You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2016/07/21 05:54:55 UTC
[01/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Repository: sentry
Updated Branches:
refs/heads/master 170c2a1b5 -> f13323008
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java b/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
new file mode 100644
index 0000000..d129c35
--- /dev/null
+++ b/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
@@ -0,0 +1,591 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db.generic.service.thrift;
+
+import java.io.IOException;
+import java.net.InetSocketAddress;
+import java.security.PrivilegedExceptionAction;
+import java.util.*;
+
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.CommonConfigurationKeysPublic;
+import org.apache.hadoop.net.NetUtils;
+import org.apache.hadoop.security.SaslRpcServer;
+import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
+import org.apache.hadoop.security.SecurityUtil;
+import org.apache.hadoop.security.UserGroupInformation;
+import org.apache.sentry.core.common.exception.SentryUserException;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.Authorizable;
+import org.apache.sentry.core.common.utils.SentryConstants;
+import org.apache.sentry.service.thrift.ServiceConstants;
+import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
+import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
+import org.apache.sentry.service.thrift.Status;
+import org.apache.sentry.service.thrift.sentry_common_serviceConstants;
+import org.apache.thrift.TException;
+import org.apache.thrift.protocol.TBinaryProtocol;
+import org.apache.thrift.protocol.TMultiplexedProtocol;
+import org.apache.thrift.transport.TSaslClientTransport;
+import org.apache.thrift.transport.TSocket;
+import org.apache.thrift.transport.TTransport;
+import org.apache.thrift.transport.TTransportException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.base.Preconditions;
+import com.google.common.collect.Lists;
+
+public class SentryGenericServiceClientDefaultImpl implements SentryGenericServiceClient {
+ private final Configuration conf;
+ private final InetSocketAddress serverAddress;
+ private final boolean kerberos;
+ private final String[] serverPrincipalParts;
+ private SentryGenericPolicyService.Client client;
+ private TTransport transport;
+ private int connectionTimeout;
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(SentryGenericServiceClientDefaultImpl.class);
+ private static final String THRIFT_EXCEPTION_MESSAGE = "Thrift exception occured ";
+
+ /**
+ * This transport wraps the Sasl transports to set up the right UGI context for open().
+ */
+ public static class UgiSaslClientTransport extends TSaslClientTransport {
+ protected UserGroupInformation ugi = null;
+
+ public UgiSaslClientTransport(String mechanism, String authorizationId,
+ String protocol, String serverName, Map<String, String> props,
+ CallbackHandler cbh, TTransport transport, boolean wrapUgi, Configuration conf)
+ throws IOException {
+ super(mechanism, authorizationId, protocol, serverName, props, cbh,
+ transport);
+ if (wrapUgi) {
+ // If we don't set the configuration, the UGI will be created based on
+ // what's on the classpath, which may lack the kerberos changes we require
+ UserGroupInformation.setConfiguration(conf);
+ ugi = UserGroupInformation.getLoginUser();
+ }
+ }
+
+ // open the SASL transport with using the current UserGroupInformation
+ // This is needed to get the current login context stored
+ @Override
+ public void open() throws TTransportException {
+ if (ugi == null) {
+ baseOpen();
+ } else {
+ try {
+ if (ugi.isFromKeytab()) {
+ ugi.checkTGTAndReloginFromKeytab();
+ }
+ ugi.doAs(new PrivilegedExceptionAction<Void>() {
+ public Void run() throws TTransportException {
+ baseOpen();
+ return null;
+ }
+ });
+ } catch (IOException e) {
+ throw new TTransportException("Failed to open SASL transport: " + e.getMessage(), e);
+ } catch (InterruptedException e) {
+ throw new TTransportException(
+ "Interrupted while opening underlying transport: " + e.getMessage(), e);
+ }
+ }
+ }
+
+ private void baseOpen() throws TTransportException {
+ super.open();
+ }
+ }
+
+ public SentryGenericServiceClientDefaultImpl(Configuration conf) throws IOException {
+ // copy the configuration because we may make modifications to it.
+ this.conf = new Configuration(conf);
+ Preconditions.checkNotNull(this.conf, "Configuration object cannot be null");
+ this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(
+ conf.get(ClientConfig.SERVER_RPC_ADDRESS), "Config key "
+ + ClientConfig.SERVER_RPC_ADDRESS + " is required"), conf.getInt(
+ ClientConfig.SERVER_RPC_PORT, ClientConfig.SERVER_RPC_PORT_DEFAULT));
+ this.connectionTimeout = conf.getInt(ClientConfig.SERVER_RPC_CONN_TIMEOUT,
+ ClientConfig.SERVER_RPC_CONN_TIMEOUT_DEFAULT);
+ kerberos = ServerConfig.SECURITY_MODE_KERBEROS.equalsIgnoreCase(
+ conf.get(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_KERBEROS).trim());
+ transport = new TSocket(serverAddress.getHostName(),
+ serverAddress.getPort(), connectionTimeout);
+ if (kerberos) {
+ String serverPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL), ServerConfig.PRINCIPAL + " is required");
+ // since the client uses hadoop-auth, we need to set kerberos in
+ // hadoop-auth if we plan to use kerberos
+ conf.set(CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION, ServerConfig.SECURITY_MODE_KERBEROS);
+
+ // Resolve server host in the same way as we are doing on server side
+ serverPrincipal = SecurityUtil.getServerPrincipal(serverPrincipal, serverAddress.getAddress());
+ LOGGER.debug("Using server kerberos principal: " + serverPrincipal);
+
+ serverPrincipalParts = SaslRpcServer.splitKerberosName(serverPrincipal);
+ Preconditions.checkArgument(serverPrincipalParts.length == 3,
+ "Kerberos principal should have 3 parts: " + serverPrincipal);
+ boolean wrapUgi = "true".equalsIgnoreCase(conf
+ .get(ServerConfig.SECURITY_USE_UGI_TRANSPORT, "true"));
+ transport = new UgiSaslClientTransport(AuthMethod.KERBEROS.getMechanismName(),
+ null, serverPrincipalParts[0], serverPrincipalParts[1],
+ ClientConfig.SASL_PROPERTIES, null, transport, wrapUgi, conf);
+ } else {
+ serverPrincipalParts = null;
+ }
+ try {
+ transport.open();
+ } catch (TTransportException e) {
+ throw new IOException("Transport exception while opening transport: " + e.getMessage(), e);
+ }
+ LOGGER.debug("Successfully opened transport: " + transport + " to " + serverAddress);
+ long maxMessageSize = conf.getLong(ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE,
+ ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT);
+ TMultiplexedProtocol protocol = new TMultiplexedProtocol(
+ new TBinaryProtocol(transport, maxMessageSize, maxMessageSize, true, true),
+ ServiceConstants.SENTRY_GENERIC_SERVICE_NAME);
+ client = new SentryGenericPolicyService.Client(protocol);
+ LOGGER.debug("Successfully created client");
+ }
+
+
+
+ /**
+ * Create a sentry role
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @throws SentryUserException
+ */
+ public synchronized void createRole(String requestorUserName, String roleName, String component)
+ throws SentryUserException {
+ TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setRequestorUserName(requestorUserName);
+ request.setRoleName(roleName);
+ request.setComponent(component);
+ try {
+ TCreateSentryRoleResponse response = client.create_sentry_role(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ public void createRoleIfNotExist(String requestorUserName, String roleName, String component) throws SentryUserException {
+ TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setRequestorUserName(requestorUserName);
+ request.setRoleName(roleName);
+ request.setComponent(component);
+ try {
+ TCreateSentryRoleResponse response = client.create_sentry_role(request);
+ Status status = Status.fromCode(response.getStatus().getValue());
+ if (status == Status.ALREADY_EXISTS) {
+ return;
+ }
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * Drop a sentry role
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @throws SentryUserException
+ */
+ public void dropRole(String requestorUserName,
+ String roleName, String component)
+ throws SentryUserException {
+ dropRole(requestorUserName, roleName, component, false);
+ }
+
+ public void dropRoleIfExists(String requestorUserName,
+ String roleName, String component)
+ throws SentryUserException {
+ dropRole(requestorUserName, roleName, component, true);
+ }
+
+ private void dropRole(String requestorUserName,
+ String roleName, String component , boolean ifExists)
+ throws SentryUserException {
+ TDropSentryRoleRequest request = new TDropSentryRoleRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setRequestorUserName(requestorUserName);
+ request.setRoleName(roleName);
+ request.setComponent(component);
+ try {
+ TDropSentryRoleResponse response = client.drop_sentry_role(request);
+ Status status = Status.fromCode(response.getStatus().getValue());
+ if (ifExists && status == Status.NO_SUCH_OBJECT) {
+ return;
+ }
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * add a sentry role to groups.
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param groups: The name of groups
+ * @throws SentryUserException
+ */
+ public void addRoleToGroups(String requestorUserName, String roleName,
+ String component, Set<String> groups) throws SentryUserException {
+ TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setRequestorUserName(requestorUserName);
+ request.setRoleName(roleName);
+ request.setGroups(groups);
+ request.setComponent(component);
+
+ try {
+ TAlterSentryRoleAddGroupsResponse response = client.alter_sentry_role_add_groups(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * delete a sentry role from groups.
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param groups: The name of groups
+ * @throws SentryUserException
+ */
+ public void deleteRoleToGroups(String requestorUserName, String roleName,
+ String component, Set<String> groups) throws SentryUserException {
+ TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setRequestorUserName(requestorUserName);
+ request.setRoleName(roleName);
+ request.setGroups(groups);
+ request.setComponent(component);
+
+ try {
+ TAlterSentryRoleDeleteGroupsResponse response = client.alter_sentry_role_delete_groups(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * grant privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param privilege
+ * @throws SentryUserException
+ */
+ public void grantPrivilege(String requestorUserName, String roleName,
+ String component, TSentryPrivilege privilege) throws SentryUserException {
+ TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setComponent(component);
+ request.setRoleName(roleName);
+ request.setRequestorUserName(requestorUserName);
+ request.setPrivilege(privilege);
+
+ try {
+ TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * revoke privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param privilege
+ * @throws SentryUserException
+ */
+ public void revokePrivilege(String requestorUserName, String roleName,
+ String component, TSentryPrivilege privilege) throws SentryUserException {
+ TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setComponent(component);
+ request.setRequestorUserName(requestorUserName);
+ request.setRoleName(roleName);
+ request.setPrivilege(privilege);
+
+ try {
+ TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * drop privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param component: The request is issued to which component
+ * @param privilege
+ * @throws SentryUserException
+ */
+ public void dropPrivilege(String requestorUserName,String component,
+ TSentryPrivilege privilege) throws SentryUserException {
+ TDropPrivilegesRequest request = new TDropPrivilegesRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setComponent(component);
+ request.setRequestorUserName(requestorUserName);
+ request.setPrivilege(privilege);
+
+ try {
+ TDropPrivilegesResponse response = client.drop_sentry_privilege(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * rename privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param component: The request is issued to which component
+ * @param serviceName: The Authorizable belongs to which service
+ * @param oldAuthorizables
+ * @param newAuthorizables
+ * @throws SentryUserException
+ */
+ public void renamePrivilege(String requestorUserName, String component,
+ String serviceName, List<? extends Authorizable> oldAuthorizables,
+ List<? extends Authorizable> newAuthorizables) throws SentryUserException {
+ if (oldAuthorizables == null || oldAuthorizables.isEmpty()
+ || newAuthorizables == null || newAuthorizables.isEmpty()) {
+ throw new SentryUserException("oldAuthorizables or newAuthorizables can not be null or empty");
+ }
+
+ TRenamePrivilegesRequest request = new TRenamePrivilegesRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setComponent(component);
+ request.setRequestorUserName(requestorUserName);
+ request.setServiceName(serviceName);
+
+ List<TAuthorizable> oldTAuthorizables = Lists.newArrayList();
+ List<TAuthorizable> newTAuthorizables = Lists.newArrayList();
+ for (Authorizable authorizable : oldAuthorizables) {
+ oldTAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
+ request.setOldAuthorizables(oldTAuthorizables);
+ }
+ for (Authorizable authorizable : newAuthorizables) {
+ newTAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
+ request.setNewAuthorizables(newTAuthorizables);
+ }
+
+ try {
+ TRenamePrivilegesResponse response = client.rename_sentry_privilege(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * Gets sentry role objects for a given groupName using the Sentry service
+ * @param requestorUserName : user on whose behalf the request is issued
+ * @param groupName : groupName to look up ( if null returns all roles for groups related to requestorUserName)
+ * @param component: The request is issued to which component
+ * @return Set of thrift sentry role objects
+ * @throws SentryUserException
+ */
+ public synchronized Set<TSentryRole> listRolesByGroupName(
+ String requestorUserName,
+ String groupName,
+ String component)
+ throws SentryUserException {
+ TListSentryRolesRequest request = new TListSentryRolesRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setRequestorUserName(requestorUserName);
+ request.setGroupName(groupName);
+ request.setComponent(component);
+ TListSentryRolesResponse response;
+ try {
+ response = client.list_sentry_roles_by_group(request);
+ Status.throwIfNotOk(response.getStatus());
+ return response.getRoles();
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ public Set<TSentryRole> listUserRoles(String requestorUserName, String component)
+ throws SentryUserException {
+ return listRolesByGroupName(requestorUserName, SentryConstants.RESOURCE_WILDCARD_VALUE, component);
+ }
+
+ public Set<TSentryRole> listAllRoles(String requestorUserName, String component)
+ throws SentryUserException {
+ return listRolesByGroupName(requestorUserName, null, component);
+ }
+
+ /**
+ * Gets sentry privileges for a given roleName and Authorizable Hirerchys using the Sentry service
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName:
+ * @param component: The request is issued to which component
+ * @param serviceName
+ * @param authorizables
+ * @return
+ * @throws SentryUserException
+ */
+ public Set<TSentryPrivilege> listPrivilegesByRoleName(
+ String requestorUserName, String roleName, String component,
+ String serviceName, List<? extends Authorizable> authorizables)
+ throws SentryUserException {
+ TListSentryPrivilegesRequest request = new TListSentryPrivilegesRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setComponent(component);
+ request.setServiceName(serviceName);
+ request.setRequestorUserName(requestorUserName);
+ request.setRoleName(roleName);
+ if (authorizables != null && !authorizables.isEmpty()) {
+ List<TAuthorizable> tAuthorizables = Lists.newArrayList();
+ for (Authorizable authorizable : authorizables) {
+ tAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
+ }
+ request.setAuthorizables(tAuthorizables);
+ }
+
+ TListSentryPrivilegesResponse response;
+ try {
+ response = client.list_sentry_privileges_by_role(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ return response.getPrivileges();
+ }
+
+ public Set<TSentryPrivilege> listPrivilegesByRoleName(
+ String requestorUserName, String roleName, String component,
+ String serviceName) throws SentryUserException {
+ return listPrivilegesByRoleName(requestorUserName, roleName, component, serviceName, null);
+ }
+
+ /**
+ * get sentry permissions from provider as followings:
+ * @param: component: The request is issued to which component
+ * @param: serviceName: The privilege belongs to which service
+ * @param: roleSet
+ * @param: groupNames
+ * @param: the authorizables
+ * @returns the set of permissions
+ * @throws SentryUserException
+ */
+ public Set<String> listPrivilegesForProvider(String component,
+ String serviceName, ActiveRoleSet roleSet, Set<String> groups,
+ List<? extends Authorizable> authorizables) throws SentryUserException {
+ TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles());
+ TListSentryPrivilegesForProviderRequest request = new TListSentryPrivilegesForProviderRequest();
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setComponent(component);
+ request.setServiceName(serviceName);
+ request.setRoleSet(thriftRoleSet);
+ if (groups == null) {
+ request.setGroups(new HashSet<String>());
+ } else {
+ request.setGroups(groups);
+ }
+ List<TAuthorizable> tAuthoriables = Lists.newArrayList();
+ if (authorizables != null && !authorizables.isEmpty()) {
+ for (Authorizable authorizable : authorizables) {
+ tAuthoriables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
+ }
+ request.setAuthorizables(tAuthoriables);
+ }
+
+ try {
+ TListSentryPrivilegesForProviderResponse response = client.list_sentry_privileges_for_provider(request);
+ Status.throwIfNotOk(response.getStatus());
+ return response.getPrivileges();
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ /**
+ * Get sentry privileges based on valid active roles and the authorize objects. Note that
+ * it is client responsibility to ensure the requestor username, etc. is not impersonated.
+ *
+ * @param component: The request respond to which component.
+ * @param serviceName: The name of service.
+ * @param requestorUserName: The requestor user name.
+ * @param authorizablesSet: The set of authorize objects. One authorize object is represented
+ * as a string. e.g resourceType1=resourceName1->resourceType2=resourceName2->resourceType3=resourceName3.
+ * @param groups: The requested groups.
+ * @param roleSet: The active roles set.
+ *
+ * @returns The mapping of authorize objects and TSentryPrivilegeMap(<role, set<privileges>).
+ * @throws SentryUserException
+ */
+ public Map<String, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(String component,
+ String serviceName, String requestorUserName, Set<String> authorizablesSet,
+ Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException {
+
+ TListSentryPrivilegesByAuthRequest request = new TListSentryPrivilegesByAuthRequest();
+
+ request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
+ request.setComponent(component);
+ request.setServiceName(serviceName);
+ request.setRequestorUserName(requestorUserName);
+ request.setAuthorizablesSet(authorizablesSet);
+
+ if (groups == null) {
+ request.setGroups(new HashSet<String>());
+ } else {
+ request.setGroups(groups);
+ }
+
+ if (roleSet != null) {
+ request.setRoleSet(new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles()));
+ }
+
+ try {
+ TListSentryPrivilegesByAuthResponse response = client.list_sentry_privileges_by_authorizable(request);
+ Status.throwIfNotOk(response.getStatus());
+ return response.getPrivilegesMapByAuth();
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
+ @Override
+ public void close() {
+ if (transport != null) {
+ transport.close();
+ }
+ }
+
+}
[13/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.mysql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.mysql b/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.mysql
deleted file mode 100644
index 8da8c9c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.mysql
+++ /dev/null
@@ -1,4 +0,0 @@
-1.4.0-to-1.5.0
-1.5.0-to-1.6.0
-1.6.0-to-1.7.0
-1.7.0-to-1.8.0
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.oracle
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.oracle b/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.oracle
deleted file mode 100644
index 8da8c9c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.oracle
+++ /dev/null
@@ -1,4 +0,0 @@
-1.4.0-to-1.5.0
-1.5.0-to-1.6.0
-1.6.0-to-1.7.0
-1.7.0-to-1.8.0
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.postgres
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.postgres b/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.postgres
deleted file mode 100644
index 8da8c9c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.postgres
+++ /dev/null
@@ -1,4 +0,0 @@
-1.4.0-to-1.5.0
-1.5.0-to-1.6.0
-1.6.0-to-1.7.0
-1.7.0-to-1.8.0
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/webapp/SentryService.html
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/webapp/SentryService.html b/sentry-provider/sentry-provider-db/src/main/webapp/SentryService.html
deleted file mode 100644
index 9eb5f0e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/webapp/SentryService.html
+++ /dev/null
@@ -1,61 +0,0 @@
-<!--
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
--->
-<!DOCTYPE HTML>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>Sentry Service</title>
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- <meta name="description" content="">
- <link href="css/bootstrap.min.css" rel="stylesheet">
- <link href="css/bootstrap-theme.min.css" rel="stylesheet">
- <link href="css/sentry.css" rel="stylesheet">
- </head>
-
- <body>
- <nav class="navbar navbar-default navbar-fixed-top">
- <div class="container">
- <div class="navbar-header">
- <a class="navbar-brand" href="#"><img src="sentry.png" alt="Sentry Logo"/></a>
- </div>
- <div class="collapse navbar-collapse">
- <ul class="nav navbar-nav">
- <li class="active"><a href="#">Home</a></li>
- <li><a href="/metrics?pretty=true">Metrics</a></li>
- <li><a href="/threads">Threads</a></li>
- <li><a href="/conf">Configuration</a></li>
- </ul>
- </div>
- </div>
- </nav>
-
- <div class="container">
- <div class="page-header"><h2>Sentry Service</h2></div>
- <ul>
- <li><a href="/metrics?pretty=true">Metrics</a></li>
- <li><a href="/threads">Threads</a></li>
- <li><a href="/conf">Configuration</a></li>
- </ul>
- </div>
-
- <footer class="footer">
- <div class="container">
- <p class="text-muted">SENTRY 1.8.0-SNAPSHOT</p>
- </div>
- </footer>
- </body>
-</html>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap-theme.min.css
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap-theme.min.css b/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap-theme.min.css
deleted file mode 100644
index c31428b..0000000
--- a/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap-theme.min.css
+++ /dev/null
@@ -1,10 +0,0 @@
-/*!
- * Bootstrap v3.0.0
- *
- * Copyright 2013 Twitter, Inc
- * Licensed under the Apache License v2.0
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Designed and built with all the love in the world by @mdo and @fat.
- */
-.btn-default,.btn-primary,.btn-success,.btn-info,.btn-warning,.btn-danger{text-shadow:0 -1px 0 rgba(0,0,0,0.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.15),0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 0 rgba(255,255,255,0.15),0 1px 1px rgba(0,0,0,0.075)}.btn-default:active,.btn-primary:active,.btn-success:active,.btn-info:active,.btn-warning:active,.btn-danger:active,.btn-default.active,.btn-primary.active,.btn-success.active,.btn-info.active,.btn-warning.active,.btn-danger.active{-webkit-box-shadow:inset 0 3px 5px rgba(0,0,0,0.125);box-shadow:inset 0 3px 5px rgba(0,0,0,0.125)}.btn:active,.btn.active{background-image:none}.btn-default{text-shadow:0 1px 0 #fff;background-image:-webkit-gradient(linear,left 0,left 100%,from(#fff),to(#e6e6e6));background-image:-webkit-linear-gradient(top,#fff,0%,#e6e6e6,100%);background-image:-moz-linear-gradient(top,#fff 0,#e6e6e6 100%);background-image:linear-gradient(to bottom,#fff 0,#e6e6e6 100%);background-repeat:repeat-x;border-co
lor:#e0e0e0;border-color:#ccc;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff',endColorstr='#ffe6e6e6',GradientType=0)}.btn-default:active,.btn-default.active{background-color:#e6e6e6;border-color:#e0e0e0}.btn-primary{background-image:-webkit-gradient(linear,left 0,left 100%,from(#428bca),to(#3071a9));background-image:-webkit-linear-gradient(top,#428bca,0%,#3071a9,100%);background-image:-moz-linear-gradient(top,#428bca 0,#3071a9 100%);background-image:linear-gradient(to bottom,#428bca 0,#3071a9 100%);background-repeat:repeat-x;border-color:#2d6ca2;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca',endColorstr='#ff3071a9',GradientType=0)}.btn-primary:active,.btn-primary.active{background-color:#3071a9;border-color:#2d6ca2}.btn-success{background-image:-webkit-gradient(linear,left 0,left 100%,from(#5cb85c),to(#449d44));background-image:-webkit-linear-gradient(top,#5cb85c,0%,#449d44,100%);background-image:-moz-linear-gradient(top,#5cb
85c 0,#449d44 100%);background-image:linear-gradient(to bottom,#5cb85c 0,#449d44 100%);background-repeat:repeat-x;border-color:#419641;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c',endColorstr='#ff449d44',GradientType=0)}.btn-success:active,.btn-success.active{background-color:#449d44;border-color:#419641}.btn-warning{background-image:-webkit-gradient(linear,left 0,left 100%,from(#f0ad4e),to(#ec971f));background-image:-webkit-linear-gradient(top,#f0ad4e,0%,#ec971f,100%);background-image:-moz-linear-gradient(top,#f0ad4e 0,#ec971f 100%);background-image:linear-gradient(to bottom,#f0ad4e 0,#ec971f 100%);background-repeat:repeat-x;border-color:#eb9316;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e',endColorstr='#ffec971f',GradientType=0)}.btn-warning:active,.btn-warning.active{background-color:#ec971f;border-color:#eb9316}.btn-danger{background-image:-webkit-gradient(linear,left 0,left 100%,from(#d9534f),to(#c9302c));background-i
mage:-webkit-linear-gradient(top,#d9534f,0%,#c9302c,100%);background-image:-moz-linear-gradient(top,#d9534f 0,#c9302c 100%);background-image:linear-gradient(to bottom,#d9534f 0,#c9302c 100%);background-repeat:repeat-x;border-color:#c12e2a;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f',endColorstr='#ffc9302c',GradientType=0)}.btn-danger:active,.btn-danger.active{background-color:#c9302c;border-color:#c12e2a}.btn-info{background-image:-webkit-gradient(linear,left 0,left 100%,from(#5bc0de),to(#31b0d5));background-image:-webkit-linear-gradient(top,#5bc0de,0%,#31b0d5,100%);background-image:-moz-linear-gradient(top,#5bc0de 0,#31b0d5 100%);background-image:linear-gradient(to bottom,#5bc0de 0,#31b0d5 100%);background-repeat:repeat-x;border-color:#2aabd2;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de',endColorstr='#ff31b0d5',GradientType=0)}.btn-info:active,.btn-info.active{background-color:#31b0d5;border-color:#2aabd2}.thumbnail,.img-
thumbnail{-webkit-box-shadow:0 1px 2px rgba(0,0,0,0.075);box-shadow:0 1px 2px rgba(0,0,0,0.075)}.dropdown-menu>li>a:hover,.dropdown-menu>li>a:focus,.dropdown-menu>.active>a,.dropdown-menu>.active>a:hover,.dropdown-menu>.active>a:focus{background-color:#357ebd;background-image:-webkit-gradient(linear,left 0,left 100%,from(#428bca),to(#357ebd));background-image:-webkit-linear-gradient(top,#428bca,0%,#357ebd,100%);background-image:-moz-linear-gradient(top,#428bca 0,#357ebd 100%);background-image:linear-gradient(to bottom,#428bca 0,#357ebd 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca',endColorstr='#ff357ebd',GradientType=0)}.navbar{background-image:-webkit-gradient(linear,left 0,left 100%,from(#fff),to(#f8f8f8));background-image:-webkit-linear-gradient(top,#fff,0%,#f8f8f8,100%);background-image:-moz-linear-gradient(top,#fff 0,#f8f8f8 100%);background-image:linear-gradient(to bottom,#fff 0,#f8f8f8 100%);background-repeat:repe
at-x;border-radius:4px;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff',endColorstr='#fff8f8f8',GradientType=0);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.15),0 1px 5px rgba(0,0,0,0.075);box-shadow:inset 0 1px 0 rgba(255,255,255,0.15),0 1px 5px rgba(0,0,0,0.075)}.navbar .navbar-nav>.active>a{background-color:#f8f8f8}.navbar-brand,.navbar-nav>li>a{text-shadow:0 1px 0 rgba(255,255,255,0.25)}.navbar-inverse{background-image:-webkit-gradient(linear,left 0,left 100%,from(#3c3c3c),to(#222));background-image:-webkit-linear-gradient(top,#3c3c3c,0%,#222,100%);background-image:-moz-linear-gradient(top,#3c3c3c 0,#222 100%);background-image:linear-gradient(to bottom,#3c3c3c 0,#222 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff3c3c3c',endColorstr='#ff222222',GradientType=0)}.navbar-inverse .navbar-nav>.active>a{background-color:#222}.navbar-inverse .navbar-brand,.navbar-inverse .navbar-nav>li>a{text-shadow
:0 -1px 0 rgba(0,0,0,0.25)}.navbar-static-top,.navbar-fixed-top,.navbar-fixed-bottom{border-radius:0}.alert{text-shadow:0 1px 0 rgba(255,255,255,0.2);-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.25),0 1px 2px rgba(0,0,0,0.05);box-shadow:inset 0 1px 0 rgba(255,255,255,0.25),0 1px 2px rgba(0,0,0,0.05)}.alert-success{background-image:-webkit-gradient(linear,left 0,left 100%,from(#dff0d8),to(#c8e5bc));background-image:-webkit-linear-gradient(top,#dff0d8,0%,#c8e5bc,100%);background-image:-moz-linear-gradient(top,#dff0d8 0,#c8e5bc 100%);background-image:linear-gradient(to bottom,#dff0d8 0,#c8e5bc 100%);background-repeat:repeat-x;border-color:#b2dba1;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8',endColorstr='#ffc8e5bc',GradientType=0)}.alert-info{background-image:-webkit-gradient(linear,left 0,left 100%,from(#d9edf7),to(#b9def0));background-image:-webkit-linear-gradient(top,#d9edf7,0%,#b9def0,100%);background-image:-moz-linear-gradient(top,#d9edf7 0,#b9
def0 100%);background-image:linear-gradient(to bottom,#d9edf7 0,#b9def0 100%);background-repeat:repeat-x;border-color:#9acfea;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7',endColorstr='#ffb9def0',GradientType=0)}.alert-warning{background-image:-webkit-gradient(linear,left 0,left 100%,from(#fcf8e3),to(#f8efc0));background-image:-webkit-linear-gradient(top,#fcf8e3,0%,#f8efc0,100%);background-image:-moz-linear-gradient(top,#fcf8e3 0,#f8efc0 100%);background-image:linear-gradient(to bottom,#fcf8e3 0,#f8efc0 100%);background-repeat:repeat-x;border-color:#f5e79e;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3',endColorstr='#fff8efc0',GradientType=0)}.alert-danger{background-image:-webkit-gradient(linear,left 0,left 100%,from(#f2dede),to(#e7c3c3));background-image:-webkit-linear-gradient(top,#f2dede,0%,#e7c3c3,100%);background-image:-moz-linear-gradient(top,#f2dede 0,#e7c3c3 100%);background-image:linear-gradient(to bottom,#f2dede 0,
#e7c3c3 100%);background-repeat:repeat-x;border-color:#dca7a7;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede',endColorstr='#ffe7c3c3',GradientType=0)}.progress{background-image:-webkit-gradient(linear,left 0,left 100%,from(#ebebeb),to(#f5f5f5));background-image:-webkit-linear-gradient(top,#ebebeb,0%,#f5f5f5,100%);background-image:-moz-linear-gradient(top,#ebebeb 0,#f5f5f5 100%);background-image:linear-gradient(to bottom,#ebebeb 0,#f5f5f5 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffebebeb',endColorstr='#fff5f5f5',GradientType=0)}.progress-bar{background-image:-webkit-gradient(linear,left 0,left 100%,from(#428bca),to(#3071a9));background-image:-webkit-linear-gradient(top,#428bca,0%,#3071a9,100%);background-image:-moz-linear-gradient(top,#428bca 0,#3071a9 100%);background-image:linear-gradient(to bottom,#428bca 0,#3071a9 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient
(startColorstr='#ff428bca',endColorstr='#ff3071a9',GradientType=0)}.progress-bar-success{background-image:-webkit-gradient(linear,left 0,left 100%,from(#5cb85c),to(#449d44));background-image:-webkit-linear-gradient(top,#5cb85c,0%,#449d44,100%);background-image:-moz-linear-gradient(top,#5cb85c 0,#449d44 100%);background-image:linear-gradient(to bottom,#5cb85c 0,#449d44 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5cb85c',endColorstr='#ff449d44',GradientType=0)}.progress-bar-info{background-image:-webkit-gradient(linear,left 0,left 100%,from(#5bc0de),to(#31b0d5));background-image:-webkit-linear-gradient(top,#5bc0de,0%,#31b0d5,100%);background-image:-moz-linear-gradient(top,#5bc0de 0,#31b0d5 100%);background-image:linear-gradient(to bottom,#5bc0de 0,#31b0d5 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff5bc0de',endColorstr='#ff31b0d5',GradientType=0)}.progress-bar-warning{backg
round-image:-webkit-gradient(linear,left 0,left 100%,from(#f0ad4e),to(#ec971f));background-image:-webkit-linear-gradient(top,#f0ad4e,0%,#ec971f,100%);background-image:-moz-linear-gradient(top,#f0ad4e 0,#ec971f 100%);background-image:linear-gradient(to bottom,#f0ad4e 0,#ec971f 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff0ad4e',endColorstr='#ffec971f',GradientType=0)}.progress-bar-danger{background-image:-webkit-gradient(linear,left 0,left 100%,from(#d9534f),to(#c9302c));background-image:-webkit-linear-gradient(top,#d9534f,0%,#c9302c,100%);background-image:-moz-linear-gradient(top,#d9534f 0,#c9302c 100%);background-image:linear-gradient(to bottom,#d9534f 0,#c9302c 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9534f',endColorstr='#ffc9302c',GradientType=0)}.list-group{border-radius:4px;-webkit-box-shadow:0 1px 2px rgba(0,0,0,0.075);box-shadow:0 1px 2px rgba(0,0,0,0.075)}.li
st-group-item.active,.list-group-item.active:hover,.list-group-item.active:focus{text-shadow:0 -1px 0 #3071a9;background-image:-webkit-gradient(linear,left 0,left 100%,from(#428bca),to(#3278b3));background-image:-webkit-linear-gradient(top,#428bca,0%,#3278b3,100%);background-image:-moz-linear-gradient(top,#428bca 0,#3278b3 100%);background-image:linear-gradient(to bottom,#428bca 0,#3278b3 100%);background-repeat:repeat-x;border-color:#3278b3;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca',endColorstr='#ff3278b3',GradientType=0)}.panel{-webkit-box-shadow:0 1px 2px rgba(0,0,0,0.05);box-shadow:0 1px 2px rgba(0,0,0,0.05)}.panel-default>.panel-heading{background-image:-webkit-gradient(linear,left 0,left 100%,from(#f5f5f5),to(#e8e8e8));background-image:-webkit-linear-gradient(top,#f5f5f5,0%,#e8e8e8,100%);background-image:-moz-linear-gradient(top,#f5f5f5 0,#e8e8e8 100%);background-image:linear-gradient(to bottom,#f5f5f5 0,#e8e8e8 100%);background-repeat:repeat-x
;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5',endColorstr='#ffe8e8e8',GradientType=0)}.panel-primary>.panel-heading{background-image:-webkit-gradient(linear,left 0,left 100%,from(#428bca),to(#357ebd));background-image:-webkit-linear-gradient(top,#428bca,0%,#357ebd,100%);background-image:-moz-linear-gradient(top,#428bca 0,#357ebd 100%);background-image:linear-gradient(to bottom,#428bca 0,#357ebd 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff428bca',endColorstr='#ff357ebd',GradientType=0)}.panel-success>.panel-heading{background-image:-webkit-gradient(linear,left 0,left 100%,from(#dff0d8),to(#d0e9c6));background-image:-webkit-linear-gradient(top,#dff0d8,0%,#d0e9c6,100%);background-image:-moz-linear-gradient(top,#dff0d8 0,#d0e9c6 100%);background-image:linear-gradient(to bottom,#dff0d8 0,#d0e9c6 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdff0d8
',endColorstr='#ffd0e9c6',GradientType=0)}.panel-info>.panel-heading{background-image:-webkit-gradient(linear,left 0,left 100%,from(#d9edf7),to(#c4e3f3));background-image:-webkit-linear-gradient(top,#d9edf7,0%,#c4e3f3,100%);background-image:-moz-linear-gradient(top,#d9edf7 0,#c4e3f3 100%);background-image:linear-gradient(to bottom,#d9edf7 0,#c4e3f3 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffd9edf7',endColorstr='#ffc4e3f3',GradientType=0)}.panel-warning>.panel-heading{background-image:-webkit-gradient(linear,left 0,left 100%,from(#fcf8e3),to(#faf2cc));background-image:-webkit-linear-gradient(top,#fcf8e3,0%,#faf2cc,100%);background-image:-moz-linear-gradient(top,#fcf8e3 0,#faf2cc 100%);background-image:linear-gradient(to bottom,#fcf8e3 0,#faf2cc 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fffcf8e3',endColorstr='#fffaf2cc',GradientType=0)}.panel-danger>.panel-heading{backgro
