You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ls...@apache.org on 2016/01/21 07:51:33 UTC
[3/4] incubator-sentry git commit: SENTRY-986: Apply PMD plugin to
Sentry source (Colm O hEigeartaigh via Lenni Kuff)
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
index 2db72b1..968d29c 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
@@ -17,16 +17,7 @@
*/
package org.apache.sentry.hdfs;
-import static org.junit.Assert.*;
-
-import java.security.PrivilegedExceptionAction;
-
-import javax.security.auth.Subject;
-
import org.apache.hadoop.minikdc.MiniKdc;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
index db3d413..114dbb0 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
@@ -109,27 +109,27 @@ public abstract class AuthorizationProvider {
*
* @return the inode unique ID.
*/
- public long getId();
+ long getId();
/**
* Return the inode path element name. This value may change.
* @return the inode path element name.
*/
- public String getLocalName();
+ String getLocalName();
/**
* Return the parent inode. This value may change.
*
* @return the parent inode.
*/
- public INodeAuthorizationInfo getParent();
+ INodeAuthorizationInfo getParent();
/**
* Return the inode full path. This value may change.
*
* @return the inode full path
*/
- public String getFullPathName();
+ String getFullPathName();
/**
* Return if the inode is a directory or not.
@@ -137,7 +137,7 @@ public abstract class AuthorizationProvider {
* @return <code>TRUE</code> if the inode is a directory,
* <code>FALSE</code> otherwise.
*/
- public boolean isDirectory();
+ boolean isDirectory();
/**
* Return the inode user for the specified snapshot.
@@ -146,7 +146,7 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode user for the specified snapshot.
*/
- public String getUserName(int snapshotId);
+ String getUserName(int snapshotId);
/**
* Return the inode group for the specified snapshot.
@@ -155,7 +155,7 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode group for the specified snapshot.
*/
- public String getGroupName(int snapshotId);
+ String getGroupName(int snapshotId);
/**
* Return the inode permission for the specified snapshot.
@@ -164,7 +164,7 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode permission for the specified snapshot.
*/
- public FsPermission getFsPermission(int snapshotId);
+ FsPermission getFsPermission(int snapshotId);
/**
* Return the inode ACL feature for the specified snapshot.
@@ -173,8 +173,8 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode ACL feature for the specified snapshot.
*/
- public AclFeature getAclFeature(int snapshotId);
-
+ AclFeature getAclFeature(int snapshotId);
+
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
index 25fd71c..ea1514c 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
@@ -31,7 +31,7 @@ public class SentryAuthorizationConstants {
public static final String HDFS_PERMISSION_KEY = CONFIG_PREFIX +
"hdfs-permission";
- public static final long HDFS_PERMISSION_DEFAULT = 0771;
+ public static final long HDFS_PERMISSION_DEFAULT = 771;
public static final String HDFS_PATH_PREFIXES_KEY = CONFIG_PREFIX +
"hdfs-path-prefixes";
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
index def34a4..c2416c1 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
@@ -35,7 +35,6 @@ import org.slf4j.LoggerFactory;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
-import com.google.common.collect.Lists;
public class SentryAuthorizationInfo implements Runnable {
private static Logger LOG =
@@ -134,7 +133,7 @@ public class SentryAuthorizationInfo implements Runnable {
updates.getPermUpdates(), authzPermissions);
// If there were any FULL updates the returned instance would be
// different
- if ((newAuthzPaths != authzPaths)||(newAuthzPerms != authzPermissions)) {
+ if (newAuthzPaths != authzPaths || newAuthzPerms != authzPermissions) {
lock.writeLock().lock();
try {
LOG.debug("FULL Updated paths seq Num [old="
@@ -206,7 +205,7 @@ public class SentryAuthorizationInfo implements Runnable {
}
public void start() {
- if ((authzPaths != null)||(authzPermissions != null)) {
+ if (authzPaths != null || authzPermissions != null) {
boolean success = false;
try {
success = update();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
index b7e94f3..4de130a 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
@@ -188,7 +188,7 @@ public class SentryAuthorizationProvider
String[] paths;
INodeAuthorizationInfo parent = node.getParent();
if (parent == null) {
- paths = (idx > 0) ? new String[idx] : EMPTY_STRING_ARRAY;
+ paths = idx > 0 ? new String[idx] : EMPTY_STRING_ARRAY;
} else {
paths = getPathElements(parent, idx + 1);
paths[paths.length - 1 - idx] = node.getLocalName();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
index daa87cf..c61736f 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
@@ -143,8 +143,8 @@ public class SentryPermissions implements AuthzPermissions {
builder.setType(AclEntryType.GROUP);
builder.setScope(AclEntryScope.ACCESS);
FsAction action = groupPerm.getValue();
- if ((action == FsAction.READ) || (action == FsAction.WRITE)
- || (action == FsAction.READ_WRITE)) {
+ if (action == FsAction.READ || action == FsAction.WRITE
+ || action == FsAction.READ_WRITE) {
action = action.or(FsAction.EXECUTE);
}
builder.setPermission(action);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
index 422554e..88be3f5 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
@@ -18,7 +18,6 @@
package org.apache.sentry.hdfs;
import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.hdfs.SentryAuthzUpdate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
index aa78360..33581b7 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
@@ -17,7 +17,6 @@
*/
package org.apache.sentry.hdfs;
-import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
index 4349c6e..cdf1c59 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
@@ -22,7 +22,6 @@ import com.google.common.collect.Lists;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.metastore.IHMSHandler;
import org.apache.hadoop.hive.metastore.api.Database;
-import org.apache.hadoop.hive.metastore.api.NoSuchObjectException;
import org.apache.hadoop.hive.metastore.api.Partition;
import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.sentry.hdfs.service.thrift.TPathChanges;
@@ -66,20 +65,20 @@ class MetastoreCacheInitializer implements Closeable {
* Class represents retry strategy for BaseTask.
