You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2016/07/21 05:55:18 UTC
[24/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java
deleted file mode 100644
index ac2a328..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-
-/**
- * The class for admin command to drop role.
- */
-public class DropRoleCmd implements Command {
-
- private String roleName;
- private String component;
-
- public DropRoleCmd(String roleName, String component) {
- this.roleName = roleName;
- this.component = component;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- client.dropRole(requestorName, roleName, component);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java
deleted file mode 100644
index 634bb42..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-/**
- * The class for admin command to grant privilege to role.
- */
-public class GrantPrivilegeToRoleCmd implements Command {
-
- private String roleName;
- private String component;
- private String privilegeStr;
- private TSentryPrivilegeConverter converter;
-
- public GrantPrivilegeToRoleCmd(String roleName, String component, String privilegeStr,
- TSentryPrivilegeConverter converter) {
- this.roleName = roleName;
- this.component = component;
- this.privilegeStr = privilegeStr;
- this.converter = converter;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- TSentryPrivilege privilege = converter.fromString(privilegeStr);
- client.grantPrivilege(requestorName, roleName, component, privilege);
-
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java
deleted file mode 100644
index ce6db3a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-import java.util.Set;
-
-/**
- * The class for admin command to list privileges by role.
- */
-public class ListPrivilegesByRoleCmd implements Command {
-
- private String roleName;
- private String component;
- private String serviceName;
- private TSentryPrivilegeConverter converter;
-
- public ListPrivilegesByRoleCmd(String roleName, String component, String serviceName,
- TSentryPrivilegeConverter converter) {
- this.roleName = roleName;
- this.component = component;
- this.serviceName = serviceName;
- this.converter = converter;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- Set<TSentryPrivilege> privileges = client
- .listPrivilegesByRoleName(requestorName, roleName, component, serviceName);
- if (privileges != null) {
- for (TSentryPrivilege privilege : privileges) {
- String privilegeStr = converter.toString(privilege);
- System.out.println(privilegeStr);
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java
deleted file mode 100644
index 6b68d06..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
-
-import java.util.Set;
-
-/**
- * The class for admin command to list roles.
- */
-public class ListRolesCmd implements Command {
-
- private String groupName;
- private String component;
-
- public ListRolesCmd(String groupName, String component) {
- this.groupName = groupName;
- this.component = component;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- Set<TSentryRole> roles;
- if (StringUtils.isEmpty(groupName)) {
- roles = client.listAllRoles(requestorName, component);
- } else {
- roles = client.listRolesByGroupName(requestorName, groupName, component);
- }
- if (roles != null) {
- for (TSentryRole role : roles) {
- System.out.println(role.getRoleName());
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java
deleted file mode 100644
index 3e42e60..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-/**
- * The class for admin command to revoke privileges from role.
- */
-public class RevokePrivilegeFromRoleCmd implements Command {
-
- private String roleName;
- private String component;
- private String privilegeStr;
- private TSentryPrivilegeConverter converter;
-
- public RevokePrivilegeFromRoleCmd(String roleName, String component, String privilegeStr,
- TSentryPrivilegeConverter converter) {
- this.roleName = roleName;
- this.component = component;
- this.privilegeStr = privilegeStr;
- this.converter = converter;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- TSentryPrivilege privilege = converter.fromString(privilegeStr);
- client.revokePrivilege(requestorName, roleName, component, privilege);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java
deleted file mode 100644
index ab44895..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-public interface TSentryPrivilegeConverter {
-
- /**
- * Convert string to privilege
- */
- TSentryPrivilege fromString(String privilegeStr) throws Exception;
-
- /**
- * Convert privilege to string
- */
- String toString(TSentryPrivilege tSentryPrivilege);
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java
deleted file mode 100644
index 8000ebd..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.appender;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.apache.log4j.AppenderSkeleton;
-import org.apache.log4j.Level;
-import org.apache.log4j.spi.LoggingEvent;
-
-import com.google.common.annotations.VisibleForTesting;
-
-@VisibleForTesting
-public class AuditLoggerTestAppender extends AppenderSkeleton {
- public static final List<LoggingEvent> events = new ArrayList<LoggingEvent>();
-
- public void close() {
- }
-
- public boolean requiresLayout() {
- return false;
- }
-
- @Override
- protected void append(LoggingEvent event) {
- events.add(event);
- }
-
- public static String getLastLogEvent() {
- return events.get(events.size() - 1).getMessage().toString();
- }
-
- public static Level getLastLogLevel() {
- return events.get(events.size() - 1).getLevel();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
deleted file mode 100644
index fd133f3..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.appender;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.InterruptedIOException;
-import java.io.Writer;
-
-import org.apache.log4j.FileAppender;
-import org.apache.log4j.Layout;
-import org.apache.log4j.helpers.CountingQuietWriter;
-import org.apache.log4j.helpers.LogLog;
-import org.apache.log4j.helpers.OptionConverter;
-import org.apache.log4j.spi.LoggingEvent;
-
-public class RollingFileWithoutDeleteAppender extends FileAppender {
- /**
- * The default maximum file size is 10MB.