und-image:-webkit-gradient(linear,left 0,left 100%,from(#f2dede),to(#ebcccc));background-image:-webkit-linear-gradient(top,#f2dede,0%,#ebcccc,100%);background-image:-moz-linear-gradient(top,#f2dede 0,#ebcccc 100%);background-image:linear-gradient(to bottom,#f2dede 0,#ebcccc 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff2dede',endColorstr='#ffebcccc',GradientType=0)}.well{background-image:-webkit-gradient(linear,left 0,left 100%,from(#e8e8e8),to(#f5f5f5));background-image:-webkit-linear-gradient(top,#e8e8e8,0%,#f5f5f5,100%);background-image:-moz-linear-gradient(top,#e8e8e8 0,#f5f5f5 100%);background-image:linear-gradient(to bottom,#e8e8e8 0,#f5f5f5 100%);background-repeat:repeat-x;border-color:#dcdcdc;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffe8e8e8',endColorstr='#fff5f5f5',GradientType=0);-webkit-box-shadow:inset 0 1px 3px rgba(0,0,0,0.05),0 1px 0 rgba(255,255,255,0.1);box-shadow:inset 0 1px 3px rgba(0
,0,0,0.05),0 1px 0 rgba(255,255,255,0.1)}
\ No newline at end of file
[02/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java
deleted file mode 100644
index 81059c5..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentryShellHive.java
+++ /dev/null
@@ -1,608 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.tools;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.PrintStream;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-import com.google.common.io.Files;
-
-public class TestSentryShellHive extends SentryServiceIntegrationBase {
-
- private File confDir;
- private File confPath;
- private static String TEST_ROLE_NAME_1 = "testRole1";
- private static String TEST_ROLE_NAME_2 = "testRole2";
- private String requestorName = "";
-
- @Before
- public void prepareForTest() throws Exception {
- confDir = Files.createTempDir();
- confPath = new File(confDir, "sentry-site.xml");
- if (confPath.createNewFile()) {
- FileOutputStream to = new FileOutputStream(confPath);
- conf.writeXml(to);
- to.close();
- }
- requestorName = clientUgi.getShortUserName();
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorName, requestorUserGroupNames);
- // add ADMIN_USER for the after() in SentryServiceIntegrationBase
- setLocalGroupMapping(ADMIN_USER, requestorUserGroupNames);
- writePolicyFile();
- }
-
- @After
- public void clearTestData() throws Exception {
- FileUtils.deleteQuietly(confDir);
- }
-
- @Test
- public void testCreateDropRole() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // test: create role with -cr
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // test: create role with --create_role
- args = new String[] { "--create_role", "-r", TEST_ROLE_NAME_2, "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
-
- // validate the result, list roles with -lr
- args = new String[] { "-lr", "-conf", confPath.getAbsolutePath() };
- SentryShellHive sentryShell = new SentryShellHive();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // validate the result, list roles with --list_role
- args = new String[] { "--list_role", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // test: drop role with -dr
- args = new String[] { "-dr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // test: drop role with --drop_role
- args = new String[] { "--drop_role", "-r", TEST_ROLE_NAME_2, "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
-
- // validate the result
- Set<TSentryRole> roles = client.listRoles(requestorName);
- assertEquals("Incorrect number of roles", 0, roles.size());
- }
- });
- }
-
- @Test
- public void testAddDeleteRoleForGroup() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1);
- client.createRole(requestorName, TEST_ROLE_NAME_2);
- // test: add role to group with -arg
- String[] args = { "-arg", "-r", TEST_ROLE_NAME_1, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // test: add role to multiple groups
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_1, "-g", "testGroup2,testGroup3",
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // test: add role to group with --add_role_group
- args = new String[] { "--add_role_group", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1",
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
-
- // validate the result list roles with -lr and -g
- args = new String[] { "-lr", "-g", "testGroup1", "-conf", confPath.getAbsolutePath() };
- SentryShellHive sentryShell = new SentryShellHive();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
-
- // list roles with --list_role and -g
- args = new String[] { "--list_role", "-g", "testGroup2", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- args = new String[] { "--list_role", "-g", "testGroup3", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- // test: delete role from group with -drg
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_1, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // test: delete role to multiple groups
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_1, "-g", "testGroup2,testGroup3",
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // test: delete role from group with --delete_role_group
- args = new String[] { "--delete_role_group", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1",
- "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
-
- // validate the result
- Set<TSentryRole> roles = client.listRolesByGroupName(requestorName, "testGroup1");
- assertEquals("Incorrect number of roles", 0, roles.size());
- roles = client.listRolesByGroupName(requestorName, "testGroup2");
- assertEquals("Incorrect number of roles", 0, roles.size());
- roles = client.listRolesByGroupName(requestorName, "testGroup3");
- assertEquals("Incorrect number of roles", 0, roles.size());
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1);
- client.dropRole(requestorName, TEST_ROLE_NAME_2);
- }
- });
- }
-
- @Test
- public void testGrantRevokePrivilegeWithShortOption() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1);
- client.createRole(requestorName, TEST_ROLE_NAME_2);
-
- // test: grant privilege to role with -gpr
- String[] args = { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->action=*",
- "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->action=select", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col2->action=insert->grantoption=true",
- "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // for the uri privilege, the action will be awalys *
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->uri=hdfs://path/testuri", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
-
- // test the list privilege with -lp
- args = new String[] { "-lp", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellHive sentryShell = new SentryShellHive();
- Set<String> privilegeStrs = getShellResultWithOSRedirect(sentryShell, args, true);
- // validate the result for -lp
- assertEquals("Incorrect number of privileges", 6, privilegeStrs.size());
- assertTrue(privilegeStrs.contains("server=server1->action=*"));
- assertTrue(privilegeStrs.contains("server=server1->db=db1->action=select"));
- assertTrue(privilegeStrs.contains("server=server1->db=db1->table=tbl1->action=insert"));
- assertTrue(privilegeStrs
- .contains("server=server1->db=db1->table=tbl1->column=col1->action=insert"));
- assertTrue(privilegeStrs
- .contains("server=server1->db=db1->table=tbl1->column=col2->action=insert->grantoption=true"));
- // for the uri privilege, the action will be awalys *
- assertTrue(privilegeStrs.contains("server=server1->uri=hdfs://path/testuri->action=*"));
-
- // test: revoke privilege from role with -rpr
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorName,
- TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 5, privileges.size());
-
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col2->action=insert->grantoption=true",
- "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 4, privileges.size());
-
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->uri=hdfs://path/testuri", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 3, privileges.size());
-
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 2, privileges.size());
-
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->action=select", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 1, privileges.size());
-
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-p", "server=server1->action=*",
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 0, privileges.size());
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1);
- client.dropRole(requestorName, TEST_ROLE_NAME_2);
- }
- });
- }
-
- @Test
- public void testGrantRevokePrivilegeWithLongOption() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1);
- client.createRole(requestorName, TEST_ROLE_NAME_2);
-
- // test: grant privilege to role with -gpr
- String[] args = { "--grant_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->action=*", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "--grant_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->action=select", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "--grant_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "--grant_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- args = new String[] { "--grant_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col2->action=insert->grantoption=true",
- "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- // for the uri privilege, the action will be awalys *
- args = new String[] { "--grant_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->uri=hdfs://path/testuri", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
-
- // test the list privilege with -lp
- args = new String[] { "--list_privilege", "-r", TEST_ROLE_NAME_1, "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive sentryShell = new SentryShellHive();
- Set<String> privilegeStrs = getShellResultWithOSRedirect(sentryShell, args, true);
- // validate the result for -lp
- assertEquals("Incorrect number of privileges", 6, privilegeStrs.size());
- assertTrue(privilegeStrs.contains("server=server1->action=*"));
- assertTrue(privilegeStrs.contains("server=server1->db=db1->action=select"));
- assertTrue(privilegeStrs.contains("server=server1->db=db1->table=tbl1->action=insert"));
- assertTrue(privilegeStrs
- .contains("server=server1->db=db1->table=tbl1->column=col1->action=insert"));
- assertTrue(privilegeStrs
- .contains("server=server1->db=db1->table=tbl1->column=col2->action=insert->grantoption=true"));
- // for the uri privilege, the action will be awalys *
- assertTrue(privilegeStrs.contains("server=server1->uri=hdfs://path/testuri->action=*"));
-
- // test: revoke privilege from role with -rpr
- args = new String[] { "--revoke_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorName,
- TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 5, privileges.size());
-
- args = new String[] { "--revoke_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->column=col2->action=insert->grantoption=true",
- "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 4, privileges.size());
-
- args = new String[] { "--revoke_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->uri=hdfs://path/testuri", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 3, privileges.size());
-
- args = new String[] { "--revoke_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->table=tbl1->action=insert", "-conf",
- confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 2, privileges.size());
-
- args = new String[] { "--revoke_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->db=db1->action=select", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 1, privileges.size());
-
- args = new String[] { "--revoke_privilege_role", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->action=*", "-conf", confPath.getAbsolutePath() };
- SentryShellHive.main(args);
- privileges = client.listAllPrivilegesByRoleName(requestorName, TEST_ROLE_NAME_1);
- assertEquals("Incorrect number of privileges", 0, privileges.size());
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1);
- client.dropRole(requestorName, TEST_ROLE_NAME_2);
- }
- });
- }
-
- @Test
- public void testNegativeCaseWithInvalidArgument() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- client.createRole(requestorName, TEST_ROLE_NAME_1);
- // test: create duplicate role with -cr
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellHive sentryShell = new SentryShellHive();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for creating duplicate role");
- } catch (SentryUserException e) {
- // excepted exception
- }
-
- // test: drop non-exist role with -dr
- args = new String[] { "-dr", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for dropping non-exist role");
- } catch (SentryUserException e) {
- // excepted exception
- }
-
- // test: add non-exist role to group with -arg
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for granting non-exist role to group");
- } catch (SentryUserException e) {
- // excepted exception
- }
-
- // test: drop group from non-exist role with -drg
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for drop group from non-exist role");
- } catch (SentryUserException e) {
- // excepted exception
- }
-
- // test: grant privilege to role with the error privilege format
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p", "serverserver1->action=*",
- "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for the error privilege format, invalid key value.");
- } catch (IllegalArgumentException e) {
- // excepted exception
- }
-
- // test: grant privilege to role with the error privilege hierarchy
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->table=tbl1->column=col2->action=insert", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for the error privilege format, invalid key value.");
- } catch (IllegalArgumentException e) {
- // excepted exception
- }
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1);
- }
- });
- }
-
- @Test
- public void testNegativeCaseWithoutRequiredArgument() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String strOptionConf = "conf";
- client.createRole(requestorName, TEST_ROLE_NAME_1);
- // test: the conf is required argument
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1 };
- SentryShellHive sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + strOptionConf);
-
- // test: -r is required when create role
- args = new String[] { "-cr", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -r is required when drop role
- args = new String[] { "-dr", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -r is required when add role to group
- args = new String[] { "-arg", "-g", "testGroup1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -g is required when add role to group
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_GROUP_NAME);
-
- // test: -r is required when delete role from group
- args = new String[] { "-drg", "-g", "testGroup1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -g is required when delete role from group
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_GROUP_NAME);
-
- // test: -r is required when grant privilege to role
- args = new String[] { "-gpr", "-p", "server=server1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -p is required when grant privilege to role
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_PRIVILEGE);
-
- // test: -r is required when revoke privilege from role
- args = new String[] { "-rpr", "-p", "server=server1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -p is required when revoke privilege from role
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_PRIVILEGE);
-
- // test: command option is required for shell
- args = new String[] {"-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellHive();
- validateMissingParameterMsgsContains(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + "[",
- "-arg Add role to group",
- "-cr Create role",
- "-rpr Revoke privilege from role",
- "-drg Delete role from group",
- "-lr List role",
- "-lp List privilege",
- "-gpr Grant privilege to role",
- "-dr Drop role");
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1);
- }
- });
- }
-
- // redirect the System.out to ByteArrayOutputStream, then execute the command and parse the result.
- private Set<String> getShellResultWithOSRedirect(SentryShellHive sentryShell,
- String[] args, boolean exceptedExecuteResult) throws Exception {
- PrintStream oldOut = System.out;
- ByteArrayOutputStream outContent = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outContent));
- assertEquals(exceptedExecuteResult, sentryShell.executeShell(args));
- Set<String> resultSet = Sets.newHashSet(outContent.toString().split("\n"));
- System.setOut(oldOut);
- return resultSet;
- }
-
- private void validateRoleNames(Set<String> roleNames, String ... expectedRoleNames) {
- if (expectedRoleNames != null && expectedRoleNames.length > 0) {
- assertEquals("Found: " + roleNames.size() + " roles, expected: " + expectedRoleNames.length,
- expectedRoleNames.length, roleNames.size());
- Set<String> lowerCaseRoles = new HashSet<String>();
- for (String role : roleNames) {
- lowerCaseRoles.add(role.toLowerCase());
- }
-
- for (String expectedRole : expectedRoleNames) {
- assertTrue("Expected role: " + expectedRole,
- lowerCaseRoles.contains(expectedRole.toLowerCase()));
- }
- }
- }
-
- private void validateMissingParameterMsg(SentryShellHive sentryShell, String[] args,
- String exceptedErrorMsg) throws Exception {
- Set<String> errorMsgs = getShellResultWithOSRedirect(sentryShell, args, false);
- assertTrue(errorMsgs.contains(exceptedErrorMsg));
- }
-
- private void validateMissingParameterMsgsContains(SentryShellHive sentryShell, String[] args,
- String ... expectedErrorMsgsContains) throws Exception {
- Set<String> errorMsgs = getShellResultWithOSRedirect(sentryShell, args, false);
- boolean foundAllMessages = false;
- Iterator<String> it = errorMsgs.iterator();
- while (it.hasNext()) {
- String errorMessage = it.next();
- boolean missingExpected = false;
- for (String expectedContains : expectedErrorMsgsContains) {
- if (!errorMessage.contains(expectedContains)) {
- missingExpected = true;
- break;
- }
- }
- if (!missingExpected) {
- foundAllMessages = true;
- break;
- }
- }
- assertTrue(foundAllMessages);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
deleted file mode 100644
index cb2d9c9..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
+++ /dev/null
@@ -1,355 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.service.thrift;
-import java.io.File;
-import java.security.PrivilegedExceptionAction;
-import java.util.Properties;
-import java.util.Set;
-import java.util.concurrent.TimeoutException;
-
-
-import com.google.common.io.Resources;
-import org.apache.commons.io.FileUtils;
-import org.apache.curator.test.TestingServer;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.minikdc.MiniKdc;
-import org.apache.hadoop.net.NetUtils;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.provider.db.service.persistent.HAContext;
-import org.apache.sentry.provider.db.service.thrift.SentryMiniKdcTestcase;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.zookeeper.server.ZooKeeperSaslServer;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Strings;
-import com.google.common.io.Files;
-
-public abstract class SentryServiceIntegrationBase extends SentryMiniKdcTestcase {
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryServiceIntegrationBase.class);
-
- protected static final String SERVER_HOST = NetUtils.createSocketAddr("localhost:80").getAddress().getCanonicalHostName();
- protected static final String REALM = "EXAMPLE.COM";
- protected static final String SERVER_PRINCIPAL = "sentry/" + SERVER_HOST;
- protected static String SERVER_KERBEROS_NAME = "sentry/" + SERVER_HOST + "@" + REALM;
- protected static final String HTTP_PRINCIPAL = "HTTP/" + SERVER_HOST;
- protected static final String CLIENT_PRINCIPAL = "hive/" + SERVER_HOST;
- protected static final String CLIENT_KERBEROS_SHORT_NAME = "hive";
- protected static final String CLIENT_KERBEROS_NAME = CLIENT_KERBEROS_SHORT_NAME
- + "/" + SERVER_HOST + "@" + REALM;
- protected static final String ADMIN_USER = "admin_user";
- protected static final String ADMIN_GROUP = "admin_group";
-
- protected static SentryService server;
- protected SentryPolicyServiceClient client;
- protected static MiniKdc kdc;
- protected static File kdcWorkDir;
- protected static File dbDir;
- protected static File serverKeytab;
- protected static File httpKeytab;
- protected static File clientKeytab;
- protected static UserGroupInformation clientUgi;
- protected static boolean kerberos;
- protected final static Configuration conf = new Configuration(false);
- protected PolicyFile policyFile;
- protected File policyFilePath;
- protected static Properties kdcConfOverlay = new Properties();
-
- protected static boolean haEnabled = false;
- protected static final String ZK_SERVER_PRINCIPAL = "zookeeper/" + SERVER_HOST;
- protected static TestingServer zkServer;
-
- private static File ZKKeytabFile;
-
- protected static boolean webServerEnabled = false;
- protected static int webServerPort = ServerConfig.SENTRY_WEB_PORT_DEFAULT;
- protected static boolean webSecurity = false;
-
- protected static boolean pooled = false;
-
- protected static boolean useSSL = false;
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- private static void setupKdc() throws Exception {
- startMiniKdc(kdcConfOverlay);
- }
-
- public static void startSentryService() throws Exception {
- server.start();
- final long start = System.currentTimeMillis();
- while(!server.isRunning()) {
- Thread.sleep(1000);
- if(System.currentTimeMillis() - start > 60000L) {
- throw new TimeoutException("Server did not start after 60 seconds");
- }
- }
- }
-
- public void stopSentryService() throws Exception {
- server.stop();
- Thread.sleep(30000);
- }
-
- public static void setupConf() throws Exception {
- if (kerberos) {
- setupKdc();
- kdc = getKdc();
- kdcWorkDir = getWorkDir();
- serverKeytab = new File(kdcWorkDir, "server.keytab");
- clientKeytab = new File(kdcWorkDir, "client.keytab");
- kdc.createPrincipal(serverKeytab, SERVER_PRINCIPAL);
- kdc.createPrincipal(clientKeytab, CLIENT_PRINCIPAL);
- conf.set(ServerConfig.PRINCIPAL, getServerKerberosName());
- conf.set(ServerConfig.KEY_TAB, serverKeytab.getPath());
- conf.set(ServerConfig.ALLOW_CONNECT, CLIENT_KERBEROS_SHORT_NAME);
- conf.set(ServerConfig.SERVER_HA_ZOOKEEPER_CLIENT_PRINCIPAL,
- getServerKerberosName());
- conf.set(ServerConfig.SERVER_HA_ZOOKEEPER_CLIENT_KEYTAB,
- serverKeytab.getPath());
-
- conf.set(ServerConfig.SECURITY_USE_UGI_TRANSPORT, "true");
- conf.set("hadoop.security.authentication", "kerberos");
- UserGroupInformation.setConfiguration(conf);
- UserGroupInformation.loginUserFromKeytab(CLIENT_PRINCIPAL, clientKeytab.getPath());
- clientUgi = UserGroupInformation.getLoginUser();
- } else {
- LOGGER.info("Stopped KDC");
- conf.set(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_NONE);
- }
- if (haEnabled) {
- zkServer = getZKServer();
- conf.set(ServerConfig.SENTRY_HA_ENABLED, "true");
- conf.set(ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM, zkServer.getConnectString());
- conf.set(ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE, "sentry-test-case");
- if (kerberos) {
- conf.set(ServerConfig.SENTRY_HA_ZOOKEEPER_SECURITY, "true");
- }
- }
- if (webServerEnabled) {
- conf.set(ServerConfig.SENTRY_WEB_ENABLE, "true");
- conf.set(ServerConfig.SENTRY_WEB_PORT, String.valueOf(webServerPort));
- if (webSecurity) {
- httpKeytab = new File(kdcWorkDir, "http.keytab");
- kdc.createPrincipal(httpKeytab, HTTP_PRINCIPAL);
- conf.set(ServerConfig.SENTRY_WEB_SECURITY_TYPE,
- ServerConfig.SENTRY_WEB_SECURITY_TYPE_KERBEROS);
- conf.set(ServerConfig.SENTRY_WEB_SECURITY_PRINCIPAL, HTTP_PRINCIPAL);
- conf.set(ServerConfig.SENTRY_WEB_SECURITY_KEYTAB, httpKeytab.getPath());
- } else {
- conf.set(ServerConfig.SENTRY_WEB_SECURITY_TYPE,
- ServerConfig.SENTRY_WEB_SECURITY_TYPE_NONE);
- }
- } else {
- conf.set(ServerConfig.SENTRY_WEB_ENABLE, "false");
- }
- if (pooled) {
- conf.set(ClientConfig.SENTRY_POOL_ENABLED, "true");
- }
- if (useSSL) {
- conf.set(ServerConfig.SENTRY_WEB_USE_SSL, "true");
- conf.set(ServerConfig.SENTRY_WEB_SSL_KEYSTORE_PATH,
- Resources.getResource("keystore.jks").getPath());
- conf.set(ServerConfig.SENTRY_WEB_SSL_KEYSTORE_PASSWORD, "password");
- }
- conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
- conf.set(ServerConfig.ADMIN_GROUPS, ADMIN_GROUP);
- conf.set(ServerConfig.RPC_ADDRESS, SERVER_HOST);
- conf.set(ServerConfig.RPC_PORT, String.valueOf(0));
- dbDir = new File(Files.createTempDir(), "sentry_policy_db");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
- "jdbc:derby:;databaseName=" + dbDir.getPath() + ";create=true");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
- server = new SentryServiceFactory().create(conf);
- conf.set(ClientConfig.SERVER_RPC_ADDRESS, server.getAddress().getHostName());
- conf.set(ClientConfig.SERVER_RPC_PORT, String.valueOf(server.getAddress().getPort()));
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING,
- ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING);
- }
-
- @Before
- public void before() throws Exception {
- policyFilePath = new File(dbDir, "local_policy_file.ini");
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
- policyFilePath.getPath());
- policyFile = new PolicyFile();
- connectToSentryService();
- }
-
- @After
- public void after() {
- try {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- if (client != null) {
- Set<TSentryRole> tRoles = client.listRoles(ADMIN_USER);
- if (tRoles != null) {
- for (TSentryRole tRole : tRoles) {
- client.dropRole(ADMIN_USER, tRole.getRoleName());
- }
- }
- client.close();
- }
- }
- });
- } catch (Exception e) {
- LOGGER.error(e.getMessage(), e);
- } finally {
- policyFilePath.delete();
- }
- }
-
- public void connectToSentryService() throws Exception {
- if (kerberos) {
- client = clientUgi.doAs(new PrivilegedExceptionAction<SentryPolicyServiceClient>() {
- @Override
- public SentryPolicyServiceClient run() throws Exception {
- return SentryServiceClientFactory.create(conf);
- }
- });
- } else {
- client = SentryServiceClientFactory.create(conf);
- }
- }
-
- @AfterClass
- public static void tearDown() throws Exception {
- beforeTeardown();
-
- if(server != null) {
- server.stop();
- }
- if (dbDir != null) {
- FileUtils.deleteQuietly(dbDir);
- }
- stopMiniKdc();
- afterTeardown();
- }
-
- public static String getServerKerberosName() {
- return SERVER_KERBEROS_NAME;
- }
-
- public static void beforeSetup() throws Exception {
-
- }
- public static void afterSetup() throws Exception {
-
- }
- public static void beforeTeardown() throws Exception {
-
- }
- public static void afterTeardown() throws Exception {
-
- }
- protected static void assertOK(TSentryResponseStatus resp) {
- assertStatus(Status.OK, resp);
- }
-
- protected static void assertStatus(Status status, TSentryResponseStatus resp) {
- if (resp.getValue() != status.getCode()) {
- String message = "Expected: " + status + ", Response: " + Status.fromCode(resp.getValue())
- + ", Code: " + resp.getValue() + ", Message: " + resp.getMessage();
- String stackTrace = Strings.nullToEmpty(resp.getStack()).trim();
- if (!stackTrace.isEmpty()) {
- message += ", StackTrace: " + stackTrace;
- }
- Assert.fail(message);
- }
- }
-
- protected void setLocalGroupMapping(String user, Set<String> groupSet) {
- for (String group : groupSet) {
- policyFile.addGroupsToUser(user, group);
- }
- }
-
- protected void writePolicyFile() throws Exception {
- policyFile.write(policyFilePath);
- }
-
- protected static TestingServer getZKServer() throws Exception {
- if (!kerberos) {
- LOGGER.info("Creating a non-security ZooKeeper Server.");
- return new TestingServer();
- } else {
- LOGGER.info("Creating a security ZooKeeper Server.");
- // Not entirely sure exactly what "javax.security.auth.useSubjectCredsOnly=false" does, but it has something to do with
- // re-authenticating in cases where it otherwise wouldn't. One of the sections on this page briefly mentions it:
- // http://docs.oracle.com/javase/7/docs/technotes/guides/security/jgss/tutorials/Troubleshooting.html
- System.setProperty("javax.security.auth.useSubjectCredsOnly", "false");
-
- // Setup KDC and principal
- kdc = getKdc();
- ZKKeytabFile = new File(kdcWorkDir, "test.keytab");
- kdc.createPrincipal(ZKKeytabFile, ZK_SERVER_PRINCIPAL);
-
- System.setProperty("zookeeper.authProvider.1", "org.apache.zookeeper.server.auth.SASLAuthenticationProvider");
- System.setProperty("zookeeper.kerberos.removeHostFromPrincipal", "true");
- System.setProperty("zookeeper.kerberos.removeRealmFromPrincipal", "true");
-
- JaasConfiguration.addEntryForKeytab("Server", ZK_SERVER_PRINCIPAL, ZKKeytabFile.getAbsolutePath());
- // Here's where we add the "Client" to the jaas configuration, even though we'd like not to
- JaasConfiguration.addEntryForKeytab(HAContext.SENTRY_ZK_JAAS_NAME,
- SERVER_KERBEROS_NAME, serverKeytab.getAbsolutePath());
- javax.security.auth.login.Configuration.setConfiguration(JaasConfiguration.getInstance());
-
- System.setProperty(ZooKeeperSaslServer.LOGIN_CONTEXT_NAME_KEY, "Server");
-
- return new TestingServer();
- }
-
- }
-
- protected void runTestAsSubject(final TestOperation test) throws Exception {
- /*if (false) {
- clientUgi.doAs(new PrivilegedExceptionAction<Void>() {
- @Override
- public Void run() throws Exception {
- test.runTestAsSubject();
- return null;
- }});
- } else {
- */ test.runTestAsSubject();
- //}
- }
-
- protected interface TestOperation {
- void runTestAsSubject() throws Exception;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/resources/cacerts.jks
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/resources/cacerts.jks b/sentry-provider/sentry-provider-db/src/test/resources/cacerts.jks
deleted file mode 100644
index 6ac6495..0000000
Binary files a/sentry-provider/sentry-provider-db/src/test/resources/cacerts.jks and /dev/null differ
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/resources/keystore.jks
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/resources/keystore.jks b/sentry-provider/sentry-provider-db/src/test/resources/keystore.jks
deleted file mode 100644
index a6beece..0000000
Binary files a/sentry-provider/sentry-provider-db/src/test/resources/keystore.jks and /dev/null differ
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/resources/log4j.properties
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/resources/log4j.properties b/sentry-provider/sentry-provider-db/src/test/resources/log4j.properties
deleted file mode 100644
index 9766758..0000000
--- a/sentry-provider/sentry-provider-db/src/test/resources/log4j.properties
+++ /dev/null
@@ -1,34 +0,0 @@
-#
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-
-# Define some default values that can be overridden by system properties.
-#
-# For testing, it may also be convenient to specify
-
-log4j.rootLogger=DEBUG,console
-
-log4j.appender.console=org.apache.log4j.ConsoleAppender
-log4j.appender.console.target=System.err
-log4j.appender.console.layout=org.apache.log4j.PatternLayout
-log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n
-
-log4j.logger.org.apache.hadoop.conf.Configuration=INFO
-log4j.logger.org.apache.hadoop.metrics2=INFO
-log4j.logger.org.apache.directory=INFO
-log4j.logger.org.apache.directory.api.ldap.model.entry.AbstractValue=WARN
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/resources/solr_case.ini
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/resources/solr_case.ini b/sentry-provider/sentry-provider-db/src/test/resources/solr_case.ini
deleted file mode 100644
index fbbebfc..0000000
--- a/sentry-provider/sentry-provider-db/src/test/resources/solr_case.ini
+++ /dev/null
@@ -1,26 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-[groups]
-groupa = RoLe1
-groupb = rOlE1
-groupc = ROLE2
-
-[roles]
-RoLe1 = collection=*
-rOlE1 = collection=*
-ROLE2 = collection=*
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/resources/solr_config_import_tool.ini
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/resources/solr_config_import_tool.ini b/sentry-provider/sentry-provider-db/src/test/resources/solr_config_import_tool.ini
deleted file mode 100644
index da7df4c..0000000
--- a/sentry-provider/sentry-provider-db/src/test/resources/solr_config_import_tool.ini
+++ /dev/null
@@ -1,29 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-[groups]
-corporal = corporal_role
-sergeant = corporal_role, sergeant_role
-general = corporal_role, sergeant_role, general_role
-commander_in_chief = corporal_role, sergeant_role, general_role, commander_in_chief_role
-
-[roles]
-corporal_role = collection=info->action=query, \
- collection=info->action=update
-sergeant_role = collection=info->action=update
-general_role = collection=info->action=*
-commander_in_chief_role = collection=*
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/resources/solr_invalid.ini
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/resources/solr_invalid.ini b/sentry-provider/sentry-provider-db/src/test/resources/solr_invalid.ini
deleted file mode 100644
index 03083a7..0000000
--- a/sentry-provider/sentry-provider-db/src/test/resources/solr_invalid.ini
+++ /dev/null
@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-[groups]
-
-[roles]
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-file/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/pom.xml b/sentry-provider/sentry-provider-file/pom.xml
index 04f38d8..25db036 100644
--- a/sentry-provider/sentry-provider-file/pom.xml
+++ b/sentry-provider/sentry-provider-file/pom.xml
@@ -29,11 +29,6 @@ limitations under the License.
<dependencies>
<dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-common</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<scope>test</scope>
@@ -43,14 +38,6 @@ limitations under the License.
<artifactId>log4j</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-core</artifactId>
- </dependency>
- <dependency>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- </dependency>
- <dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
@@ -60,10 +47,6 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-common</artifactId>
</dependency>
</dependencies>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupMappingService.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupMappingService.java
index dec47c2..eb23ff1 100644
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupMappingService.java
+++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupMappingService.java
@@ -26,8 +26,8 @@ import java.util.Set;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.FileSystem;
import org.apache.hadoop.fs.Path;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.provider.common.GroupMappingService;
import org.apache.sentry.core.common.utils.PolicyFileConstants;
import org.apache.sentry.core.common.exception.SentryGroupNotFoundException;
import org.apache.shiro.config.Ini;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java
deleted file mode 100644
index 6a77827..0000000
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFile.java
+++ /dev/null
@@ -1,202 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.file;
-
-import static org.apache.sentry.core.common.utils.PolicyFileConstants.DATABASES;
-import static org.apache.sentry.core.common.utils.PolicyFileConstants.GROUPS;
-import static org.apache.sentry.core.common.utils.PolicyFileConstants.ROLES;
-import static org.apache.sentry.core.common.utils.PolicyFileConstants.USERS;
-
-import java.io.File;
-import java.util.Collection;
-import java.util.List;
-import java.util.Map;
-import java.util.Map.Entry;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Charsets;
-import com.google.common.base.Joiner;
-import com.google.common.collect.ArrayListMultimap;
-import com.google.common.collect.Lists;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Multimap;
-import com.google.common.io.Files;
-
-/**
- * PolicyFile creator. Written specifically to be used with tests. Specifically
- * due to the fact that methods that would typically return true or false to
- * indicate success or failure these methods throw an unchecked exception.
- * This is because in a test if you mean to remove a user from the policy file,
- * the user should absolutely be there. If not, the test is mis-behaving.