*/
private class RetryStrategy {
- private int maxRetries = 0;
- private int waitDurationMillis;
+ private int retryStrategyMaxRetries = 0;
+ private int retryStrategyWaitDurationMillis;
private int retries;
private Exception exception;
- private RetryStrategy(int maxRetries, int waitDurationMillis) {
- this.maxRetries = maxRetries;
+ private RetryStrategy(int retryStrategyMaxRetries, int retryStrategyWaitDurationMillis) {
+ this.retryStrategyMaxRetries = retryStrategyMaxRetries;
retries = 0;
// Assign default wait duration if negative value is provided.
- if (waitDurationMillis > 0) {
- this.waitDurationMillis = waitDurationMillis;
+ if (retryStrategyWaitDurationMillis > 0) {
+ this.retryStrategyWaitDurationMillis = retryStrategyWaitDurationMillis;
} else {
- this.waitDurationMillis = 1000;
+ this.retryStrategyWaitDurationMillis = 1000;
}
}
@@ -89,7 +88,7 @@ class MetastoreCacheInitializer implements Closeable {
// synchronous waiting on getting the result.
// Retry the failure task until reach the max retry number.
// Wait configurable duration for next retry.
- for (int i = 0; i < maxRetries; i++) {
+ for (int i = 0; i < retryStrategyMaxRetries; i++) {
try {
doTask();
@@ -99,16 +98,16 @@ class MetastoreCacheInitializer implements Closeable {
return new CallResult(exception, true);
} catch (Exception ex) {
LOGGER.debug("Failed to execute task on " + (i + 1) + " attempts." +
- " Sleeping for " + waitDurationMillis + " ms. Exception: " + ex.toString(), ex);
+ " Sleeping for " + retryStrategyWaitDurationMillis + " ms. Exception: " + ex.toString(), ex);
exception = ex;
try {
- Thread.sleep(waitDurationMillis);
+ Thread.sleep(retryStrategyWaitDurationMillis);
} catch (InterruptedException exception) {
// Skip the rest retries if get InterruptedException.
// And set the corresponding retries number.
retries = i;
- i = maxRetries;
+ i = retryStrategyMaxRetries;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
index f88295d..6e14c29 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
@@ -103,7 +103,7 @@ public class MetastorePlugin extends SentryMetastoreListenerPlugin {
private volatile Throwable initError = null;
private final Queue<PathsUpdate> updateQueue = new LinkedList<PathsUpdate>();
- private final ExecutorService threadPool;
+ private final ExecutorService threadPool; //NOPMD
private final Configuration sentryConf;
static class ProxyHMSHandler extends HMSHandler {
@@ -166,7 +166,7 @@ public class MetastorePlugin extends SentryMetastoreListenerPlugin {
"cache initialization is completed !!");
initUpdater.start();
} else {
- initUpdater.run();
+ initUpdater.run(); //NOPMD
}
try {
sentryClient = SentryHDFSServiceClientFactory.create(sentryConf);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
index 5e2f98e..4ce16c7 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
@@ -175,7 +175,9 @@ public class PluginCacheSyncUtil {
"Error releasing ZK lock for update cache syncup" + e, e);
}
timerContext.stop();
- if (failed) SentryHdfsMetricsUtil.getFailedCacheSyncToZK.inc();
+ if (failed) {
+ SentryHdfsMetricsUtil.getFailedCacheSyncToZK.inc();
+ }
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
index 647e8fc..f3926a2 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
@@ -28,12 +28,10 @@ import com.codahale.metrics.Timer;
import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.hdfs.ServiceConstants.ServerConfig;
import org.apache.sentry.hdfs.UpdateForwarder.ExternalImageRetriever;
-import org.apache.sentry.hdfs.service.thrift.TPathChanges;
import org.apache.sentry.hdfs.service.thrift.TPermissionsUpdate;
import org.apache.sentry.hdfs.service.thrift.TPrivilegeChanges;
import org.apache.sentry.hdfs.service.thrift.TRoleChanges;
import org.apache.sentry.provider.db.SentryPolicyStorePlugin;
-import org.apache.sentry.provider.db.SentryPolicyStorePlugin.SentryPluginException;
import org.apache.sentry.provider.db.service.persistent.SentryStore;
import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
@@ -48,9 +46,6 @@ import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.google.common.base.Strings;
-import com.google.common.collect.Lists;
-
public class SentryPlugin implements SentryPolicyStorePlugin {
private static final Logger LOGGER = LoggerFactory.getLogger(SentryPlugin.class);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
index 22a436a..7387281 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
@@ -19,6 +19,7 @@ package org.apache.sentry.hdfs;
import java.io.Closeable;
import java.io.IOException;
+import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
@@ -34,14 +35,12 @@ import org.apache.sentry.provider.db.service.persistent.HAContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.google.common.collect.Lists;
-
public class UpdateForwarder<K extends Updateable.Update> implements
Updateable<K>, Closeable {
- public static interface ExternalImageRetriever<K> {
+ interface ExternalImageRetriever<K> {
- public K retrieveFullImage(long currSeqNum);
+ K retrieveFullImage(long currSeqNum);
}
@@ -77,9 +76,9 @@ public class UpdateForwarder<K extends Updateable.Update> implements
ExternalImageRetriever<K> imageRetreiver, int maxUpdateLogSize) {
this(conf, updateable, imageRetreiver, maxUpdateLogSize, INIT_UPDATE_RETRY_DELAY);
}
- public UpdateForwarder(Configuration conf, Updateable<K> updateable,
+ public UpdateForwarder(Configuration conf, Updateable<K> updateable, //NOPMD
ExternalImageRetriever<K> imageRetreiver, int maxUpdateLogSize,
- int initUpdateRetryDelay) {
+ int initUpdateRetryDelay) {
this.maxUpdateLogSize = maxUpdateLogSize;
this.imageRetreiver = imageRetreiver;
if (imageRetreiver != null) {
@@ -177,7 +176,7 @@ public class UpdateForwarder<K extends Updateable.Update> implements
} else {
if (editNotMissed) {
// apply partial preUpdate
- updateable.updatePartial(Lists.newArrayList(update), lock);
+ updateable.updatePartial(Collections.singletonList(update), lock);
} else {
// Retrieve full update from External Source and
if (imageRetreiver != null) {
