You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2017/10/19 08:59:47 UTC
[06/26] sentry git commit: SENTRY-1973 - Use KafkaPrivilegeModel to
retrieve Kafka validators
SENTRY-1973 - Use KafkaPrivilegeModel to retrieve Kafka validators
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/06073221
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/06073221
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/06073221
Branch: refs/heads/akolb-cli
Commit: 06073221d466b1079457ff6b697a648237b35c23
Parents: d7a6667
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Oct 5 09:53:01 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Oct 5 09:53:01 2017 +0100
----------------------------------------------------------------------
.../tools/KafkaTSentryPrivilegeConverter.java | 16 +++++++++++++---
.../tools/SolrTSentryPrivilegeConverter.java | 2 +-
.../db/generic/tools/TestSentryShellKafka.java | 7 +++----
3 files changed, 17 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
index 688bc9e..c1aac6a 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
@@ -21,15 +21,17 @@ package org.apache.sentry.provider.db.generic.tools;
import com.google.common.collect.Lists;
import org.apache.sentry.core.common.utils.KeyValue;
import org.apache.sentry.core.common.utils.SentryConstants;
+import org.apache.sentry.core.common.validator.PrivilegeValidator;
import org.apache.sentry.core.common.validator.PrivilegeValidatorContext;
import org.apache.sentry.core.model.kafka.KafkaAuthorizable;
import org.apache.sentry.core.model.kafka.KafkaModelAuthorizables;
-import org.apache.sentry.core.model.kafka.validator.KafkaPrivilegeValidator;
+import org.apache.sentry.core.model.kafka.KafkaPrivilegeModel;
import org.apache.sentry.core.common.utils.PolicyFileConstants;
import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
import org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption;
import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
import org.apache.sentry.provider.db.generic.tools.command.TSentryPrivilegeConverter;
+import org.apache.shiro.config.ConfigurationException;
import java.util.Iterator;
import java.util.LinkedList;
@@ -112,7 +114,15 @@ public class KafkaTSentryPrivilegeConverter implements TSentryPrivilegeConverte
return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
}
- private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception {
- new KafkaPrivilegeValidator().validate(new PrivilegeValidatorContext(privilegeStr));
+ private static void validatePrivilegeHierarchy(String privilegeStr) {
+ List<PrivilegeValidator> validators = KafkaPrivilegeModel.getInstance().getPrivilegeValidators();
+ PrivilegeValidatorContext context = new PrivilegeValidatorContext(null, privilegeStr);
+ for (PrivilegeValidator validator : validators) {
+ try {
+ validator.validate(context);
+ } catch (ConfigurationException e) {
+ throw new IllegalArgumentException(e);
+ }
+ }
}
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
index 92c6c59..f24ebed 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
@@ -123,7 +123,7 @@ public class SolrTSentryPrivilegeConverter implements TSentryPrivilegeConverter
return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
}
- private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception {
+ private static void validatePrivilegeHierarchy(String privilegeStr) {
List<PrivilegeValidator> validators = SearchPrivilegeModel.getInstance().getPrivilegeValidators();
PrivilegeValidatorContext context = new PrivilegeValidatorContext(null, privilegeStr);
for (PrivilegeValidator validator : validators) {
http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
index 183e83d..f3febc3 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
@@ -27,7 +27,6 @@ import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericService
import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
import org.apache.sentry.provider.db.tools.SentryShellCommon;
-import org.apache.shiro.config.ConfigurationException;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -367,7 +366,7 @@ public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase {
try {
sentryShell.executeShell(args);
fail("Exception should be thrown for the error privilege format, invalid key value.");
- } catch (ConfigurationException e) {
+ } catch (IllegalArgumentException e) {
// expected exception
} catch (Exception e) {
fail ("Unexpected exception received. " + e);
@@ -446,8 +445,8 @@ public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase {
try {
getShellResultWithOSRedirect(sentryShell, args, false);
fail("Expected IllegalArgumentException");
- } catch (ConfigurationException e) {
- assert(("Kafka privilege must end with a valid action.\n" + KafkaPrivilegeValidator.KafkaPrivilegeHelpMsg).equals(e.getMessage()));
+ } catch (IllegalArgumentException e) {
+ assert(("Kafka privilege must end with a valid action.\n" + KafkaPrivilegeValidator.KafkaPrivilegeHelpMsg).equals(e.getCause().getMessage()));
} catch (Exception e) {
fail ("Unexpected exception received. " + e);
}