- */
- protected long maxFileSize = 10 * 1024 * 1024;
-
- private long nextRollover = 0;
-
- /**
- * The default constructor simply calls its {@link FileAppender#FileAppender
- * parents constructor}.
- */
- public RollingFileWithoutDeleteAppender() {
- super();
- }
-
- /**
- * Instantiate a RollingFileAppender and open the file designated by
- * <code>filename</code>. The opened filename will become the ouput
- * destination for this appender.
- * <p>
- * If the <code>append</code> parameter is true, the file will be appended to.
- * Otherwise, the file desginated by <code>filename</code> will be truncated
- * before being opened.
- */
- public RollingFileWithoutDeleteAppender(Layout layout, String filename,
- boolean append) throws IOException {
- super(layout, getLogFileName(filename), append);
- }
-
- /**
- * Instantiate a FileAppender and open the file designated by
- * <code>filename</code>. The opened filename will become the output
- * destination for this appender.
- * <p>
- * The file will be appended to.
- */
- public RollingFileWithoutDeleteAppender(Layout layout, String filename)
- throws IOException {
- super(layout, getLogFileName(filename));
- }
-
- /**
- * Get the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- */
- public long getMaximumFileSize() {
- return maxFileSize;
- }
-
- /**
- * Implements the usual roll over behaviour.
- * <p>
- * <code>File</code> is renamed <code>File.yyyyMMddHHmmss</code> and closed. A
- * new <code>File</code> is created to receive further log output.
- */
- // synchronization not necessary since doAppend is alreasy synched
- public void rollOver() {
- if (qw != null) {
- long size = ((CountingQuietWriter) qw).getCount();
- LogLog.debug("rolling over count=" + size);
- // if operation fails, do not roll again until
- // maxFileSize more bytes are written
- nextRollover = size + maxFileSize;
- }
-
- this.closeFile(); // keep windows happy.
-
- String newFileName = getLogFileName(fileName);
- try {
- // This will also close the file. This is OK since multiple
- // close operations are safe.
- this.setFile(newFileName, false, bufferedIO, bufferSize);
- nextRollover = 0;
- } catch (IOException e) {
- if (e instanceof InterruptedIOException) {
- Thread.currentThread().interrupt();
- }
- LogLog.error("setFile(" + newFileName + ", false) call failed: " + e.getMessage(), e);
- }
- }
-
- public synchronized void setFile(String fileName, boolean append,
- boolean bufferedIO, int bufferSize) throws IOException {
- super.setFile(fileName, append, this.bufferedIO, this.bufferSize);
- if (append) {
- File f = new File(fileName);
- ((CountingQuietWriter) qw).setCount(f.length());
- }
- }
-
- /**
- * Set the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- * <p>
- * This method is equivalent to {@link #setMaxFileSize} except that it is
- * required for differentiating the setter taking a <code>long</code> argument
- * from the setter taking a <code>String</code> argument by the JavaBeans
- * {@link java.beans.Introspector Introspector}.
- *
- * @see #setMaxFileSize(String)
- */
- public void setMaximumFileSize(long maxFileSize) {
- this.maxFileSize = maxFileSize;
- }
-
- /**
- * Set the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- * <p>
- * In configuration files, the <b>MaxFileSize</b> option takes an long integer
- * in the range 0 - 2^63. You can specify the value with the suffixes "KB",
- * "MB" or "GB" so that the integer is interpreted being expressed
- * respectively in kilobytes, megabytes or gigabytes. For example, the value
- * "10KB" will be interpreted as 10240.
- */
- public void setMaxFileSize(String value) {
- maxFileSize = OptionConverter.toFileSize(value, maxFileSize + 1);
- }
-
- protected void setQWForFiles(Writer writer) {
- this.qw = new CountingQuietWriter(writer, errorHandler);
- }
-
- /**
- * This method differentiates RollingFileAppender from its super class.