- */
-@VisibleForTesting
-public class PolicyFile {
-
- private static final Logger LOGGER = LoggerFactory
- .getLogger(PolicyFile.class);
-
- private static final String NL = System.getProperty("line.separator", "\n");
-
- private final Map<String, String> databasesToPolicyFiles = Maps.newHashMap();
- private final Multimap<String, String> usersToGroups = ArrayListMultimap.create();
- private final Multimap<String, String> groupsToRoles = ArrayListMultimap
- .create();
- private final Multimap<String, String> rolesToPermissions = ArrayListMultimap
- .create();
-
- public Multimap<String, String> getGroupsToRoles() {
- return groupsToRoles;
- }
- public Multimap<String, String> getRolesToPermissions() {
- return rolesToPermissions;
- }
- public PolicyFile addRolesToGroup(String groupName, String... roleNames)
- throws Exception {
- return addRolesToGroup(groupName, false, roleNames);
- }
- public PolicyFile addRolesToGroup(String groupName, boolean allowDuplicates, String... roleNames) {
- return add(groupsToRoles.get(groupName), allowDuplicates, roleNames);
- }
- public PolicyFile addPermissionsToRole(String roleName, String... permissionNames) {
- return addPermissionsToRole(roleName, false, permissionNames);
- }
- public PolicyFile addPermissionsToRole(String roleName, boolean allowDuplicates, String... permissionNames) {
- return add(rolesToPermissions.get(roleName), allowDuplicates, permissionNames);
- }
- public PolicyFile addGroupsToUser(String userName, String... groupNames) {
- LOGGER.warn("Static user:group mapping is not being used");
- return addGroupsToUser(userName, false, groupNames);
- }
- public PolicyFile addGroupsToUser(String userName, boolean allowDuplicates, String... groupNames) {
- LOGGER.warn("Static user:group mapping is not being used");
- return add(usersToGroups.get(userName), allowDuplicates, groupNames);
- }
- public PolicyFile setUserGroupMapping(Map<String, String> mapping) {
- for (Entry<String, String> entry : mapping.entrySet()) {
- usersToGroups.put(entry.getKey(), entry.getValue());
- }
- return this;
- }
- public PolicyFile addDatabase(String databaseName, String path) {
- String oldPath = databasesToPolicyFiles.put(databaseName, path);
- if (oldPath != null) {
- throw new IllegalStateException("Database " + databaseName + " already existed in " +
- databasesToPolicyFiles + " with value of " + oldPath);
- }
- databasesToPolicyFiles.put(databaseName, path);
- return this;
- }
- public PolicyFile removeRolesFromGroup(String groupName, String... roleNames) {
- return remove(groupsToRoles.get(groupName), roleNames);
- }
- public PolicyFile removePermissionsFromRole(String roleName, String... permissionNames) {
- return remove(rolesToPermissions.get(roleName), permissionNames);
- }
- public PolicyFile removeGroupsFromUser(String userName, String... groupNames) {
- LOGGER.warn("Static user:group mapping is not being used");
- return remove(usersToGroups.get(userName), groupNames);
- }
- public PolicyFile removeDatabase(String databaseName) {
- if(databasesToPolicyFiles.remove(databaseName) == null) {
- throw new IllegalStateException("Database " + databaseName + " did not exist in " +
- databasesToPolicyFiles);
- }
- return this;
- }
- public PolicyFile copy() {
- PolicyFile other = new PolicyFile();
- other.databasesToPolicyFiles.putAll(databasesToPolicyFiles);
- other.usersToGroups.putAll(usersToGroups);
- other.groupsToRoles.putAll(groupsToRoles);
- other.rolesToPermissions.putAll(rolesToPermissions);
- return other;
- }
-
- public void write(File clientFile, File serverFile) throws Exception {
- write(clientFile);
- write(serverFile);
- }
-
- public void write(File file) throws Exception {
- if(file.exists() && !file.delete()) {
- throw new IllegalStateException("Unable to delete " + file);
- }
- String contents = Joiner.on(NL)
- .join(getSection(DATABASES, databasesToPolicyFiles),
- getSection(USERS, usersToGroups),
- getSection(GROUPS, groupsToRoles),
- getSection(ROLES, rolesToPermissions),
- "");
- LOGGER.info("Writing policy file to " + file + ":\n" + contents);
- Files.write(contents, file, Charsets.UTF_8);
- }
-
- private String getSection(String name, Map<String, String> mapping) {
- if(mapping.isEmpty()) {
- return "";
- }
- Joiner kvJoiner = Joiner.on(" = ");
- List<String> lines = Lists.newArrayList();
- lines.add("[" + name + "]");
- for (Entry<String, String> entry : mapping.entrySet()) {
- lines.add(kvJoiner.join(entry.getKey(), entry.getValue()));
- }
- return Joiner.on(NL).join(lines);
- }
- private String getSection(String name, Multimap<String, String> mapping) {
- if(mapping.isEmpty()) {
- return "";
- }
- Joiner kvJoiner = Joiner.on(" = ");
- Joiner itemJoiner = Joiner.on(" , ");
- List<String> lines = Lists.newArrayList();
- lines.add("[" + name + "]");
- for(String key : mapping.keySet()) {
- lines.add(kvJoiner.join(key, itemJoiner.join(mapping.get(key))));
- }
- return Joiner.on(NL).join(lines);
- }
-
- private PolicyFile remove(Collection<String> exitingItems, String[] newItems) {
- for(String newItem : newItems) {
- if(!exitingItems.remove(newItem)) {
- throw new IllegalStateException("Item " + newItem + " did not exist in " + exitingItems);
- }
- }
- return this;
- }
- private PolicyFile add(Collection<String> exitingItems, boolean allowDuplicates, String[] newItems) {
- for(String newItem : newItems) {
- if(exitingItems.contains(newItem) && !allowDuplicates) {
- throw new IllegalStateException("Item " + newItem + " already exists in " + exitingItems);
- }
- exitingItems.add(newItem);
- }
- return this;
- }
-
- //User:Group mapping for the admin user needs to be set separately
- public static PolicyFile setAdminOnServer1(String admin) throws Exception {
- return new PolicyFile()
- .addRolesToGroup(admin, "admin_role")
- .addPermissionsToRole("admin_role", "server=server1");
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-service/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-service/pom.xml b/sentry-service/pom.xml
new file mode 100644
index 0000000..4bcb7f1
--- /dev/null
+++ b/sentry-service/pom.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry</artifactId>
+ <version>1.8.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>sentry-service</artifactId>
+ <name>Sentry Service</name>
+ <packaging>pom</packaging>
+
+ <modules>
+ <module>sentry-service-common</module>
+ <module>sentry-service-server</module>
+ <module>sentry-service-client</module>
+ </modules>
+
+</project>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-service/sentry-service-client/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-client/pom.xml b/sentry-service/sentry-service-client/pom.xml
new file mode 100644
index 0000000..fc37c5e
--- /dev/null
+++ b/sentry-service/sentry-service-client/pom.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <modelVersion>4.0.0</modelVersion>
+ <parent>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service</artifactId>
+ <version>1.8.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>sentry-service-client</artifactId>
+ <name>Sentry Service Client</name>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-common</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-core-model-kafka</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-core-model-db</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-core-model-search</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-provider-file</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.commons</groupId>
+ <artifactId>commons-pool2</artifactId>
+ </dependency>
+ </dependencies>
+
+</project>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java b/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
new file mode 100644
index 0000000..11cdee7
--- /dev/null
+++ b/sentry-service/sentry-service-client/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
@@ -0,0 +1,196 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db.generic.service.thrift;
+
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.sentry.core.common.exception.SentryUserException;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.Authorizable;
+
+public interface SentryGenericServiceClient {
+
+ /**
+ * Create a sentry role
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @throws SentryUserException
+ */
+ void createRole(String requestorUserName, String roleName,
+ String component) throws SentryUserException;
+
+ void createRoleIfNotExist(String requestorUserName,
+ String roleName, String component) throws SentryUserException;
+
+ /**
+ * Drop a sentry role
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @throws SentryUserException
+ */
+ void dropRole(String requestorUserName, String roleName,
+ String component) throws SentryUserException;
+
+ void dropRoleIfExists(String requestorUserName, String roleName,
+ String component) throws SentryUserException;
+
+ /**
+ * add a sentry role to groups.
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param groups: The name of groups
+ * @throws SentryUserException
+ */
+ void addRoleToGroups(String requestorUserName, String roleName,
+ String component, Set<String> groups) throws SentryUserException;
+
+ /**
+ * delete a sentry role from groups.
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param groups: The name of groups
+ * @throws SentryUserException
+ */
+ void deleteRoleToGroups(String requestorUserName, String roleName,
+ String component, Set<String> groups) throws SentryUserException;
+
+ /**
+ * grant privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param privilege
+ * @throws SentryUserException
+ */
+ void grantPrivilege(String requestorUserName, String roleName,
+ String component, TSentryPrivilege privilege) throws SentryUserException;
+
+ /**
+ * revoke privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName: Name of the role
+ * @param component: The request is issued to which component
+ * @param privilege
+ * @throws SentryUserException
+ */
+ void revokePrivilege(String requestorUserName, String roleName,
+ String component, TSentryPrivilege privilege) throws SentryUserException;
+
+ /**
+ * drop privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param component: The request is issued to which component
+ * @param privilege
+ * @throws SentryUserException
+ */
+ void dropPrivilege(String requestorUserName,String component,
+ TSentryPrivilege privilege) throws SentryUserException;
+
+ /**
+ * rename privilege
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param component: The request is issued to which component
+ * @param serviceName: The Authorizable belongs to which service
+ * @param oldAuthorizables
+ * @param newAuthorizables
+ * @throws SentryUserException
+ */
+ void renamePrivilege(String requestorUserName, String component,
+ String serviceName, List<? extends Authorizable> oldAuthorizables,
+ List<? extends Authorizable> newAuthorizables) throws SentryUserException;
+
+ /**
+ * Gets sentry role objects for a given groupName using the Sentry service
+ * @param requestorUserName : user on whose behalf the request is issued
+ * @param groupName : groupName to look up ( if null returns all roles for groups related to requestorUserName)
+ * @param component: The request is issued to which component
+ * @return Set of thrift sentry role objects
+ * @throws SentryUserException
+ */
+ Set<TSentryRole> listRolesByGroupName(
+ String requestorUserName,
+ String groupName,
+ String component)
+ throws SentryUserException;
+
+ Set<TSentryRole> listUserRoles(String requestorUserName, String component)
+ throws SentryUserException;
+
+ Set<TSentryRole> listAllRoles(String requestorUserName, String component)
+ throws SentryUserException;
+
+ /**
+ * Gets sentry privileges for a given roleName and Authorizable Hierarchy using the Sentry service
+ * @param requestorUserName: user on whose behalf the request is issued
+ * @param roleName:
+ * @param component: The request is issued to which component
+ * @param serviceName
+ * @param authorizables
+ * @return
+ * @throws SentryUserException
+ */
+ Set<TSentryPrivilege> listPrivilegesByRoleName(
+ String requestorUserName, String roleName, String component,
+ String serviceName, List<? extends Authorizable> authorizables)
+ throws SentryUserException;
+
+ Set<TSentryPrivilege> listPrivilegesByRoleName(
+ String requestorUserName, String roleName, String component,
+ String serviceName) throws SentryUserException;
+
+ /**
+ * get sentry permissions from provider as followings:
+ * @param: component: The request is issued to which component
+ * @param: serviceName: The privilege belongs to which service
+ * @param: roleSet
+ * @param: groupNames
+ * @param: the authorizables
+ * @returns the set of permissions
+ * @throws SentryUserException
+ */
+ Set<String> listPrivilegesForProvider(String component,
+ String serviceName, ActiveRoleSet roleSet, Set<String> groups,
+ List<? extends Authorizable> authorizables) throws SentryUserException;
+
+ /**
+ * Get sentry privileges based on valid active roles and the authorize objects. Note that
+ * it is client responsibility to ensure the requestor username, etc. is not impersonated.
+ *
+ * @param component: The request respond to which component.
+ * @param serviceName: The name of service.
+ * @param requestorUserName: The requestor user name.
+ * @param authorizablesSet: The set of authorize objects. One authorize object is represented
+ * as a string. e.g resourceType1=resourceName1->resourceType2=resourceName2->resourceType3=resourceName3.
+ * @param groups: The requested groups.
+ * @param roleSet: The active roles set.
+ *
+ * @returns The mapping of authorize objects and TSentryPrivilegeMap(<role, set<privileges>).
+ * @throws SentryUserException
+ */
+ Map<String, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(String component,
+ String serviceName, String requestorUserName, Set<String> authorizablesSet,
+ Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException;
+
+ void close();
+}
[31/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesResponse.java
deleted file mode 100644
index 26af379..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesResponse.java
+++ /dev/null
@@ -1,558 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryRolesResponse implements org.apache.thrift.TBase<TListSentryRolesResponse, TListSentryRolesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryRolesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryRolesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField ROLES_FIELD_DESC = new org.apache.thrift.protocol.TField("roles", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryRolesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryRolesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Set<TSentryRole> roles; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- ROLES((short)2, "roles");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // ROLES
- return ROLES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.ROLES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.ROLES, new org.apache.thrift.meta_data.FieldMetaData("roles", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryRole.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryRolesResponse.class, metaDataMap);
- }
-
- public TListSentryRolesResponse() {
- }
-
- public TListSentryRolesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryRolesResponse(TListSentryRolesResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetRoles()) {
- Set<TSentryRole> __this__roles = new HashSet<TSentryRole>(other.roles.size());
- for (TSentryRole other_element : other.roles) {
- __this__roles.add(new TSentryRole(other_element));
- }
- this.roles = __this__roles;
- }
- }
-
- public TListSentryRolesResponse deepCopy() {
- return new TListSentryRolesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.roles = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getRolesSize() {
- return (this.roles == null) ? 0 : this.roles.size();
- }
-
- public java.util.Iterator<TSentryRole> getRolesIterator() {
- return (this.roles == null) ? null : this.roles.iterator();
- }
-
- public void addToRoles(TSentryRole elem) {
- if (this.roles == null) {
- this.roles = new HashSet<TSentryRole>();
- }
- this.roles.add(elem);
- }
-
- public Set<TSentryRole> getRoles() {
- return this.roles;
- }
-
- public void setRoles(Set<TSentryRole> roles) {
- this.roles = roles;
- }
-
- public void unsetRoles() {
- this.roles = null;
- }
-
- /** Returns true if field roles is set (has been assigned a value) and false otherwise */
- public boolean isSetRoles() {
- return this.roles != null;
- }
-
- public void setRolesIsSet(boolean value) {
- if (!value) {
- this.roles = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case ROLES:
- if (value == null) {
- unsetRoles();
- } else {
- setRoles((Set<TSentryRole>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case ROLES:
- return getRoles();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case ROLES:
- return isSetRoles();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryRolesResponse)
- return this.equals((TListSentryRolesResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryRolesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_roles = true && this.isSetRoles();
- boolean that_present_roles = true && that.isSetRoles();
- if (this_present_roles || that_present_roles) {
- if (!(this_present_roles && that_present_roles))
- return false;
- if (!this.roles.equals(that.roles))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_roles = true && (isSetRoles());
- list.add(present_roles);
- if (present_roles)
- list.add(roles);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryRolesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoles()).compareTo(other.isSetRoles());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoles()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roles, other.roles);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryRolesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetRoles()) {
- if (!first) sb.append(", ");
- sb.append("roles:");
- if (this.roles == null) {
- sb.append("null");
- } else {
- sb.append(this.roles);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryRolesResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryRolesResponseStandardScheme getScheme() {
- return new TListSentryRolesResponseStandardScheme();
- }
- }
-
- private static class TListSentryRolesResponseStandardScheme extends StandardScheme<TListSentryRolesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // ROLES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set64 = iprot.readSetBegin();
- struct.roles = new HashSet<TSentryRole>(2*_set64.size);
- TSentryRole _elem65;
- for (int _i66 = 0; _i66 < _set64.size; ++_i66)
- {
- _elem65 = new TSentryRole();
- _elem65.read(iprot);
- struct.roles.add(_elem65);
- }
- iprot.readSetEnd();
- }
- struct.setRolesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.roles != null) {
- if (struct.isSetRoles()) {
- oprot.writeFieldBegin(ROLES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.roles.size()));
- for (TSentryRole _iter67 : struct.roles)
- {
- _iter67.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryRolesResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryRolesResponseTupleScheme getScheme() {
- return new TListSentryRolesResponseTupleScheme();
- }
- }
-
- private static class TListSentryRolesResponseTupleScheme extends TupleScheme<TListSentryRolesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetRoles()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetRoles()) {
- {
- oprot.writeI32(struct.roles.size());
- for (TSentryRole _iter68 : struct.roles)
- {
- _iter68.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TSet _set69 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.roles = new HashSet<TSentryRole>(2*_set69.size);
- TSentryRole _elem70;
- for (int _i71 = 0; _i71 < _set69.size; ++_i71)
- {
- _elem70 = new TSentryRole();
- _elem70.read(iprot);
- struct.roles.add(_elem70);
- }
- }
- struct.setRolesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesRequest.java
deleted file mode 100644
index 8dfa7e0..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesRequest.java
+++ /dev/null
@@ -1,702 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TRenamePrivilegesRequest implements org.apache.thrift.TBase<TRenamePrivilegesRequest, TRenamePrivilegesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TRenamePrivilegesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TRenamePrivilegesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField OLD_AUTHORIZABLE_FIELD_DESC = new org.apache.thrift.protocol.TField("oldAuthorizable", org.apache.thrift.protocol.TType.STRUCT, (short)3);
- private static final org.apache.thrift.protocol.TField NEW_AUTHORIZABLE_FIELD_DESC = new org.apache.thrift.protocol.TField("newAuthorizable", org.apache.thrift.protocol.TType.STRUCT, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TRenamePrivilegesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TRenamePrivilegesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private TSentryAuthorizable oldAuthorizable; // required
- private TSentryAuthorizable newAuthorizable; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- OLD_AUTHORIZABLE((short)3, "oldAuthorizable"),
- NEW_AUTHORIZABLE((short)4, "newAuthorizable");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // OLD_AUTHORIZABLE
- return OLD_AUTHORIZABLE;
- case 4: // NEW_AUTHORIZABLE
- return NEW_AUTHORIZABLE;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.OLD_AUTHORIZABLE, new org.apache.thrift.meta_data.FieldMetaData("oldAuthorizable", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class)));
- tmpMap.put(_Fields.NEW_AUTHORIZABLE, new org.apache.thrift.meta_data.FieldMetaData("newAuthorizable", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TRenamePrivilegesRequest.class, metaDataMap);
- }
-
- public TRenamePrivilegesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TRenamePrivilegesRequest(
- int protocol_version,
- String requestorUserName,
- TSentryAuthorizable oldAuthorizable,
- TSentryAuthorizable newAuthorizable)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.oldAuthorizable = oldAuthorizable;
- this.newAuthorizable = newAuthorizable;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TRenamePrivilegesRequest(TRenamePrivilegesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetOldAuthorizable()) {
- this.oldAuthorizable = new TSentryAuthorizable(other.oldAuthorizable);
- }
- if (other.isSetNewAuthorizable()) {
- this.newAuthorizable = new TSentryAuthorizable(other.newAuthorizable);
- }
- }
-
- public TRenamePrivilegesRequest deepCopy() {
- return new TRenamePrivilegesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.oldAuthorizable = null;
- this.newAuthorizable = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public TSentryAuthorizable getOldAuthorizable() {
- return this.oldAuthorizable;
- }
-
- public void setOldAuthorizable(TSentryAuthorizable oldAuthorizable) {
- this.oldAuthorizable = oldAuthorizable;
- }
-
- public void unsetOldAuthorizable() {
- this.oldAuthorizable = null;
- }
-
- /** Returns true if field oldAuthorizable is set (has been assigned a value) and false otherwise */
- public boolean isSetOldAuthorizable() {
- return this.oldAuthorizable != null;
- }
-
- public void setOldAuthorizableIsSet(boolean value) {
- if (!value) {
- this.oldAuthorizable = null;
- }
- }
-
- public TSentryAuthorizable getNewAuthorizable() {
- return this.newAuthorizable;
- }
-
- public void setNewAuthorizable(TSentryAuthorizable newAuthorizable) {
- this.newAuthorizable = newAuthorizable;
- }
-
- public void unsetNewAuthorizable() {
- this.newAuthorizable = null;
- }
-
- /** Returns true if field newAuthorizable is set (has been assigned a value) and false otherwise */
- public boolean isSetNewAuthorizable() {
- return this.newAuthorizable != null;
- }
-
- public void setNewAuthorizableIsSet(boolean value) {
- if (!value) {
- this.newAuthorizable = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case OLD_AUTHORIZABLE:
- if (value == null) {
- unsetOldAuthorizable();
- } else {
- setOldAuthorizable((TSentryAuthorizable)value);
- }
- break;
-
- case NEW_AUTHORIZABLE:
- if (value == null) {
- unsetNewAuthorizable();
- } else {
- setNewAuthorizable((TSentryAuthorizable)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case OLD_AUTHORIZABLE:
- return getOldAuthorizable();
-
- case NEW_AUTHORIZABLE:
- return getNewAuthorizable();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case OLD_AUTHORIZABLE:
- return isSetOldAuthorizable();
- case NEW_AUTHORIZABLE:
- return isSetNewAuthorizable();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TRenamePrivilegesRequest)
- return this.equals((TRenamePrivilegesRequest)that);
- return false;
- }
-
- public boolean equals(TRenamePrivilegesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_oldAuthorizable = true && this.isSetOldAuthorizable();
- boolean that_present_oldAuthorizable = true && that.isSetOldAuthorizable();
- if (this_present_oldAuthorizable || that_present_oldAuthorizable) {
- if (!(this_present_oldAuthorizable && that_present_oldAuthorizable))
- return false;
- if (!this.oldAuthorizable.equals(that.oldAuthorizable))
- return false;
- }
-
- boolean this_present_newAuthorizable = true && this.isSetNewAuthorizable();
- boolean that_present_newAuthorizable = true && that.isSetNewAuthorizable();
- if (this_present_newAuthorizable || that_present_newAuthorizable) {
- if (!(this_present_newAuthorizable && that_present_newAuthorizable))
- return false;
- if (!this.newAuthorizable.equals(that.newAuthorizable))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_oldAuthorizable = true && (isSetOldAuthorizable());
- list.add(present_oldAuthorizable);
- if (present_oldAuthorizable)
- list.add(oldAuthorizable);
-
- boolean present_newAuthorizable = true && (isSetNewAuthorizable());
- list.add(present_newAuthorizable);
- if (present_newAuthorizable)
- list.add(newAuthorizable);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TRenamePrivilegesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetOldAuthorizable()).compareTo(other.isSetOldAuthorizable());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetOldAuthorizable()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.oldAuthorizable, other.oldAuthorizable);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetNewAuthorizable()).compareTo(other.isSetNewAuthorizable());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetNewAuthorizable()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.newAuthorizable, other.newAuthorizable);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TRenamePrivilegesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("oldAuthorizable:");
- if (this.oldAuthorizable == null) {
- sb.append("null");
- } else {
- sb.append(this.oldAuthorizable);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("newAuthorizable:");
- if (this.newAuthorizable == null) {
- sb.append("null");
- } else {
- sb.append(this.newAuthorizable);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetOldAuthorizable()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'oldAuthorizable' is unset! Struct:" + toString());
- }
-
- if (!isSetNewAuthorizable()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'newAuthorizable' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (oldAuthorizable != null) {
- oldAuthorizable.validate();
- }
- if (newAuthorizable != null) {
- newAuthorizable.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TRenamePrivilegesRequestStandardSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesRequestStandardScheme getScheme() {
- return new TRenamePrivilegesRequestStandardScheme();
- }
- }
-
- private static class TRenamePrivilegesRequestStandardScheme extends StandardScheme<TRenamePrivilegesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // OLD_AUTHORIZABLE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.oldAuthorizable = new TSentryAuthorizable();
- struct.oldAuthorizable.read(iprot);
- struct.setOldAuthorizableIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // NEW_AUTHORIZABLE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.newAuthorizable = new TSentryAuthorizable();
- struct.newAuthorizable.read(iprot);
- struct.setNewAuthorizableIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.oldAuthorizable != null) {
- oprot.writeFieldBegin(OLD_AUTHORIZABLE_FIELD_DESC);
- struct.oldAuthorizable.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.newAuthorizable != null) {
- oprot.writeFieldBegin(NEW_AUTHORIZABLE_FIELD_DESC);
- struct.newAuthorizable.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TRenamePrivilegesRequestTupleSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesRequestTupleScheme getScheme() {
- return new TRenamePrivilegesRequestTupleScheme();
- }
- }
-
- private static class TRenamePrivilegesRequestTupleScheme extends TupleScheme<TRenamePrivilegesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- struct.oldAuthorizable.write(oprot);
- struct.newAuthorizable.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.oldAuthorizable = new TSentryAuthorizable();
- struct.oldAuthorizable.read(iprot);
- struct.setOldAuthorizableIsSet(true);
- struct.newAuthorizable = new TSentryAuthorizable();
- struct.newAuthorizable.read(iprot);
- struct.setNewAuthorizableIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesResponse.java
deleted file mode 100644
index d5dd26a..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TRenamePrivilegesResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TRenamePrivilegesResponse implements org.apache.thrift.TBase<TRenamePrivilegesResponse, TRenamePrivilegesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TRenamePrivilegesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TRenamePrivilegesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TRenamePrivilegesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TRenamePrivilegesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TRenamePrivilegesResponse.class, metaDataMap);
- }
-
- public TRenamePrivilegesResponse() {
- }
-
- public TRenamePrivilegesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TRenamePrivilegesResponse(TRenamePrivilegesResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TRenamePrivilegesResponse deepCopy() {
- return new TRenamePrivilegesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TRenamePrivilegesResponse)
- return this.equals((TRenamePrivilegesResponse)that);
- return false;
- }
-
- public boolean equals(TRenamePrivilegesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TRenamePrivilegesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TRenamePrivilegesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TRenamePrivilegesResponseStandardSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesResponseStandardScheme getScheme() {
- return new TRenamePrivilegesResponseStandardScheme();
- }
- }
-
- private static class TRenamePrivilegesResponseStandardScheme extends StandardScheme<TRenamePrivilegesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TRenamePrivilegesResponseTupleSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesResponseTupleScheme getScheme() {
- return new TRenamePrivilegesResponseTupleScheme();
- }
- }
-
- private static class TRenamePrivilegesResponseTupleScheme extends TupleScheme<TRenamePrivilegesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java
deleted file mode 100644
index 2233c70..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java
+++ /dev/null
@@ -1,537 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryActiveRoleSet implements org.apache.thrift.TBase<TSentryActiveRoleSet, TSentryActiveRoleSet._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryActiveRoleSet> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryActiveRoleSet");
-
- private static final org.apache.thrift.protocol.TField ALL_FIELD_DESC = new org.apache.thrift.protocol.TField("all", org.apache.thrift.protocol.TType.BOOL, (short)1);
- private static final org.apache.thrift.protocol.TField ROLES_FIELD_DESC = new org.apache.thrift.protocol.TField("roles", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryActiveRoleSetStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryActiveRoleSetTupleSchemeFactory());
- }
-
- private boolean all; // required
- private Set<String> roles; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- ALL((short)1, "all"),
- ROLES((short)2, "roles");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // ALL
- return ALL;
- case 2: // ROLES
- return ROLES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __ALL_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.ALL, new org.apache.thrift.meta_data.FieldMetaData("all", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL)));
- tmpMap.put(_Fields.ROLES, new org.apache.thrift.meta_data.FieldMetaData("roles", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryActiveRoleSet.class, metaDataMap);
- }
-
- public TSentryActiveRoleSet() {
- }
-
- public TSentryActiveRoleSet(
- boolean all,
- Set<String> roles)
- {
- this();
- this.all = all;
- setAllIsSet(true);
- this.roles = roles;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryActiveRoleSet(TSentryActiveRoleSet other) {
- __isset_bitfield = other.__isset_bitfield;
- this.all = other.all;
- if (other.isSetRoles()) {
- Set<String> __this__roles = new HashSet<String>(other.roles);
- this.roles = __this__roles;
- }
- }
-
- public TSentryActiveRoleSet deepCopy() {
- return new TSentryActiveRoleSet(this);
- }
-
- @Override
- public void clear() {
- setAllIsSet(false);
- this.all = false;
- this.roles = null;
- }
-
- public boolean isAll() {
- return this.all;
- }
-
- public void setAll(boolean all) {
- this.all = all;
- setAllIsSet(true);
- }
-
- public void unsetAll() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __ALL_ISSET_ID);
- }
-
- /** Returns true if field all is set (has been assigned a value) and false otherwise */
- public boolean isSetAll() {
- return EncodingUtils.testBit(__isset_bitfield, __ALL_ISSET_ID);
- }
-
- public void setAllIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __ALL_ISSET_ID, value);
- }
-
- public int getRolesSize() {
- return (this.roles == null) ? 0 : this.roles.size();
- }
-
- public java.util.Iterator<String> getRolesIterator() {
- return (this.roles == null) ? null : this.roles.iterator();
- }
-
- public void addToRoles(String elem) {
- if (this.roles == null) {
- this.roles = new HashSet<String>();
- }
- this.roles.add(elem);
- }
-
- public Set<String> getRoles() {
- return this.roles;
- }
-
- public void setRoles(Set<String> roles) {
- this.roles = roles;
- }
-
- public void unsetRoles() {
- this.roles = null;
- }
-
- /** Returns true if field roles is set (has been assigned a value) and false otherwise */
- public boolean isSetRoles() {
- return this.roles != null;
- }
-
- public void setRolesIsSet(boolean value) {
- if (!value) {
- this.roles = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case ALL:
- if (value == null) {
- unsetAll();
- } else {
- setAll((Boolean)value);
- }
- break;
-
- case ROLES:
- if (value == null) {
- unsetRoles();
- } else {
- setRoles((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case ALL:
- return isAll();
-
- case ROLES:
- return getRoles();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case ALL:
- return isSetAll();
- case ROLES:
- return isSetRoles();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryActiveRoleSet)
- return this.equals((TSentryActiveRoleSet)that);
- return false;
- }
-
- public boolean equals(TSentryActiveRoleSet that) {
- if (that == null)
- return false;
-
- boolean this_present_all = true;
- boolean that_present_all = true;
- if (this_present_all || that_present_all) {
- if (!(this_present_all && that_present_all))
- return false;
- if (this.all != that.all)
- return false;
- }
-
- boolean this_present_roles = true && this.isSetRoles();
- boolean that_present_roles = true && that.isSetRoles();
- if (this_present_roles || that_present_roles) {
- if (!(this_present_roles && that_present_roles))
- return false;
- if (!this.roles.equals(that.roles))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_all = true;
- list.add(present_all);
- if (present_all)
- list.add(all);
-
- boolean present_roles = true && (isSetRoles());
- list.add(present_roles);
- if (present_roles)
- list.add(roles);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryActiveRoleSet other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetAll()).compareTo(other.isSetAll());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAll()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.all, other.all);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoles()).compareTo(other.isSetRoles());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoles()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roles, other.roles);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryActiveRoleSet(");
- boolean first = true;
-
- sb.append("all:");
- sb.append(this.all);
- first = false;
- if (!first) sb.append(", ");
- sb.append("roles:");
- if (this.roles == null) {
- sb.append("null");
- } else {
- sb.append(this.roles);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetAll()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'all' is unset! Struct:" + toString());
- }
-
- if (!isSetRoles()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roles' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryActiveRoleSetStandardSchemeFactory implements SchemeFactory {
- public TSentryActiveRoleSetStandardScheme getScheme() {
- return new TSentryActiveRoleSetStandardScheme();
- }
- }
-
- private static class TSentryActiveRoleSetStandardScheme extends StandardScheme<TSentryActiveRoleSet> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // ALL
- if (schemeField.type == org.apache.thrift.protocol.TType.BOOL) {
- struct.all = iprot.readBool();
- struct.setAllIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // ROLES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set80 = iprot.readSetBegin();
- struct.roles = new HashSet<String>(2*_set80.size);
- String _elem81;
- for (int _i82 = 0; _i82 < _set80.size; ++_i82)
- {
- _elem81 = iprot.readString();
- struct.roles.add(_elem81);
- }
- iprot.readSetEnd();
- }
- struct.setRolesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(ALL_FIELD_DESC);
- oprot.writeBool(struct.all);
- oprot.writeFieldEnd();
- if (struct.roles != null) {
- oprot.writeFieldBegin(ROLES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.roles.size()));
- for (String _iter83 : struct.roles)
- {
- oprot.writeString(_iter83);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryActiveRoleSetTupleSchemeFactory implements SchemeFactory {
- public TSentryActiveRoleSetTupleScheme getScheme() {
- return new TSentryActiveRoleSetTupleScheme();
- }
- }
-
- private static class TSentryActiveRoleSetTupleScheme extends TupleScheme<TSentryActiveRoleSet> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeBool(struct.all);
- {
- oprot.writeI32(struct.roles.size());
- for (String _iter84 : struct.roles)
- {
- oprot.writeString(_iter84);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.all = iprot.readBool();
- struct.setAllIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set85 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.roles = new HashSet<String>(2*_set85.size);
- String _elem86;
- for (int _i87 = 0; _i87 < _set85.size; ++_i87)
- {
- _elem86 = iprot.readString();
- struct.roles.add(_elem86);
- }
- }
- struct.setRolesIsSet(true);
- }
- }
-
-}
-
[29/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataResponse.java
deleted file mode 100644
index ac8a221..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataResponse.java
+++ /dev/null
@@ -1,500 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryExportMappingDataResponse implements org.apache.thrift.TBase<TSentryExportMappingDataResponse, TSentryExportMappingDataResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryExportMappingDataResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryExportMappingDataResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField MAPPING_DATA_FIELD_DESC = new org.apache.thrift.protocol.TField("mappingData", org.apache.thrift.protocol.TType.STRUCT, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryExportMappingDataResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryExportMappingDataResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private TSentryMappingData mappingData; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- MAPPING_DATA((short)2, "mappingData");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // MAPPING_DATA
- return MAPPING_DATA;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.MAPPING_DATA, new org.apache.thrift.meta_data.FieldMetaData("mappingData", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryMappingData.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryExportMappingDataResponse.class, metaDataMap);
- }
-
- public TSentryExportMappingDataResponse() {
- }
-
- public TSentryExportMappingDataResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status,
- TSentryMappingData mappingData)
- {
- this();
- this.status = status;
- this.mappingData = mappingData;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryExportMappingDataResponse(TSentryExportMappingDataResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetMappingData()) {
- this.mappingData = new TSentryMappingData(other.mappingData);
- }
- }
-
- public TSentryExportMappingDataResponse deepCopy() {
- return new TSentryExportMappingDataResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.mappingData = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public TSentryMappingData getMappingData() {
- return this.mappingData;
- }
-
- public void setMappingData(TSentryMappingData mappingData) {
- this.mappingData = mappingData;
- }
-
- public void unsetMappingData() {
- this.mappingData = null;
- }
-
- /** Returns true if field mappingData is set (has been assigned a value) and false otherwise */
- public boolean isSetMappingData() {
- return this.mappingData != null;
- }
-
- public void setMappingDataIsSet(boolean value) {
- if (!value) {
- this.mappingData = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case MAPPING_DATA:
- if (value == null) {
- unsetMappingData();
- } else {
- setMappingData((TSentryMappingData)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case MAPPING_DATA:
- return getMappingData();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case MAPPING_DATA:
- return isSetMappingData();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryExportMappingDataResponse)
- return this.equals((TSentryExportMappingDataResponse)that);
- return false;
- }
-
- public boolean equals(TSentryExportMappingDataResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_mappingData = true && this.isSetMappingData();
- boolean that_present_mappingData = true && that.isSetMappingData();
- if (this_present_mappingData || that_present_mappingData) {
- if (!(this_present_mappingData && that_present_mappingData))
- return false;
- if (!this.mappingData.equals(that.mappingData))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_mappingData = true && (isSetMappingData());
- list.add(present_mappingData);
- if (present_mappingData)
- list.add(mappingData);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryExportMappingDataResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetMappingData()).compareTo(other.isSetMappingData());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetMappingData()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.mappingData, other.mappingData);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryExportMappingDataResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("mappingData:");
- if (this.mappingData == null) {
- sb.append("null");
- } else {
- sb.append(this.mappingData);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- if (!isSetMappingData()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'mappingData' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- if (mappingData != null) {
- mappingData.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryExportMappingDataResponseStandardSchemeFactory implements SchemeFactory {
- public TSentryExportMappingDataResponseStandardScheme getScheme() {
- return new TSentryExportMappingDataResponseStandardScheme();
- }
- }
-
- private static class TSentryExportMappingDataResponseStandardScheme extends StandardScheme<TSentryExportMappingDataResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryExportMappingDataResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // MAPPING_DATA
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.mappingData = new TSentryMappingData();
- struct.mappingData.read(iprot);
- struct.setMappingDataIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryExportMappingDataResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.mappingData != null) {
- oprot.writeFieldBegin(MAPPING_DATA_FIELD_DESC);
- struct.mappingData.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryExportMappingDataResponseTupleSchemeFactory implements SchemeFactory {
- public TSentryExportMappingDataResponseTupleScheme getScheme() {
- return new TSentryExportMappingDataResponseTupleScheme();
- }
- }
-
- private static class TSentryExportMappingDataResponseTupleScheme extends TupleScheme<TSentryExportMappingDataResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryExportMappingDataResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- struct.mappingData.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryExportMappingDataResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- struct.mappingData = new TSentryMappingData();
- struct.mappingData.read(iprot);
- struct.setMappingDataIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGrantOption.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGrantOption.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGrantOption.java
deleted file mode 100644
index c056bcc..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGrantOption.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-
-import java.util.Map;
-import java.util.HashMap;
-import org.apache.thrift.TEnum;
-
-public enum TSentryGrantOption implements org.apache.thrift.TEnum {
- TRUE(1),
- FALSE(0),
- UNSET(-1);
-
- private final int value;
-
- private TSentryGrantOption(int value) {
- this.value = value;
- }
-
- /**
- * Get the integer value of this enum value, as defined in the Thrift IDL.