@@ -197,7 +196,7 @@ public class UpdateForwarder<K extends Updateable.Update> implements
synchronized (getUpdateLog()) {
boolean logCompacted = false;
if (getMaxUpdateLogSize() > 0) {
- if (update.hasFullImage() || (getUpdateLog().size() == getMaxUpdateLogSize())) {
+ if (update.hasFullImage() || getUpdateLog().size() == getMaxUpdateLogSize()) {
// Essentially a log compaction
getUpdateLog().clear();
getUpdateLog().add(update.hasFullImage() ? update
@@ -227,7 +226,7 @@ public class UpdateForwarder<K extends Updateable.Update> implements
List<K> retVal = new LinkedList<K>();
synchronized (getUpdateLog()) {
long currSeqNum = lastCommittedSeqNum.get();
- if (LOGGER.isDebugEnabled() && (updateable != null)) {
+ if (LOGGER.isDebugEnabled() && updateable != null) {
LOGGER.debug("#### GetAllUpdatesFrom ["
+ "type=" + updateable.getClass() + ", "
+ "reqSeqNum=" + seqNum + ", "
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
index 9a4e7bb..574627c 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
@@ -19,26 +19,16 @@ package org.apache.sentry.hdfs;
import java.io.IOException;
import java.util.LinkedList;
-import java.util.concurrent.TimeUnit;
import org.apache.curator.framework.CuratorFramework;
-import org.apache.curator.framework.recipes.atomic.DistributedAtomicLong;
-import org.apache.curator.framework.recipes.cache.PathChildrenCache;
import org.apache.curator.framework.recipes.cache.PathChildrenCacheEvent;
import org.apache.curator.framework.recipes.cache.PathChildrenCacheListener;
-import org.apache.curator.framework.recipes.locks.InterProcessSemaphoreMutex;
-import org.apache.curator.utils.ZKPaths;
import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.hdfs.ServiceConstants.ServerConfig;
-import org.apache.sentry.hdfs.UpdateForwarder;
import org.apache.sentry.provider.db.SentryPolicyStorePlugin.SentryPluginException;
-import org.apache.sentry.provider.db.service.persistent.HAContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.google.common.cache.Cache;
-
public class UpdateForwarderWithHA<K extends Updateable.Update> extends
UpdateForwarder<K> implements Updateable<K> {
private static final Logger LOGGER = LoggerFactory.getLogger(UpdateForwarderWithHA.class);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
index 2fe81fd..3d756c9 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
@@ -20,8 +20,6 @@ package org.apache.sentry.hdfs;
import java.util.concurrent.atomic.AtomicLong;
import java.util.concurrent.locks.ReadWriteLock;
-import org.apache.sentry.hdfs.PermissionsUpdate;
-import org.apache.sentry.hdfs.Updateable;
import org.apache.sentry.hdfs.UpdateForwarder.ExternalImageRetriever;
public class UpdateablePermissions implements Updateable<PermissionsUpdate>{
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java b/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
index 40af05a..5246e05 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
@@ -19,7 +19,6 @@ package org.apache.sentry.hdfs;
import static org.junit.Assert.assertEquals;
-import java.io.IOException;
import java.util.List;
import org.apache.curator.test.TestingServer;
@@ -28,7 +27,6 @@ import org.apache.sentry.provider.db.service.persistent.HAContext;
import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
import org.junit.After;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Test;
import com.google.common.collect.Lists;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
index 38a5b65..bbb009c 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
@@ -17,7 +17,6 @@
package org.apache.sentry.policy.common;
-import java.util.List;
import java.util.Set;
import javax.annotation.concurrent.ThreadSafe;
@@ -39,7 +38,7 @@ public interface PolicyEngine {
* This is typically a factory that returns a privilege used to evaluate wildcards.
* @return the privilege factory
*/
- public PrivilegeFactory getPrivilegeFactory();
+ PrivilegeFactory getPrivilegeFactory();
/**
* Get privileges associated with a group. Returns Strings which can be resolved
@@ -50,7 +49,7 @@ public interface PolicyEngine {
* @param active role-set
* @return non-null immutable set of privileges
*/
- public ImmutableSet<String> getAllPrivileges(Set<String> groups, ActiveRoleSet roleSet)
+ ImmutableSet<String> getAllPrivileges(Set<String> groups, ActiveRoleSet roleSet)
throws SentryConfigurationException;
/**
@@ -63,10 +62,10 @@ public interface PolicyEngine {
* @param authorizable Hierarchy (Can be null)
* @return non-null immutable set of privileges
*/
- public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy)
+ ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy)
throws SentryConfigurationException;
- public void close();
+ void close();
- public void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
+ void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
index c7e1734..27d5afa 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
@@ -17,5 +17,5 @@
package org.apache.sentry.policy.common;
public interface Privilege {
- public boolean implies(Privilege p);
+ boolean implies(Privilege p);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
index 5548f04..36abdd4 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
@@ -20,5 +20,5 @@ import org.apache.shiro.config.ConfigurationException;
public interface PrivilegeValidator {
- public void validate(PrivilegeValidatorContext context) throws ConfigurationException;
+ void validate(PrivilegeValidatorContext context) throws ConfigurationException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
index eb7350e..dfc2872 100644
--- a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
+++ b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
@@ -30,8 +30,6 @@ import org.apache.sentry.policy.common.Privilege;
import org.apache.sentry.policy.common.PrivilegeFactory;
import org.apache.sentry.provider.common.KeyValue;
import org.apache.sentry.provider.common.ProviderConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
@@ -41,8 +39,6 @@ import com.google.common.collect.Lists;
// XXX this class is made ugly by the fact that Action is not a Authorizable.