- */
- protected void subAppend(LoggingEvent event) {
- super.subAppend(event);
-
- if (fileName != null && qw != null) {
- long size = ((CountingQuietWriter) qw).getCount();
- if (size >= maxFileSize && size >= nextRollover) {
- rollOver();
- }
- }
- }
-
- // Mangled file name. Append the current timestamp
- private static String getLogFileName(String oldFileName) {
- return oldFileName + "." + Long.toString(System.currentTimeMillis());
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java
deleted file mode 100644
index a5fe4ec..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.io.IOException;
-
-import org.codehaus.jackson.JsonFactory;
-import org.codehaus.jackson.JsonNode;
-import org.codehaus.jackson.map.MappingJsonFactory;
-import org.codehaus.jackson.map.ObjectMapper;
-import org.codehaus.jackson.node.ContainerNode;
-
-abstract public class AuditMetadataLogEntity implements JsonLogEntity {
-
- static final JsonFactory factory = new MappingJsonFactory();
- private String serviceName;
- private String userName;
- private String impersonator;
- private String ipAddress;
- private String operation;
- private String eventTime;
- private String operationText;
- private String allowed;
- private String objectType;
- private String component;
-
- void setCommonAttr(String serviceName, String userName, String impersonator, String ipAddress,
- String operation, String eventTime, String operationText, String allowed, String objectType,
- String component) {
- this.serviceName = serviceName;
- this.userName = userName;
- this.impersonator = impersonator;
- this.ipAddress = ipAddress;
- this.operation = operation;
- this.eventTime = eventTime;
- this.operationText = operationText;
- this.allowed = allowed;
- this.objectType = objectType;
- this.component = component;
- }
-
- public String getServiceName() {
- return serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public String getUserName() {
- return userName;
- }
-
- public void setUserName(String userName) {
- this.userName = userName;
- }
-
- public String getImpersonator() {
- return impersonator;
- }
-
- public void setImpersonator(String impersonator) {
- this.impersonator = impersonator;
- }
-
- public String getIpAddress() {
- return ipAddress;
- }
-
- public void setIpAddress(String ipAddress) {
- this.ipAddress = ipAddress;
- }
-
- public String getOperation() {
- return operation;
- }
-
- public void setOperation(String operation) {
- this.operation = operation;
- }
-
- public String getEventTime() {
- return eventTime;
- }
-
- public void setEventTime(String eventTime) {
- this.eventTime = eventTime;
- }
-
- public String getOperationText() {
- return operationText;
- }
-
- public void setOperationText(String operationText) {
- this.operationText = operationText;
- }
-
- public String getAllowed() {
- return allowed;
- }
-
- public void setAllowed(String allowed) {
- this.allowed = allowed;
- }
-
- public String getObjectType() {
- return objectType;
- }
-
- public void setObjectType(String objectType) {
- this.objectType = objectType;
- }
-
- public String getComponent() {
- return component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- /**
- * For use in tests
- *
- * @param json
- * incoming JSON to parse
- * @return a node tree
- * @throws IOException
- * on any parsing problems
- */
- public static ContainerNode parse(String json) throws IOException {
- ObjectMapper mapper = new ObjectMapper(factory);
- JsonNode jsonNode = mapper.readTree(json);
- if (!(jsonNode instanceof ContainerNode)) {
- throw new IOException("Wrong JSON data: " + json);
- }
- return (ContainerNode) jsonNode;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java
deleted file mode 100644
index 4949ac7..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.io.IOException;
-import java.io.StringWriter;
-
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.codehaus.jackson.JsonGenerator;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class DBAuditMetadataLogEntity extends AuditMetadataLogEntity {
- private static final Logger LOGGER = LoggerFactory.getLogger(DBAuditMetadataLogEntity.class);
-
- private String databaseName;
- private String tableName;
- private String columnName;
- private String resourcePath;
-
- public DBAuditMetadataLogEntity() {
- }
-
- public DBAuditMetadataLogEntity(String serviceName, String userName, String impersonator,
- String ipAddress, String operation, String eventTime, String operationText, String allowed,
- String objectType, String component, String databaseName, String tableName,
- String columnName, String resourcePath) {
- setCommonAttr(serviceName, userName, impersonator, ipAddress, operation, eventTime,
- operationText, allowed, objectType, component);
- this.databaseName = databaseName;
- this.tableName = tableName;
- this.columnName = columnName;
- this.resourcePath = resourcePath;
- }
-
- public String getDatabaseName() {
- return databaseName;
- }
-