- */
- public int getValue() {
- return value;
- }
-
- /**
- * Find a the enum type by its integer value, as defined in the Thrift IDL.
- * @return null if the value is not found.
- */
- public static TSentryGrantOption findByValue(int value) {
- switch (value) {
- case 1:
- return TRUE;
- case 0:
- return FALSE;
- case -1:
- return UNSET;
- default:
- return null;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGroup.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGroup.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGroup.java
deleted file mode 100644
index 991a79a..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGroup.java
+++ /dev/null
@@ -1,389 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryGroup implements org.apache.thrift.TBase<TSentryGroup, TSentryGroup._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryGroup> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryGroup");
-
- private static final org.apache.thrift.protocol.TField GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("groupName", org.apache.thrift.protocol.TType.STRING, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryGroupStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryGroupTupleSchemeFactory());
- }
-
- private String groupName; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- GROUP_NAME((short)1, "groupName");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // GROUP_NAME
- return GROUP_NAME;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("groupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryGroup.class, metaDataMap);
- }
-
- public TSentryGroup() {
- }
-
- public TSentryGroup(
- String groupName)
- {
- this();
- this.groupName = groupName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryGroup(TSentryGroup other) {
- if (other.isSetGroupName()) {
- this.groupName = other.groupName;
- }
- }
-
- public TSentryGroup deepCopy() {
- return new TSentryGroup(this);
- }
-
- @Override
- public void clear() {
- this.groupName = null;
- }
-
- public String getGroupName() {
- return this.groupName;
- }
-
- public void setGroupName(String groupName) {
- this.groupName = groupName;
- }
-
- public void unsetGroupName() {
- this.groupName = null;
- }
-
- /** Returns true if field groupName is set (has been assigned a value) and false otherwise */
- public boolean isSetGroupName() {
- return this.groupName != null;
- }
-
- public void setGroupNameIsSet(boolean value) {
- if (!value) {
- this.groupName = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case GROUP_NAME:
- if (value == null) {
- unsetGroupName();
- } else {
- setGroupName((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case GROUP_NAME:
- return getGroupName();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case GROUP_NAME:
- return isSetGroupName();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryGroup)
- return this.equals((TSentryGroup)that);
- return false;
- }
-
- public boolean equals(TSentryGroup that) {
- if (that == null)
- return false;
-
- boolean this_present_groupName = true && this.isSetGroupName();
- boolean that_present_groupName = true && that.isSetGroupName();
- if (this_present_groupName || that_present_groupName) {
- if (!(this_present_groupName && that_present_groupName))
- return false;
- if (!this.groupName.equals(that.groupName))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_groupName = true && (isSetGroupName());
- list.add(present_groupName);
- if (present_groupName)
- list.add(groupName);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryGroup other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetGroupName()).compareTo(other.isSetGroupName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groupName, other.groupName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryGroup(");
- boolean first = true;
-
- sb.append("groupName:");
- if (this.groupName == null) {
- sb.append("null");
- } else {
- sb.append(this.groupName);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groupName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryGroupStandardSchemeFactory implements SchemeFactory {
- public TSentryGroupStandardScheme getScheme() {
- return new TSentryGroupStandardScheme();
- }
- }
-
- private static class TSentryGroupStandardScheme extends StandardScheme<TSentryGroup> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryGroup struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // GROUP_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.groupName = iprot.readString();
- struct.setGroupNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryGroup struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.groupName != null) {
- oprot.writeFieldBegin(GROUP_NAME_FIELD_DESC);
- oprot.writeString(struct.groupName);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryGroupTupleSchemeFactory implements SchemeFactory {
- public TSentryGroupTupleScheme getScheme() {
- return new TSentryGroupTupleScheme();
- }
- }
-
- private static class TSentryGroupTupleScheme extends TupleScheme<TSentryGroup> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryGroup struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeString(struct.groupName);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryGroup struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.groupName = iprot.readString();
- struct.setGroupNameIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataRequest.java
deleted file mode 100644
index c8295f4..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataRequest.java
+++ /dev/null
@@ -1,693 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryImportMappingDataRequest implements org.apache.thrift.TBase<TSentryImportMappingDataRequest, TSentryImportMappingDataRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryImportMappingDataRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryImportMappingDataRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField OVERWRITE_ROLE_FIELD_DESC = new org.apache.thrift.protocol.TField("overwriteRole", org.apache.thrift.protocol.TType.BOOL, (short)3);
- private static final org.apache.thrift.protocol.TField MAPPING_DATA_FIELD_DESC = new org.apache.thrift.protocol.TField("mappingData", org.apache.thrift.protocol.TType.STRUCT, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryImportMappingDataRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryImportMappingDataRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private boolean overwriteRole; // required
- private TSentryMappingData mappingData; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- OVERWRITE_ROLE((short)3, "overwriteRole"),
- MAPPING_DATA((short)4, "mappingData");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // OVERWRITE_ROLE
- return OVERWRITE_ROLE;
- case 4: // MAPPING_DATA
- return MAPPING_DATA;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private static final int __OVERWRITEROLE_ISSET_ID = 1;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.OVERWRITE_ROLE, new org.apache.thrift.meta_data.FieldMetaData("overwriteRole", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL)));
- tmpMap.put(_Fields.MAPPING_DATA, new org.apache.thrift.meta_data.FieldMetaData("mappingData", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryMappingData.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryImportMappingDataRequest.class, metaDataMap);
- }
-
- public TSentryImportMappingDataRequest() {
- this.protocol_version = 1;
-
- this.overwriteRole = false;
-
- }
-
- public TSentryImportMappingDataRequest(
- int protocol_version,
- String requestorUserName,
- boolean overwriteRole,
- TSentryMappingData mappingData)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.overwriteRole = overwriteRole;
- setOverwriteRoleIsSet(true);
- this.mappingData = mappingData;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryImportMappingDataRequest(TSentryImportMappingDataRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- this.overwriteRole = other.overwriteRole;
- if (other.isSetMappingData()) {
- this.mappingData = new TSentryMappingData(other.mappingData);
- }
- }
-
- public TSentryImportMappingDataRequest deepCopy() {
- return new TSentryImportMappingDataRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 1;
-
- this.requestorUserName = null;
- this.overwriteRole = false;
-
- this.mappingData = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public boolean isOverwriteRole() {
- return this.overwriteRole;
- }
-
- public void setOverwriteRole(boolean overwriteRole) {
- this.overwriteRole = overwriteRole;
- setOverwriteRoleIsSet(true);
- }
-
- public void unsetOverwriteRole() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __OVERWRITEROLE_ISSET_ID);
- }
-
- /** Returns true if field overwriteRole is set (has been assigned a value) and false otherwise */
- public boolean isSetOverwriteRole() {
- return EncodingUtils.testBit(__isset_bitfield, __OVERWRITEROLE_ISSET_ID);
- }
-
- public void setOverwriteRoleIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __OVERWRITEROLE_ISSET_ID, value);
- }
-
- public TSentryMappingData getMappingData() {
- return this.mappingData;
- }
-
- public void setMappingData(TSentryMappingData mappingData) {
- this.mappingData = mappingData;
- }
-
- public void unsetMappingData() {
- this.mappingData = null;
- }
-
- /** Returns true if field mappingData is set (has been assigned a value) and false otherwise */
- public boolean isSetMappingData() {
- return this.mappingData != null;
- }
-
- public void setMappingDataIsSet(boolean value) {
- if (!value) {
- this.mappingData = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case OVERWRITE_ROLE:
- if (value == null) {
- unsetOverwriteRole();
- } else {
- setOverwriteRole((Boolean)value);
- }
- break;
-
- case MAPPING_DATA:
- if (value == null) {
- unsetMappingData();
- } else {
- setMappingData((TSentryMappingData)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case OVERWRITE_ROLE:
- return isOverwriteRole();
-
- case MAPPING_DATA:
- return getMappingData();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case OVERWRITE_ROLE:
- return isSetOverwriteRole();
- case MAPPING_DATA:
- return isSetMappingData();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryImportMappingDataRequest)
- return this.equals((TSentryImportMappingDataRequest)that);
- return false;
- }
-
- public boolean equals(TSentryImportMappingDataRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_overwriteRole = true;
- boolean that_present_overwriteRole = true;
- if (this_present_overwriteRole || that_present_overwriteRole) {
- if (!(this_present_overwriteRole && that_present_overwriteRole))
- return false;
- if (this.overwriteRole != that.overwriteRole)
- return false;
- }
-
- boolean this_present_mappingData = true && this.isSetMappingData();
- boolean that_present_mappingData = true && that.isSetMappingData();
- if (this_present_mappingData || that_present_mappingData) {
- if (!(this_present_mappingData && that_present_mappingData))
- return false;
- if (!this.mappingData.equals(that.mappingData))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_overwriteRole = true;
- list.add(present_overwriteRole);
- if (present_overwriteRole)
- list.add(overwriteRole);
-
- boolean present_mappingData = true && (isSetMappingData());
- list.add(present_mappingData);
- if (present_mappingData)
- list.add(mappingData);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryImportMappingDataRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetOverwriteRole()).compareTo(other.isSetOverwriteRole());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetOverwriteRole()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.overwriteRole, other.overwriteRole);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetMappingData()).compareTo(other.isSetMappingData());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetMappingData()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.mappingData, other.mappingData);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryImportMappingDataRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("overwriteRole:");
- sb.append(this.overwriteRole);
- first = false;
- if (!first) sb.append(", ");
- sb.append("mappingData:");
- if (this.mappingData == null) {
- sb.append("null");
- } else {
- sb.append(this.mappingData);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetOverwriteRole()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'overwriteRole' is unset! Struct:" + toString());
- }
-
- if (!isSetMappingData()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'mappingData' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (mappingData != null) {
- mappingData.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryImportMappingDataRequestStandardSchemeFactory implements SchemeFactory {
- public TSentryImportMappingDataRequestStandardScheme getScheme() {
- return new TSentryImportMappingDataRequestStandardScheme();
- }
- }
-
- private static class TSentryImportMappingDataRequestStandardScheme extends StandardScheme<TSentryImportMappingDataRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryImportMappingDataRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // OVERWRITE_ROLE
- if (schemeField.type == org.apache.thrift.protocol.TType.BOOL) {
- struct.overwriteRole = iprot.readBool();
- struct.setOverwriteRoleIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // MAPPING_DATA
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.mappingData = new TSentryMappingData();
- struct.mappingData.read(iprot);
- struct.setMappingDataIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryImportMappingDataRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldBegin(OVERWRITE_ROLE_FIELD_DESC);
- oprot.writeBool(struct.overwriteRole);
- oprot.writeFieldEnd();
- if (struct.mappingData != null) {
- oprot.writeFieldBegin(MAPPING_DATA_FIELD_DESC);
- struct.mappingData.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryImportMappingDataRequestTupleSchemeFactory implements SchemeFactory {
- public TSentryImportMappingDataRequestTupleScheme getScheme() {
- return new TSentryImportMappingDataRequestTupleScheme();
- }
- }
-
- private static class TSentryImportMappingDataRequestTupleScheme extends TupleScheme<TSentryImportMappingDataRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryImportMappingDataRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeBool(struct.overwriteRole);
- struct.mappingData.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryImportMappingDataRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.overwriteRole = iprot.readBool();
- struct.setOverwriteRoleIsSet(true);
- struct.mappingData = new TSentryMappingData();
- struct.mappingData.read(iprot);
- struct.setMappingDataIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataResponse.java
deleted file mode 100644
index 1d38202..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryImportMappingDataResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryImportMappingDataResponse implements org.apache.thrift.TBase<TSentryImportMappingDataResponse, TSentryImportMappingDataResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryImportMappingDataResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryImportMappingDataResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryImportMappingDataResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryImportMappingDataResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryImportMappingDataResponse.class, metaDataMap);
- }
-
- public TSentryImportMappingDataResponse() {
- }
-
- public TSentryImportMappingDataResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryImportMappingDataResponse(TSentryImportMappingDataResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TSentryImportMappingDataResponse deepCopy() {
- return new TSentryImportMappingDataResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryImportMappingDataResponse)
- return this.equals((TSentryImportMappingDataResponse)that);
- return false;
- }
-
- public boolean equals(TSentryImportMappingDataResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryImportMappingDataResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryImportMappingDataResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryImportMappingDataResponseStandardSchemeFactory implements SchemeFactory {
- public TSentryImportMappingDataResponseStandardScheme getScheme() {
- return new TSentryImportMappingDataResponseStandardScheme();
- }
- }
-
- private static class TSentryImportMappingDataResponseStandardScheme extends StandardScheme<TSentryImportMappingDataResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryImportMappingDataResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryImportMappingDataResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryImportMappingDataResponseTupleSchemeFactory implements SchemeFactory {
- public TSentryImportMappingDataResponseTupleScheme getScheme() {
- return new TSentryImportMappingDataResponseTupleScheme();
- }
- }
-
- private static class TSentryImportMappingDataResponseTupleScheme extends TupleScheme<TSentryImportMappingDataResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryImportMappingDataResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryImportMappingDataResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
[50/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFile.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFile.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFile.java
new file mode 100644
index 0000000..a6ef0b3
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFile.java
@@ -0,0 +1,202 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.core.common.utils;
+
+import static org.apache.sentry.core.common.utils.PolicyFileConstants.DATABASES;
+import static org.apache.sentry.core.common.utils.PolicyFileConstants.GROUPS;
+import static org.apache.sentry.core.common.utils.PolicyFileConstants.ROLES;
+import static org.apache.sentry.core.common.utils.PolicyFileConstants.USERS;
+
+import java.io.File;
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Charsets;
+import com.google.common.base.Joiner;
+import com.google.common.collect.ArrayListMultimap;
+import com.google.common.collect.Lists;
+import com.google.common.collect.Maps;
+import com.google.common.collect.Multimap;
+import com.google.common.io.Files;
+
+/**
+ * PolicyFile creator. Written specifically to be used with tests. Specifically
+ * due to the fact that methods that would typically return true or false to
+ * indicate success or failure these methods throw an unchecked exception.
+ * This is because in a test if you mean to remove a user from the policy file,
+ * the user should absolutely be there. If not, the test is mis-behaving.
+ */
+@VisibleForTesting
+public class PolicyFile {
+
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(PolicyFile.class);
+
+ private static final String NL = System.getProperty("line.separator", "\n");
+
+ private final Map<String, String> databasesToPolicyFiles = Maps.newHashMap();
+ private final Multimap<String, String> usersToGroups = ArrayListMultimap.create();
+ private final Multimap<String, String> groupsToRoles = ArrayListMultimap
+ .create();
+ private final Multimap<String, String> rolesToPermissions = ArrayListMultimap
+ .create();
+
+ public Multimap<String, String> getGroupsToRoles() {
+ return groupsToRoles;
+ }
+ public Multimap<String, String> getRolesToPermissions() {
+ return rolesToPermissions;
+ }
+ public PolicyFile addRolesToGroup(String groupName, String... roleNames)
+ throws Exception {
+ return addRolesToGroup(groupName, false, roleNames);
+ }
+ public PolicyFile addRolesToGroup(String groupName, boolean allowDuplicates, String... roleNames) {
+ return add(groupsToRoles.get(groupName), allowDuplicates, roleNames);
+ }
+ public PolicyFile addPermissionsToRole(String roleName, String... permissionNames) {
+ return addPermissionsToRole(roleName, false, permissionNames);
+ }
+ public PolicyFile addPermissionsToRole(String roleName, boolean allowDuplicates, String... permissionNames) {
+ return add(rolesToPermissions.get(roleName), allowDuplicates, permissionNames);
+ }
+ public PolicyFile addGroupsToUser(String userName, String... groupNames) {
+ LOGGER.warn("Static user:group mapping is not being used");
+ return addGroupsToUser(userName, false, groupNames);
+ }
+ public PolicyFile addGroupsToUser(String userName, boolean allowDuplicates, String... groupNames) {
+ LOGGER.warn("Static user:group mapping is not being used");
+ return add(usersToGroups.get(userName), allowDuplicates, groupNames);
+ }
+ public PolicyFile setUserGroupMapping(Map<String, String> mapping) {
+ for (Entry<String, String> entry : mapping.entrySet()) {
+ usersToGroups.put(entry.getKey(), entry.getValue());
+ }
+ return this;
+ }
+ public PolicyFile addDatabase(String databaseName, String path) {
+ String oldPath = databasesToPolicyFiles.put(databaseName, path);
+ if (oldPath != null) {
+ throw new IllegalStateException("Database " + databaseName + " already existed in " +
+ databasesToPolicyFiles + " with value of " + oldPath);
+ }
+ databasesToPolicyFiles.put(databaseName, path);
+ return this;
+ }
+ public PolicyFile removeRolesFromGroup(String groupName, String... roleNames) {
+ return remove(groupsToRoles.get(groupName), roleNames);
+ }
+ public PolicyFile removePermissionsFromRole(String roleName, String... permissionNames) {
+ return remove(rolesToPermissions.get(roleName), permissionNames);
+ }
+ public PolicyFile removeGroupsFromUser(String userName, String... groupNames) {
+ LOGGER.warn("Static user:group mapping is not being used");
+ return remove(usersToGroups.get(userName), groupNames);
+ }
+ public PolicyFile removeDatabase(String databaseName) {
+ if(databasesToPolicyFiles.remove(databaseName) == null) {
+ throw new IllegalStateException("Database " + databaseName + " did not exist in " +
+ databasesToPolicyFiles);
+ }
+ return this;
+ }
+ public PolicyFile copy() {
+ PolicyFile other = new PolicyFile();
+ other.databasesToPolicyFiles.putAll(databasesToPolicyFiles);
+ other.usersToGroups.putAll(usersToGroups);
+ other.groupsToRoles.putAll(groupsToRoles);
+ other.rolesToPermissions.putAll(rolesToPermissions);
+ return other;
+ }
+
+ public void write(File clientFile, File serverFile) throws Exception {
+ write(clientFile);
+ write(serverFile);
+ }
+
+ public void write(File file) throws Exception {
+ if(file.exists() && !file.delete()) {
+ throw new IllegalStateException("Unable to delete " + file);
+ }
+ String contents = Joiner.on(NL)
+ .join(getSection(DATABASES, databasesToPolicyFiles),
+ getSection(USERS, usersToGroups),
+ getSection(GROUPS, groupsToRoles),
+ getSection(ROLES, rolesToPermissions),
+ "");
+ LOGGER.info("Writing policy file to " + file + ":\n" + contents);
+ Files.write(contents, file, Charsets.UTF_8);
+ }
+
+ private String getSection(String name, Map<String, String> mapping) {
+ if(mapping.isEmpty()) {
+ return "";
+ }
+ Joiner kvJoiner = Joiner.on(" = ");
+ List<String> lines = Lists.newArrayList();
+ lines.add("[" + name + "]");
+ for (Entry<String, String> entry : mapping.entrySet()) {
+ lines.add(kvJoiner.join(entry.getKey(), entry.getValue()));
+ }
+ return Joiner.on(NL).join(lines);
+ }
+ private String getSection(String name, Multimap<String, String> mapping) {
+ if(mapping.isEmpty()) {
+ return "";
+ }
+ Joiner kvJoiner = Joiner.on(" = ");
+ Joiner itemJoiner = Joiner.on(" , ");
+ List<String> lines = Lists.newArrayList();
+ lines.add("[" + name + "]");
+ for(String key : mapping.keySet()) {
+ lines.add(kvJoiner.join(key, itemJoiner.join(mapping.get(key))));
+ }
+ return Joiner.on(NL).join(lines);
+ }
+
+ private PolicyFile remove(Collection<String> exitingItems, String[] newItems) {
+ for(String newItem : newItems) {
+ if(!exitingItems.remove(newItem)) {
+ throw new IllegalStateException("Item " + newItem + " did not exist in " + exitingItems);
+ }
+ }
+ return this;
+ }
+ private PolicyFile add(Collection<String> exitingItems, boolean allowDuplicates, String[] newItems) {
+ for(String newItem : newItems) {
+ if(exitingItems.contains(newItem) && !allowDuplicates) {
+ throw new IllegalStateException("Item " + newItem + " already exists in " + exitingItems);
+ }
+ exitingItems.add(newItem);
+ }
+ return this;
+ }
+
+ //User:Group mapping for the admin user needs to be set separately
+ public static PolicyFile setAdminOnServer1(String admin) throws Exception {
+ return new PolicyFile()
+ .addRolesToGroup(admin, "admin_role")
+ .addPermissionsToRole("admin_role", "server=server1");
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-dist/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-dist/pom.xml b/sentry-dist/pom.xml
index 80ec9c9..04645ad 100644
--- a/sentry-dist/pom.xml
+++ b/sentry-dist/pom.xml
@@ -72,6 +72,18 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-common</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-server</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-client</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-common</artifactId>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-dist/src/main/assembly/bin.xml
----------------------------------------------------------------------
diff --git a/sentry-dist/src/main/assembly/bin.xml b/sentry-dist/src/main/assembly/bin.xml
index 5727fc9..d998e98 100644
--- a/sentry-dist/src/main/assembly/bin.xml
+++ b/sentry-dist/src/main/assembly/bin.xml
@@ -41,7 +41,6 @@
<excludes>
<exclude>org.slf4j:*</exclude>
<exclude>org.datanucleus:*</exclude>
- <exclude>com.jolbox:bonecp</exclude>
<exclude>org.apache.hive:hive-beeline</exclude>
<exclude>org.apache.derby:derby</exclude>
</excludes>
@@ -66,7 +65,6 @@
<useTransitiveFiltering>true</useTransitiveFiltering>
<includes>
<include>org.datanucleus:*</include>
- <include>com.jolbox:bonecp</include>
<include>org.apache.hive:hive-beeline</include>
<include>org.apache.derby:derby</include>
</includes>
@@ -102,6 +100,7 @@
<exclude>sentry-policy/**</exclude>
<exclude>sentry-tests/**</exclude>
<exclude>sentry-hdfs/**</exclude>
+ <exclude>sentry-service/**</exclude>
<exclude>sentry-solr/**</exclude>
</excludes>
@@ -128,7 +127,7 @@
<outputDirectory>lib/plugins</outputDirectory>
</fileSet>
<fileSet>
- <directory>${project.parent.basedir}/sentry-provider/sentry-provider-db/src/main/resources</directory>
+ <directory>${project.parent.basedir}/sentry-service/sentry-service-server/src/main/resources</directory>
<includes>
<include>**/*</include>
</includes>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-dist/src/main/assembly/src.xml
----------------------------------------------------------------------
diff --git a/sentry-dist/src/main/assembly/src.xml b/sentry-dist/src/main/assembly/src.xml
index c730c58..6801b85 100644
--- a/sentry-dist/src/main/assembly/src.xml
+++ b/sentry-dist/src/main/assembly/src.xml
@@ -55,6 +55,7 @@
<include>dev-support/**</include>
<include>sentry-binding/**</include>
<include>sentry-core/**</include>
+ <include>sentry-service/**</include>
<include>sentry-dist/**</include>
<include>sentry-provider/**</include>
<include>sentry-policy/**</include>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-hdfs/sentry-hdfs-common/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/pom.xml b/sentry-hdfs/sentry-hdfs-common/pom.xml
index d244edc..281196b 100644
--- a/sentry-hdfs/sentry-hdfs-common/pom.xml
+++ b/sentry-hdfs/sentry-hdfs-common/pom.xml
@@ -60,26 +60,29 @@ limitations under the License.
<version>${curator.version}</version>
</dependency>
<dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-minikdc</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
<groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-db</artifactId>
- <scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-file</artifactId>
+ <artifactId>sentry-service-server</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-minikdc</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-db</artifactId>
+ <artifactId>sentry-service-server</artifactId>
<type>test-jar</type>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-provider-file</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
<build>
<sourceDirectory>${basedir}/src/main/java</sourceDirectory>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
index 939621b..62942dc 100644
--- a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
+++ b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderGeneralCases.java
@@ -23,6 +23,7 @@ import java.util.EnumSet;
import java.util.List;
import java.util.Set;
+import org.apache.sentry.core.common.service.MockGroupMappingServiceProvider;
import org.junit.Assert;
import org.apache.commons.io.FileUtils;
@@ -33,7 +34,6 @@ import org.apache.sentry.core.common.Subject;
import org.apache.sentry.core.model.indexer.Indexer;
import org.apache.sentry.core.model.indexer.IndexerModelAction;
import org.apache.sentry.core.model.indexer.IndexerPrivilegeModel;
-import org.apache.sentry.provider.common.MockGroupMappingServiceProvider;
import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
import org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider;
import org.apache.sentry.provider.file.PolicyFiles;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
index 1717c42..020b758 100644
--- a/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
+++ b/sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/TestIndexerAuthorizationProviderSpecialCases.java
@@ -35,7 +35,7 @@ import org.apache.sentry.core.model.indexer.IndexerPrivilegeModel;
import org.apache.sentry.policy.common.PolicyEngine;
import org.apache.sentry.provider.common.AuthorizationProvider;
import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
-import org.apache.sentry.provider.file.PolicyFile;
+import org.apache.sentry.core.common.utils.PolicyFile;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-cache/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-cache/pom.xml b/sentry-provider/sentry-provider-cache/pom.xml
index ec77003..694df36 100644
--- a/sentry-provider/sentry-provider-cache/pom.xml
+++ b/sentry-provider/sentry-provider-cache/pom.xml
@@ -64,10 +64,6 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-core-model-db</artifactId>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/pom.xml b/sentry-provider/sentry-provider-common/pom.xml
index 9af153a..f83f594 100644
--- a/sentry-provider/sentry-provider-common/pom.xml
+++ b/sentry-provider/sentry-provider-common/pom.xml
@@ -36,11 +36,6 @@ limitations under the License.
<dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java
deleted file mode 100644
index 5dc2b55..0000000
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java
+++ /dev/null
@@ -1,30 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.common;
-/**
- * Represent which component being authorized by Sentry
- * using generic model
- */
-public class AuthorizationComponent{
- public static final String Search = "solr";
- public static final String SQOOP = "sqoop";
- public static final String KAFKA = "kafka";
-
- private AuthorizationComponent() {
- // Make constructor private to avoid instantiation
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
index 2d82bcf..3d6440f 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
@@ -26,6 +26,7 @@ import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.exception.SentryConfigurationException;
import org.apache.sentry.core.common.Subject;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.policy.common.PolicyEngine;
/**
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
deleted file mode 100644
index 7e85261..0000000
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.common;
-
-import java.util.Set;
-
-import javax.annotation.concurrent.ThreadSafe;
-
-/**
- * Interface so the Groups class is easier to unit test with.
- * Implementations of this class are expected to be thread safe
- * after construction.
- */
-@ThreadSafe
-public interface GroupMappingService {
-
- /**
- * @return non-null list of groups for user
- */
- Set<String> getGroups(String user);
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
deleted file mode 100644
index bde53d5..0000000
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.common;
-
-import java.io.IOException;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.Groups;
-
-import com.google.common.collect.Lists;
-import org.apache.sentry.core.common.exception.SentryGroupNotFoundException;
-
-public class HadoopGroupMappingService implements GroupMappingService {
-
- private static Configuration hadoopConf;
- private final Groups groups;
-
- public HadoopGroupMappingService(Groups groups) {
- this.groups = groups;
- }
-
- public HadoopGroupMappingService(Configuration conf, String resource) {
- if (hadoopConf == null) {
- synchronized (HadoopGroupMappingService.class) {
- if (hadoopConf == null) {
- // clone the current config and add resource path
- hadoopConf = new Configuration();
- hadoopConf.addResource(conf);
- if (!StringUtils.isEmpty(resource)) {
- hadoopConf.addResource(resource);
- }
- }
- }
- }
- this.groups = Groups.getUserToGroupsMappingService(hadoopConf);
- }
-
- @Override
- public Set<String> getGroups(String user) {
- List<String> groupList = Lists.newArrayList();
- try {
- groupList = groups.getGroups(user);
- } catch (IOException e) {
- throw new SentryGroupNotFoundException("Unable to obtain groups for " + user, e);
- }
- if (groupList == null || groupList.isEmpty()) {
- throw new SentryGroupNotFoundException("Unable to obtain groups for " + user);
- }
- return new HashSet<String>(groupList);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
index e45799f..6e5dbc3 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
@@ -22,6 +22,8 @@ import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.Groups;
import org.apache.sentry.core.common.Model;
+import org.apache.sentry.core.common.service.GroupMappingService;
+import org.apache.sentry.core.common.service.HadoopGroupMappingService;
import org.apache.sentry.policy.common.PolicyEngine;
import com.google.common.annotations.VisibleForTesting;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
index be0830d..11dbfb7 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
@@ -26,6 +26,8 @@ import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.exception.SentryConfigurationException;
import org.apache.sentry.core.common.Subject;
+import org.apache.sentry.core.common.service.GroupMappingService;
+import org.apache.sentry.core.common.service.NoGroupMappingService;
import org.apache.sentry.policy.common.PolicyEngine;
public class NoAuthorizationProvider implements AuthorizationProvider {
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
deleted file mode 100644
index e44cbc4..0000000
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.common;
-
-import java.util.HashSet;
-import java.util.Set;
-
-/**
- * GroupMappingService that always returns an empty list of groups
- */
-public class NoGroupMappingService implements GroupMappingService {
-
- /**
- * @return empty list of groups for every user
- */
- public Set<String> getGroups(String user) {
- return new HashSet<String>();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
index 4e22071..a6b2047 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
@@ -32,6 +32,7 @@ import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.Model;
import org.apache.sentry.core.common.exception.SentryConfigurationException;
import org.apache.sentry.core.common.Subject;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.policy.common.PolicyEngine;
import org.apache.sentry.policy.common.Privilege;
import org.apache.sentry.policy.common.PrivilegeFactory;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
index 2214867..bf2c5a1 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
@@ -22,7 +22,7 @@ import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.core.common.Model;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.common.service.GroupMappingService;
import com.google.common.annotations.VisibleForTesting;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
deleted file mode 100644
index 1e885f4..0000000
--- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.common;
-
-import java.util.Collection;
-import java.util.Set;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Multimap;
-import com.google.common.collect.Sets;
-
-public class MockGroupMappingServiceProvider implements GroupMappingService {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(MockGroupMappingServiceProvider.class);
- private final Multimap<String, String> userToGroupMap;
-
- public MockGroupMappingServiceProvider(Multimap<String, String> userToGroupMap) {
- this.userToGroupMap = userToGroupMap;
- }
-
- @Override
- public Set<String> getGroups(String user) {
- Collection<String> groups = userToGroupMap.get(user);
- LOGGER.info("Mapping " + user + " to " + groups);
- return Sets.newHashSet(groups);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
index ccc505f..f6d8c05 100644
--- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
+++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
@@ -23,6 +23,7 @@ import java.util.Set;
import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.exception.SentryConfigurationException;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.policy.common.PolicyEngine;
import org.apache.sentry.policy.common.PrivilegeFactory;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
index fe01b06..7ca8bfc 100644
--- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
@@ -19,6 +19,7 @@ package org.apache.sentry.provider.common;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.junit.Test;
/**
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml
index b8143ff..bf43e0b 100644
--- a/sentry-provider/sentry-provider-db/pom.xml
+++ b/sentry-provider/sentry-provider-db/pom.xml
@@ -29,44 +29,10 @@ limitations under the License.