public class DBWildcardPrivilege implements Privilege {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(DBWildcardPrivilege.class);
private final ImmutableList<KeyValue> parts;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
index a03794e..b5b584f 100644
--- a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
+++ b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
@@ -16,7 +16,6 @@
*/
package org.apache.sentry.policy.db;
-import java.util.List;
import java.util.Set;
import org.apache.sentry.core.common.ActiveRoleSet;
@@ -63,7 +62,7 @@ public class SimpleDBPolicyEngine implements PolicyEngine {
@Override
public ImmutableSet<String> getAllPrivileges(Set<String> groups,
ActiveRoleSet roleSet) throws SentryConfigurationException {
- return getPrivileges(groups, roleSet, null);
+ return getPrivileges(groups, roleSet);
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
index bdb1c96..52a9021 100644
--- a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
+++ b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
@@ -66,7 +66,6 @@ public class TestSearchAuthorizationProviderGeneralCases {
private static final Collection COLL_TMP = new Collection("tmpcollection");
private static final Collection COLL_PURCHASES_PARTIAL = new Collection("purchases_partial");
- private static final SearchModelAction ALL = SearchModelAction.ALL;
private static final SearchModelAction QUERY = SearchModelAction.QUERY;
private static final SearchModelAction UPDATE = SearchModelAction.UPDATE;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
index 3a57dfc..bbbcedd 100644
--- a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
+++ b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
@@ -40,7 +40,7 @@ public class ServerNameRequiredMatch implements PrivilegeValidator {
Iterable<SqoopAuthorizable> authorizables = parsePrivilege(context.getPrivilege());
boolean match = false;
for (SqoopAuthorizable authorizable : authorizables) {
- if ((authorizable instanceof Server) && authorizable.getName().equalsIgnoreCase(sqoopServerName)) {
+ if (authorizable instanceof Server && authorizable.getName().equalsIgnoreCase(sqoopServerName)) {
match = true;
break;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
index 29c6c5c..811b931 100644
--- a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
+++ b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
@@ -26,8 +26,8 @@ public interface PrivilegeCache {
* Get the privileges for the give set of groups with the give active roles
* from the cache
*/
- public Set<String> listPrivileges(Set<String> groups,
+ Set<String> listPrivileges(Set<String> groups,
ActiveRoleSet roleSet);
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
index 4b98447..73ed6c2 100644
--- a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
+++ b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
@@ -31,11 +31,9 @@ import com.google.common.collect.ImmutableSet;
public class SimpleCacheProviderBackend implements ProviderBackend {
private PrivilegeCache cacheHandle;
- private Configuration conf;
private boolean isInitialized = false;
- public SimpleCacheProviderBackend(Configuration conf, String resourcePath) {
- this.conf = conf;
+ public SimpleCacheProviderBackend(Configuration conf, String resourcePath) { //NOPMD
}
/**
@@ -44,7 +42,9 @@ public class SimpleCacheProviderBackend implements ProviderBackend {
*/
@Override
public void initialize(ProviderBackendContext context) {
- if (isInitialized) return;
+ if (isInitialized) {
+ return;
+ }
isInitialized = true;
cacheHandle = (PrivilegeCache) context.getBindingHandle();
assert cacheHandle != null;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
index fe54b42..7141e81 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
@@ -34,7 +34,7 @@ import org.apache.sentry.policy.common.PolicyEngine;
@ThreadSafe
public interface AuthorizationProvider {
- public static String SENTRY_PROVIDER = "sentry.provider";
+ String SENTRY_PROVIDER = "sentry.provider";
/***
* Returns validate subject privileges on given Authorizable object
@@ -48,7 +48,7 @@ public interface AuthorizationProvider {
* @return
* True if the subject is authorized to perform requested action on the given object
*/
- public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
+ boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
Set<? extends Action> actions, ActiveRoleSet roleSet);
/***
@@ -56,14 +56,14 @@ public interface AuthorizationProvider {
*
* @return GroupMappingService used by the AuthorizationProvider
*/
- public GroupMappingService getGroupMapping();
+ GroupMappingService getGroupMapping();
/***
* Validate the policy file format for syntax and semantic errors
* @param strictValidation
* @throws SentryConfigurationException
*/
- public void validateResource(boolean strictValidation) throws SentryConfigurationException;
+ void validateResource(boolean strictValidation) throws SentryConfigurationException;
/***
* Returns the list privileges for the given subject
@@ -71,7 +71,7 @@ public interface AuthorizationProvider {
* @return
* @throws SentryConfigurationException
*/
- public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException;
+ Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException;
/**
* Returns the list privileges for the given group
@@ -79,21 +79,21 @@ public interface AuthorizationProvider {
* @return
* @throws SentryConfigurationException
*/
- public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException;
+ Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException;
/***
* Returns the list of missing privileges of the last access request
* @return
*/
- public List<String> getLastFailedPrivileges();
+ List<String> getLastFailedPrivileges();
/**
* Frees any resources held by the the provider
*/
- public void close();
+ void close();
/**
* Get the policy engine
*/
- public PolicyEngine getPolicyEngine();
+ PolicyEngine getPolicyEngine();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
index 22371d1..7e85261 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
@@ -31,5 +31,5 @@ public interface GroupMappingService {
/**
* @return non-null list of groups for user
*/
- public Set<String> getGroups(String user);
+ Set<String> getGroups(String user);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