- public void setDatabaseName(String databaseName) {
- this.databaseName = databaseName;
- }
-
- public String getTableName() {
- return tableName;
- }
-
- public void setTableName(String tableName) {
- this.tableName = tableName;
- }
-
- public String getColumnName() {
- return columnName;
- }
-
- public void setColumnName(String columnName) {
- this.columnName = columnName;
- }
-
- public String getResourcePath() {
- return resourcePath;
- }
-
- public void setResourcePath(String resourcePath) {
- this.resourcePath = resourcePath;
- }
-
- @Override
- public String toJsonFormatLog() throws Exception {
- StringWriter stringWriter = new StringWriter();
- JsonGenerator json = null;
- try {
- json = factory.createJsonGenerator(stringWriter);
- json.writeStartObject();
- json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, getServiceName());
- json.writeStringField(Constants.LOG_FIELD_USER_NAME, getUserName());
- json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, getImpersonator());
- json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, getIpAddress());
- json.writeStringField(Constants.LOG_FIELD_OPERATION, getOperation());
- json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, getEventTime());
- json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, getOperationText());
- json.writeStringField(Constants.LOG_FIELD_ALLOWED, getAllowed());
- json.writeStringField(Constants.LOG_FIELD_DATABASE_NAME, databaseName);
- json.writeStringField(Constants.LOG_FIELD_TABLE_NAME, tableName);
- json.writeStringField(Constants.LOG_FIELD_COLUMN_NAME, columnName);
- json.writeStringField(Constants.LOG_FIELD_RESOURCE_PATH, resourcePath);
- json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, getObjectType());
- json.writeEndObject();
- json.flush();
- } catch (IOException e) {
- String msg = "Error creating audit log in json format: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- } finally {
- try {
- if (json != null) {
- json.close();
- }
- } catch (IOException e) {
- String msg = "Error when close json object: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- }
- }
-
- return stringWriter.toString();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java
deleted file mode 100644
index 6911772..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.io.IOException;
-import java.io.StringWriter;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.codehaus.jackson.JsonGenerator;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class GMAuditMetadataLogEntity extends AuditMetadataLogEntity {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(GMAuditMetadataLogEntity.class);
- private Map<String, String> privilegesMap;
-
- public GMAuditMetadataLogEntity() {
- privilegesMap = new LinkedHashMap<String, String>();
- }
-
- public GMAuditMetadataLogEntity(String serviceName, String userName, String impersonator,
- String ipAddress, String operation, String eventTime, String operationText, String allowed,
- String objectType, String component, Map<String, String> privilegesMap) {
- setCommonAttr(serviceName, userName, impersonator, ipAddress, operation, eventTime,
- operationText, allowed, objectType, component);
- this.privilegesMap = privilegesMap;
- }
-
- @Override
- public String toJsonFormatLog() throws Exception {
- StringWriter stringWriter = new StringWriter();
- JsonGenerator json = null;
- try {
- json = factory.createJsonGenerator(stringWriter);
- json.writeStartObject();
- json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, getServiceName());
- json.writeStringField(Constants.LOG_FIELD_USER_NAME, getUserName());
- json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, getImpersonator());
- json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, getIpAddress());
- json.writeStringField(Constants.LOG_FIELD_OPERATION, getOperation());
- json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, getEventTime());
- json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, getOperationText());
- json.writeStringField(Constants.LOG_FIELD_ALLOWED, getAllowed());
- for (Map.Entry<String, String> entry : privilegesMap.entrySet()) {
- json.writeStringField(entry.getKey(), entry.getValue());
- }
- json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, getObjectType());
- json.writeStringField(Constants.LOG_FIELD_COMPONENT, getComponent());
- json.writeEndObject();
- json.flush();
- } catch (IOException e) {
- String msg = "Error creating audit log in json format: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- } finally {
- try {
- if (json != null) {
- json.close();
- }
- } catch (IOException e) {
- String msg = "Error when close json object: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- }
- }
-
- return stringWriter.toString();
- }
-
- public Map<String, String> getPrivilegesMap() {
- return privilegesMap;
- }
-
- public void setPrivilegesMap(Map<String, String> privilegesMap) {