<dependencies>
<dependency>
- <groupId>commons-cli</groupId>
- <artifactId>commons-cli</artifactId>
- </dependency>
- <dependency>
- <groupId>com.jolbox</groupId>
- <artifactId>bonecp</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-common</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-mapreduce-client-jobclient</artifactId>
- </dependency>
- <dependency>
- <groupId>junit</groupId>
- <artifactId>junit</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.derby</groupId>
- <artifactId>derby</artifactId>
- </dependency>
- <dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.shiro</groupId>
- <artifactId>shiro-core</artifactId>
- </dependency>
- <dependency>
- <groupId>com.google.guava</groupId>
- <artifactId>guava</artifactId>
- </dependency>
- <dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
</dependency>
@@ -76,329 +42,11 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-db</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-search</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-sqoop</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-kafka</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-common</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-file</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-policy-engine</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-shims</artifactId>
- <scope>provided</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.hive</groupId>
- <artifactId>hive-beeline</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.thrift</groupId>
- <artifactId>libfb303</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.thrift</groupId>
- <artifactId>libthrift</artifactId>
- </dependency>
- <dependency>
- <groupId>ant-contrib</groupId>
- <artifactId>ant-contrib</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.hadoop</groupId>
- <artifactId>hadoop-minikdc</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>javax.jdo</groupId>
- <artifactId>jdo-api</artifactId>
- </dependency>
- <dependency>
- <groupId>com.codahale.metrics</groupId>
- <artifactId>metrics-core</artifactId>
- </dependency>
- <dependency>
- <groupId>com.codahale.metrics</groupId>
- <artifactId>metrics-servlets</artifactId>
- </dependency>
- <dependency>
- <groupId>com.codahale.metrics</groupId>
- <artifactId>metrics-jvm</artifactId>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-server</artifactId>
- </dependency>
- <dependency>
- <groupId>org.eclipse.jetty</groupId>
- <artifactId>jetty-servlet</artifactId>
- </dependency>
- <dependency>
- <groupId>org.mockito</groupId>
- <artifactId>mockito-all</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
- <groupId>org.apache.curator</groupId>
- <artifactId>curator-recipes</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.curator</groupId>
- <artifactId>curator-x-discovery</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.curator</groupId>
- <artifactId>curator-test</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.commons</groupId>
- <artifactId>commons-pool2</artifactId>
+ <artifactId>sentry-service-client</artifactId>
</dependency>
</dependencies>
-
- <build>
- <sourceDirectory>${basedir}/src/main/java</sourceDirectory>
- <testSourceDirectory>${basedir}/src/test/java</testSourceDirectory>
- <resources>
- <resource>
- <directory>${basedir}/src/main/java/org/apache/sentry/provider/db/service/model</directory>
- <includes>
- <include>package.jdo</include>
- </includes>
- </resource>
- <resource>
- <directory>${basedir}/src/main</directory>
- <includes>
- <include>webapp/*</include>
- <include>webapp/css/*</include>
- </includes>
- </resource>
- </resources>
- <plugins>
- <plugin>
- <groupId>com.google.code.maven-replacer-plugin</groupId>
- <artifactId>replacer</artifactId>
- <version>1.5.2</version>
- <executions>
- <execution>
- <id>replaceTokens</id>
- <phase>clean</phase>
- <goals>
- <goal>replace</goal>
- </goals>
- </execution>
- </executions>
- <configuration>
- <file>${basedir}/src/main/webapp/SentryService.html</file>
- <replacements>
- <replacement>
- <token>%PROJECT_VERSION%</token>
- <value>${version}</value>
- </replacement>
- </replacements>
- </configuration>
- </plugin>
- <plugin>
- <groupId>org.codehaus.mojo</groupId>
- <artifactId>build-helper-maven-plugin</artifactId>
- <executions>
- <execution>
- <id>add-source</id>
- <phase>generate-sources</phase>
- <goals>
- <goal>add-source</goal>
- </goals>
- <configuration>
- <sources>
- <source>src/gen/thrift/gen-javabean</source>
- </sources>
- </configuration>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-maven-plugin</artifactId>
- <configuration>
- <api>JDO</api>
- <metadataIncludes>**/*.jdo</metadataIncludes>
- <verbose>true</verbose>
- </configuration>
- <executions>
- <execution>
- <phase>process-classes</phase>
- <goals>
- <goal>enhance</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-jar-plugin</artifactId>
- <executions>
- <execution>
- <goals>
- <goal>test-jar</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-surefire-plugin</artifactId>
- <configuration>
- <reuseForks>false</reuseForks>
- </configuration>
- </plugin>
- </plugins>
- </build>
- <profiles>
- <profile>
- <id>datanucleus3</id>
- <activation>
- <activeByDefault>true</activeByDefault>
- </activation>
- <properties>
- <datanucleus-api-jdo.version>3.2.6</datanucleus-api-jdo.version>
- <datanucleus-core.version>3.2.12</datanucleus-core.version>
- <datanucleus-rdbms.version>3.2.12</datanucleus-rdbms.version>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-core</artifactId>
- <version>${datanucleus-core.version}</version>
- </dependency>
- <dependency>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-api-jdo</artifactId>
- <version>${datanucleus-api-jdo.version}</version>
- </dependency>
- <dependency>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-rdbms</artifactId>
- <version>${datanucleus-rdbms.version}</version>
- </dependency>
- </dependencies>
- </profile>
- <profile>
- <id>datanucleus4</id>
- <activation>
- <activeByDefault>false</activeByDefault>
- </activation>
- <properties>
- <datanucleus-api-jdo.version>4.2.1</datanucleus-api-jdo.version>
- <datanucleus-core.version>4.1.6</datanucleus-core.version>
- <datanucleus-rdbms.version>4.1.7</datanucleus-rdbms.version>
- <datanucleus-jdo.version>3.2.0-m3</datanucleus-jdo.version>
- </properties>
- <dependencies>
- <dependency>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-core</artifactId>
- <version>${datanucleus-core.version}</version>
- </dependency>
- <dependency>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-api-jdo</artifactId>
- <version>${datanucleus-api-jdo.version}</version>
- </dependency>
- <dependency>
- <groupId>org.datanucleus</groupId>
- <artifactId>datanucleus-rdbms</artifactId>
- <version>${datanucleus-rdbms.version}</version>
- </dependency>
- <dependency>
- <groupId>org.datanucleus</groupId>
- <artifactId>javax.jdo</artifactId>
- <version>${datanucleus-jdo.version}</version>
- </dependency>
- </dependencies>
- </profile>
- <profile>
- <id>thriftif</id>
- <build>
- <plugins>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-antrun-plugin</artifactId>
- <executions>
- <execution>
- <id>generate-thrift-sources</id>
- <phase>generate-sources</phase>
- <configuration>
- <target>
- <taskdef name="for" classname="net.sf.antcontrib.logic.ForTask"
- classpathref="maven.plugin.classpath" />
- <property name="thrift.args" value="-I ${thrift.home} --gen java:beans,hashcode"/>
- <property name="thrift.gen.dir" value="${basedir}/src/gen/thrift"/>
- <delete dir="${thrift.gen.dir}"/>
- <mkdir dir="${thrift.gen.dir}"/>
- <for param="thrift.file">
- <path>
- <fileset dir="${basedir}/src/main/resources/" includes="**/*.thrift" />
- </path>
- <sequential>
- <echo message="Generating Thrift code for @{thrift.file}"/>
- <exec executable="${thrift.home}/bin/thrift" failonerror="true" dir=".">
- <arg line="${thrift.args} -I ${basedir}/src/main/resources/ -o ${thrift.gen.dir} @{thrift.file} " />
- </exec>
- </sequential>
- </for>
- </target>
- </configuration>
- <goals>
- <goal>run</goal>
- </goals>
- </execution>
- </executions>
- </plugin>
- <plugin>
- <groupId>org.apache.maven.plugins</groupId>
- <artifactId>maven-enforcer-plugin</artifactId>
- <executions>
- <execution>
- <id>enforce-property</id>
- <goals>
- <goal>enforce</goal>
- </goals>
- <configuration>
- <rules>
- <requireProperty>
- <property>thrift.home</property>
- </requireProperty>
- </rules>
- <fail>true</fail>
- </configuration>
- </execution>
- </executions>
- </plugin>
- </plugins>
- </build>
- </profile>
- </profiles>
</project>
[45/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesResponse.java
deleted file mode 100644
index ef17c6b..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropPrivilegesResponse implements org.apache.thrift.TBase<TDropPrivilegesResponse, TDropPrivilegesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TDropPrivilegesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropPrivilegesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropPrivilegesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropPrivilegesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropPrivilegesResponse.class, metaDataMap);
- }
-
- public TDropPrivilegesResponse() {
- }
-
- public TDropPrivilegesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropPrivilegesResponse(TDropPrivilegesResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TDropPrivilegesResponse deepCopy() {
- return new TDropPrivilegesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropPrivilegesResponse)
- return this.equals((TDropPrivilegesResponse)that);
- return false;
- }
-
- public boolean equals(TDropPrivilegesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropPrivilegesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropPrivilegesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropPrivilegesResponseStandardSchemeFactory implements SchemeFactory {
- public TDropPrivilegesResponseStandardScheme getScheme() {
- return new TDropPrivilegesResponseStandardScheme();
- }
- }
-
- private static class TDropPrivilegesResponseStandardScheme extends StandardScheme<TDropPrivilegesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropPrivilegesResponseTupleSchemeFactory implements SchemeFactory {
- public TDropPrivilegesResponseTupleScheme getScheme() {
- return new TDropPrivilegesResponseTupleScheme();
- }
- }
-
- private static class TDropPrivilegesResponseTupleScheme extends TupleScheme<TDropPrivilegesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleRequest.java
deleted file mode 100644
index 3952ed1..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleRequest.java
+++ /dev/null
@@ -1,692 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSentryRoleRequest, TDropSentryRoleRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TDropSentryRoleRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropSentryRoleRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropSentryRoleRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropSentryRoleRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private String component; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- COMPONENT((short)4, "component");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropSentryRoleRequest.class, metaDataMap);
- }
-
- public TDropSentryRoleRequest() {
- this.protocol_version = 2;
-
- }
-
- public TDropSentryRoleRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- String component)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.component = component;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropSentryRoleRequest(TDropSentryRoleRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- }
-
- public TDropSentryRoleRequest deepCopy() {
- return new TDropSentryRoleRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.component = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case COMPONENT:
- return getComponent();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case COMPONENT:
- return isSetComponent();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropSentryRoleRequest)
- return this.equals((TDropSentryRoleRequest)that);
- return false;
- }
-
- public boolean equals(TDropSentryRoleRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropSentryRoleRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropSentryRoleRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropSentryRoleRequestStandardSchemeFactory implements SchemeFactory {
- public TDropSentryRoleRequestStandardScheme getScheme() {
- return new TDropSentryRoleRequestStandardScheme();
- }
- }
-
- private static class TDropSentryRoleRequestStandardScheme extends StandardScheme<TDropSentryRoleRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropSentryRoleRequestTupleSchemeFactory implements SchemeFactory {
- public TDropSentryRoleRequestTupleScheme getScheme() {
- return new TDropSentryRoleRequestTupleScheme();
- }
- }
-
- private static class TDropSentryRoleRequestTupleScheme extends TupleScheme<TDropSentryRoleRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- oprot.writeString(struct.component);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleResponse.java
deleted file mode 100644
index 45d9b49..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropSentryRoleResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropSentryRoleResponse implements org.apache.thrift.TBase<TDropSentryRoleResponse, TDropSentryRoleResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TDropSentryRoleResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropSentryRoleResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropSentryRoleResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropSentryRoleResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropSentryRoleResponse.class, metaDataMap);
- }
-
- public TDropSentryRoleResponse() {
- }
-
- public TDropSentryRoleResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropSentryRoleResponse(TDropSentryRoleResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TDropSentryRoleResponse deepCopy() {
- return new TDropSentryRoleResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropSentryRoleResponse)
- return this.equals((TDropSentryRoleResponse)that);
- return false;
- }
-
- public boolean equals(TDropSentryRoleResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropSentryRoleResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropSentryRoleResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropSentryRoleResponseStandardSchemeFactory implements SchemeFactory {
- public TDropSentryRoleResponseStandardScheme getScheme() {
- return new TDropSentryRoleResponseStandardScheme();
- }
- }
-
- private static class TDropSentryRoleResponseStandardScheme extends StandardScheme<TDropSentryRoleResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropSentryRoleResponseTupleSchemeFactory implements SchemeFactory {
- public TDropSentryRoleResponseTupleScheme getScheme() {
- return new TDropSentryRoleResponseTupleScheme();
- }
- }
-
- private static class TDropSentryRoleResponseTupleScheme extends TupleScheme<TDropSentryRoleResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
[19/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
deleted file mode 100644
index 3de1f65..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
+++ /dev/null
@@ -1,1113 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
-import java.util.HashSet;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.regex.Pattern;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.common.GroupMappingService;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.core.common.exception.SentryGroupNotFoundException;
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryInvalidInputException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.provider.db.SentryPolicyStorePlugin;
-import org.apache.sentry.provider.db.SentryPolicyStorePlugin.SentryPluginException;
-import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException;
-import org.apache.sentry.provider.db.log.entity.JsonLogEntity;
-import org.apache.sentry.provider.db.log.entity.JsonLogEntityFactory;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.apache.sentry.provider.db.service.persistent.HAContext;
-import org.apache.sentry.provider.db.service.persistent.SentryStore;
-import org.apache.sentry.provider.db.service.persistent.ServiceRegister;
-import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig;
-import org.apache.sentry.service.thrift.SentryServiceUtil;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.apache.sentry.service.thrift.ServiceConstants.ConfUtilties;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ThriftConstants;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.sentry.service.thrift.TSentryResponseStatus;
-import org.apache.thrift.TException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.codahale.metrics.Timer;
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Preconditions;
-import com.google.common.base.Splitter;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Lists;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-
-@SuppressWarnings("unused")
-public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryPolicyStoreProcessor.class);
- private static final Logger AUDIT_LOGGER = LoggerFactory.getLogger(Constants.AUDIT_LOGGER_NAME);
-
- public static final String SENTRY_POLICY_SERVICE_NAME = "SentryPolicyService";
-
- public static volatile SentryPolicyStoreProcessor instance;
-
- private final String name;
- private final Configuration conf;
- private final SentryStore sentryStore;
- private final NotificationHandlerInvoker notificationHandlerInvoker;
- private final ImmutableSet<String> adminGroups;
- private boolean isReady;
- SentryMetrics sentryMetrics;
- private HAContext haContext;
-
- private List<SentryPolicyStorePlugin> sentryPlugins = new LinkedList<SentryPolicyStorePlugin>();
-
- public SentryPolicyStoreProcessor(String name, Configuration conf) throws Exception {
- super();
- this.name = name;
- this.conf = conf;
- this.notificationHandlerInvoker = new NotificationHandlerInvoker(conf,
- createHandlers(conf));
- isReady = false;
- if (conf.getBoolean(ServerConfig.SENTRY_HA_ENABLED,
- ServerConfig.SENTRY_HA_ENABLED_DEFAULT)) {
- haContext = HAContext.getHAServerContext(conf);
- sentryStore = new SentryStore(conf);
- ServiceRegister reg = new ServiceRegister(haContext);
- reg.regService(conf.get(ServerConfig.RPC_ADDRESS),
- conf.getInt(ServerConfig.RPC_PORT,ServerConfig.RPC_PORT_DEFAULT));
- } else {
- sentryStore = new SentryStore(conf);
- }
- isReady = true;
- adminGroups = ImmutableSet.copyOf(toTrimedLower(Sets.newHashSet(conf.getStrings(
- ServerConfig.ADMIN_GROUPS, new String[]{}))));
- Iterable<String> pluginClasses = ConfUtilties.CLASS_SPLITTER
- .split(conf.get(ServerConfig.SENTRY_POLICY_STORE_PLUGINS,
- ServerConfig.SENTRY_POLICY_STORE_PLUGINS_DEFAULT).trim());
- for (String pluginClassStr : pluginClasses) {
- Class<?> clazz = conf.getClassByName(pluginClassStr);
- if (!SentryPolicyStorePlugin.class.isAssignableFrom(clazz)) {
- throw new IllegalArgumentException("Sentry Plugin ["
- + pluginClassStr + "] is not a "
- + SentryPolicyStorePlugin.class.getName());
- }
- SentryPolicyStorePlugin plugin = (SentryPolicyStorePlugin)clazz.newInstance();
- plugin.initialize(conf, sentryStore);
- sentryPlugins.add(plugin);
- }
- if (instance == null) {
- instance = this;
- }
- initMetrics();
- }
-
- private void initMetrics() {
- sentryMetrics = SentryMetrics.getInstance();
- sentryMetrics.addSentryStoreGauges(sentryStore);
-
- String sentryReporting = conf.get(ServerConfig.SENTRY_REPORTER);
- if (sentryReporting != null) {
- SentryMetrics.Reporting reporting;
- try {
- reporting = SentryMetrics.Reporting.valueOf(sentryReporting.toUpperCase());
- sentryMetrics.initReporting(reporting);
-
- } catch (IllegalArgumentException e) {
- LOGGER.warn("Metrics reporting not configured correctly, please set " + ServerConfig.SENTRY_REPORTER +
- " to: " + ServerConfig.SENTRY_REPORTER_CONSOLE + "/" + ServerConfig.SENTRY_REPORTER_JMX);
- }
- }
- }
-
- public void stop() {
- if (isReady) {
- sentryStore.stop();
- }
- if (haContext != null) {
- try {
- haContext.getCuratorFramework().close();
- } catch (Exception e) {
- LOGGER.warn("Error in stopping processor", e);
- }
- }
- }
-
- public void registerPlugin(SentryPolicyStorePlugin plugin) throws SentryPluginException {
- plugin.initialize(conf, sentryStore);
- sentryPlugins.add(plugin);
- }
-
- @VisibleForTesting
- static List<NotificationHandler> createHandlers(Configuration conf)
- throws SentrySiteConfigurationException {
- List<NotificationHandler> handlers = Lists.newArrayList();
- Iterable<String> notificationHandlers = Splitter.onPattern("[\\s,]").trimResults()
- .omitEmptyStrings().split(conf.get(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, ""));
- for (String notificationHandler : notificationHandlers) {
- Class<?> clazz = null;
- try {
- clazz = Class.forName(notificationHandler);
- if (!NotificationHandler.class.isAssignableFrom(clazz)) {
- throw new SentrySiteConfigurationException("Class " + notificationHandler + " is not a " +
- NotificationHandler.class.getName());
- }
- } catch (ClassNotFoundException e) {
- throw new SentrySiteConfigurationException("Value " + notificationHandler +
- " is not a class", e);
- }
- Preconditions.checkNotNull(clazz, "Error class cannot be null");
- try {
- Constructor<?> constructor = clazz.getConstructor(Configuration.class);
- handlers.add((NotificationHandler)constructor.newInstance(conf));
- } catch (Exception e) {
- throw new SentrySiteConfigurationException("Error attempting to create " + notificationHandler, e);
- }
- }
- return handlers;
- }
-
- @VisibleForTesting
- public Configuration getSentryStoreConf() {
- return conf;
- }
-
- private static Set<String> toTrimedLower(Set<String> s) {
- Set<String> result = Sets.newHashSet();
- for (String v : s) {
- result.add(v.trim().toLowerCase());
- }
- return result;
- }
-
- private boolean inAdminGroups(Set<String> requestorGroups) {
- Set<String> trimmedRequestorGroups = toTrimedLower(requestorGroups);
- return !Sets.intersection(adminGroups, trimmedRequestorGroups).isEmpty();
- }
-
- private void authorize(String requestorUser, Set<String> requestorGroups)
- throws SentryAccessDeniedException {
- if (!inAdminGroups(requestorGroups)) {
- String msg = "User: " + requestorUser + " is part of " + requestorGroups +
- " which does not, intersect admin groups " + adminGroups;
- LOGGER.warn(msg);
- throw new SentryAccessDeniedException("Access denied to " + requestorUser);
- }
- }
-
- @Override
- public TCreateSentryRoleResponse create_sentry_role(
- TCreateSentryRoleRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.createRoleTimer.time();
- TCreateSentryRoleResponse response = new TCreateSentryRoleResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(request.getRequestorUserName()));
- CommitContext commitContext = sentryStore.createSentryRole(request.getRoleName());
- response.setStatus(Status.OK());
- notificationHandlerInvoker.create_sentry_role(commitContext,
- request, response);
- } catch (SentryAlreadyExistsException e) {
- String msg = "Role: " + request + " already exists.";
- LOGGER.error(msg, e);
- response.setStatus(Status.AlreadyExists(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for create role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege
- (TAlterSentryRoleGrantPrivilegeRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.grantTimer.time();
-
- TAlterSentryRoleGrantPrivilegeResponse response = new TAlterSentryRoleGrantPrivilegeResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- // There should only one field be set
- if ( !(request.isSetPrivileges()^request.isSetPrivilege()) ) {
- throw new SentryUserException("SENTRY API version is not right!");
- }
- // Maintain compatibility for old API: Set privilege field to privileges field
- if (request.isSetPrivilege()) {
- request.setPrivileges(Sets.newHashSet(request.getPrivilege()));
- }
- CommitContext commitContext = sentryStore.alterSentryRoleGrantPrivileges(request.getRequestorUserName(),
- request.getRoleName(), request.getPrivileges());
- response.setStatus(Status.OK());
- response.setPrivileges(request.getPrivileges());
- // Maintain compatibility for old API: Set privilege field to response
- if (response.isSetPrivileges() && response.getPrivileges().size() == 1) {
- response.setPrivilege(response.getPrivileges().iterator().next());
- }
- notificationHandlerInvoker.alter_sentry_role_grant_privilege(commitContext,
- request, response);
- for (SentryPolicyStorePlugin plugin : sentryPlugins) {
- plugin.onAlterSentryRoleGrantPrivilege(request);
- }
- } catch (SentryNoSuchObjectException e) {
- String msg = "Role: " + request.getRoleName() + " doesn't exist";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryInvalidInputException e) {
- String msg = "Invalid input privilege object";
- LOGGER.error(msg, e);
- response.setStatus(Status.InvalidInput(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- Set<JsonLogEntity> jsonLogEntitys = JsonLogEntityFactory.getInstance().createJsonLogEntitys(
- request, response, conf);
- for (JsonLogEntity jsonLogEntity : jsonLogEntitys) {
- AUDIT_LOGGER.info(jsonLogEntity.toJsonFormatLog());
- }
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for grant privilege to role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege
- (TAlterSentryRoleRevokePrivilegeRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.revokeTimer.time();
- TAlterSentryRoleRevokePrivilegeResponse response = new TAlterSentryRoleRevokePrivilegeResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- // There should only one field be set
- if ( !(request.isSetPrivileges()^request.isSetPrivilege()) ) {
- throw new SentryUserException("SENTRY API version is not right!");
- }
- // Maintain compatibility for old API: Set privilege field to privileges field
- if (request.isSetPrivilege()) {
- request.setPrivileges(Sets.newHashSet(request.getPrivilege()));
- }
- CommitContext commitContext = sentryStore.alterSentryRoleRevokePrivileges(request.getRequestorUserName(),
- request.getRoleName(), request.getPrivileges());
- response.setStatus(Status.OK());
- notificationHandlerInvoker.alter_sentry_role_revoke_privilege(commitContext,
- request, response);
- for (SentryPolicyStorePlugin plugin : sentryPlugins) {
- plugin.onAlterSentryRoleRevokePrivilege(request);
- }
- } catch (SentryNoSuchObjectException e) {
- StringBuilder msg = new StringBuilder();
- if (request.getPrivileges().size() > 0) {
- for (TSentryPrivilege privilege : request.getPrivileges()) {
- msg.append("Privilege: [server=");
- msg.append(privilege.getServerName());
- msg.append(",db=");
- msg.append(privilege.getDbName());
- msg.append(",table=");
- msg.append(privilege.getTableName());
- msg.append(",URI=");
- msg.append(privilege.getURI());
- msg.append(",action=");
- msg.append(privilege.getAction());
- msg.append("] ");
- }
- msg.append("doesn't exist.");
- }
- LOGGER.error(msg.toString(), e);
- response.setStatus(Status.NoSuchObject(msg.toString(), e));
- } catch (SentryInvalidInputException e) {
- String msg = "Invalid input privilege object";
- LOGGER.error(msg, e);
- response.setStatus(Status.InvalidInput(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- Set<JsonLogEntity> jsonLogEntitys = JsonLogEntityFactory.getInstance().createJsonLogEntitys(
- request, response, conf);
- for (JsonLogEntity jsonLogEntity : jsonLogEntitys) {
- AUDIT_LOGGER.info(jsonLogEntity.toJsonFormatLog());
- }
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for revoke privilege from role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TDropSentryRoleResponse drop_sentry_role(
- TDropSentryRoleRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.dropRoleTimer.time();
- TDropSentryRoleResponse response = new TDropSentryRoleResponse();
- TSentryResponseStatus status;
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(request.getRequestorUserName()));
- CommitContext commitContext = sentryStore.dropSentryRole(request.getRoleName());
- response.setStatus(Status.OK());
- notificationHandlerInvoker.drop_sentry_role(commitContext,
- request, response);
- for (SentryPolicyStorePlugin plugin : sentryPlugins) {
- plugin.onDropSentryRole(request);
- }
- } catch (SentryNoSuchObjectException e) {
- String msg = "Role :" + request + " doesn't exist";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for drop role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(
- TAlterSentryRoleAddGroupsRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.grantRoleTimer.time();
- TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(request.getRequestorUserName()));
- CommitContext commitContext = sentryStore.alterSentryRoleAddGroups(
- request.getRequestorUserName(), request.getRoleName(),
- request.getGroups());
- response.setStatus(Status.OK());
- notificationHandlerInvoker.alter_sentry_role_add_groups(commitContext,
- request, response);
- for (SentryPolicyStorePlugin plugin : sentryPlugins) {
- plugin.onAlterSentryRoleAddGroups(request);
- }
- } catch (SentryNoSuchObjectException e) {
- String msg = "Role: " + request + " doesn't exist";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for add role to group: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TAlterSentryRoleAddUsersResponse alter_sentry_role_add_users(
- TAlterSentryRoleAddUsersRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.grantRoleTimer.time();
- TAlterSentryRoleAddUsersResponse response = new TAlterSentryRoleAddUsersResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName()));
- CommitContext commitContext = sentryStore.alterSentryRoleAddUsers(request.getRoleName(),
- request.getUsers());
- response.setStatus(Status.OK());
- notificationHandlerInvoker.alter_sentry_role_add_users(commitContext, request, response);
- } catch (SentryNoSuchObjectException e) {
- String msg = "Role: " + request + " does not exist.";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for add role to user: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TAlterSentryRoleDeleteUsersResponse alter_sentry_role_delete_users(
- TAlterSentryRoleDeleteUsersRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.grantRoleTimer.time();
- TAlterSentryRoleDeleteUsersResponse response = new TAlterSentryRoleDeleteUsersResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(), getRequestorGroups(request.getRequestorUserName()));
- CommitContext commitContext = sentryStore.alterSentryRoleDeleteUsers(request.getRoleName(),
- request.getUsers());
- response.setStatus(Status.OK());
- notificationHandlerInvoker.alter_sentry_role_delete_users(commitContext, request, response);
- } catch (SentryNoSuchObjectException e) {
- String msg = "Role: " + request + " does not exist.";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for delete role from user: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(
- TAlterSentryRoleDeleteGroupsRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.revokeRoleTimer.time();
- TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(request.getRequestorUserName()));
- CommitContext commitContext = sentryStore.alterSentryRoleDeleteGroups(request.getRoleName(),
- request.getGroups());
- response.setStatus(Status.OK());
- notificationHandlerInvoker.alter_sentry_role_delete_groups(commitContext,
- request, response);
- for (SentryPolicyStorePlugin plugin : sentryPlugins) {
- plugin.onAlterSentryRoleDeleteGroups(request);
- }
- } catch (SentryNoSuchObjectException e) {
- String msg = "Role: " + request + " does not exist.";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error adding groups to role: " + request;
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error creating audit log for delete role from group: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return response;
- }
-
- @Override
- public TListSentryRolesResponse list_sentry_roles_by_group(
- TListSentryRolesRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.listRolesByGroupTimer.time();
- TListSentryRolesResponse response = new TListSentryRolesResponse();
- TSentryResponseStatus status;
- Set<TSentryRole> roleSet = new HashSet<TSentryRole>();
- String subject = request.getRequestorUserName();
- boolean checkAllGroups = false;
- try {
- validateClientVersion(request.getProtocol_version());
- Set<String> groups = getRequestorGroups(subject);
- // Don't check admin permissions for listing requestor's own roles
- if (AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) {
- checkAllGroups = true;
- } else {
- boolean admin = inAdminGroups(groups);
- //Only admin users can list all roles in the system ( groupname = null)
- //Non admin users are only allowed to list only groups which they belong to
- if(!admin && (request.getGroupName() == null || !groups.contains(request.getGroupName()))) {
- throw new SentryAccessDeniedException("Access denied to " + subject);
- }else {
- groups.clear();
- groups.add(request.getGroupName());
- }
- }
- roleSet = sentryStore.getTSentryRolesByGroupName(groups, checkAllGroups);
- response.setRoles(roleSet);
- response.setStatus(Status.OK());
- } catch (SentryNoSuchObjectException e) {
- response.setRoles(roleSet);
- String msg = "Request: " + request + " couldn't be completed, message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
- return response;
- }
-
- public TListSentryRolesResponse list_sentry_roles_by_user(TListSentryRolesForUserRequest request)
- throws TException {
- final Timer.Context timerContext = sentryMetrics.listRolesByGroupTimer.time();
- TListSentryRolesResponse response = new TListSentryRolesResponse();
- TSentryResponseStatus status;
- Set<TSentryRole> roleSet = new HashSet<TSentryRole>();
- String requestor = request.getRequestorUserName();
- String userName = request.getUserName();
- boolean checkAllGroups = false;
- try {
- validateClientVersion(request.getProtocol_version());
- // userName can't be empty
- if (StringUtils.isEmpty(userName)) {
- throw new SentryAccessDeniedException("The user name can't be empty.");
- }
-
- Set<String> requestorGroups = getRequestorGroups(requestor);
- Set<String> userGroups = getRequestorGroups(userName);
- boolean isAdmin = inAdminGroups(requestorGroups);
-
- // Only admin users can list other user's roles in the system
- // Non admin users are only allowed to list only their own roles related user and group
- if (!isAdmin && !userName.equals(requestor)) {
- throw new SentryAccessDeniedException("Access denied to list the roles for " + userName);
- }
- roleSet = sentryStore.getTSentryRolesByUserNames(Sets.newHashSet(userName));
- response.setRoles(roleSet);
- response.setStatus(Status.OK());
- } catch (SentryGroupNotFoundException e) {
- LOGGER.error(e.getMessage(), e);
- String msg = "Group couldn't be retrieved for " + requestor + " or " + userName + ".";
- response.setStatus(Status.AccessDenied(msg, e));
- } catch (SentryNoSuchObjectException e) {
- response.setRoles(roleSet);
- String msg = "Role: " + request + " couldn't be retrieved.";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
- return response;
- }
-
- @Override
- public TListSentryPrivilegesResponse list_sentry_privileges_by_role(
- TListSentryPrivilegesRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.listPrivilegesByRoleTimer.time();
- TListSentryPrivilegesResponse response = new TListSentryPrivilegesResponse();
- TSentryResponseStatus status;
- Set<TSentryPrivilege> privilegeSet = new HashSet<TSentryPrivilege>();
- String subject = request.getRequestorUserName();
- try {
- validateClientVersion(request.getProtocol_version());
- Set<String> groups = getRequestorGroups(subject);
- Boolean admin = inAdminGroups(groups);
- if(!admin) {
- Set<String> roleNamesForGroups = toTrimedLower(sentryStore.getRoleNamesForGroups(groups));
- if(!roleNamesForGroups.contains(request.getRoleName().trim().toLowerCase())) {
- throw new SentryAccessDeniedException("Access denied to " + subject);
- }
- }
- if (request.isSetAuthorizableHierarchy()) {
- TSentryAuthorizable authorizableHierarchy = request.getAuthorizableHierarchy();
- privilegeSet = sentryStore.getTSentryPrivileges(Sets.newHashSet(request.getRoleName()), authorizableHierarchy);
- } else {
- privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(request.getRoleName());
- }
- response.setPrivileges(privilegeSet);
- response.setStatus(Status.OK());
- } catch (SentryNoSuchObjectException e) {
- response.setPrivileges(privilegeSet);
- String msg = "Privilege: " + request + " couldn't be retrieved.";
- LOGGER.error(msg, e);
- response.setStatus(Status.NoSuchObject(msg, e));
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
- return response;
- }
-
- /**
- * This method was created specifically for ProviderBackend.getPrivileges() and is not meant
- * to be used for general privilege retrieval. More details in the .thrift file.
- */
- @Override
- public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(
- TListSentryPrivilegesForProviderRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.listPrivilegesForProviderTimer.time();
- TListSentryPrivilegesForProviderResponse response = new TListSentryPrivilegesForProviderResponse();
- response.setPrivileges(new HashSet<String>());
- try {
- validateClientVersion(request.getProtocol_version());
- Set<String> privilegesForProvider =
- sentryStore.listSentryPrivilegesForProvider(request.getGroups(), request.getUsers(),
- request.getRoleSet(), request.getAuthorizableHierarchy());
- response.setPrivileges(privilegesForProvider);
- if (privilegesForProvider == null
- || privilegesForProvider.size() == 0
- && request.getAuthorizableHierarchy() != null
- && sentryStore.hasAnyServerPrivileges(request.getGroups(), request.getUsers(),
- request.getRoleSet(), request.getAuthorizableHierarchy().getServer())) {
-
- // REQUIRED for ensuring 'default' Db is accessible by any user
- // with privileges to atleast 1 object with the specific server as root
-
- // Need some way to specify that even though user has no privilege
- // For the specific AuthorizableHierarchy.. he has privilege on
- // atleast 1 object in the server hierarchy
- HashSet<String> serverPriv = Sets.newHashSet("server=+");
- response.setPrivileges(serverPriv);
- }
- response.setStatus(Status.OK());
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
- return response;
- }
-
- // retrieve the group mapping for the given user name
- private Set<String> getRequestorGroups(String userName)
- throws SentryUserException {
- return getGroupsFromUserName(this.conf, userName);
- }
-
- public static Set<String> getGroupsFromUserName(Configuration conf,
- String userName) throws SentryUserException {
- String groupMapping = conf.get(ServerConfig.SENTRY_STORE_GROUP_MAPPING,
- ServerConfig.SENTRY_STORE_GROUP_MAPPING_DEFAULT);
- String authResoruce = conf
- .get(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE);
-
- // load the group mapping provider class
- GroupMappingService groupMappingService;
- try {
- Constructor<?> constrctor = Class.forName(groupMapping)
- .getDeclaredConstructor(Configuration.class, String.class);
- constrctor.setAccessible(true);
- groupMappingService = (GroupMappingService) constrctor
- .newInstance(new Object[] { conf, authResoruce });
- } catch (NoSuchMethodException e) {
- throw new SentryUserException("Unable to instantiate group mapping", e);
- } catch (SecurityException e) {
- throw new SentryUserException("Unable to instantiate group mapping", e);
- } catch (ClassNotFoundException e) {
- throw new SentryUserException("Unable to instantiate group mapping", e);
- } catch (InstantiationException e) {
- throw new SentryUserException("Unable to instantiate group mapping", e);
- } catch (IllegalAccessException e) {
- throw new SentryUserException("Unable to instantiate group mapping", e);
- } catch (IllegalArgumentException e) {
- throw new SentryUserException("Unable to instantiate group mapping", e);
- } catch (InvocationTargetException e) {
- throw new SentryUserException("Unable to instantiate group mapping", e);
- }
- return groupMappingService.getGroups(userName);
- }
-
- @Override
- public TDropPrivilegesResponse drop_sentry_privilege(
- TDropPrivilegesRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.dropPrivilegeTimer.time();
- TDropPrivilegesResponse response = new TDropPrivilegesResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(), adminGroups);
- sentryStore.dropPrivilege(request.getAuthorizable());
- for (SentryPolicyStorePlugin plugin : sentryPlugins) {
- plugin.onDropSentryPrivilege(request);
- }
- response.setStatus(Status.OK());
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: "
- + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
- return response;
- }
-
- @Override
- public TRenamePrivilegesResponse rename_sentry_privilege(
- TRenamePrivilegesRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.renamePrivilegeTimer.time();
- TRenamePrivilegesResponse response = new TRenamePrivilegesResponse();
- try {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(), adminGroups);
- sentryStore.renamePrivilege(request.getOldAuthorizable(),
- request.getNewAuthorizable());
- for (SentryPolicyStorePlugin plugin : sentryPlugins) {
- plugin.onRenameSentryPrivilege(request);
- }
- response.setStatus(Status.OK());
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: "
- + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.close();
- }
- return response;
- }
-
- @Override
- public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(
- TListSentryPrivilegesByAuthRequest request) throws TException {
- final Timer.Context timerContext = sentryMetrics.listPrivilegesByAuthorizableTimer.time();
- TListSentryPrivilegesByAuthResponse response = new TListSentryPrivilegesByAuthResponse();
- Map<TSentryAuthorizable, TSentryPrivilegeMap> authRoleMap = Maps.newHashMap();
- String subject = request.getRequestorUserName();
- Set<String> requestedGroups = request.getGroups();
- TSentryActiveRoleSet requestedRoleSet = request.getRoleSet();
- try {
- validateClientVersion(request.getProtocol_version());
- Set<String> memberGroups = getRequestorGroups(subject);
- if(!inAdminGroups(memberGroups)) {
- // disallow non-admin to lookup groups that they are not part of
- if (requestedGroups != null && !requestedGroups.isEmpty()) {
- for (String requestedGroup : requestedGroups) {
- if (!memberGroups.contains(requestedGroup)) {
- // if user doesn't belong to one of the requested group then raise error
- throw new SentryAccessDeniedException("Access denied to " + subject);
- }
- }
- } else {
- // non-admin's search is limited to it's own groups
- requestedGroups = memberGroups;
- }
-
- // disallow non-admin to lookup roles that they are not part of
- if (requestedRoleSet != null && !requestedRoleSet.isAll()) {
- Set<String> roles = toTrimedLower(sentryStore
- .getRoleNamesForGroups(memberGroups));
- for (String role : toTrimedLower(requestedRoleSet.getRoles())) {
- if (!roles.contains(role)) {
- throw new SentryAccessDeniedException("Access denied to "
- + subject);
- }
- }
- }
- }
-
- // If user is not part of any group.. return empty response
- for (TSentryAuthorizable authorizable : request.getAuthorizableSet()) {
- authRoleMap.put(authorizable, sentryStore
- .listSentryPrivilegesByAuthorizable(requestedGroups,
- request.getRoleSet(), authorizable, inAdminGroups(memberGroups)));
- }
- response.setPrivilegesMapByAuth(authRoleMap);
- response.setStatus(Status.OK());
- // TODO : Sentry - HDFS : Have to handle this
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: "
- + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- } finally {
- timerContext.stop();
- }
- return response;
- }
-
- /**
- * Respond to a request for a config value in the sentry server. The client
- * can request any config value that starts with "sentry." and doesn't contain
- * "keytab".