index 4214449..f599dbb 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
@@ -24,15 +24,11 @@ import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.Groups;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import com.google.common.collect.Lists;
public class HadoopGroupMappingService implements GroupMappingService {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(HadoopGroupMappingService.class);
private static Configuration hadoopConf;
private final Groups groups;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
index c8e6c9d..bcd3312 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
@@ -22,8 +22,6 @@ import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.Groups;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.GroupMappingService;
-import org.apache.sentry.provider.common.HadoopGroupMappingService;
import com.google.common.annotations.VisibleForTesting;
@@ -41,7 +39,7 @@ public class HadoopGroupResourceAuthorizationProvider extends
this(new Configuration(), resource, policy);
}
- public HadoopGroupResourceAuthorizationProvider(Configuration conf, String resource, PolicyEngine policy) throws IOException {
+ public HadoopGroupResourceAuthorizationProvider(Configuration conf, String resource, PolicyEngine policy) throws IOException { //NOPMD
this(policy, new HadoopGroupMappingService(getGroups(conf)));
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
index cad37b4..984fe46 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
@@ -73,23 +73,30 @@ public class KeyValue {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
KeyValue other = (KeyValue) obj;
if (key == null) {
- if (other.key != null)
+ if (other.key != null) {
return false;
- } else if (!key.equalsIgnoreCase(other.key))
+ }
+ } else if (!key.equalsIgnoreCase(other.key)) {
return false;
+ }
if (value == null) {
- if (other.value != null)
+ if (other.value != null) {
return false;
- } else if (!value.equalsIgnoreCase(other.value))
+ }
+ } else if (!value.equalsIgnoreCase(other.value)) {
return false;
+ }
return true;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
index 7cf617e..82b215c 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
@@ -44,7 +44,6 @@ public class NoAuthorizationProvider implements AuthorizationProvider {
@Override
public void validateResource(boolean strictValidation) throws SentryConfigurationException {
- return;
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
index ddb9cf9..b19a170 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
@@ -42,17 +42,17 @@ public interface ProviderBackend {
* that would be backwards incompatible.
* @param validators
*/
- public void initialize(ProviderBackendContext context);
+ void initialize(ProviderBackendContext context);
/**
* Get the privileges from the backend.
*/
- public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy);
+ ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy);
/**
* Get the roles associated with the groups from the backend.
*/
- public ImmutableSet<String> getRoles(Set<String> groups, ActiveRoleSet roleSet);
+ ImmutableSet<String> getRoles(Set<String> groups, ActiveRoleSet roleSet);
/**
* If strictValidation is true then an error is thrown for warnings
@@ -61,7 +61,7 @@ public interface ProviderBackend {
* @param strictValidation
* @throws SentryConfigurationException
*/
- public void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
+ void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
index 7bf830c..fef4bd9 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
@@ -109,7 +109,7 @@ public abstract class ResourceAuthorizationProvider implements AuthorizationProv
* Does the permission granted in the policy file imply the requested action?
*/
boolean result = permission.implies(privilegeFactory.createPrivilege(requestPrivilege));
- if(LOGGER.isDebugEnabled()) {
+ if (LOGGER.isDebugEnabled()) {
LOGGER.debug("ProviderPrivilege {}, RequestPrivilege {}, RoleSet, {}, Result {}",
new Object[]{ permission, requestPrivilege, roleSet, result});
}
@@ -135,23 +135,22 @@ public abstract class ResourceAuthorizationProvider implements AuthorizationProv
private ImmutableSet<String> appendDefaultDBPriv(ImmutableSet<String> privileges, Authorizable[] authorizables) {
// Only for switch db
- if ((authorizables != null)&&(authorizables.length == 4)&&(authorizables[2].getName().equals("+"))) {
- if ((privileges.size() == 1) && hasOnlyServerPrivilege(privileges.asList().get(0))) {
- // Assuming authorizable[0] will always be the server
- // This Code is only reachable only when user fires a 'use default'
- // and the user has a privilege on atleast 1 privilized Object
- String defaultPriv = "Server=" + authorizables[0].getName()
- + "->Db=default->Table=*->Column=*->action=select";
- HashSet<String> newPrivs = Sets.newHashSet(defaultPriv);
- return ImmutableSet.copyOf(newPrivs);
- }
+ if (authorizables != null && authorizables.length == 4 && authorizables[2].getName().equals("+")
+ && privileges.size() == 1 && hasOnlyServerPrivilege(privileges.asList().get(0))) {
+ // Assuming authorizable[0] will always be the server
+ // This Code is only reachable only when user fires a 'use default'
+ // and the user has a privilege on atleast 1 privilized Object
+ String defaultPriv = "Server=" + authorizables[0].getName()
+ + "->Db=default->Table=*->Column=*->action=select";
+ Set<String> newPrivs = Sets.newHashSet(defaultPriv);
+ return ImmutableSet.copyOf(newPrivs);
}
return privileges;
}
private boolean hasOnlyServerPrivilege(String priv) {
ArrayList<String> l = Lists.newArrayList(AUTHORIZABLE_SPLITTER.split(priv));
- if ((l.size() == 1)&&(l.get(0).toLowerCase().startsWith("server"))) {
+ if (l.size() == 1 && l.get(0).toLowerCase().startsWith("server")) {
return l.get(0).toLowerCase().split("=")[1].endsWith("+");
}
return false;
@@ -173,12 +172,12 @@ public abstract class ResourceAuthorizationProvider implements AuthorizationProv
@Override
public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException {
- return policy.getPrivileges(getGroups(subject), ActiveRoleSet.ALL, null);
+ return policy.getPrivileges(getGroups(subject), ActiveRoleSet.ALL);
}
@Override
public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException {
- return policy.getPrivileges(Sets.newHashSet(groupName), ActiveRoleSet.ALL, null);