- this.privilegesMap = privilegesMap;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
deleted file mode 100644
index 913f125..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-public interface JsonLogEntity {
-
- String toJsonFormatLog() throws Exception;
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
deleted file mode 100644
index f6bb8a5..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
+++ /dev/null
@@ -1,351 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.log.util.CommandUtil;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddUsersRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddUsersResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteUsersRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteUsersResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.sentry.service.thrift.TSentryResponseStatus;
-
-import com.google.common.base.Joiner;
-import com.google.common.collect.ImmutableSet;
-
-public final class JsonLogEntityFactory {
-
- private static JsonLogEntityFactory factory = new JsonLogEntityFactory();
-
- private JsonLogEntityFactory() {
- }
-
- public static JsonLogEntityFactory getInstance() {
- return factory;
- }
-
- // log entity for hive/impala create role
- public JsonLogEntity createJsonLogEntity(TCreateSentryRoleRequest request,
- TCreateSentryRoleResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(
- request.getRoleName(), true));
-
- return hamle;
- }
-
- // log entity for hive/impala drop role
- public JsonLogEntity createJsonLogEntity(TDropSentryRoleRequest request,
- TDropSentryRoleResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(
- request.getRoleName(), false));
-
- return hamle;
- }
-
- // log entity for hive/impala grant privilege
- public Set<JsonLogEntity> createJsonLogEntitys(
- TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) {
- ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder();
- if (request.isSetPrivileges()) {
- for (TSentryPrivilege privilege : request.getPrivileges()) {
- JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf);
- setBuilder.add(logEntity);
- }
- }
- return setBuilder.build();
- }
-
- private JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleGrantPrivilegeRequest request, TSentryPrivilege privilege,
- TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForGrantPrivilege(request));
- hamle.setDatabaseName(privilege.getDbName());
- hamle.setTableName(privilege.getTableName());
- hamle.setResourcePath(privilege.getURI());
- return hamle;
- }
-
- // log entity for hive/impala revoke privilege
- public Set<JsonLogEntity> createJsonLogEntitys(
- TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) {
- ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder();
- if (request.isSetPrivileges()) {
- for (TSentryPrivilege privilege : request.getPrivileges()) {
- JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf);
- setBuilder.add(logEntity);
- }
- }
- return setBuilder.build();
- }
-
- private JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleRevokePrivilegeRequest request, TSentryPrivilege privilege,
- TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForRevokePrivilege(request));
- hamle.setDatabaseName(privilege.getDbName());
- hamle.setTableName(privilege.getTableName());
- hamle.setResourcePath(privilege.getURI());
-
- return hamle;
- }
-
- // log entity for hive/impala add role to group
- public JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String groups = getGroupsStr(request.getGroupsIterator());
- hamle.setOperationText(CommandUtil.createCmdForRoleAddGroup(request.getRoleName(), groups));
-
- return hamle;
- }
-
- // log entity for hive/impala delete role from group
- public JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String groups = getGroupsStr(request.getGroupsIterator());
- hamle.setOperationText(CommandUtil.createCmdForRoleDeleteGroup(request.getRoleName(), groups));
-
- return hamle;
- }
-
- private String getGroupsStr(Iterator<TSentryGroup> iter) {
- StringBuilder groups = new StringBuilder("");
- if (iter != null) {
- boolean commaFlg = false;
- while (iter.hasNext()) {
- if (commaFlg) {
- groups.append(", ");
- } else {
- commaFlg = true;
- }
- groups.append(iter.next().getGroupName());
- }
- }
- return groups.toString();
- }
-
- public JsonLogEntity createJsonLogEntity(TAlterSentryRoleAddUsersRequest request,
- TAlterSentryRoleAddUsersResponse response, Configuration conf) {
- AuditMetadataLogEntity amle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String users = getUsersStr(request.getUsersIterator());
- amle.setOperationText(CommandUtil.createCmdForRoleAddUser(request.getRoleName(), users));
-
- return amle;
- }
-
- public JsonLogEntity createJsonLogEntity(TAlterSentryRoleDeleteUsersRequest request,
- TAlterSentryRoleDeleteUsersResponse response, Configuration conf) {
- AuditMetadataLogEntity amle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String users = getUsersStr(request.getUsersIterator());