- * @param request Contains config parameter sought and default if not found
- * @return The response, containing the value and status
- * @throws TException
- */
- @Override
- public TSentryConfigValueResponse get_sentry_config_value(
- TSentryConfigValueRequest request) throws TException {
-
- final String requirePattern = "^sentry\\..*";
- final String excludePattern = ".*keytab.*|.*\\.jdbc\\..*|.*password.*";
-
- TSentryConfigValueResponse response = new TSentryConfigValueResponse();
- String attr = request.getPropertyName();
-
- try {
- validateClientVersion(request.getProtocol_version());
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- }
- // Only allow config parameters like...
- if (!Pattern.matches(requirePattern, attr) ||
- Pattern.matches(excludePattern, attr)) {
- String msg = "Attempted access of the configuration property " + attr +
- " was denied";
- LOGGER.error(msg);
- response.setStatus(Status.AccessDenied(msg,
- new SentryAccessDeniedException(msg)));
- return response;
- }
-
- response.setValue(conf.get(attr,request.getDefaultValue()));
- response.setStatus(Status.OK());
- return response;
- }
-
- @VisibleForTesting
- static void validateClientVersion(int protocolVersion) throws SentryThriftAPIMismatchException {
- if (ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT != protocolVersion) {
- String msg = "Sentry thrift API protocol version mismatch: Client thrift version " +
- "is: " + protocolVersion + " , server thrift verion " +
- "is " + ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT;
- throw new SentryThriftAPIMismatchException(msg);
- }
- }
-
- // get the sentry mapping data and return the data with map structure
- @Override
- public TSentryExportMappingDataResponse export_sentry_mapping_data(
- TSentryExportMappingDataRequest request) throws TException {
- TSentryExportMappingDataResponse response = new TSentryExportMappingDataResponse();
- try {
- String requestor = request.getRequestorUserName();
- Set<String> memberGroups = getRequestorGroups(requestor);
- String objectPath = request.getObjectPath();
- String databaseName = null;
- String tableName = null;
-
- Map<String, String> objectMap =
- SentryServiceUtil.parseObjectPath(objectPath);
- databaseName = objectMap.get(PolicyFileConstants.PRIVILEGE_DATABASE_NAME);
- tableName = objectMap.get(PolicyFileConstants.PRIVILEGE_TABLE_NAME);
-
- if (!inAdminGroups(memberGroups)) {
- // disallow non-admin to import the metadata of sentry
- throw new SentryAccessDeniedException("Access denied to " + requestor
- + " for export the metadata of sentry.");
- }
- TSentryMappingData tSentryMappingData = new TSentryMappingData();
- Map<String, Set<TSentryPrivilege>> rolePrivileges =
- sentryStore.getRoleNameTPrivilegesMap(databaseName, tableName);
- tSentryMappingData.setRolePrivilegesMap(rolePrivileges);
- Set<String> roleNames = rolePrivileges.keySet();
- // roleNames should be null if databaseName == null and tableName == null
- if (databaseName == null && tableName == null) {
- roleNames = null;
- }
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(
- roleNames);
- tSentryMappingData.setGroupRolesMap(mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP));
- tSentryMappingData.setUserRolesMap(mapList.get(SentryStore.INDEX_USER_ROLES_MAP));
-
- response.setMappingData(tSentryMappingData);
- response.setStatus(Status.OK());
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setMappingData(new TSentryMappingData());
- response.setStatus(Status.RuntimeError(msg, e));
- }
- return response;
- }
-
- // import the sentry mapping data
- @Override
- public TSentryImportMappingDataResponse import_sentry_mapping_data(
- TSentryImportMappingDataRequest request) throws TException {
- TSentryImportMappingDataResponse response = new TSentryImportMappingDataResponse();
- try {
- String requestor = request.getRequestorUserName();
- Set<String> memberGroups = getRequestorGroups(requestor);
- if (!inAdminGroups(memberGroups)) {
- // disallow non-admin to import the metadata of sentry
- throw new SentryAccessDeniedException("Access denied to " + requestor
- + " for import the metadata of sentry.");
- }
- sentryStore.importSentryMetaData(request.getMappingData(), request.isOverwriteRole());
- response.setStatus(Status.OK());
- } catch (SentryInvalidInputException e) {
- String msg = "Invalid input privilege object";
- LOGGER.error(msg, e);
- response.setStatus(Status.InvalidInput(msg, e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- }
- return response;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java
deleted file mode 100644
index 691c1fb..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.service.thrift.ProcessorFactory;
-import org.apache.thrift.TMultiplexedProcessor;
-import org.apache.thrift.TProcessor;
-
-public class SentryPolicyStoreProcessorFactory extends ProcessorFactory {
- public SentryPolicyStoreProcessorFactory(Configuration conf) {
- super(conf);
- }
-
- public boolean register(TMultiplexedProcessor multiplexedProcessor) throws Exception {
- SentryPolicyStoreProcessor sentryServiceHandler =
- new SentryPolicyStoreProcessor(SentryPolicyStoreProcessor.SENTRY_POLICY_SERVICE_NAME,
- conf);
- TProcessor processor =
- new SentryProcessorWrapper<SentryPolicyService.Iface>(sentryServiceHandler);
- multiplexedProcessor.registerProcessor(SentryPolicyStoreProcessor.SENTRY_POLICY_SERVICE_NAME, processor);
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryProcessorWrapper.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryProcessorWrapper.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryProcessorWrapper.java
deleted file mode 100644
index a5f11a9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryProcessorWrapper.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.TException;
-import org.apache.thrift.protocol.TProtocol;
-
-public class SentryProcessorWrapper<I extends SentryPolicyService.Iface> extends
- SentryPolicyService.Processor<SentryPolicyService.Iface> {
-
- public SentryProcessorWrapper(I iface) {
- super(iface);
- }
-
- @Override
- public boolean process(TProtocol in, TProtocol out) throws TException {
- ThriftUtil.setIpAddress(in);
- ThriftUtil.setImpersonator(in);
- return super.process(in, out);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java
deleted file mode 100644
index a42f395..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java
+++ /dev/null
@@ -1,184 +0,0 @@
-package org.apache.sentry.provider.db.service.thrift;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import com.codahale.metrics.servlets.AdminServlet;
-import com.google.common.base.Preconditions;
-
-import java.io.IOException;
-import java.util.EnumSet;
-import java.net.URL;
-import java.util.EventListener;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import com.google.common.base.Splitter;
-import com.google.common.base.Strings;
-import com.google.common.collect.Sets;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.eclipse.jetty.server.DispatcherType;
-import org.eclipse.jetty.server.Handler;
-import org.eclipse.jetty.server.handler.ContextHandler;
-import org.eclipse.jetty.server.handler.ContextHandlerCollection;
-import org.eclipse.jetty.server.handler.ResourceHandler;
-import org.eclipse.jetty.server.nio.SelectChannelConnector;
-import org.eclipse.jetty.server.Server;
-import org.eclipse.jetty.server.ssl.SslSelectChannelConnector;
-import org.eclipse.jetty.servlet.FilterHolder;
-import org.eclipse.jetty.servlet.ServletContextHandler;
-import org.eclipse.jetty.servlet.ServletHolder;
-import org.eclipse.jetty.util.resource.Resource;
-import org.eclipse.jetty.util.ssl.SslContextFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class SentryWebServer {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryWebServer.class);
- private static final String RESOURCE_DIR = "/webapp";
- private static final String WELCOME_PAGE = "SentryService.html";
-
- private Server server;
-
- public SentryWebServer(List<EventListener> listeners, int port, Configuration conf) {
- server = new Server();
-
- // Create a channel connector for "http/https" requests
- SelectChannelConnector connector = new SelectChannelConnector();
- if (conf.getBoolean(ServerConfig.SENTRY_WEB_USE_SSL, false)) {
- SslContextFactory sslContextFactory = new SslContextFactory();
- sslContextFactory.setKeyStorePath(conf.get(ServerConfig.SENTRY_WEB_SSL_KEYSTORE_PATH, ""));
- sslContextFactory.setKeyStorePassword(
- conf.get(ServerConfig.SENTRY_WEB_SSL_KEYSTORE_PASSWORD, ""));
- // Exclude SSL blacklist protocols
- sslContextFactory.setExcludeProtocols(ServerConfig.SENTRY_SSL_PROTOCOL_BLACKLIST_DEFAULT);
- Set<String> moreExcludedSSLProtocols =
- Sets.newHashSet(Splitter.on(",").trimResults().omitEmptyStrings()
- .split(Strings.nullToEmpty(conf.get(ServerConfig.SENTRY_SSL_PROTOCOL_BLACKLIST))));
- sslContextFactory.addExcludeProtocols(moreExcludedSSLProtocols.toArray(
- new String[moreExcludedSSLProtocols.size()]));
- connector = new SslSelectChannelConnector(sslContextFactory);
- LOGGER.info("Now using SSL mode.");
- }
-
- connector.setPort(port);
- server.addConnector(connector);
-
- ServletContextHandler servletContextHandler = new ServletContextHandler();
- ServletHolder servletHolder = new ServletHolder(AdminServlet.class);
- servletContextHandler.addServlet(servletHolder, "/*");
-
- for(EventListener listener:listeners) {
- servletContextHandler.addEventListener(listener);
- }
-
- ServletHolder confServletHolder = new ServletHolder(ConfServlet.class);
- servletContextHandler.addServlet(confServletHolder, "/conf");
- servletContextHandler.getServletContext()
- .setAttribute(ConfServlet.CONF_CONTEXT_ATTRIBUTE, conf);
-
- ResourceHandler resourceHandler = new ResourceHandler();
- resourceHandler.setDirectoriesListed(true);
- URL url = this.getClass().getResource(RESOURCE_DIR);
- try {
- resourceHandler.setBaseResource(Resource.newResource(url.toString()));
- } catch (IOException e) {
- LOGGER.error("Got exception while setBaseResource for Sentry Service web UI", e);
- }
- resourceHandler.setWelcomeFiles(new String[]{WELCOME_PAGE});
- ContextHandler contextHandler= new ContextHandler();
- contextHandler.setHandler(resourceHandler);
-
- ContextHandlerCollection contextHandlerCollection = new ContextHandlerCollection();
- contextHandlerCollection.setHandlers(new Handler[]{contextHandler, servletContextHandler});
-
- String authMethod = conf.get(ServerConfig.SENTRY_WEB_SECURITY_TYPE);
- if (!ServerConfig.SENTRY_WEB_SECURITY_TYPE_NONE.equals(authMethod)) {
- /**
- * SentryAuthFilter is a subclass of AuthenticationFilter and
- * AuthenticationFilter tagged as private and unstable interface:
- * While there are not guarantees that this interface will not change,
- * it is fairly stable and used by other projects (ie - Oozie)
- */
- FilterHolder filterHolder = servletContextHandler.addFilter(SentryAuthFilter.class, "/*", EnumSet.of(DispatcherType.REQUEST));
- filterHolder.setInitParameters(loadWebAuthenticationConf(conf));
- }
-
- server.setHandler(contextHandlerCollection);
- }
-
- public void start() throws Exception{
- server.start();
- }
- public void stop() throws Exception{
- server.stop();
- }
- public boolean isAlive() {
- return server != null && server.isStarted();
- }
- private static Map<String, String> loadWebAuthenticationConf(Configuration conf) {
- Map<String,String> prop = new HashMap<String, String>();
- prop.put(AuthenticationFilter.CONFIG_PREFIX, ServerConfig.SENTRY_WEB_SECURITY_PREFIX);
- String allowUsers = conf.get(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS);
- if (allowUsers == null || allowUsers.equals("")) {
- allowUsers = conf.get(ServerConfig.ALLOW_CONNECT);
- conf.set(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS, allowUsers);
- }
- validateConf(conf);
- for (Map.Entry<String, String> entry : conf) {
- String name = entry.getKey();
- if (name.startsWith(ServerConfig.SENTRY_WEB_SECURITY_PREFIX)) {
- String value = conf.get(name);
- prop.put(name, value);
- }
- }
- return prop;
- }
-
- private static void validateConf(Configuration conf) {
- String authHandlerName = conf.get(ServerConfig.SENTRY_WEB_SECURITY_TYPE);
- Preconditions.checkNotNull(authHandlerName, "Web authHandler should not be null.");
- String allowUsers = conf.get(ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS);
- Preconditions.checkNotNull(allowUsers, "Allow connect user(s) should not be null.");
- if (ServerConfig.SENTRY_WEB_SECURITY_TYPE_KERBEROS.equalsIgnoreCase(authHandlerName)) {
- String principal = conf.get(ServerConfig.SENTRY_WEB_SECURITY_PRINCIPAL);
- Preconditions.checkNotNull(principal, "Kerberos principal should not be null.");
- Preconditions.checkArgument(principal.length() != 0, "Kerberos principal is not right.");
- String keytabFile = conf.get(ServerConfig.SENTRY_WEB_SECURITY_KEYTAB);
- Preconditions.checkNotNull(keytabFile, "Keytab File should not be null.");
- Preconditions.checkArgument(keytabFile.length() != 0, "Keytab File is not right.");
- try {
- UserGroupInformation.setConfiguration(conf);
- String hostPrincipal = SecurityUtil.getServerPrincipal(principal, ServerConfig.RPC_ADDRESS_DEFAULT);
- UserGroupInformation.loginUserFromKeytab(hostPrincipal, keytabFile);
- } catch (IOException ex) {
- throw new IllegalArgumentException("Can't use Kerberos authentication, principal ["
- + principal + "] keytab [" + keytabFile + "]", ex);
- }
- LOGGER.info("Using Kerberos authentication, principal ["
- + principal + "] keytab [" + keytabFile + "]");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java
deleted file mode 100644
index 3a96d0b..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ThriftUtil.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.protocol.TProtocol;
-import org.apache.thrift.transport.TSaslClientTransport;
-import org.apache.thrift.transport.TSaslServerTransport;
-import org.apache.thrift.transport.TSocket;
-import org.apache.thrift.transport.TTransport;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Preconditions;
-
-public final class ThriftUtil {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(ThriftUtil.class);
-
- public static void setImpersonator(final TProtocol in) {
- try {
- TTransport transport = in.getTransport();
- if (transport instanceof TSaslServerTransport) {
- String impersonator = ((TSaslServerTransport) transport).getSaslServer()
- .getAuthorizationID();
- setImpersonator(impersonator);
- }
- } catch (Exception e) {
- // If there has exception when get impersonator info, log the error information.
- LOGGER.warn("There is an error when get the impersonator:" + e.getMessage());
- }
- }
-
- public static void setIpAddress(final TProtocol in) {
- try {
- TTransport transport = in.getTransport();
- TSocket tSocket = getUnderlyingSocketFromTransport(transport);
- if (tSocket != null) {
- setIpAddress(tSocket.getSocket().getInetAddress().toString());
- } else {
- LOGGER.warn("Unknown Transport, cannot determine ipAddress");
- }
- } catch (Exception e) {
- // If there has exception when get impersonator info, log the error information.
- LOGGER.warn("There is an error when get the client's ip address:" + e.getMessage());
- }
- }
-
- /**
- * Returns the underlying TSocket from the transport, or null of the transport type is unknown.
- */
- private static TSocket getUnderlyingSocketFromTransport(TTransport transport) {
- Preconditions.checkNotNull(transport);
- if (transport instanceof TSaslServerTransport) {
- return (TSocket) ((TSaslServerTransport) transport).getUnderlyingTransport();
- } else if (transport instanceof TSaslClientTransport) {
- return (TSocket) ((TSaslClientTransport) transport).getUnderlyingTransport();
- } else if (transport instanceof TSocket) {
- return (TSocket) transport;
- }
- return null;
- }
-
- private static ThreadLocal<String> threadLocalIpAddress = new ThreadLocal<String>() {
- @Override
- protected synchronized String initialValue() {
- return "";
- }
- };
-
- public static void setIpAddress(String ipAddress) {
- threadLocalIpAddress.set(ipAddress);
- }
-
- public static String getIpAddress() {
- return threadLocalIpAddress.get();
- }
-
- private static ThreadLocal<String> threadLocalImpersonator = new ThreadLocal<String>() {
- @Override
- protected synchronized String initialValue() {
- return "";
- }
- };
-
- public static void setImpersonator(String impersonator) {
- threadLocalImpersonator.set(impersonator);
- }
-
- public static String getImpersonator() {
- return threadLocalImpersonator.get();
- }
-
- private ThriftUtil() {
- // Make constructor private to avoid instantiation
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java
deleted file mode 100644
index cf1c725..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java
+++ /dev/null
@@ -1,315 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools;
-
-import java.util.IllegalFormatException;
-
-public final class SentrySchemaHelper {
- public static final String DB_DERBY = "derby";
- public static final String DB_MYSQL = "mysql";
- public static final String DB_POSTGRACE = "postgres";
- public static final String DB_ORACLE = "oracle";
- public static final String DB_DB2 = "db2";
-
- public interface NestedScriptParser {
-
- public enum CommandType {
- PARTIAL_STATEMENT,
- TERMINATED_STATEMENT,
- COMMENT
- }
-
- String DEFAUTL_DELIMITER = ";";
- /***
- * Find the type of given command
- * @param dbCommand
- * @return
- */
- boolean isPartialCommand(String dbCommand) throws IllegalArgumentException;
-
- /** Parse the DB specific nesting format and extract the inner script name if any
- * @param dbCommand command from parent script
- * @return
- * @throws IllegalFormatException
- */
- String getScriptName(String dbCommand) throws IllegalArgumentException;
-
- /***
- * Find if the given command is a nested script execution
- * @param dbCommand
- * @return
- */
- boolean isNestedScript(String dbCommand);
-
- /***
- * Find if the given command is should be passed to DB
- * @param dbCommand
- * @return
- */
- boolean isNonExecCommand(String dbCommand);
-
- /***
- * Get the SQL statement delimiter
- * @return
- */
- String getDelimiter();
-
- /***
- * Clear any client specific tags
- * @return
- */
- String cleanseCommand(String dbCommand);
-
- /***
- * Does the DB required table/column names quoted
- * @return
- */
- boolean needsQuotedIdentifier();
-
- /***
- * Set DB specific options if any
- * @param dbOps
- */
- void setDbOpts(String dbOps);
- }
-
-
- /***
- * Base implemenation of NestedScriptParser
- * abstractCommandParser.
- *
- */
- private static abstract class AbstractCommandParser implements NestedScriptParser {
- private String dbOpts = null;
-
- @Override
- public boolean isPartialCommand(String dbCommand) throws IllegalArgumentException{
- if (dbCommand == null || dbCommand.isEmpty()) {
- throw new IllegalArgumentException("invalid command line " + dbCommand);
- }
- String trimmedDbCommand = dbCommand.trim();
- return !(trimmedDbCommand.endsWith(getDelimiter()) || isNonExecCommand(trimmedDbCommand));
- }
-
- @Override
- public boolean isNonExecCommand(String dbCommand) {
- return dbCommand.startsWith("--") || dbCommand.startsWith("#");
- }
-
- @Override
- public String getDelimiter() {
- return DEFAUTL_DELIMITER;
- }
-
- @Override
- public String cleanseCommand(String dbCommand) {
- // strip off the delimiter
- if (dbCommand.endsWith(getDelimiter())) {
- dbCommand = dbCommand.substring(0,
- dbCommand.length() - getDelimiter().length());
- }
- return dbCommand;
- }
-
- @Override
- public boolean needsQuotedIdentifier() {
- return false;
- }
-
- @Override
- public void setDbOpts(String dbOpts) {
- this.dbOpts = dbOpts;
- }
-
- protected String getDbOpts() {
- return dbOpts;
- }
- }
-
-
- // Derby commandline parser
- public static class DerbyCommandParser extends AbstractCommandParser {
- private static final String DERBY_NESTING_TOKEN = "RUN";
-
- @Override
- public String getScriptName(String dbCommand) throws IllegalArgumentException {
-
- if (!isNestedScript(dbCommand)) {
- throw new IllegalArgumentException("Not a script format " + dbCommand);
- }
- String[] tokens = dbCommand.split(" ");
- if (tokens.length != 2) {
- throw new IllegalArgumentException("Couldn't parse line " + dbCommand);
- }
- return tokens[1].replace(";", "").replaceAll("'", "");
- }
-
- @Override
- public boolean isNestedScript(String dbCommand) {
- // Derby script format is RUN '<file>'
- return dbCommand.startsWith(DERBY_NESTING_TOKEN);
- }
- }
-
-
- // MySQL parser
- public static class MySqlCommandParser extends AbstractCommandParser {
- private static final String MYSQL_NESTING_TOKEN = "SOURCE";
- private static final String DELIMITER_TOKEN = "DELIMITER";
- private String delimiter = DEFAUTL_DELIMITER;
-
- @Override
- public boolean isPartialCommand(String dbCommand) throws IllegalArgumentException{
- boolean isPartial = super.isPartialCommand(dbCommand);
- // if this is a delimiter directive, reset our delimiter
- if (dbCommand.startsWith(DELIMITER_TOKEN)) {
- String[] tokens = dbCommand.split(" ");
- if (tokens.length != 2) {
- throw new IllegalArgumentException("Couldn't parse line " + dbCommand);
- }
- delimiter = tokens[1];
- }
- return isPartial;
- }
-
- @Override
- public String getScriptName(String dbCommand) throws IllegalArgumentException {
- String[] tokens = dbCommand.split(" ");
- if (tokens.length != 2) {
- throw new IllegalArgumentException("Couldn't parse line " + dbCommand);
- }
- // remove ending ';'
- return tokens[1].replace(";", "");
- }
-
- @Override
- public boolean isNestedScript(String dbCommand) {
- return dbCommand.startsWith(MYSQL_NESTING_TOKEN);
- }
-
- @Override
- public String getDelimiter() {
- return delimiter;
- }
-
- @Override
- public boolean isNonExecCommand(String dbCommand) {
- return super.isNonExecCommand(dbCommand) ||
- dbCommand.startsWith("/*") && dbCommand.endsWith("*/") ||
- dbCommand.startsWith(DELIMITER_TOKEN);
- }
-
- @Override
- public String cleanseCommand(String dbCommand) {
- return super.cleanseCommand(dbCommand).replaceAll("/\\*.*?\\*/[^;]", "");
- }
-
- }
-
- // Postgres specific parser
- public static class PostgresCommandParser extends AbstractCommandParser {
- public static final String POSTGRES_STRING_COMMAND_FILTER = "SET standard_conforming_strings";
- public static final String POSTGRES_STRING_CLIENT_ENCODING = "SET client_encoding";
- public static final String POSTGRES_SKIP_STANDARD_STRING = "postgres.filter.81";
- private static final String POSTGRES_NESTING_TOKEN = "\\i";
-
- @Override
- public String getScriptName(String dbCommand) throws IllegalArgumentException {
- String[] tokens = dbCommand.split(" ");
- if (tokens.length != 2) {
- throw new IllegalArgumentException("Couldn't parse line " + dbCommand);
- }
- // remove ending ';'
- return tokens[1].replace(";", "");
- }
-
- @Override
- public boolean isNestedScript(String dbCommand) {
- return dbCommand.startsWith(POSTGRES_NESTING_TOKEN);
- }
-
- @Override
- public boolean needsQuotedIdentifier() {
- return true;
- }
-
- @Override
- public boolean isNonExecCommand(String dbCommand) {
- // Skip "standard_conforming_strings" command which is not supported in older postgres
- if (POSTGRES_SKIP_STANDARD_STRING.equalsIgnoreCase(getDbOpts())
- && (dbCommand.startsWith(POSTGRES_STRING_COMMAND_FILTER) || dbCommand.startsWith(POSTGRES_STRING_CLIENT_ENCODING))) {
- return true;
- }
- return super.isNonExecCommand(dbCommand);
- }
- }
-
- //Oracle specific parser
- public static class OracleCommandParser extends AbstractCommandParser {
- private static final String ORACLE_NESTING_TOKEN = "@";
- @Override
- public String getScriptName(String dbCommand) throws IllegalArgumentException {
- if (!isNestedScript(dbCommand)) {
- throw new IllegalArgumentException("Not a nested script format " + dbCommand);
- }
- // remove ending ';' and starting '@'
- return dbCommand.replace(";", "").replace(ORACLE_NESTING_TOKEN, "");
- }
-
- @Override
- public boolean isNestedScript(String dbCommand) {
- return dbCommand.startsWith(ORACLE_NESTING_TOKEN);
- }
- }
-
- // DB2 commandline parser
- public static class DB2CommandParser extends AbstractCommandParser {
-
- @Override
- public String getScriptName(String dbCommand) throws IllegalArgumentException {
- //DB2 does not support nesting script
- throw new IllegalArgumentException("DB2 does not support nesting script " + dbCommand);
- }
-
- @Override
- public boolean isNestedScript(String dbCommand) {
- //DB2 does not support nesting script
- return false;
- }
- }
-
- public static NestedScriptParser getDbCommandParser(String dbName) {
- if (dbName.equalsIgnoreCase(DB_DERBY)) {
- return new DerbyCommandParser();
- } else if (dbName.equalsIgnoreCase(DB_MYSQL)) {
- return new MySqlCommandParser();
- } else if (dbName.equalsIgnoreCase(DB_POSTGRACE)) {
- return new PostgresCommandParser();
- } else if (dbName.equalsIgnoreCase(DB_ORACLE)) {
- return new OracleCommandParser();
- } else if (dbName.equalsIgnoreCase(DB_DB2)) {
- return new DB2CommandParser();
- } else {
- throw new IllegalArgumentException("Unknown dbType " + dbName);
- }
- }
-
- private SentrySchemaHelper() {
- // Make constructor private to avoid instantiation
- }
-}
[36/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
deleted file mode 100644
index 95ccd01..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
+++ /dev/null
@@ -1,866 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.TBase<TAlterSentryRoleGrantPrivilegeRequest, TAlterSentryRoleGrantPrivilegeRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleGrantPrivilegeRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleGrantPrivilegeRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)5);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)6);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleGrantPrivilegeRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleGrantPrivilegeRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private TSentryPrivilege privilege; // optional
- private Set<TSentryPrivilege> privileges; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- PRIVILEGE((short)5, "privilege"),
- PRIVILEGES((short)6, "privileges");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 5: // PRIVILEGE
- return PRIVILEGE;
- case 6: // PRIVILEGES
- return PRIVILEGES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.PRIVILEGE,_Fields.PRIVILEGES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
- tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleGrantPrivilegeRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleGrantPrivilegeRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleGrantPrivilegeRequest(
- int protocol_version,
- String requestorUserName,
- String roleName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleGrantPrivilegeRequest(TAlterSentryRoleGrantPrivilegeRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetPrivilege()) {
- this.privilege = new TSentryPrivilege(other.privilege);
- }
- if (other.isSetPrivileges()) {
- Set<TSentryPrivilege> __this__privileges = new HashSet<TSentryPrivilege>(other.privileges.size());
- for (TSentryPrivilege other_element : other.privileges) {
- __this__privileges.add(new TSentryPrivilege(other_element));
- }
- this.privileges = __this__privileges;
- }
- }
-
- public TAlterSentryRoleGrantPrivilegeRequest deepCopy() {
- return new TAlterSentryRoleGrantPrivilegeRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.privilege = null;
- this.privileges = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public TSentryPrivilege getPrivilege() {
- return this.privilege;
- }
-
- public void setPrivilege(TSentryPrivilege privilege) {
- this.privilege = privilege;
- }
-
- public void unsetPrivilege() {
- this.privilege = null;
- }
-
- /** Returns true if field privilege is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilege() {
- return this.privilege != null;
- }
-
- public void setPrivilegeIsSet(boolean value) {
- if (!value) {
- this.privilege = null;
- }
- }
-
- public int getPrivilegesSize() {
- return (this.privileges == null) ? 0 : this.privileges.size();
- }
-
- public java.util.Iterator<TSentryPrivilege> getPrivilegesIterator() {
- return (this.privileges == null) ? null : this.privileges.iterator();
- }
-
- public void addToPrivileges(TSentryPrivilege elem) {
- if (this.privileges == null) {
- this.privileges = new HashSet<TSentryPrivilege>();
- }
- this.privileges.add(elem);
- }
-
- public Set<TSentryPrivilege> getPrivileges() {
- return this.privileges;
- }
-
- public void setPrivileges(Set<TSentryPrivilege> privileges) {
- this.privileges = privileges;
- }
-
- public void unsetPrivileges() {
- this.privileges = null;
- }
-
- /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivileges() {
- return this.privileges != null;
- }
-
- public void setPrivilegesIsSet(boolean value) {
- if (!value) {
- this.privileges = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case PRIVILEGE:
- if (value == null) {
- unsetPrivilege();
- } else {
- setPrivilege((TSentryPrivilege)value);
- }
- break;
-
- case PRIVILEGES:
- if (value == null) {
- unsetPrivileges();
- } else {
- setPrivileges((Set<TSentryPrivilege>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case PRIVILEGE:
- return getPrivilege();
-
- case PRIVILEGES:
- return getPrivileges();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case PRIVILEGE:
- return isSetPrivilege();
- case PRIVILEGES:
- return isSetPrivileges();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleGrantPrivilegeRequest)
- return this.equals((TAlterSentryRoleGrantPrivilegeRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleGrantPrivilegeRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_privilege = true && this.isSetPrivilege();
- boolean that_present_privilege = true && that.isSetPrivilege();
- if (this_present_privilege || that_present_privilege) {
- if (!(this_present_privilege && that_present_privilege))
- return false;
- if (!this.privilege.equals(that.privilege))
- return false;
- }
-
- boolean this_present_privileges = true && this.isSetPrivileges();
- boolean that_present_privileges = true && that.isSetPrivileges();
- if (this_present_privileges || that_present_privileges) {
- if (!(this_present_privileges && that_present_privileges))
- return false;
- if (!this.privileges.equals(that.privileges))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_privilege = true && (isSetPrivilege());
- list.add(present_privilege);
- if (present_privilege)
- list.add(privilege);
-
- boolean present_privileges = true && (isSetPrivileges());
- list.add(present_privileges);
- if (present_privileges)
- list.add(privileges);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleGrantPrivilegeRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilege()).compareTo(other.isSetPrivilege());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilege()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilege, other.privilege);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(other.isSetPrivileges());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivileges()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, other.privileges);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleGrantPrivilegeRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (isSetPrivilege()) {
- if (!first) sb.append(", ");
- sb.append("privilege:");
- if (this.privilege == null) {
- sb.append("null");
- } else {
- sb.append(this.privilege);
- }
- first = false;
- }
- if (isSetPrivileges()) {
- if (!first) sb.append(", ");
- sb.append("privileges:");
- if (this.privileges == null) {
- sb.append("null");
- } else {
- sb.append(this.privileges);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (privilege != null) {
- privilege.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeRequestStandardScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestStandardScheme extends StandardScheme<TAlterSentryRoleGrantPrivilegeRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // PRIVILEGE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // PRIVILEGES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set32 = iprot.readSetBegin();
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set32.size);
- TSentryPrivilege _elem33;
- for (int _i34 = 0; _i34 < _set32.size; ++_i34)
- {
- _elem33 = new TSentryPrivilege();
- _elem33.read(iprot);
- struct.privileges.add(_elem33);
- }
- iprot.readSetEnd();
- }
- struct.setPrivilegesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.privilege != null) {
- if (struct.isSetPrivilege()) {
- oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
- struct.privilege.write(oprot);
- oprot.writeFieldEnd();
- }
- }
- if (struct.privileges != null) {
- if (struct.isSetPrivileges()) {
- oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.privileges.size()));
- for (TSentryPrivilege _iter35 : struct.privileges)
- {
- _iter35.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeRequestTupleScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestTupleScheme extends TupleScheme<TAlterSentryRoleGrantPrivilegeRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- BitSet optionals = new BitSet();
- if (struct.isSetPrivilege()) {
- optionals.set(0);
- }
- if (struct.isSetPrivileges()) {
- optionals.set(1);
- }
- oprot.writeBitSet(optionals, 2);
- if (struct.isSetPrivilege()) {
- struct.privilege.write(oprot);
- }
- if (struct.isSetPrivileges()) {
- {
- oprot.writeI32(struct.privileges.size());
- for (TSentryPrivilege _iter36 : struct.privileges)
- {
- _iter36.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- BitSet incoming = iprot.readBitSet(2);
- if (incoming.get(0)) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- }
- if (incoming.get(1)) {
- {
- org.apache.thrift.protocol.TSet _set37 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set37.size);
- TSentryPrivilege _elem38;
- for (int _i39 = 0; _i39 < _set37.size; ++_i39)
- {
- _elem38 = new TSentryPrivilege();
- _elem38.read(iprot);
- struct.privileges.add(_elem38);
- }
- }
- struct.setPrivilegesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
deleted file mode 100644
index b9a64f1..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
+++ /dev/null
@@ -1,669 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift.TBase<TAlterSentryRoleGrantPrivilegeResponse, TAlterSentryRoleGrantPrivilegeResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleGrantPrivilegeResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleGrantPrivilegeResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)2);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleGrantPrivilegeResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleGrantPrivilegeResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private TSentryPrivilege privilege; // optional
- private Set<TSentryPrivilege> privileges; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- PRIVILEGE((short)2, "privilege"),
- PRIVILEGES((short)3, "privileges");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // PRIVILEGE
- return PRIVILEGE;
- case 3: // PRIVILEGES
- return PRIVILEGES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.PRIVILEGE,_Fields.PRIVILEGES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
- tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleGrantPrivilegeResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse() {
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleGrantPrivilegeResponse(TAlterSentryRoleGrantPrivilegeResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetPrivilege()) {
- this.privilege = new TSentryPrivilege(other.privilege);
- }
- if (other.isSetPrivileges()) {
- Set<TSentryPrivilege> __this__privileges = new HashSet<TSentryPrivilege>(other.privileges.size());
- for (TSentryPrivilege other_element : other.privileges) {
- __this__privileges.add(new TSentryPrivilege(other_element));
- }
- this.privileges = __this__privileges;
- }
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse deepCopy() {
- return new TAlterSentryRoleGrantPrivilegeResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.privilege = null;
- this.privileges = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public TSentryPrivilege getPrivilege() {
- return this.privilege;
- }
-
- public void setPrivilege(TSentryPrivilege privilege) {
- this.privilege = privilege;
- }
-
- public void unsetPrivilege() {
- this.privilege = null;
- }
-
- /** Returns true if field privilege is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilege() {
- return this.privilege != null;
- }
-
- public void setPrivilegeIsSet(boolean value) {
- if (!value) {
- this.privilege = null;
- }
- }
-
- public int getPrivilegesSize() {
- return (this.privileges == null) ? 0 : this.privileges.size();
- }
-
- public java.util.Iterator<TSentryPrivilege> getPrivilegesIterator() {
- return (this.privileges == null) ? null : this.privileges.iterator();
- }
-
- public void addToPrivileges(TSentryPrivilege elem) {
- if (this.privileges == null) {
- this.privileges = new HashSet<TSentryPrivilege>();
- }
- this.privileges.add(elem);
- }
-
- public Set<TSentryPrivilege> getPrivileges() {
- return this.privileges;
- }
-
- public void setPrivileges(Set<TSentryPrivilege> privileges) {
- this.privileges = privileges;
- }
-
- public void unsetPrivileges() {
- this.privileges = null;
- }
-
- /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivileges() {
- return this.privileges != null;
- }
-
- public void setPrivilegesIsSet(boolean value) {
- if (!value) {
- this.privileges = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case PRIVILEGE:
- if (value == null) {
- unsetPrivilege();
- } else {
- setPrivilege((TSentryPrivilege)value);
- }
- break;
-
- case PRIVILEGES:
- if (value == null) {
- unsetPrivileges();
- } else {
- setPrivileges((Set<TSentryPrivilege>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case PRIVILEGE:
- return getPrivilege();
-
- case PRIVILEGES:
- return getPrivileges();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case PRIVILEGE:
- return isSetPrivilege();
- case PRIVILEGES:
- return isSetPrivileges();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleGrantPrivilegeResponse)
- return this.equals((TAlterSentryRoleGrantPrivilegeResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleGrantPrivilegeResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_privilege = true && this.isSetPrivilege();
- boolean that_present_privilege = true && that.isSetPrivilege();
- if (this_present_privilege || that_present_privilege) {
- if (!(this_present_privilege && that_present_privilege))
- return false;
- if (!this.privilege.equals(that.privilege))
- return false;
- }
-
- boolean this_present_privileges = true && this.isSetPrivileges();
- boolean that_present_privileges = true && that.isSetPrivileges();
- if (this_present_privileges || that_present_privileges) {
- if (!(this_present_privileges && that_present_privileges))
- return false;
- if (!this.privileges.equals(that.privileges))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_privilege = true && (isSetPrivilege());
- list.add(present_privilege);
- if (present_privilege)
- list.add(privilege);
-
- boolean present_privileges = true && (isSetPrivileges());
- list.add(present_privileges);
- if (present_privileges)
- list.add(privileges);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleGrantPrivilegeResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilege()).compareTo(other.isSetPrivilege());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilege()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilege, other.privilege);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(other.isSetPrivileges());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivileges()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, other.privileges);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleGrantPrivilegeResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetPrivilege()) {
- if (!first) sb.append(", ");
- sb.append("privilege:");
- if (this.privilege == null) {
- sb.append("null");
- } else {
- sb.append(this.privilege);
- }
- first = false;
- }
- if (isSetPrivileges()) {
- if (!first) sb.append(", ");
- sb.append("privileges:");
- if (this.privileges == null) {
- sb.append("null");
- } else {
- sb.append(this.privileges);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- if (privilege != null) {
- privilege.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeResponseStandardScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseStandardScheme extends StandardScheme<TAlterSentryRoleGrantPrivilegeResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PRIVILEGE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // PRIVILEGES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set40 = iprot.readSetBegin();
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set40.size);
- TSentryPrivilege _elem41;
- for (int _i42 = 0; _i42 < _set40.size; ++_i42)
- {
- _elem41 = new TSentryPrivilege();
- _elem41.read(iprot);
- struct.privileges.add(_elem41);
- }
- iprot.readSetEnd();
- }
- struct.setPrivilegesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.privilege != null) {
- if (struct.isSetPrivilege()) {
- oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
- struct.privilege.write(oprot);
- oprot.writeFieldEnd();
- }
- }
- if (struct.privileges != null) {
- if (struct.isSetPrivileges()) {
- oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.privileges.size()));
- for (TSentryPrivilege _iter43 : struct.privileges)
- {
- _iter43.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeResponseTupleScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseTupleScheme extends TupleScheme<TAlterSentryRoleGrantPrivilegeResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetPrivilege()) {
- optionals.set(0);
- }
- if (struct.isSetPrivileges()) {
- optionals.set(1);
- }
- oprot.writeBitSet(optionals, 2);
- if (struct.isSetPrivilege()) {
- struct.privilege.write(oprot);
- }
- if (struct.isSetPrivileges()) {
- {
- oprot.writeI32(struct.privileges.size());
- for (TSentryPrivilege _iter44 : struct.privileges)
- {
- _iter44.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(2);
- if (incoming.get(0)) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- }
- if (incoming.get(1)) {
- {
- org.apache.thrift.protocol.TSet _set45 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set45.size);
- TSentryPrivilege _elem46;
- for (int _i47 = 0; _i47 < _set45.size; ++_i47)
- {
- _elem46 = new TSentryPrivilege();
- _elem46.read(iprot);
- struct.privileges.add(_elem46);
- }
- }
- struct.setPrivilegesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
deleted file mode 100644
index fc0735e..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
+++ /dev/null