+ return policy.getPrivileges(Sets.newHashSet(groupName), ActiveRoleSet.ALL);
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
index f57198a..dfb5d70 100644
--- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
+++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
@@ -19,7 +19,6 @@ package org.apache.sentry.provider.common;
import static org.junit.Assert.assertSame;
import java.util.Set;
-import java.util.List;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.SentryConfigurationException;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
index 998a48b..fe1ea1f 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
@@ -32,7 +32,7 @@ import org.apache.sentry.provider.db.service.thrift.TRenamePrivilegesRequest;
public interface SentryPolicyStorePlugin {
@SuppressWarnings("serial")
- public static class SentryPluginException extends SentryUserException {
+ class SentryPluginException extends SentryUserException {
public SentryPluginException(String msg) {
super(msg);
}
@@ -41,20 +41,20 @@ public interface SentryPolicyStorePlugin {
}
}
- public void initialize(Configuration conf, SentryStore sentryStore) throws SentryPluginException;
+ void initialize(Configuration conf, SentryStore sentryStore) throws SentryPluginException;
- public void onAlterSentryRoleAddGroups(TAlterSentryRoleAddGroupsRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleAddGroups(TAlterSentryRoleAddGroupsRequest tRequest) throws SentryPluginException;
- public void onAlterSentryRoleDeleteGroups(TAlterSentryRoleDeleteGroupsRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleDeleteGroups(TAlterSentryRoleDeleteGroupsRequest tRequest) throws SentryPluginException;
- public void onAlterSentryRoleGrantPrivilege(TAlterSentryRoleGrantPrivilegeRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleGrantPrivilege(TAlterSentryRoleGrantPrivilegeRequest tRequest) throws SentryPluginException;
- public void onAlterSentryRoleRevokePrivilege(TAlterSentryRoleRevokePrivilegeRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleRevokePrivilege(TAlterSentryRoleRevokePrivilegeRequest tRequest) throws SentryPluginException;
- public void onDropSentryRole(TDropSentryRoleRequest tRequest) throws SentryPluginException;
+ void onDropSentryRole(TDropSentryRoleRequest tRequest) throws SentryPluginException;
- public void onRenameSentryPrivilege(TRenamePrivilegesRequest request) throws SentryPluginException;
+ void onRenameSentryPrivilege(TRenamePrivilegesRequest request) throws SentryPluginException;
- public void onDropSentryPrivilege(TDropPrivilegesRequest request) throws SentryPluginException;
+ void onDropSentryPrivilege(TDropPrivilegesRequest request) throws SentryPluginException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
index ff25d95..b996095 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
@@ -41,7 +41,7 @@ public class SimpleDBProviderBackend implements ProviderBackend {
private int retryCount;
private int retryIntervalSec;
- public SimpleDBProviderBackend(Configuration conf, String resourcePath) throws Exception {
+ public SimpleDBProviderBackend(Configuration conf, String resourcePath) throws Exception { //NOPMD
// DB Provider doesn't use policy file path
this(conf);
}
@@ -64,10 +64,6 @@ public class SimpleDBProviderBackend implements ProviderBackend {
*/
@Override
public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) {
- return getPrivileges(retryCount, groups, roleSet, authorizableHierarchy);
- }
-
- private ImmutableSet<String> getPrivileges(int retryCount, Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) {
int retries = Math.max(retryCount + 1, 1); // if customer configs retryCount as Integer.MAX_VALUE, try only once
while (retries > 0) {
retries--;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
index d7cb814..474d05c 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
@@ -49,7 +49,7 @@ public class SentryGenericProviderBackend implements ProviderBackend {
// ProviderBackend should have the same construct to support the reflect in authBinding,
// eg:SqoopAuthBinding
- public SentryGenericProviderBackend(Configuration conf, String resource)
+ public SentryGenericProviderBackend(Configuration conf, String resource) //NOPMD
throws Exception {
this.conf = conf;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
index 0aab975..e1c15fa 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
@@ -320,7 +320,9 @@ public class DelegateSentryStore implements SentryStoreLayer {
throws SentryUserException {
roles = toTrimedLower(roles);
Set<String> groupNames = Sets.newHashSet();
- if (roles.size() == 0) return groupNames;
+ if (roles.size() == 0) {
+ return groupNames;
+ }
PersistenceManager pm = null;
try{
@@ -354,7 +356,9 @@ public class DelegateSentryStore implements SentryStoreLayer {
Set<String> roles) throws SentryUserException {
Preconditions.checkNotNull(roles);
Set<PrivilegeObject> privileges = Sets.newHashSet();
- if (roles.isEmpty()) return privileges;
+ if (roles.isEmpty()) {
+ return privileges;
+ }
PersistenceManager pm = null;
try {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
index aa56207..c6e4aa6 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
@@ -20,7 +20,6 @@ package org.apache.sentry.provider.db.generic.service.persistent;
import static org.apache.sentry.provider.common.ProviderConstants.KV_JOINER;
import static org.apache.sentry.provider.common.ProviderConstants.AUTHORIZABLE_JOINER;
-import java.util.ArrayList;
import java.util.List;
import org.apache.sentry.core.common.Authorizable;
import com.google.common.base.Preconditions;
@@ -91,33 +90,44 @@ public class PrivilegeObject {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
PrivilegeObject other = (PrivilegeObject) obj;
if (action == null) {
- if (other.action != null)
+ if (other.action != null) {
return false;
- } else if (!action.equals(other.action))
+ }
+ } else if (!action.equals(other.action)) {
return false;
+ }
if (service == null) {
- if (other.service != null)
+ if (other.service != null) {
return false;
- } else if (!service.equals(other.service))
+ }
+ } else if (!service.equals(other.service)) {
return false;
+ }
if (component == null) {
- if (other.component != null)
+ if (other.component != null) {
return false;
- } else if (!component.equals(other.component))
+ }
+ } else if (!component.equals(other.component)) {
return false;