- amle.setOperationText(CommandUtil.createCmdForRoleDeleteUser(request.getRoleName(), users));
-
- return amle;
- }
-
- private String getUsersStr(Iterator<String> iter) {
- StringBuilder users = new StringBuilder("");
- if (iter != null) {
- boolean commaFlg = false;
- while (iter.hasNext()) {
- if (commaFlg) {
- users.append(", ");
- } else {
- commaFlg = true;
- }
- users.append(iter.next());
- }
- }
- return users.toString();
- }
-
- public String isAllowed(TSentryResponseStatus status) {
- if (status.equals(Status.OK())) {
- return Constants.TRUE;
- }
- return Constants.FALSE;
- }
-
- // log entity for generic model create role
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- gmamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(request.getRoleName(), true));
-
- return gmamle;
- }
-
- // log entity for generic model drop role
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- gmamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(request.getRoleName(), false));
-
- return gmamle;
- }
-
- // log entity for generic model grant privilege
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- if (request.getPrivilege() != null) {
- List<TAuthorizable> authorizables = request.getPrivilege().getAuthorizables();
- Map<String, String> privilegesMap = new LinkedHashMap<String, String>();
- if (authorizables != null) {
- for (TAuthorizable authorizable : authorizables) {
- privilegesMap.put(authorizable.getType(), authorizable.getName());
- }
- }
- gmamle.setPrivilegesMap(privilegesMap);
- }
- gmamle.setOperationText(CommandUtil.createCmdForGrantGMPrivilege(request));
-
- return gmamle;
- }
-
- // log entity for generic model revoke privilege
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- if (request.getPrivilege() != null) {
- List<TAuthorizable> authorizables = request.getPrivilege().getAuthorizables();
- Map<String, String> privilegesMap = new LinkedHashMap<String, String>();
- if (authorizables != null) {
- for (TAuthorizable authorizable : authorizables) {
- privilegesMap.put(authorizable.getType(), authorizable.getName());
- }
- }
- gmamle.setPrivilegesMap(privilegesMap);
- }
- gmamle.setOperationText(CommandUtil.createCmdForRevokeGMPrivilege(request));
-
- return gmamle;
- }
-
- // log entity for generic model add role to group
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- Joiner joiner = Joiner.on(",");
- String groups = joiner.join(request.getGroupsIterator());
- gmamle.setOperationText(CommandUtil.createCmdForRoleAddGroup(request.getRoleName(), groups));
-
- return gmamle;
- }
-
- // log entity for hive delete role from group
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- Joiner joiner = Joiner.on(",");
- String groups = joiner.join(request.getGroupsIterator());
- gmamle.setOperationText(CommandUtil.createCmdForRoleDeleteGroup(request.getRoleName(), groups));
-
- return gmamle;
- }
-
- private DBAuditMetadataLogEntity createCommonHAMLE(Configuration conf,
- TSentryResponseStatus responseStatus, String userName, String requestClassName) {
- DBAuditMetadataLogEntity hamle = new DBAuditMetadataLogEntity();
- setCommAttrForAMLE(hamle, conf, responseStatus, userName, requestClassName);
- return hamle;
- }
-
- private GMAuditMetadataLogEntity createCommonGMAMLE(Configuration conf,
- TSentryResponseStatus responseStatus, String userName, String requestClassName,
- String component) {
- GMAuditMetadataLogEntity gmamle = new GMAuditMetadataLogEntity();
- setCommAttrForAMLE(gmamle, conf, responseStatus, userName, requestClassName);
- gmamle.setComponent(component);
- return gmamle;
- }
-
- private void setCommAttrForAMLE(AuditMetadataLogEntity amle, Configuration conf,
- TSentryResponseStatus responseStatus, String userName, String requestClassName) {
- amle.setUserName(userName);
- amle.setServiceName(conf.get(ServerConfig.SENTRY_SERVICE_NAME,
- ServerConfig.SENTRY_SERVICE_NAME_DEFAULT).trim());
- amle.setImpersonator(ThriftUtil.getImpersonator());
- amle.setIpAddress(ThriftUtil.getIpAddress());
- amle.setOperation(Constants.requestTypeToOperationMap.get(requestClassName));
- amle.setEventTime(Long.toString(System.currentTimeMillis()));
- amle.setAllowed(isAllowed(responseStatus));
- amle.setObjectType(Constants.requestTypeToObjectTypeMap
- .get(requestClassName));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
deleted file mode 100644
index 328bbbb..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
+++ /dev/null
@@ -1,233 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.util;
-
-import java.net.InetAddress;
-import java.net.NetworkInterface;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.Set;
-
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.datanucleus.util.StringUtils;
-
-import com.google.common.annotations.VisibleForTesting;
-
-public final class CommandUtil {
-
- public CommandUtil() {
- // Make constructor private to avoid instantiation
- }
-
- public static String createCmdForCreateOrDropRole(String roleName,