@@ -1,866 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift.TBase<TAlterSentryRoleRevokePrivilegeRequest, TAlterSentryRoleRevokePrivilegeRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleRevokePrivilegeRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleRevokePrivilegeRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)5);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)6);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleRevokePrivilegeRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleRevokePrivilegeRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private TSentryPrivilege privilege; // optional
- private Set<TSentryPrivilege> privileges; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- PRIVILEGE((short)5, "privilege"),
- PRIVILEGES((short)6, "privileges");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 5: // PRIVILEGE
- return PRIVILEGE;
- case 6: // PRIVILEGES
- return PRIVILEGES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.PRIVILEGE,_Fields.PRIVILEGES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
- tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleRevokePrivilegeRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleRevokePrivilegeRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleRevokePrivilegeRequest(
- int protocol_version,
- String requestorUserName,
- String roleName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleRevokePrivilegeRequest(TAlterSentryRoleRevokePrivilegeRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetPrivilege()) {
- this.privilege = new TSentryPrivilege(other.privilege);
- }
- if (other.isSetPrivileges()) {
- Set<TSentryPrivilege> __this__privileges = new HashSet<TSentryPrivilege>(other.privileges.size());
- for (TSentryPrivilege other_element : other.privileges) {
- __this__privileges.add(new TSentryPrivilege(other_element));
- }
- this.privileges = __this__privileges;
- }
- }
-
- public TAlterSentryRoleRevokePrivilegeRequest deepCopy() {
- return new TAlterSentryRoleRevokePrivilegeRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.privilege = null;
- this.privileges = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public TSentryPrivilege getPrivilege() {
- return this.privilege;
- }
-
- public void setPrivilege(TSentryPrivilege privilege) {
- this.privilege = privilege;
- }
-
- public void unsetPrivilege() {
- this.privilege = null;
- }
-
- /** Returns true if field privilege is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilege() {
- return this.privilege != null;
- }
-
- public void setPrivilegeIsSet(boolean value) {
- if (!value) {
- this.privilege = null;
- }
- }
-
- public int getPrivilegesSize() {
- return (this.privileges == null) ? 0 : this.privileges.size();
- }
-
- public java.util.Iterator<TSentryPrivilege> getPrivilegesIterator() {
- return (this.privileges == null) ? null : this.privileges.iterator();
- }
-
- public void addToPrivileges(TSentryPrivilege elem) {
- if (this.privileges == null) {
- this.privileges = new HashSet<TSentryPrivilege>();
- }
- this.privileges.add(elem);
- }
-
- public Set<TSentryPrivilege> getPrivileges() {
- return this.privileges;
- }
-
- public void setPrivileges(Set<TSentryPrivilege> privileges) {
- this.privileges = privileges;
- }
-
- public void unsetPrivileges() {
- this.privileges = null;
- }
-
- /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivileges() {
- return this.privileges != null;
- }
-
- public void setPrivilegesIsSet(boolean value) {
- if (!value) {
- this.privileges = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case PRIVILEGE:
- if (value == null) {
- unsetPrivilege();
- } else {
- setPrivilege((TSentryPrivilege)value);
- }
- break;
-
- case PRIVILEGES:
- if (value == null) {
- unsetPrivileges();
- } else {
- setPrivileges((Set<TSentryPrivilege>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case PRIVILEGE:
- return getPrivilege();
-
- case PRIVILEGES:
- return getPrivileges();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case PRIVILEGE:
- return isSetPrivilege();
- case PRIVILEGES:
- return isSetPrivileges();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleRevokePrivilegeRequest)
- return this.equals((TAlterSentryRoleRevokePrivilegeRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleRevokePrivilegeRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_privilege = true && this.isSetPrivilege();
- boolean that_present_privilege = true && that.isSetPrivilege();
- if (this_present_privilege || that_present_privilege) {
- if (!(this_present_privilege && that_present_privilege))
- return false;
- if (!this.privilege.equals(that.privilege))
- return false;
- }
-
- boolean this_present_privileges = true && this.isSetPrivileges();
- boolean that_present_privileges = true && that.isSetPrivileges();
- if (this_present_privileges || that_present_privileges) {
- if (!(this_present_privileges && that_present_privileges))
- return false;
- if (!this.privileges.equals(that.privileges))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_privilege = true && (isSetPrivilege());
- list.add(present_privilege);
- if (present_privilege)
- list.add(privilege);
-
- boolean present_privileges = true && (isSetPrivileges());
- list.add(present_privileges);
- if (present_privileges)
- list.add(privileges);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleRevokePrivilegeRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilege()).compareTo(other.isSetPrivilege());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilege()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilege, other.privilege);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(other.isSetPrivileges());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivileges()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, other.privileges);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleRevokePrivilegeRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (isSetPrivilege()) {
- if (!first) sb.append(", ");
- sb.append("privilege:");
- if (this.privilege == null) {
- sb.append("null");
- } else {
- sb.append(this.privilege);
- }
- first = false;
- }
- if (isSetPrivileges()) {
- if (!first) sb.append(", ");
- sb.append("privileges:");
- if (this.privileges == null) {
- sb.append("null");
- } else {
- sb.append(this.privileges);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (privilege != null) {
- privilege.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeRequestStandardScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestStandardScheme extends StandardScheme<TAlterSentryRoleRevokePrivilegeRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // PRIVILEGE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // PRIVILEGES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set48 = iprot.readSetBegin();
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set48.size);
- TSentryPrivilege _elem49;
- for (int _i50 = 0; _i50 < _set48.size; ++_i50)
- {
- _elem49 = new TSentryPrivilege();
- _elem49.read(iprot);
- struct.privileges.add(_elem49);
- }
- iprot.readSetEnd();
- }
- struct.setPrivilegesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.privilege != null) {
- if (struct.isSetPrivilege()) {
- oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
- struct.privilege.write(oprot);
- oprot.writeFieldEnd();
- }
- }
- if (struct.privileges != null) {
- if (struct.isSetPrivileges()) {
- oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.privileges.size()));
- for (TSentryPrivilege _iter51 : struct.privileges)
- {
- _iter51.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeRequestTupleScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestTupleScheme extends TupleScheme<TAlterSentryRoleRevokePrivilegeRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- BitSet optionals = new BitSet();
- if (struct.isSetPrivilege()) {
- optionals.set(0);
- }
- if (struct.isSetPrivileges()) {
- optionals.set(1);
- }
- oprot.writeBitSet(optionals, 2);
- if (struct.isSetPrivilege()) {
- struct.privilege.write(oprot);
- }
- if (struct.isSetPrivileges()) {
- {
- oprot.writeI32(struct.privileges.size());
- for (TSentryPrivilege _iter52 : struct.privileges)
- {
- _iter52.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- BitSet incoming = iprot.readBitSet(2);
- if (incoming.get(0)) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- }
- if (incoming.get(1)) {
- {
- org.apache.thrift.protocol.TSet _set53 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set53.size);
- TSentryPrivilege _elem54;
- for (int _i55 = 0; _i55 < _set53.size; ++_i55)
- {
- _elem54 = new TSentryPrivilege();
- _elem54.read(iprot);
- struct.privileges.add(_elem54);
- }
- }
- struct.setPrivilegesIsSet(true);
- }
- }
- }
-
-}
-
[43/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderRequest.java
deleted file mode 100644
index 1d534f9..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderRequest.java
+++ /dev/null
@@ -1,1011 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesForProviderRequest implements org.apache.thrift.TBase<TListSentryPrivilegesForProviderRequest, TListSentryPrivilegesForProviderRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesForProviderRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesForProviderRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField SERVICE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("serviceName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)4);
- private static final org.apache.thrift.protocol.TField ROLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("roleSet", org.apache.thrift.protocol.TType.STRUCT, (short)5);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLES_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizables", org.apache.thrift.protocol.TType.LIST, (short)6);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesForProviderRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesForProviderRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String component; // required
- private String serviceName; // required
- private Set<String> groups; // required
- private TSentryActiveRoleSet roleSet; // required
- private List<TAuthorizable> authorizables; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- COMPONENT((short)2, "component"),
- SERVICE_NAME((short)3, "serviceName"),
- GROUPS((short)4, "groups"),
- ROLE_SET((short)5, "roleSet"),
- AUTHORIZABLES((short)6, "authorizables");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // COMPONENT
- return COMPONENT;
- case 3: // SERVICE_NAME
- return SERVICE_NAME;
- case 4: // GROUPS
- return GROUPS;
- case 5: // ROLE_SET
- return ROLE_SET;
- case 6: // AUTHORIZABLES
- return AUTHORIZABLES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.AUTHORIZABLES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.SERVICE_NAME, new org.apache.thrift.meta_data.FieldMetaData("serviceName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- tmpMap.put(_Fields.ROLE_SET, new org.apache.thrift.meta_data.FieldMetaData("roleSet", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryActiveRoleSet.class)));
- tmpMap.put(_Fields.AUTHORIZABLES, new org.apache.thrift.meta_data.FieldMetaData("authorizables", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.ListMetaData(org.apache.thrift.protocol.TType.LIST,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TAuthorizable.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesForProviderRequest.class, metaDataMap);
- }
-
- public TListSentryPrivilegesForProviderRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryPrivilegesForProviderRequest(
- int protocol_version,
- String component,
- String serviceName,
- Set<String> groups,
- TSentryActiveRoleSet roleSet)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.component = component;
- this.serviceName = serviceName;
- this.groups = groups;
- this.roleSet = roleSet;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesForProviderRequest(TListSentryPrivilegesForProviderRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetServiceName()) {
- this.serviceName = other.serviceName;
- }
- if (other.isSetGroups()) {
- Set<String> __this__groups = new HashSet<String>(other.groups);
- this.groups = __this__groups;
- }
- if (other.isSetRoleSet()) {
- this.roleSet = new TSentryActiveRoleSet(other.roleSet);
- }
- if (other.isSetAuthorizables()) {
- List<TAuthorizable> __this__authorizables = new ArrayList<TAuthorizable>(other.authorizables.size());
- for (TAuthorizable other_element : other.authorizables) {
- __this__authorizables.add(new TAuthorizable(other_element));
- }
- this.authorizables = __this__authorizables;
- }
- }
-
- public TListSentryPrivilegesForProviderRequest deepCopy() {
- return new TListSentryPrivilegesForProviderRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.component = null;
- this.serviceName = null;
- this.groups = null;
- this.roleSet = null;
- this.authorizables = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public String getServiceName() {
- return this.serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public void unsetServiceName() {
- this.serviceName = null;
- }
-
- /** Returns true if field serviceName is set (has been assigned a value) and false otherwise */
- public boolean isSetServiceName() {
- return this.serviceName != null;
- }
-
- public void setServiceNameIsSet(boolean value) {
- if (!value) {
- this.serviceName = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<String> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(String elem) {
- if (this.groups == null) {
- this.groups = new HashSet<String>();
- }
- this.groups.add(elem);
- }
-
- public Set<String> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<String> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public TSentryActiveRoleSet getRoleSet() {
- return this.roleSet;
- }
-
- public void setRoleSet(TSentryActiveRoleSet roleSet) {
- this.roleSet = roleSet;
- }
-
- public void unsetRoleSet() {
- this.roleSet = null;
- }
-
- /** Returns true if field roleSet is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleSet() {
- return this.roleSet != null;
- }
-
- public void setRoleSetIsSet(boolean value) {
- if (!value) {
- this.roleSet = null;
- }
- }
-
- public int getAuthorizablesSize() {
- return (this.authorizables == null) ? 0 : this.authorizables.size();
- }
-
- public java.util.Iterator<TAuthorizable> getAuthorizablesIterator() {
- return (this.authorizables == null) ? null : this.authorizables.iterator();
- }
-
- public void addToAuthorizables(TAuthorizable elem) {
- if (this.authorizables == null) {
- this.authorizables = new ArrayList<TAuthorizable>();
- }
- this.authorizables.add(elem);
- }
-
- public List<TAuthorizable> getAuthorizables() {
- return this.authorizables;
- }
-
- public void setAuthorizables(List<TAuthorizable> authorizables) {
- this.authorizables = authorizables;
- }
-
- public void unsetAuthorizables() {
- this.authorizables = null;
- }
-
- /** Returns true if field authorizables is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizables() {
- return this.authorizables != null;
- }
-
- public void setAuthorizablesIsSet(boolean value) {
- if (!value) {
- this.authorizables = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case SERVICE_NAME:
- if (value == null) {
- unsetServiceName();
- } else {
- setServiceName((String)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<String>)value);
- }
- break;
-
- case ROLE_SET:
- if (value == null) {
- unsetRoleSet();
- } else {
- setRoleSet((TSentryActiveRoleSet)value);
- }
- break;
-
- case AUTHORIZABLES:
- if (value == null) {
- unsetAuthorizables();
- } else {
- setAuthorizables((List<TAuthorizable>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case COMPONENT:
- return getComponent();
-
- case SERVICE_NAME:
- return getServiceName();
-
- case GROUPS:
- return getGroups();
-
- case ROLE_SET:
- return getRoleSet();
-
- case AUTHORIZABLES:
- return getAuthorizables();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case COMPONENT:
- return isSetComponent();
- case SERVICE_NAME:
- return isSetServiceName();
- case GROUPS:
- return isSetGroups();
- case ROLE_SET:
- return isSetRoleSet();
- case AUTHORIZABLES:
- return isSetAuthorizables();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesForProviderRequest)
- return this.equals((TListSentryPrivilegesForProviderRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesForProviderRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_serviceName = true && this.isSetServiceName();
- boolean that_present_serviceName = true && that.isSetServiceName();
- if (this_present_serviceName || that_present_serviceName) {
- if (!(this_present_serviceName && that_present_serviceName))
- return false;
- if (!this.serviceName.equals(that.serviceName))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- boolean this_present_roleSet = true && this.isSetRoleSet();
- boolean that_present_roleSet = true && that.isSetRoleSet();
- if (this_present_roleSet || that_present_roleSet) {
- if (!(this_present_roleSet && that_present_roleSet))
- return false;
- if (!this.roleSet.equals(that.roleSet))
- return false;
- }
-
- boolean this_present_authorizables = true && this.isSetAuthorizables();
- boolean that_present_authorizables = true && that.isSetAuthorizables();
- if (this_present_authorizables || that_present_authorizables) {
- if (!(this_present_authorizables && that_present_authorizables))
- return false;
- if (!this.authorizables.equals(that.authorizables))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_serviceName = true && (isSetServiceName());
- list.add(present_serviceName);
- if (present_serviceName)
- list.add(serviceName);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- boolean present_roleSet = true && (isSetRoleSet());
- list.add(present_roleSet);
- if (present_roleSet)
- list.add(roleSet);
-
- boolean present_authorizables = true && (isSetAuthorizables());
- list.add(present_authorizables);
- if (present_authorizables)
- list.add(authorizables);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesForProviderRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetServiceName()).compareTo(other.isSetServiceName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetServiceName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.serviceName, other.serviceName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleSet()).compareTo(other.isSetRoleSet());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleSet()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleSet, other.roleSet);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizables()).compareTo(other.isSetAuthorizables());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizables()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizables, other.authorizables);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesForProviderRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("serviceName:");
- if (this.serviceName == null) {
- sb.append("null");
- } else {
- sb.append(this.serviceName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleSet:");
- if (this.roleSet == null) {
- sb.append("null");
- } else {
- sb.append(this.roleSet);
- }
- first = false;
- if (isSetAuthorizables()) {
- if (!first) sb.append(", ");
- sb.append("authorizables:");
- if (this.authorizables == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizables);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetServiceName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'serviceName' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleSet()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleSet' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (roleSet != null) {
- roleSet.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesForProviderRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderRequestStandardScheme getScheme() {
- return new TListSentryPrivilegesForProviderRequestStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderRequestStandardScheme extends StandardScheme<TListSentryPrivilegesForProviderRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // SERVICE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set80 = iprot.readSetBegin();
- struct.groups = new HashSet<String>(2*_set80.size);
- String _elem81;
- for (int _i82 = 0; _i82 < _set80.size; ++_i82)
- {
- _elem81 = iprot.readString();
- struct.groups.add(_elem81);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // ROLE_SET
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // AUTHORIZABLES
- if (schemeField.type == org.apache.thrift.protocol.TType.LIST) {
- {
- org.apache.thrift.protocol.TList _list83 = iprot.readListBegin();
- struct.authorizables = new ArrayList<TAuthorizable>(_list83.size);
- TAuthorizable _elem84;
- for (int _i85 = 0; _i85 < _list83.size; ++_i85)
- {
- _elem84 = new TAuthorizable();
- _elem84.read(iprot);
- struct.authorizables.add(_elem84);
- }
- iprot.readListEnd();
- }
- struct.setAuthorizablesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.serviceName != null) {
- oprot.writeFieldBegin(SERVICE_NAME_FIELD_DESC);
- oprot.writeString(struct.serviceName);
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
- for (String _iter86 : struct.groups)
- {
- oprot.writeString(_iter86);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- if (struct.roleSet != null) {
- oprot.writeFieldBegin(ROLE_SET_FIELD_DESC);
- struct.roleSet.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.authorizables != null) {
- if (struct.isSetAuthorizables()) {
- oprot.writeFieldBegin(AUTHORIZABLES_FIELD_DESC);
- {
- oprot.writeListBegin(new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, struct.authorizables.size()));
- for (TAuthorizable _iter87 : struct.authorizables)
- {
- _iter87.write(oprot);
- }
- oprot.writeListEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesForProviderRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderRequestTupleScheme getScheme() {
- return new TListSentryPrivilegesForProviderRequestTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderRequestTupleScheme extends TupleScheme<TListSentryPrivilegesForProviderRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.component);
- oprot.writeString(struct.serviceName);
- {
- oprot.writeI32(struct.groups.size());
- for (String _iter88 : struct.groups)
- {
- oprot.writeString(_iter88);
- }
- }
- struct.roleSet.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetAuthorizables()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetAuthorizables()) {
- {
- oprot.writeI32(struct.authorizables.size());
- for (TAuthorizable _iter89 : struct.authorizables)
- {
- _iter89.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set90 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.groups = new HashSet<String>(2*_set90.size);
- String _elem91;
- for (int _i92 = 0; _i92 < _set90.size; ++_i92)
- {
- _elem91 = iprot.readString();
- struct.groups.add(_elem91);
- }
- }
- struct.setGroupsIsSet(true);
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TList _list93 = new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.authorizables = new ArrayList<TAuthorizable>(_list93.size);
- TAuthorizable _elem94;
- for (int _i95 = 0; _i95 < _list93.size; ++_i95)
- {
- _elem94 = new TAuthorizable();
- _elem94.read(iprot);
- struct.authorizables.add(_elem94);
- }
- }
- struct.setAuthorizablesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderResponse.java
deleted file mode 100644
index d8188fc..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesForProviderResponse.java
+++ /dev/null
@@ -1,541 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesForProviderResponse implements org.apache.thrift.TBase<TListSentryPrivilegesForProviderResponse, TListSentryPrivilegesForProviderResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesForProviderResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesForProviderResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesForProviderResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesForProviderResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Set<String> privileges; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- PRIVILEGES((short)2, "privileges");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // PRIVILEGES
- return PRIVILEGES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesForProviderResponse.class, metaDataMap);
- }
-
- public TListSentryPrivilegesForProviderResponse() {
- }
-
- public TListSentryPrivilegesForProviderResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status,
- Set<String> privileges)
- {
- this();
- this.status = status;
- this.privileges = privileges;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesForProviderResponse(TListSentryPrivilegesForProviderResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- if (other.isSetPrivileges()) {
- Set<String> __this__privileges = new HashSet<String>(other.privileges);
- this.privileges = __this__privileges;
- }
- }
-
- public TListSentryPrivilegesForProviderResponse deepCopy() {
- return new TListSentryPrivilegesForProviderResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.privileges = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getPrivilegesSize() {
- return (this.privileges == null) ? 0 : this.privileges.size();
- }
-
- public java.util.Iterator<String> getPrivilegesIterator() {
- return (this.privileges == null) ? null : this.privileges.iterator();
- }
-
- public void addToPrivileges(String elem) {
- if (this.privileges == null) {
- this.privileges = new HashSet<String>();
- }
- this.privileges.add(elem);
- }
-
- public Set<String> getPrivileges() {
- return this.privileges;
- }
-
- public void setPrivileges(Set<String> privileges) {
- this.privileges = privileges;
- }
-
- public void unsetPrivileges() {
- this.privileges = null;
- }
-
- /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivileges() {
- return this.privileges != null;
- }
-
- public void setPrivilegesIsSet(boolean value) {
- if (!value) {
- this.privileges = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case PRIVILEGES:
- if (value == null) {
- unsetPrivileges();
- } else {
- setPrivileges((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case PRIVILEGES:
- return getPrivileges();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case PRIVILEGES:
- return isSetPrivileges();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesForProviderResponse)
- return this.equals((TListSentryPrivilegesForProviderResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesForProviderResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_privileges = true && this.isSetPrivileges();
- boolean that_present_privileges = true && that.isSetPrivileges();
- if (this_present_privileges || that_present_privileges) {
- if (!(this_present_privileges && that_present_privileges))
- return false;
- if (!this.privileges.equals(that.privileges))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_privileges = true && (isSetPrivileges());
- list.add(present_privileges);
- if (present_privileges)
- list.add(privileges);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesForProviderResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(other.isSetPrivileges());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivileges()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, other.privileges);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesForProviderResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("privileges:");
- if (this.privileges == null) {
- sb.append("null");
- } else {
- sb.append(this.privileges);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- if (!isSetPrivileges()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privileges' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesForProviderResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderResponseStandardScheme getScheme() {
- return new TListSentryPrivilegesForProviderResponseStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderResponseStandardScheme extends StandardScheme<TListSentryPrivilegesForProviderResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PRIVILEGES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set96 = iprot.readSetBegin();
- struct.privileges = new HashSet<String>(2*_set96.size);
- String _elem97;
- for (int _i98 = 0; _i98 < _set96.size; ++_i98)
- {
- _elem97 = iprot.readString();
- struct.privileges.add(_elem97);
- }
- iprot.readSetEnd();
- }
- struct.setPrivilegesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.privileges != null) {
- oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.privileges.size()));
- for (String _iter99 : struct.privileges)
- {
- oprot.writeString(_iter99);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesForProviderResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderResponseTupleScheme getScheme() {
- return new TListSentryPrivilegesForProviderResponseTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderResponseTupleScheme extends TupleScheme<TListSentryPrivilegesForProviderResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- {
- oprot.writeI32(struct.privileges.size());
- for (String _iter100 : struct.privileges)
- {
- oprot.writeString(_iter100);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set101 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.privileges = new HashSet<String>(2*_set101.size);
- String _elem102;
- for (int _i103 = 0; _i103 < _set101.size; ++_i103)
- {
- _elem102 = iprot.readString();
- struct.privileges.add(_elem102);
- }
- }
- struct.setPrivilegesIsSet(true);
- }
- }
-
-}
-
[16/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.derby.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.derby.sql b/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.derby.sql
deleted file mode 100644
index c038b81..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.derby.sql
+++ /dev/null
@@ -1,43 +0,0 @@
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1) NOT NULL DEFAULT 'N',
- RESOURCE_NAME_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_3 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_3 VARCHAR(400) DEFAULT '__NULL__',
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
-
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.mysql.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.mysql.sql b/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.mysql.sql
deleted file mode 100644
index 920737f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.mysql.sql
+++ /dev/null
@@ -1,62 +0,0 @@
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE `SENTRY_GM_PRIVILEGE`
-(
- `GM_PRIVILEGE_ID` BIGINT NOT NULL,
- `ACTION` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `COMPONENT_NAME` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL DEFAULT 'N',
- `RESOURCE_NAME_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `SCOPE` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVICE_NAME` VARCHAR(64) BINARY CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=INNODB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_GM_PRIVILEGE_PK` PRIMARY KEY (`GM_PRIVILEGE_ID`);
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD UNIQUE `GM_PRIVILEGE_UNIQUE` (`COMPONENT_NAME`,`SERVICE_NAME`,`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`,`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`,`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`,`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`,`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_COMP_IDX` (`COMPONENT_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_SERV_IDX` (`SERVICE_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES0_IDX` (`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES1_IDX` (`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES2_IDX` (`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES3_IDX` (`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
-(
- `ROLE_ID` BIGINT NOT NULL,
- `GM_PRIVILEGE_ID` BIGINT NOT NULL
-) ENGINE=INNODB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GM_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GM_PRIVILEGE_ID`);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_GM_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`GM_PRIVILEGE_ID`) REFERENCES `SENTRY_GM_PRIVILEGE`(`GM_PRIVILEGE_ID`);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.oracle.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.oracle.sql b/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.oracle.sql
deleted file mode 100644
index 412bc45..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.oracle.sql
+++ /dev/null
@@ -1,55 +0,0 @@
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" NUMBER NOT NULL,
- "COMPONENT_NAME" VARCHAR2(32) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL,
- "RESOURCE_NAME_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" VARCHAR2(64) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(32) NOT NULL,
- "SCOPE" VARCHAR2(128) NOT NULL,
- "SERVICE_NAME" VARCHAR2(64) NOT NULL
-);
-
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GM_PRIVILEGE_ID" NUMBER NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") INITIALLY DEFERRED;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.postgres.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.postgres.sql b/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.postgres.sql
deleted file mode 100644
index e9e1655..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/005-SENTRY-398.postgres.sql
+++ /dev/null
@@ -1,54 +0,0 @@
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" BIGINT NOT NULL,
- "COMPONENT_NAME" character varying(32) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL DEFAULT 'N',
- "RESOURCE_NAME_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" character varying(64) DEFAULT '__NULL__',
- "ACTION" character varying(32) NOT NULL,
- "SCOPE" character varying(128) NOT NULL,
- "SERVICE_NAME" character varying(64) NOT NULL
-);
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GM_PRIVILEGE_ID" BIGINT NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GM_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") DEFERRABLE;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.derby.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.derby.sql b/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.derby.sql
deleted file mode 100644
index 807a62b..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.derby.sql
+++ /dev/null
@@ -1,27 +0,0 @@
-CREATE TABLE SENTRY_USER
-(
- USER_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- USER_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_USER ADD CONSTRAINT SENTRY_USER_PK PRIMARY KEY (USER_ID);
-
-CREATE UNIQUE INDEX SENTRYUSERNAME ON SENTRY_USER (USER_NAME);
-
-CREATE TABLE SENTRY_ROLE_USER_MAP
-(
- USER_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_PK PRIMARY KEY (USER_ID,ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N49 ON SENTRY_ROLE_USER_MAP (USER_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N50 ON SENTRY_ROLE_USER_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK1 FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER (USER_ID) ;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.mysql.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.mysql.sql b/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.mysql.sql
deleted file mode 100644
index b3a9828..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.mysql.sql
+++ /dev/null
@@ -1,28 +0,0 @@
-CREATE TABLE `SENTRY_USER` (
- `USER_ID` BIGINT NOT NULL,
- `USER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_USER`
- ADD CONSTRAINT `SENTRY_USER_PK` PRIMARY KEY (`USER_ID`);
-
-ALTER TABLE `SENTRY_USER`
- ADD CONSTRAINT `SENTRY_USER_USER_NAME_UNIQUE` UNIQUE (`USER_NAME`);
-
-CREATE TABLE `SENTRY_ROLE_USER_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `USER_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_ROLE_USER_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_USER_MAP_PK` PRIMARY KEY (`ROLE_ID`,`USER_ID`);
-
-ALTER TABLE `SENTRY_ROLE_USER_MAP`
- ADD CONSTRAINT `SEN_ROLE_USER_MAP_SEN_ROLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_USER_MAP`
- ADD CONSTRAINT `SEN_ROLE_USER_MAP_SEN_USER_FK`
- FOREIGN KEY (`USER_ID`) REFERENCES `SENTRY_USER`(`USER_ID`);
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.oracle.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.oracle.sql b/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.oracle.sql
deleted file mode 100644
index 76ae0d5..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.oracle.sql
+++ /dev/null
@@ -1,28 +0,0 @@
-CREATE TABLE "SENTRY_USER" (
- "USER_ID" NUMBER NOT NULL,
- "USER_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-ALTER TABLE "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_PK" PRIMARY KEY ("USER_ID");
-
-ALTER TABLE "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_USER_NAME_UNIQUE" UNIQUE ("USER_NAME");
-
-CREATE TABLE "SENTRY_ROLE_USER_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "USER_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_USER_MAP_PK" PRIMARY KEY ("ROLE_ID","USER_ID");
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_USER_FK"
- FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") INITIALLY DEFERRED;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.postgres.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.postgres.sql b/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.postgres.sql
deleted file mode 100644
index 37e8abc..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.postgres.sql
+++ /dev/null
@@ -1,28 +0,0 @@
-CREATE TABLE "SENTRY_USER" (
- "USER_ID" BIGINT NOT NULL,
- "USER_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-ALTER TABLE ONLY "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_PK" PRIMARY KEY ("USER_ID");
-
-ALTER TABLE ONLY "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_USER_NAME_UNIQUE" UNIQUE ("USER_NAME");
-
-CREATE TABLE "SENTRY_ROLE_USER_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "USER_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_USER_MAP_PK" PRIMARY KEY ("ROLE_ID","USER_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_USER_FK"
- FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") DEFERRABLE;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.4.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.4.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.4.0.sql
deleted file mode 100644
index f2a62d2..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.4.0.sql
+++ /dev/null
@@ -1,112 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000),
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000),
- GRANTOR_PRINCIPAL VARCHAR(4000),
- PRIVILEGE_NAME VARCHAR(4000),
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000)
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(4000),
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(4000),
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE (PRIVILEGE_NAME);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.4.0', 'Sentry release version 1.4.0');
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.5.0.sql
deleted file mode 100644
index 53b163a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.5.0.sql
+++ /dev/null
@@ -1,155 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000),
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000),
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000),
- "COLUMN_NAME" VARCHAR(4000),
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.5.0', 'Sentry release version 1.5.0');
-
--- Generic model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400),
- RESOURCE_NAME_1 VARCHAR(400),
- RESOURCE_NAME_2 VARCHAR(400),
- RESOURCE_NAME_3 VARCHAR(400),
- RESOURCE_TYPE_0 VARCHAR(400),
- RESOURCE_TYPE_1 VARCHAR(400),
- RESOURCE_TYPE_2 VARCHAR(400),
- RESOURCE_TYPE_3 VARCHAR(400),
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.6.0.sql
deleted file mode 100644
index 0f8f0af..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.6.0.sql
+++ /dev/null
@@ -1,155 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000),
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000),
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000),
- "COLUMN_NAME" VARCHAR(4000),
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.6.0', 'Sentry release version 1.6.0');
-
--- Generic model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400),
- RESOURCE_NAME_1 VARCHAR(400),
- RESOURCE_NAME_2 VARCHAR(400),
- RESOURCE_NAME_3 VARCHAR(400),
- RESOURCE_TYPE_0 VARCHAR(400),
- RESOURCE_TYPE_1 VARCHAR(400),
- RESOURCE_TYPE_2 VARCHAR(400),
- RESOURCE_TYPE_3 VARCHAR(400),
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.7.0.sql
deleted file mode 100644
index b1e8649..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.7.0.sql
+++ /dev/null
@@ -1,155 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000),
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000),
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000),
- "COLUMN_NAME" VARCHAR(4000),
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.7.0', 'Sentry release version 1.7.0');
-
--- Generic model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400),
- RESOURCE_NAME_1 VARCHAR(400),
- RESOURCE_NAME_2 VARCHAR(400),
- RESOURCE_NAME_3 VARCHAR(400),
- RESOURCE_TYPE_0 VARCHAR(400),
- RESOURCE_TYPE_1 VARCHAR(400),
- RESOURCE_TYPE_2 VARCHAR(400),
- RESOURCE_TYPE_3 VARCHAR(400),
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql
deleted file mode 100644
index 6d08b5c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-db2-1.8.0.sql
+++ /dev/null
@@ -1,183 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000),
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000),
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000),
- "COLUMN_NAME" VARCHAR(4000),
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.8.0', 'Sentry release version 1.8.0');
-
--- Generic model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400),
- RESOURCE_NAME_1 VARCHAR(400),
- RESOURCE_NAME_2 VARCHAR(400),
- RESOURCE_NAME_3 VARCHAR(400),
- RESOURCE_TYPE_0 VARCHAR(400),
- RESOURCE_TYPE_1 VARCHAR(400),
- RESOURCE_TYPE_2 VARCHAR(400),
- RESOURCE_TYPE_3 VARCHAR(400),
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
-
-CREATE TABLE SENTRY_USER
-(
- USER_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- USER_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_USER ADD CONSTRAINT SENTRY_USER_PK PRIMARY KEY (USER_ID);
-
-CREATE UNIQUE INDEX SENTRYUSERNAME ON SENTRY_USER (USER_NAME);
-
-CREATE TABLE SENTRY_ROLE_USER_MAP
-(