+ }
if (grantOption == null) {
- if (other.grantOption != null)
+ if (other.grantOption != null) {
return false;
- } else if (!grantOption.equals(other.grantOption))
+ }
+ } else if (!grantOption.equals(other.grantOption)) {
return false;
+ }
if (authorizables.size() != other.authorizables.size()) {
return false;
@@ -186,7 +196,7 @@ public class PrivilegeObject {
*/
private List<? extends Authorizable> toLowerAuthorizableName(List<? extends Authorizable> authorizables) {
List<Authorizable> newAuthorizable = Lists.newArrayList();
- if ((authorizables == null) || (authorizables.size() == 0)) {
+ if (authorizables == null || authorizables.size() == 0) {
return newAuthorizable;
}
for (final Authorizable authorizable : authorizables) {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
index 98b22b0..c3b0be8 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
@@ -35,7 +35,6 @@ import org.apache.sentry.core.model.search.SearchActionFactory;
import org.apache.sentry.core.model.sqoop.SqoopActionFactory;
import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryRole;
import com.google.common.base.Joiner;
@@ -60,7 +59,7 @@ public class PrivilegeOperatePersistence {
//get persistent privileges by roles
Query query = pm.newQuery(MSentryGMPrivilege.class);
StringBuilder filters = new StringBuilder();
- if ((roles != null) && (roles.size() > 0)) {
+ if (roles != null && roles.size() > 0) {
query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
List<String> rolesFiler = new LinkedList<String>();
for (MSentryRole role : roles) {
@@ -102,7 +101,7 @@ public class PrivilegeOperatePersistence {
for (BitFieldAction ac : actions) {
grantPrivilege.setAction(ac.getValue());
MSentryGMPrivilege existPriv = getPrivilege(grantPrivilege, pm);
- if ((existPriv != null) && (role.getGmPrivileges().contains(existPriv))) {
+ if (existPriv != null && role.getGmPrivileges().contains(existPriv)) {
/**
* force to load all roles related this privilege
* avoid the lazy-loading risk,such as:
@@ -122,7 +121,7 @@ public class PrivilegeOperatePersistence {
*/
grantPrivilege.setAction(allAction.getValue());
MSentryGMPrivilege allPrivilege = getPrivilege(grantPrivilege, pm);
- if ((allPrivilege != null) && (role.getGmPrivileges().contains(allPrivilege))) {
+ if (allPrivilege != null && role.getGmPrivileges().contains(allPrivilege)) {
return;
}
}
@@ -184,7 +183,7 @@ public class PrivilegeOperatePersistence {
//add populateIncludePrivilegesQuery
filters.append(MSentryGMPrivilege.populateIncludePrivilegesQuery(parent));
// add filter for role names
- if ((roles != null) && (roles.size() > 0)) {
+ if (roles != null && roles.size() > 0) {
query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
List<String> rolesFiler = new LinkedList<String>();
for (MSentryRole role : roles) {
@@ -257,12 +256,11 @@ public class PrivilegeOperatePersistence {
*/
persistedPriv.removeRole(role);
pm.makePersistent(persistedPriv);
- } else {
- /**
- * if the revoke action is not equal to the persisted action,
- * do nothing
- */
}
+ /**
+ * if the revoke action is not equal to the persisted action,
+ * do nothing
+ */
}
}
@@ -311,7 +309,7 @@ public class PrivilegeOperatePersistence {
@SuppressWarnings("unchecked")
public Set<PrivilegeObject> getPrivilegesByRole(Set<MSentryRole> roles, PersistenceManager pm) {
Set<PrivilegeObject> privileges = Sets.newHashSet();
- if ((roles == null) || (roles.size() == 0)) {
+ if (roles == null || roles.size() == 0) {
return privileges;
}
Query query = pm.newQuery(MSentryGMPrivilege.class);
@@ -326,7 +324,7 @@ public class PrivilegeOperatePersistence {
query.setFilter(filters.toString());
List<MSentryGMPrivilege> mPrivileges = (List<MSentryGMPrivilege>) query.execute();
- if ((mPrivileges == null) || (mPrivileges.size() ==0)) {
+ if (mPrivileges == null || mPrivileges.isEmpty()) {
return privileges;
}
for (MSentryGMPrivilege mPrivilege : mPrivileges) {
@@ -345,7 +343,9 @@ public class PrivilegeOperatePersistence {
String service, Set<MSentryRole> roles,
List<? extends Authorizable> authorizables, PersistenceManager pm) {
Set<PrivilegeObject> privileges = Sets.newHashSet();
- if ((roles == null) || (roles.size() == 0)) return privileges;
+ if (roles == null || roles.isEmpty()) {
+ return privileges;
+ }
MSentryGMPrivilege parentPrivilege = new MSentryGMPrivilege(component, service, authorizables, null, null);
Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
index ba9e36f..f6d73e7 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
@@ -38,7 +38,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryAlreadyExistsException
*/
- public CommitContext createRole(String component, String role,
+ CommitContext createRole(String component, String role,
String requestor) throws SentryAlreadyExistsException;
/**
@@ -49,7 +49,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryNoSuchObjectException
*/
- public CommitContext dropRole(String component, String role,
+ CommitContext dropRole(String component, String role,
String requestor) throws SentryNoSuchObjectException;
/**
@@ -61,7 +61,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryNoSuchObjectException
*/
- public CommitContext alterRoleAddGroups(String component, String role,
+ CommitContext alterRoleAddGroups(String component, String role,
Set<String> groups, String requestor) throws SentryNoSuchObjectException;
/**
@@ -73,7 +73,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryNoSuchObjectException
*/
- public CommitContext alterRoleDeleteGroups(String component, String role,
+ CommitContext alterRoleDeleteGroups(String component, String role,
Set<String> groups, String requestor) throws SentryNoSuchObjectException;
/**
@@ -85,7 +85,7 @@ public interface SentryStoreLayer {
* @returns commit context Used for notification handlers
* @throws SentryUserException
*/
- public CommitContext alterRoleGrantPrivilege(String component, String role,
+ CommitContext alterRoleGrantPrivilege(String component, String role,
PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException;
/**
@@ -97,7 +97,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryUserException
*/
- public CommitContext alterRoleRevokePrivilege(String component, String role,
+ CommitContext alterRoleRevokePrivilege(String component, String role,
PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException;
