You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2017/10/19 08:59:47 UTC

[06/26] sentry git commit: SENTRY-1973 - Use KafkaPrivilegeModel to retrieve Kafka validators

SENTRY-1973 - Use KafkaPrivilegeModel to retrieve Kafka validators


Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/06073221
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/06073221
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/06073221

Branch: refs/heads/akolb-cli
Commit: 06073221d466b1079457ff6b697a648237b35c23
Parents: d7a6667
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Oct 5 09:53:01 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Oct 5 09:53:01 2017 +0100

----------------------------------------------------------------------
 .../tools/KafkaTSentryPrivilegeConverter.java       | 16 +++++++++++++---
 .../tools/SolrTSentryPrivilegeConverter.java        |  2 +-
 .../db/generic/tools/TestSentryShellKafka.java      |  7 +++----
 3 files changed, 17 insertions(+), 8 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
index 688bc9e..c1aac6a 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
@@ -21,15 +21,17 @@ package org.apache.sentry.provider.db.generic.tools;
 import com.google.common.collect.Lists;
 import org.apache.sentry.core.common.utils.KeyValue;
 import org.apache.sentry.core.common.utils.SentryConstants;
+import org.apache.sentry.core.common.validator.PrivilegeValidator;
 import org.apache.sentry.core.common.validator.PrivilegeValidatorContext;
 import org.apache.sentry.core.model.kafka.KafkaAuthorizable;
 import org.apache.sentry.core.model.kafka.KafkaModelAuthorizables;
-import org.apache.sentry.core.model.kafka.validator.KafkaPrivilegeValidator;
+import org.apache.sentry.core.model.kafka.KafkaPrivilegeModel;
 import org.apache.sentry.core.common.utils.PolicyFileConstants;
 import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
 import org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption;
 import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
 import org.apache.sentry.provider.db.generic.tools.command.TSentryPrivilegeConverter;
+import org.apache.shiro.config.ConfigurationException;
 
 import java.util.Iterator;
 import java.util.LinkedList;
@@ -112,7 +114,15 @@ public  class KafkaTSentryPrivilegeConverter implements TSentryPrivilegeConverte
     return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
   }
 
-  private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception {
-    new KafkaPrivilegeValidator().validate(new PrivilegeValidatorContext(privilegeStr));
+  private static void validatePrivilegeHierarchy(String privilegeStr) {
+    List<PrivilegeValidator> validators = KafkaPrivilegeModel.getInstance().getPrivilegeValidators();
+    PrivilegeValidatorContext context = new PrivilegeValidatorContext(null, privilegeStr);
+    for (PrivilegeValidator validator : validators) {
+      try {
+        validator.validate(context);
+      } catch (ConfigurationException e) {
+        throw new IllegalArgumentException(e);
+      }
+    }
   }
 }

http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
index 92c6c59..f24ebed 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
@@ -123,7 +123,7 @@ public  class SolrTSentryPrivilegeConverter implements TSentryPrivilegeConverter
     return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
   }
 
-  private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception {
+  private static void validatePrivilegeHierarchy(String privilegeStr) {
     List<PrivilegeValidator> validators = SearchPrivilegeModel.getInstance().getPrivilegeValidators();
     PrivilegeValidatorContext context = new PrivilegeValidatorContext(null, privilegeStr);
     for (PrivilegeValidator validator : validators) {

http://git-wip-us.apache.org/repos/asf/sentry/blob/06073221/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
index 183e83d..f3febc3 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
@@ -27,7 +27,6 @@ import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericService
 import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
 import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
 import org.apache.sentry.provider.db.tools.SentryShellCommon;
-import org.apache.shiro.config.ConfigurationException;
 import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
@@ -367,7 +366,7 @@ public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase {
         try {
           sentryShell.executeShell(args);
           fail("Exception should be thrown for the error privilege format, invalid key value.");
-        } catch (ConfigurationException e) {
+        } catch (IllegalArgumentException e) {
           // expected exception
         } catch (Exception e) {
           fail ("Unexpected exception received. " + e);
@@ -446,8 +445,8 @@ public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase {
          try {
           getShellResultWithOSRedirect(sentryShell, args, false);
           fail("Expected IllegalArgumentException");
-        } catch (ConfigurationException e) {
-           assert(("Kafka privilege must end with a valid action.\n" + KafkaPrivilegeValidator.KafkaPrivilegeHelpMsg).equals(e.getMessage()));
+        } catch (IllegalArgumentException e) {
+           assert(("Kafka privilege must end with a valid action.\n" + KafkaPrivilegeValidator.KafkaPrivilegeHelpMsg).equals(e.getCause().getMessage()));
         } catch (Exception e) {
            fail ("Unexpected exception received. " + e);
          }