>sentry-policy-indexer</module> <module>sentry-policy-search</module> http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/04157622/sentry-policy/sentry-policy-engine/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-engine/pom.xml b/sentry-policy/sentry-policy-engine/pom.xml new file mode 100644 index 0000000..cb78ce6 --- /dev/null +++ b/sentry-policy/sentry-policy-engine/pom.xml @@ -0,0 +1,53 @@ +<?xml version="1.0"?> +<!-- +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +--> +<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; xmlns="http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache.sentry</groupId> + <artifactId>sentry-policy</artifactId> + <version>1.7.0-incubating-SNAPSHOT</version> + </parent> + + <artifactId>sentry-policy-engine</artifactId> + <name>Sentry Policy Engine</name> + + <dependencies> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + </dependency> + <dependency> + <groupId>org.apache.sentry</groupId> + <artifactId>sentry-provider-common</artifactId> + </dependency> + </dependencies> + +</project> http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/04157622/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPolicyEngine.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPolicyEngine.java b/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPolicyEngine.java new file mode 100644 index 0000000..a661190 --- /dev/null +++ b/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPolicyEngine.java @@ -0,0 +1,86 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.policy.engine.common; + +import com.google.common.collect.ImmutableSet; +import org.apache.sentry.core.common.ActiveRoleSet; +import org.apache.sentry.core.common.Authorizable; +import org.apache.sentry.core.common.SentryConfigurationException; +import org.apache.sentry.policy.common.PolicyEngine; +import org.apache.sentry.policy.common.PrivilegeFactory; +import org.apache.sentry.provider.common.ProviderBackend; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import java.util.Set; + +public class CommonPolicyEngine implements PolicyEngine { + + private static final Logger LOGGER = LoggerFactory + .getLogger(CommonPolicyEngine.class); + + private final ProviderBackend providerBackend; + + public CommonPolicyEngine(ProviderBackend providerBackend) { + this.providerBackend = providerBackend; + } + + /** + * {@inheritDoc} + */ + @Override + public PrivilegeFactory getPrivilegeFactory() { + return new CommonPrivilegeFactory(); + } + + /** + * {@inheritDoc} + */ + @Override + public ImmutableSet<String> getAllPrivileges(Set<String> groups, + ActiveRoleSet roleSet) throws SentryConfigurationException { + return getPrivileges(groups, roleSet); + } + + /** + * {@inheritDoc} + */ + @Override + public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) + throws SentryConfigurationException { + if(LOGGER.isDebugEnabled()) { + LOGGER.debug("Getting permissions for {}", groups); + } + ImmutableSet<String> result = providerBackend.getPrivileges(groups, roleSet, authorizableHierarchy); + if(LOGGER.isDebugEnabled()) { + LOGGER.debug("result = " + result); + } + return result; + } + + @Override + public void validatePolicy(boolean strictValidation) throws SentryConfigurationException { + this.providerBackend.validatePolicy(strictValidation); + } + + @Override + public void close() { + if (providerBackend != null) { + providerBackend.close(); + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/04157622/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPrivilegeFactory.java ---------------------------------------------------------------------- diff --git a/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPrivilegeFactory.java b/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPrivilegeFactory.java new file mode 100644 index 0000000..d338f0e --- /dev/null +++ b/sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPrivilegeFactory.java @@ -0,0 +1,29 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.policy.engine.common; + +import org.apache.sentry.policy.common.CommonPrivilege; +import org.apache.sentry.policy.common.Privilege; +import org.apache.sentry.policy.common.PrivilegeFactory; + +public class CommonPrivilegeFactory implements PrivilegeFactory { + + @Override + public Privilege createPrivilege(String privilege) { + return new CommonPrivilege(privilege); + } +}