/**
@@ -111,7 +111,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryUserException
*/
- public CommitContext renamePrivilege(
+ CommitContext renamePrivilege(
String component, String service, List<? extends Authorizable> oldAuthorizables,
List<? extends Authorizable> newAuthorizables, String requestor) throws SentryUserException;
@@ -123,7 +123,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryUserException
*/
- public CommitContext dropPrivilege(String component, PrivilegeObject privilege,
+ CommitContext dropPrivilege(String component, PrivilegeObject privilege,
String requestor) throws SentryUserException;
/**
@@ -133,7 +133,7 @@ public interface SentryStoreLayer {
* @returns the set of roles
* @throws SentryUserException
*/
- public Set<String> getRolesByGroups(String component, Set<String> groups) throws SentryUserException;
+ Set<String> getRolesByGroups(String component, Set<String> groups) throws SentryUserException;
/**
* Get groups
@@ -142,7 +142,7 @@ public interface SentryStoreLayer {
* @returns the set of groups
* @throws SentryUserException
*/
- public Set<String> getGroupsByRoles(String component, Set<String> roles) throws SentryUserException;
+ Set<String> getGroupsByRoles(String component, Set<String> roles) throws SentryUserException;
/**
* Get privileges
@@ -151,7 +151,7 @@ public interface SentryStoreLayer {
* @returns the set of privileges
* @throws SentryUserException
*/
- public Set<PrivilegeObject> getPrivilegesByRole(String component, Set<String> roles) throws SentryUserException;
+ Set<PrivilegeObject> getPrivilegesByRole(String component, Set<String> roles) throws SentryUserException;
/**
* get sentry privileges from provider as followings:
@@ -164,12 +164,12 @@ public interface SentryStoreLayer {
* @throws SentryUserException
*/
- public Set<PrivilegeObject> getPrivilegesByProvider(String component, String service,Set<String> roles,
+ Set<PrivilegeObject> getPrivilegesByProvider(String component, String service,Set<String> roles,
Set<String> groups, List<? extends Authorizable> authorizables)
throws SentryUserException;
/**
* close sentryStore
*/
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
index d8a51a6..e0a5f03 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
@@ -17,47 +17,31 @@
*/
package org.apache.sentry.provider.db.generic.service.thrift;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesResponse;
import org.apache.sentry.provider.db.service.persistent.CommitContext;
public interface NotificationHandler {
- public void create_sentry_role(CommitContext context,
+ void create_sentry_role(CommitContext context,
TCreateSentryRoleRequest request, TCreateSentryRoleResponse response);
- public void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request,
+ void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request,
TDropSentryRoleResponse response);
- public void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request,
+ void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request,
TAlterSentryRoleGrantPrivilegeResponse response);
- public void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request,
+ void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request,
TAlterSentryRoleRevokePrivilegeResponse response);
- public void alter_sentry_role_add_groups(CommitContext context,TAlterSentryRoleAddGroupsRequest request,
+ void alter_sentry_role_add_groups(CommitContext context,TAlterSentryRoleAddGroupsRequest request,
TAlterSentryRoleAddGroupsResponse response);
- public void alter_sentry_role_delete_groups(CommitContext context, TAlterSentryRoleDeleteGroupsRequest request,
+ void alter_sentry_role_delete_groups(CommitContext context, TAlterSentryRoleDeleteGroupsRequest request,
TAlterSentryRoleDeleteGroupsResponse response);
- public void drop_sentry_privilege(CommitContext context, TDropPrivilegesRequest request,
+ void drop_sentry_privilege(CommitContext context, TDropPrivilegesRequest request,
TDropPrivilegesResponse response);
- public void rename_sentry_privilege(CommitContext context, TRenamePrivilegesRequest request,
+ void rename_sentry_privilege(CommitContext context, TRenamePrivilegesRequest request,
TRenamePrivilegesResponse response);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
index 317c97b..11b5456 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
@@ -19,22 +19,6 @@ package org.apache.sentry.provider.db.generic.service.thrift;
import java.util.List;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesResponse;
import org.apache.sentry.provider.db.service.persistent.CommitContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
index e7b6d17..45f9ce4 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
@@ -99,7 +99,9 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
}
private Set<String> toTrimedLower(Set<String> s) {
- if (null == s) return new HashSet<String>();
+ if (null == s) {
+ return new HashSet<String>();
+ }
Set<String> result = Sets.newHashSet();
for (String v : s) {
result.add(v.trim().toLowerCase());
@@ -122,7 +124,8 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
requestorGroups = toTrimedLower(requestorGroups);
if (Sets.intersection(adminGroups, requestorGroups).isEmpty()) {
return false;
- } else return true;
+ }
+ return true;
}
public static SentryStoreLayer createStore(Configuration conf) throws SentryConfigurationException {
@@ -475,9 +478,7 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
public Response<Set<TSentryRole>> handle() throws Exception {
validateClientVersion(request.getProtocol_version());
Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
- if (AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) {
- //check all groups which requestorUserName belongs to
- } else {
+ if (!AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) {
boolean admin = inAdminGroups(groups);
//Only admin users can list all roles in the system ( groupname = null)
//Non admin users are only allowed to list only groups which they belong to
@@ -628,7 +629,7 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
}
}
private interface RequestHandler <T>{
- public Response<T> handle() throws Exception ;
+ Response<T> handle() throws Exception ;
}
private static void validateClientVersion(int protocol_version) throws SentryThriftAPIMismatchException {