- boolean isCreate) {
- if (isCreate) {
- return "CREATE ROLE " + roleName;
- }
- return "DROP ROLE " + roleName;
- }
-
- public static String createCmdForRoleAddGroup(String roleName, String groups) {
- return createCmdForRoleGrant(roleName, groups, true, true);
- }
-
- public static String createCmdForRoleDeleteGroup(String roleName, String groups) {
- return createCmdForRoleGrant(roleName, groups, false, true);
- }
-
- private static String createCmdForRoleGrant(String roleName, String principals,
- boolean isGrant, boolean isGroup) {
- StringBuilder sb = new StringBuilder();
- if (isGrant) {
- sb.append("GRANT ROLE ");
- } else {
- sb.append("REVOKE ROLE ");
- }
- sb.append(roleName);
- if (isGrant) {
- sb.append(" TO ");
- } else {
- sb.append(" FROM ");
- }
-
- String principalType = isGroup ? "GROUP" : "USER";
- if (!StringUtils.isEmpty(principals)) {
- sb.append(principalType).append(" ").append(principals);
- } else {
- sb = new StringBuilder("Missing " + principalType + " information.");
- }
-
- return sb.toString();
- }
-
- public static String createCmdForRoleAddUser(String roleName, String users) {
- return createCmdForRoleGrant(roleName, users, true, false);
- }
-
- public static String createCmdForRoleDeleteUser(String roleName, String users) {
- return createCmdForRoleGrant(roleName, users, false, false);
- }
-
- public static String createCmdForGrantPrivilege(
- TAlterSentryRoleGrantPrivilegeRequest request) {
- return createCmdForGrantOrRevokePrivileges(request.getRoleName(),
- request.getPrivileges(), true);
- }
-
- public static String createCmdForRevokePrivilege(
- TAlterSentryRoleRevokePrivilegeRequest request) {
- return createCmdForGrantOrRevokePrivileges(request.getRoleName(),
- request.getPrivileges(), false);
- }
-
- private static String createCmdForGrantOrRevokePrivileges(String roleName,
- Set<TSentryPrivilege> privileges, boolean isGrant) {
- StringBuilder sb = new StringBuilder();
- if (privileges != null) {
- for (TSentryPrivilege privilege : privileges) {
- sb.append(createCmdForGrantOrRevokePrivilege(roleName, privilege, isGrant));
- }
- }
- return sb.toString();
- }
-
- private static String createCmdForGrantOrRevokePrivilege(String roleName,
- TSentryPrivilege privilege, boolean isGrant) {
- StringBuilder sb = new StringBuilder();
- if (isGrant) {
- sb.append("GRANT ");
- } else {
- sb.append("REVOKE ");
- }
-
- String action = privilege.getAction();
- String privilegeScope = privilege.getPrivilegeScope();
- if (AccessConstants.ALL.equalsIgnoreCase(action)) {
- sb.append("ALL");
- } else {
- if (action != null) {
- action = action.toUpperCase();
- }
- sb.append(action);
- }
-
- sb.append(" ON ").append(privilege.getPrivilegeScope()).append(" ");
- if (PrivilegeScope.DATABASE.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getDbName());
- } else if (PrivilegeScope.TABLE.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getTableName());
- } else if (PrivilegeScope.SERVER.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getServerName());
- } else if (PrivilegeScope.URI.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getURI());
- }
-
- if (isGrant) {
- sb.append(" TO ROLE ");
- } else {
- sb.append(" FROM ROLE ");
- }
- sb.append(roleName);
-
- if (privilege.getGrantOption() == TSentryGrantOption.TRUE) {
- sb.append(" WITH GRANT OPTION");
- }
-
- return sb.toString();
- }
-
- public static String createCmdForGrantGMPrivilege(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request) {
- return createCmdForGrantOrRevokeGMPrivilege(request.getRoleName(), request.getPrivilege(), true);
- }
-
- public static String createCmdForRevokeGMPrivilege(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request) {
- return createCmdForGrantOrRevokeGMPrivilege(request.getRoleName(), request.getPrivilege(),
- false);
- }
-
- private static String createCmdForGrantOrRevokeGMPrivilege(String roleName,
- org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege,
- boolean isGrant) {
- StringBuilder sb = new StringBuilder();
- if (isGrant) {
- sb.append("GRANT ");
- } else {
- sb.append("REVOKE ");
- }
-
- String action = privilege.getAction();
- if (AccessConstants.ALL.equalsIgnoreCase(action)) {
- sb.append("ALL");
- } else {
- if (action != null) {
- action = action.toUpperCase();
- }
- sb.append(action);
- }
-
- sb.append(" ON");
-
- List<TAuthorizable> authorizables = privilege.getAuthorizables();
- if (authorizables != null) {
- for (TAuthorizable authorizable : authorizables) {
- sb.append(" ").append(authorizable.getType()).append(" ").append(authorizable.getName());
- }
- }
-
- if (isGrant) {
- sb.append(" TO ROLE ");
- } else {
- sb.append(" FROM ROLE ");
- }
- sb.append(roleName);
-
- if (privilege.getGrantOption() == org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.TRUE) {
- sb.append(" WITH GRANT OPTION");
- }
-
- return sb.toString();
- }
-
- // Check if the given IP is one of the local IP.
- @VisibleForTesting
- public static boolean assertIPInAuditLog(String ipInAuditLog) throws Exception {
- if (ipInAuditLog == null) {
- return false;
- }
- Enumeration<NetworkInterface> netInterfaces = NetworkInterface.getNetworkInterfaces();
- while (netInterfaces.hasMoreElements()) {
- NetworkInterface ni = netInterfaces.nextElement();
- Enumeration<InetAddress> ips = ni.getInetAddresses();
- while (ips.hasMoreElements()) {
- if (ipInAuditLog.indexOf(ips.nextElement().getHostAddress()) != -1) {
- return true;
- }
- }
- }
- return false;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
deleted file mode 100644
index 2e71ce0..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
+++ /dev/null
@@ -1,162 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.util;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.sentry.provider.db.service.thrift.*;
-
-public final class Constants {
- public final static String AUDIT_LOGGER_NAME = "sentry.hive.authorization.ddl.logger";
- public final static String AUDIT_LOGGER_NAME_GENERIC = "sentry.generic.authorization.ddl.logger";
-
- public final static String LOG_FIELD_SERVICE_NAME = "serviceName";
- public final static String LOG_FIELD_USER_NAME = "userName";
- public final static String LOG_FIELD_IMPERSONATOR = "impersonator";
- public final static String LOG_FIELD_IP_ADDRESS = "ipAddress";
- public final static String LOG_FIELD_OPERATION = "operation";
- public final static String LOG_FIELD_EVENT_TIME = "eventTime";
- public final static String LOG_FIELD_OPERATION_TEXT = "operationText";
- public final static String LOG_FIELD_ALLOWED = "allowed";
- public final static String LOG_FIELD_DATABASE_NAME = "databaseName";
- public final static String LOG_FIELD_TABLE_NAME = "tableName";
- public final static String LOG_FIELD_COLUMN_NAME = "column";
- public final static String LOG_FIELD_RESOURCE_PATH = "resourcePath";
- public final static String LOG_FIELD_OBJECT_TYPE = "objectType";
- public final static String LOG_FIELD_COMPONENT = "component";
-
- public final static String OPERATION_CREATE_ROLE = "CREATE_ROLE";
- public final static String OPERATION_DROP_ROLE = "DROP_ROLE";
- public final static String OPERATION_ADD_ROLE = "ADD_ROLE_TO_GROUP";
- public final static String OPERATION_DELETE_ROLE = "DELETE_ROLE_FROM_GROUP";
- public final static String OPERATION_ADD_ROLE_USER = "ADD_ROLE_TO_USER";
- public final static String OPERATION_DELETE_ROLE_USER = "DELETE_ROLE_FROM_USER";
- public final static String OPERATION_GRANT_PRIVILEGE = "GRANT_PRIVILEGE";
- public final static String OPERATION_REVOKE_PRIVILEGE = "REVOKE_PRIVILEGE";
-
- public final static String OBJECT_TYPE_PRINCIPAL = "PRINCIPAL";
- public final static String OBJECT_TYPE_ROLE = "ROLE";
-
- public final static String TRUE = "true";
- public final static String FALSE = "false";
-
- public static final Map<String, String> requestTypeToOperationMap = new HashMap<String, String>();
- public static final Map<String, String> requestTypeToObjectTypeMap = new HashMap<String, String>();
-
- static {
- // for hive audit log
- requestTypeToOperationMap.put(TCreateSentryRoleRequest.class.getName(),
- Constants.OPERATION_CREATE_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
- Constants.OPERATION_GRANT_PRIVILEGE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
- Constants.OPERATION_REVOKE_PRIVILEGE);
- requestTypeToOperationMap.put(TDropSentryRoleRequest.class.getName(),
- Constants.OPERATION_DROP_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleAddGroupsRequest.class.getName(),
- Constants.OPERATION_ADD_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleDeleteGroupsRequest.class.getName(),
- Constants.OPERATION_DELETE_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleAddUsersRequest.class.getName(),
- Constants.OPERATION_ADD_ROLE_USER);
- requestTypeToOperationMap.put(
- TAlterSentryRoleDeleteUsersRequest.class.getName(),
- Constants.OPERATION_DELETE_ROLE_USER);
-
- // for generic model audit log
- requestTypeToOperationMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest.class
- .getName(), Constants.OPERATION_CREATE_ROLE);
- requestTypeToOperationMap
- .put(org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest.class
- .getName(), Constants.OPERATION_DROP_ROLE);
- requestTypeToOperationMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest.class
- .getName(), Constants.OPERATION_GRANT_PRIVILEGE);
- requestTypeToOperationMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest.class
- .getName(), Constants.OPERATION_REVOKE_PRIVILEGE);
- requestTypeToOperationMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest.class
- .getName(), Constants.OPERATION_ADD_ROLE);
- requestTypeToOperationMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest.class
- .getName(), Constants.OPERATION_DELETE_ROLE);
-
- // for hive audit log
- requestTypeToObjectTypeMap.put(TCreateSentryRoleRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(TDropSentryRoleRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleAddGroupsRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleDeleteGroupsRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleAddUsersRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleDeleteUsersRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
- Constants.OBJECT_TYPE_PRINCIPAL);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
- Constants.OBJECT_TYPE_PRINCIPAL);
- // for generic model audit log
- requestTypeToObjectTypeMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap
- .put(org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest.class
- .getName(), Constants.OBJECT_TYPE_PRINCIPAL);
- requestTypeToObjectTypeMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest.class
- .getName(), Constants.OBJECT_TYPE_PRINCIPAL);
- }
-
- private Constants() {
- // Make constructor private to avoid instantiation
- }
-
-}