- USER_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_PK PRIMARY KEY (USER_ID,ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N49 ON SENTRY_ROLE_USER_MAP (USER_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N50 ON SENTRY_ROLE_USER_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK1 FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER (USER_ID) ;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.4.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.4.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.4.0.sql
deleted file mode 100644
index f2a62d2..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.4.0.sql
+++ /dev/null
@@ -1,112 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000),
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000),
- GRANTOR_PRINCIPAL VARCHAR(4000),
- PRIVILEGE_NAME VARCHAR(4000),
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000)
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(4000),
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(4000),
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE (PRIVILEGE_NAME);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.4.0', 'Sentry release version 1.4.0');
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.5.0.sql
deleted file mode 100644
index 89d73bb..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.5.0.sql
+++ /dev/null
@@ -1,155 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000) DEFAULT '__NULL__',
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.5.0', 'Sentry release version 1.5.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_3 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_3 VARCHAR(400) DEFAULT '__NULL__',
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.6.0.sql
deleted file mode 100644
index 9ceb4c5..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.6.0.sql
+++ /dev/null
@@ -1,155 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000) DEFAULT '__NULL__',
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.6.0', 'Sentry release version 1.6.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_3 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_3 VARCHAR(400) DEFAULT '__NULL__',
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.7.0.sql
deleted file mode 100644
index b06fc4a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.7.0.sql
+++ /dev/null
@@ -1,155 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000) DEFAULT '__NULL__',
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.7.0', 'Sentry release version 1.7.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_3 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_3 VARCHAR(400) DEFAULT '__NULL__',
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
[34/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
deleted file mode 100644
index 2255815..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
+++ /dev/null
@@ -1,591 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSentryRoleRequest, TDropSentryRoleRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TDropSentryRoleRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropSentryRoleRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropSentryRoleRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropSentryRoleRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropSentryRoleRequest.class, metaDataMap);
- }
-
- public TDropSentryRoleRequest() {
- this.protocol_version = 2;
-
- }
-
- public TDropSentryRoleRequest(
- int protocol_version,
- String requestorUserName,
- String roleName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropSentryRoleRequest(TDropSentryRoleRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- }
-
- public TDropSentryRoleRequest deepCopy() {
- return new TDropSentryRoleRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropSentryRoleRequest)
- return this.equals((TDropSentryRoleRequest)that);
- return false;
- }
-
- public boolean equals(TDropSentryRoleRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropSentryRoleRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropSentryRoleRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropSentryRoleRequestStandardSchemeFactory implements SchemeFactory {
- public TDropSentryRoleRequestStandardScheme getScheme() {
- return new TDropSentryRoleRequestStandardScheme();
- }
- }
-
- private static class TDropSentryRoleRequestStandardScheme extends StandardScheme<TDropSentryRoleRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropSentryRoleRequestTupleSchemeFactory implements SchemeFactory {
- public TDropSentryRoleRequestTupleScheme getScheme() {
- return new TDropSentryRoleRequestTupleScheme();
- }
- }
-
- private static class TDropSentryRoleRequestTupleScheme extends TupleScheme<TDropSentryRoleRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java
deleted file mode 100644
index 8036c5b..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropSentryRoleResponse implements org.apache.thrift.TBase<TDropSentryRoleResponse, TDropSentryRoleResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TDropSentryRoleResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropSentryRoleResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropSentryRoleResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropSentryRoleResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropSentryRoleResponse.class, metaDataMap);
- }
-
- public TDropSentryRoleResponse() {
- }
-
- public TDropSentryRoleResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropSentryRoleResponse(TDropSentryRoleResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TDropSentryRoleResponse deepCopy() {
- return new TDropSentryRoleResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropSentryRoleResponse)
- return this.equals((TDropSentryRoleResponse)that);
- return false;
- }
-
- public boolean equals(TDropSentryRoleResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropSentryRoleResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropSentryRoleResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropSentryRoleResponseStandardSchemeFactory implements SchemeFactory {
- public TDropSentryRoleResponseStandardScheme getScheme() {
- return new TDropSentryRoleResponseStandardScheme();
- }
- }
-
- private static class TDropSentryRoleResponseStandardScheme extends StandardScheme<TDropSentryRoleResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropSentryRoleResponseTupleSchemeFactory implements SchemeFactory {
- public TDropSentryRoleResponseTupleScheme getScheme() {
- return new TDropSentryRoleResponseTupleScheme();
- }
- }
-
- private static class TDropSentryRoleResponseTupleScheme extends TupleScheme<TDropSentryRoleResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java
deleted file mode 100644
index 029d531..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java
+++ /dev/null
@@ -1,915 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesByAuthRequest implements org.apache.thrift.TBase<TListSentryPrivilegesByAuthRequest, TListSentryPrivilegesByAuthRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesByAuthRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizableSet", org.apache.thrift.protocol.TType.SET, (short)3);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)4);
- private static final org.apache.thrift.protocol.TField ROLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("roleSet", org.apache.thrift.protocol.TType.STRUCT, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private Set<TSentryAuthorizable> authorizableSet; // required
- private Set<String> groups; // optional
- private TSentryActiveRoleSet roleSet; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- AUTHORIZABLE_SET((short)3, "authorizableSet"),
- GROUPS((short)4, "groups"),
- ROLE_SET((short)5, "roleSet");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // AUTHORIZABLE_SET
- return AUTHORIZABLE_SET;
- case 4: // GROUPS
- return GROUPS;
- case 5: // ROLE_SET
- return ROLE_SET;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.GROUPS,_Fields.ROLE_SET};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.AUTHORIZABLE_SET, new org.apache.thrift.meta_data.FieldMetaData("authorizableSet", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class))));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- tmpMap.put(_Fields.ROLE_SET, new org.apache.thrift.meta_data.FieldMetaData("roleSet", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryActiveRoleSet.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthRequest.class, metaDataMap);
- }
-
- public TListSentryPrivilegesByAuthRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryPrivilegesByAuthRequest(
- int protocol_version,
- String requestorUserName,
- Set<TSentryAuthorizable> authorizableSet)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.authorizableSet = authorizableSet;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesByAuthRequest(TListSentryPrivilegesByAuthRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetAuthorizableSet()) {
- Set<TSentryAuthorizable> __this__authorizableSet = new HashSet<TSentryAuthorizable>(other.authorizableSet.size());
- for (TSentryAuthorizable other_element : other.authorizableSet) {
- __this__authorizableSet.add(new TSentryAuthorizable(other_element));
- }
- this.authorizableSet = __this__authorizableSet;
- }
- if (other.isSetGroups()) {
- Set<String> __this__groups = new HashSet<String>(other.groups);
- this.groups = __this__groups;
- }
- if (other.isSetRoleSet()) {
- this.roleSet = new TSentryActiveRoleSet(other.roleSet);
- }
- }
-
- public TListSentryPrivilegesByAuthRequest deepCopy() {
- return new TListSentryPrivilegesByAuthRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.authorizableSet = null;
- this.groups = null;
- this.roleSet = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public int getAuthorizableSetSize() {
- return (this.authorizableSet == null) ? 0 : this.authorizableSet.size();
- }
-
- public java.util.Iterator<TSentryAuthorizable> getAuthorizableSetIterator() {
- return (this.authorizableSet == null) ? null : this.authorizableSet.iterator();
- }
-
- public void addToAuthorizableSet(TSentryAuthorizable elem) {
- if (this.authorizableSet == null) {
- this.authorizableSet = new HashSet<TSentryAuthorizable>();
- }
- this.authorizableSet.add(elem);
- }
-
- public Set<TSentryAuthorizable> getAuthorizableSet() {
- return this.authorizableSet;
- }
-
- public void setAuthorizableSet(Set<TSentryAuthorizable> authorizableSet) {
- this.authorizableSet = authorizableSet;
- }
-
- public void unsetAuthorizableSet() {
- this.authorizableSet = null;
- }
-
- /** Returns true if field authorizableSet is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizableSet() {
- return this.authorizableSet != null;
- }
-
- public void setAuthorizableSetIsSet(boolean value) {
- if (!value) {
- this.authorizableSet = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<String> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(String elem) {
- if (this.groups == null) {
- this.groups = new HashSet<String>();
- }
- this.groups.add(elem);
- }
-
- public Set<String> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<String> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public TSentryActiveRoleSet getRoleSet() {
- return this.roleSet;
- }
-
- public void setRoleSet(TSentryActiveRoleSet roleSet) {
- this.roleSet = roleSet;
- }
-
- public void unsetRoleSet() {
- this.roleSet = null;
- }
-
- /** Returns true if field roleSet is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleSet() {
- return this.roleSet != null;
- }
-
- public void setRoleSetIsSet(boolean value) {
- if (!value) {
- this.roleSet = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case AUTHORIZABLE_SET:
- if (value == null) {
- unsetAuthorizableSet();
- } else {
- setAuthorizableSet((Set<TSentryAuthorizable>)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<String>)value);
- }
- break;
-
- case ROLE_SET:
- if (value == null) {
- unsetRoleSet();
- } else {
- setRoleSet((TSentryActiveRoleSet)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case AUTHORIZABLE_SET:
- return getAuthorizableSet();
-
- case GROUPS:
- return getGroups();
-
- case ROLE_SET:
- return getRoleSet();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case AUTHORIZABLE_SET:
- return isSetAuthorizableSet();
- case GROUPS:
- return isSetGroups();
- case ROLE_SET:
- return isSetRoleSet();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesByAuthRequest)
- return this.equals((TListSentryPrivilegesByAuthRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesByAuthRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_authorizableSet = true && this.isSetAuthorizableSet();
- boolean that_present_authorizableSet = true && that.isSetAuthorizableSet();
- if (this_present_authorizableSet || that_present_authorizableSet) {
- if (!(this_present_authorizableSet && that_present_authorizableSet))
- return false;
- if (!this.authorizableSet.equals(that.authorizableSet))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- boolean this_present_roleSet = true && this.isSetRoleSet();
- boolean that_present_roleSet = true && that.isSetRoleSet();
- if (this_present_roleSet || that_present_roleSet) {
- if (!(this_present_roleSet && that_present_roleSet))
- return false;
- if (!this.roleSet.equals(that.roleSet))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_authorizableSet = true && (isSetAuthorizableSet());
- list.add(present_authorizableSet);
- if (present_authorizableSet)
- list.add(authorizableSet);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- boolean present_roleSet = true && (isSetRoleSet());
- list.add(present_roleSet);
- if (present_roleSet)
- list.add(roleSet);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesByAuthRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizableSet()).compareTo(other.isSetAuthorizableSet());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizableSet()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizableSet, other.authorizableSet);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleSet()).compareTo(other.isSetRoleSet());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleSet()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleSet, other.roleSet);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("authorizableSet:");
- if (this.authorizableSet == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizableSet);
- }
- first = false;
- if (isSetGroups()) {
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- }
- if (isSetRoleSet()) {
- if (!first) sb.append(", ");
- sb.append("roleSet:");
- if (this.roleSet == null) {
- sb.append("null");
- } else {
- sb.append(this.roleSet);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetAuthorizableSet()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'authorizableSet' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (roleSet != null) {
- roleSet.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesByAuthRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthRequestStandardScheme getScheme() {
- return new TListSentryPrivilegesByAuthRequestStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthRequestStandardScheme extends StandardScheme<TListSentryPrivilegesByAuthRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // AUTHORIZABLE_SET
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set130 = iprot.readSetBegin();
- struct.authorizableSet = new HashSet<TSentryAuthorizable>(2*_set130.size);
- TSentryAuthorizable _elem131;
- for (int _i132 = 0; _i132 < _set130.size; ++_i132)
- {
- _elem131 = new TSentryAuthorizable();
- _elem131.read(iprot);
- struct.authorizableSet.add(_elem131);
- }
- iprot.readSetEnd();
- }
- struct.setAuthorizableSetIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set133 = iprot.readSetBegin();
- struct.groups = new HashSet<String>(2*_set133.size);
- String _elem134;
- for (int _i135 = 0; _i135 < _set133.size; ++_i135)
- {
- _elem134 = iprot.readString();
- struct.groups.add(_elem134);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // ROLE_SET
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.authorizableSet != null) {
- oprot.writeFieldBegin(AUTHORIZABLE_SET_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.authorizableSet.size()));
- for (TSentryAuthorizable _iter136 : struct.authorizableSet)
- {
- _iter136.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- if (struct.isSetGroups()) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
- for (String _iter137 : struct.groups)
- {
- oprot.writeString(_iter137);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- if (struct.roleSet != null) {
- if (struct.isSetRoleSet()) {
- oprot.writeFieldBegin(ROLE_SET_FIELD_DESC);
- struct.roleSet.write(oprot);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesByAuthRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthRequestTupleScheme getScheme() {
- return new TListSentryPrivilegesByAuthRequestTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthRequestTupleScheme extends TupleScheme<TListSentryPrivilegesByAuthRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- {
- oprot.writeI32(struct.authorizableSet.size());
- for (TSentryAuthorizable _iter138 : struct.authorizableSet)
- {
- _iter138.write(oprot);
- }
- }
- BitSet optionals = new BitSet();
- if (struct.isSetGroups()) {
- optionals.set(0);
- }
- if (struct.isSetRoleSet()) {
- optionals.set(1);
- }
- oprot.writeBitSet(optionals, 2);
- if (struct.isSetGroups()) {
- {
- oprot.writeI32(struct.groups.size());
- for (String _iter139 : struct.groups)
- {
- oprot.writeString(_iter139);
- }
- }
- }
- if (struct.isSetRoleSet()) {
- struct.roleSet.write(oprot);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set140 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.authorizableSet = new HashSet<TSentryAuthorizable>(2*_set140.size);
- TSentryAuthorizable _elem141;
- for (int _i142 = 0; _i142 < _set140.size; ++_i142)
- {
- _elem141 = new TSentryAuthorizable();
- _elem141.read(iprot);
- struct.authorizableSet.add(_elem141);
- }
- }
- struct.setAuthorizableSetIsSet(true);
- BitSet incoming = iprot.readBitSet(2);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TSet _set143 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.groups = new HashSet<String>(2*_set143.size);
- String _elem144;
- for (int _i145 = 0; _i145 < _set143.size; ++_i145)
- {
- _elem144 = iprot.readString();
- struct.groups.add(_elem144);
- }
- }
- struct.setGroupsIsSet(true);
- }
- if (incoming.get(1)) {
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- }
- }
- }
-
-}
-
[05/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java
deleted file mode 100644
index 36fa4b5..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestConnectionWithTicketTimeout.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.hadoop.minikdc.MiniKdc;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.junit.BeforeClass;
-import org.junit.Ignore;
-import org.junit.Test;
-
-@Ignore("SENTRY-515: Not part of automated unit testing, as it takes too long. Fails until we move to a hadoop 2.6.1. See HADOOP-10786")
-public class TestConnectionWithTicketTimeout extends
- org.apache.sentry.service.thrift.SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- public static void beforeSetup() throws Exception {
- kdcConfOverlay.setProperty(MiniKdc.MAX_TICKET_LIFETIME, "360001");
- //Only UGI based client connections renew their TGT, this is not a problem in the real world
- // as this is not configurable and always true
- conf.set(ServiceConstants.ServerConfig.SECURITY_USE_UGI_TRANSPORT, "true");
- }
-
- /***
- * Test is run only when sentry.hive.test.ticket.timeout is set to "true"
- * @throws Exception
- */
- @Test
- public void testConnectionAfterTicketTimeout() throws Exception {
- Thread.sleep(400000);
- connectToSentryService();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java
deleted file mode 100644
index 6a2f48f..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestNotificationHandlerInvoker.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.util.UUID;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Mockito;
-
-import com.google.common.collect.Lists;
-
-public class TestNotificationHandlerInvoker {
-
- private Configuration conf;
- private CommitContext commitContext;
- private NotificationHandler handler;
- private NotificationHandlerInvoker invoker;
-
- @Before
- public void setup() throws Exception {
- conf = new Configuration(false);
- commitContext = new CommitContext(UUID.randomUUID(), 1L);
- handler = Mockito.spy(new NotificationHandler(conf) {});
- invoker = new NotificationHandlerInvoker(conf,
- Lists.newArrayList(new ThrowingNotificationHandler(conf), handler));
- }
-
- @Test
- public void testCreateSentryRole() throws Exception {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- TCreateSentryRoleResponse response = new TCreateSentryRoleResponse();
- invoker.create_sentry_role(commitContext, request, response);
- Mockito.verify(handler).create_sentry_role(commitContext,
- request, response);
- }
-
- @Test
- public void testDropSentryRole() throws Exception {
- TDropSentryRoleRequest request = new TDropSentryRoleRequest();
- TDropSentryRoleResponse response = new TDropSentryRoleResponse();
- invoker.drop_sentry_role(commitContext, request, response);
- Mockito.verify(handler).drop_sentry_role(commitContext,
- request, response);
- }
-
-
-
- @Test
- public void testAlterSentryRoleAddGroups() throws Exception {
- TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
- TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse();
- invoker.alter_sentry_role_add_groups(commitContext, request, response);
- Mockito.verify(handler).alter_sentry_role_add_groups(commitContext,
- request, response);
- }
-
- @Test
- public void testAlterSentryRoleDeleteGroups() throws Exception {
- TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
- TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse();
- invoker.alter_sentry_role_delete_groups(commitContext, request, response);
- Mockito.verify(handler).alter_sentry_role_delete_groups(commitContext,
- request, response);
- }
-
- public static class ThrowingNotificationHandler extends NotificationHandler {
- public ThrowingNotificationHandler(Configuration config) throws Exception {
- super(config);
- }
- @Override
- public void create_sentry_role(CommitContext args,
- TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) {
- throw new RuntimeException();
- }
- public void drop_sentry_role(CommitContext context,
- TDropSentryRoleRequest request,
- TDropSentryRoleResponse response) {
- throw new RuntimeException();
- }
- @Override
- public void alter_sentry_role_add_groups(CommitContext args,
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response) {
- throw new RuntimeException();
- }
- @Override
- public void alter_sentry_role_delete_groups(
- CommitContext args, TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response) {
- throw new RuntimeException();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
deleted file mode 100644
index 04d92dd..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryPolicyStoreProcessor.java
+++ /dev/null
@@ -1,81 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.junit.Assert;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException;
-import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.junit.Before;
-import org.junit.Test;
-
-public class TestSentryPolicyStoreProcessor {
-
- private Configuration conf;
-
- @Before
- public void setup() {
- conf = new Configuration(false);
- }
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigNotNotificationHandler() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, Object.class.getName());
- SentryPolicyStoreProcessor.createHandlers(conf);
- }
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigCannotCreateNotificationHandler() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS,
- ExceptionInConstructorNotificationHandler.class.getName());
- SentryPolicyStoreProcessor.createHandlers(conf);
- }
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigNotAClassNotificationHandler() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS, "junk");
- SentryPolicyStoreProcessor.createHandlers(conf);
- }
- @Test
- public void testConfigMultipleNotificationHandlers() throws Exception {
- conf.set(PolicyStoreServerConfig.NOTIFICATION_HANDLERS,
- NoopNotificationHandler.class.getName() + "," +
- NoopNotificationHandler.class.getName() + " " +
- NoopNotificationHandler.class.getName());
- Assert.assertEquals(3, SentryPolicyStoreProcessor.createHandlers(conf).size());
- }
- public static class ExceptionInConstructorNotificationHandler extends NotificationHandler {
- public ExceptionInConstructorNotificationHandler(Configuration config) throws Exception {
- super(config);
- throw new Exception();
- }
- }
- public static class NoopNotificationHandler extends NotificationHandler {
- public NoopNotificationHandler(Configuration config) throws Exception {
- super(config);
- }
- }
- @Test(expected=SentryThriftAPIMismatchException.class)
- public void testSentryThriftAPIMismatch() throws Exception {
- SentryPolicyStoreProcessor.validateClientVersion(ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT -1);
- }
- @Test
- public void testSentryThriftAPIMatchVersion() throws Exception {
- SentryPolicyStoreProcessor.validateClientVersion(ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java
deleted file mode 100644
index 6c78942..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForHaWithoutKerberos.java
+++ /dev/null
@@ -1,219 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-import static org.junit.Assert.assertEquals;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.db.Database;
-import org.apache.sentry.core.model.db.Server;
-import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
-
-public class TestSentryServerForHaWithoutKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- haEnabled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- @Test
- public void testCreateRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.dropRole(requestorUserName, roleName);
- }
-
- @Test
- public void testQueryPushDown() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- String group1 = "g1";
- String group2 = "g2";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
-
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL");
-
-
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
- client.grantRoleToGroup(requestorUserName, group1, roleName2);
- client.grantRoleToGroup(requestorUserName, group2, roleName2);
-
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL");
-
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1")));
- assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db2"));
- assertEquals("Privilege not correctly assigned to roles !!",
- Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"),
- listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
- assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
- }
-
-
-
- /**
- * Create role, add privileges and grant it to a group drop the role and
- * verify the privileges are no longer visible recreate the role with same
- * name and verify the privileges again.
- * @throws Exception
- */
- @Test
- public void testDropRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- }
-
- @Test
- public void testDropRoleOnUser() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- Set<String> requestorUserNames = Sets.newHashSet(ADMIN_USER);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToUser(requestorUserName, ADMIN_USER, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- }
-
- /**
- * Test that we are correctly substituting "_HOST" if/when needed.
- *
- * @throws Exception
- */
- @Test
- public void testHostSubstitution() throws Exception {
- // We just need to ensure that we are able to correct connect to the server
- connectToSentryService();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java
deleted file mode 100644
index 9ba7d23..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServerForPoolHAWithoutKerberos extends TestSentryServerForHaWithoutKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- haEnabled = true;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java
deleted file mode 100644
index 62fbb2f..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServerForPoolWithoutKerberos extends TestSentryServerWithoutKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- haEnabled = false;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java
deleted file mode 100644
index b37f057..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerWithoutKerberos.java
+++ /dev/null
@@ -1,214 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-import static org.junit.Assert.assertEquals;
-
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.db.Database;
-import org.apache.sentry.core.model.db.Server;
-import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
-
-public class TestSentryServerWithoutKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- @Test
- public void testCreateRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.dropRole(requestorUserName, roleName);
- }
-
- @Test
- public void testQueryPushDown() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- String group1 = "g1";
- String group2 = "g2";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
-
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL");
-
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
- client.grantRoleToGroup(requestorUserName, group1, roleName2);
- client.grantRoleToGroup(requestorUserName, group2, roleName2);
-
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db3", "table5", "ALL");
-
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, null);
- assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, new ArrayList<Authorizable>());
- assertEquals("Privilege not assigned to role2 !!", 5, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1")));
- assertEquals("Privilege not assigned to role2 !!", 2, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db2"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 0, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db1"), new Table("table1")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, Lists.newArrayList(new Server("server"), new Database("db3")));
- assertEquals("Privilege not assigned to role2 !!", 1, listPrivilegesByRoleName.size());
-
- Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db2"));
- assertEquals("Privilege not correctly assigned to roles !!",
- Sets.newHashSet("server=server->db=db2->table=table4->action=all", "server=server->db=db2->table=table3->action=all"),
- listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, ActiveRoleSet.ALL, new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=server->db=db3->table=table5->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server"), new Database("db3"));
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet("server=+"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1, group2), null, new ActiveRoleSet(Sets.newHashSet(roleName1)), new Server("server1"));
- assertEquals("Privilege not correctly assigned to roles !!", new HashSet<String>(), listPrivilegesForProvider);
- }
-
-
-
- /**
- * Create role, add privileges and grant it to a group drop the role and
- * verify the privileges are no longer visible recreate the role with same
- * name and verify the privileges again.
- * @throws Exception
- */
- @Test
- public void testDropRole() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, null,
- ActiveRoleSet.ALL).size());
- }
-
- @Test
- public void testDropRoleOnUser() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- Set<String> requestorUserNames = Sets.newHashSet(ADMIN_USER);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
-
- // create role and add privileges
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.grantRoleToUser(requestorUserName, ADMIN_USER, roleName);
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName, "server1", "db3", "tab3", "ALL");
- assertEquals(2, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // drop role and verify privileges
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // recreate the role
- client.createRole(requestorUserName, roleName);
- client.grantRoleToGroup(requestorUserName, ADMIN_GROUP, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
-
- // grant different privileges and verify
- client.grantDatabasePrivilege(requestorUserName, roleName, "server1", "db2", AccessConstants.ALL);
- assertEquals(1, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- client.dropRole(requestorUserName, roleName);
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- assertEquals(0, client.listPrivilegesForProvider(requestorUserGroupNames, requestorUserNames,
- ActiveRoleSet.ALL).size());
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java
deleted file mode 100644
index fe4164d..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceClientPool.java
+++ /dev/null
@@ -1,111 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import static org.junit.Assert.assertTrue;
-
-import java.security.PrivilegedExceptionAction;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-import java.util.concurrent.Callable;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-import java.util.concurrent.FutureTask;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.service.thrift.SentryServiceFactory;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-public class TestSentryServiceClientPool extends SentryServiceIntegrationBase {
-
- @Test
- public void testConnectionWhenReconnect() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.listRoles(requestorUserName);
- stopSentryService();
- server = new SentryServiceFactory().create(conf);
- startSentryService();
- client.listRoles(requestorUserName);
- client.dropRole(requestorUserName, roleName);
- }
- });
- }
-
- @Test
- public void testConnectionWithMultipleRetries() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- List<Future<Boolean>> tasks = new ArrayList<Future<Boolean>>();
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
-
- ExecutorService executorService = Executors.newFixedThreadPool(20);
-
- Callable<Boolean> func = new Callable<Boolean>() {
- public Boolean call() throws Exception {
- return clientUgi.doAs(new PrivilegedExceptionAction<Boolean>() {
- @Override
- public Boolean run() throws Exception {
- try {
- client.listRoles(ADMIN_USER);
- return true;
- } catch (SentryUserException sue) {
- return false;
- }
- }
- });
- }
- };
-
- for (int i = 0; i < 30; i++) {
- FutureTask<Boolean> task = new FutureTask<Boolean>(func);
- tasks.add(task);
- executorService.submit(task);
- }
-
- for (Future<Boolean> task : tasks) {
- Boolean result = task.get();
- assertTrue("Some tasks are failed.", result);
- }
- }
- });
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
deleted file mode 100644
index 51bba31..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceFailureCase.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Strings;
-
-public class TestSentryServiceFailureCase extends SentryServiceIntegrationBase {
- private static final Logger LOGGER = LoggerFactory.getLogger(TestSentryServiceFailureCase.class);
- private static final String PEER_CALLBACK_FAILURE = "Peer indicated failure: Problem with callback handler";
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- beforeSetup();
- setupConf();
- conf.set(ServerConfig.ALLOW_CONNECT, "");
- startSentryService();
- afterSetup();
- }
-
- @Override
- @Before
- public void before() throws Exception {
- }
-
- @Override
- @After
- public void after() {
- }
-
- @Test
- public void testClientServerConnectionFailure() throws Exception {
- try {
- connectToSentryService();
- Assert.fail("Failed to receive Exception");
- } catch(Exception e) {
- LOGGER.info("Excepted exception", e);
- Throwable cause = e.getCause();
- if (cause == null) {
- throw e;
- }
- String msg = "Exception message: " + cause.getMessage() + " to contain " +
- PEER_CALLBACK_FAILURE;
- Assert.assertTrue(msg, Strings.nullToEmpty(cause.getMessage())
- .contains(PEER_CALLBACK_FAILURE));
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
deleted file mode 100644
index 813b30b..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForHAWithKerberos.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-
-import java.io.File;
-import java.util.Set;
-
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-/**
- * Test various kerberos related stuff on the SentryService side
- */
-public class TestSentryServiceForHAWithKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- haEnabled = true;
- SERVER_KERBEROS_NAME = "sentry/_HOST@" + REALM;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
- @Override
- @Before
- public void before() throws Exception {
- policyFilePath = new File(dbDir, "local_policy_file.ini");
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
- policyFilePath.getPath());
- policyFile = new PolicyFile();
- connectToSentryService();
- }
-
- @Test
- public void testCreateRole() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r";
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- client.dropRole(requestorUserName, roleName);
- }
- });
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java
deleted file mode 100644
index acb906f..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServiceForPoolHAWithKerberos extends TestSentryServiceWithKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- haEnabled = true;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java
deleted file mode 100644
index bd3c1cc..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.junit.BeforeClass;
-
-public class TestSentryServiceForPoolWithKerberos extends TestSentryServiceWithKerberos {
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = true;
- haEnabled = false;
- pooled = true;
- beforeSetup();
- setupConf();
- startSentryService();
- afterSetup();
- }
-
-}
\ No newline at end of file
[03/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
deleted file mode 100644
index a05521f..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
+++ /dev/null
@@ -1,1102 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless createRequired by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.TreeMap;
-
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.db.AccessURI;
-import org.apache.sentry.core.model.db.Database;
-import org.apache.sentry.core.model.db.Server;
-import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.Test;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-
-
-public class TestSentryServiceIntegration extends SentryServiceIntegrationBase {
-
- @Test
- public void testCreateDropShowRole() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName);
-
- client.createRole(requestorUserName, roleName);
-
- Set<TSentryRole> roles = client.listRoles(requestorUserName);
- assertEquals("Incorrect number of roles", 1, roles.size());
-
- for (TSentryRole role:roles) {
- assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName));
- }
- client.dropRole(requestorUserName, roleName);
- }});
- }
-
- @Test
- public void testGranRevokePrivilegeOnTableForRole() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
-
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL");
-
-
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
-
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
-
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertEquals("Privilege not assigned to role1 !!", 4, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertEquals("Privilege not assigned to role2 !!", 4, listPrivilegesByRoleName.size());
-
-
- client.revokeTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 3);
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 4);
-
- client.revokeTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 3);
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 3);
-
- client.revokeTablePrivilege(requestorUserName, roleName1, "server", "db1", "table2", "ALL");
- client.revokeTablePrivilege(requestorUserName, roleName1, "server", "db2", "table3", "ALL");
- client.revokeTablePrivilege(requestorUserName, roleName1, "server", "db2", "table4", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 0);
-
- client.revokeTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2", "ALL");
- client.revokeTablePrivilege(requestorUserName, roleName2, "server", "db2", "table3", "ALL");
- client.revokeTablePrivilege(requestorUserName, roleName2, "server", "db2", "table4", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 0);
- }});
- }
-
- @Test
- public void testAddDeleteRolesForUser() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
-
- // user1->group1
- // user2->group1
- // user3->group1, group2
- // user4->group2, group3
- // group1->r1
- // group2->r2
- // group3->r2
- // user2->r3
- // user4->r3
- String roleName1 = "r1";
- String roleName2 = "r2";
- String roleName3 = "r3";
- String user1 = "u1";
- String user2 = "u2";
- String user3 = "u3";
- String user4 = "u4";
- String group1 = "g1";
- String group2 = "g2";
- String group3 = "g3";
- Map<String, Set<String>> userToGroups = Maps.newHashMap();
- userToGroups.put(user1, Sets.newHashSet(group1));
- userToGroups.put(user2, Sets.newHashSet(group1));
- userToGroups.put(user3, Sets.newHashSet(group1, group2));
- userToGroups.put(user4, Sets.newHashSet(group2, group3));
-
- setLocalGroupMapping(user1, Sets.newHashSet(group1));
- setLocalGroupMapping(user2, Sets.newHashSet(group1));
- setLocalGroupMapping(user3, Sets.newHashSet(group1, group2));
- setLocalGroupMapping(user4, Sets.newHashSet(group2, group3));
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.dropRoleIfExists(requestorUserName, roleName3);
- client.createRole(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName3);
-
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
- client.grantRoleToUser(requestorUserName, user2, roleName2);
- client.grantRoleToUser(requestorUserName, user3, roleName2);
- client.grantRoleToUser(requestorUserName, user2, roleName3);
- client.grantRoleToUsers(requestorUserName, roleName3, Sets.newHashSet(user4));
- // following test cases also test the grantRoleToUser() and grantRoleToUsers() implicity
- // admin always can get the role list
- Set<TSentryRole> roles = client.listRolesByUserName(requestorUserName, user1);
- assertEquals(0, roles.size());
- // the role list includes the role for user and the role for user's group
- roles = client.listRolesByUserName(requestorUserName, user2);
- assertEquals(2, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName2.equals(role.getRoleName()) || roleName3.equals(role.getRoleName()));
- }
- // user has 2 groups whose role list are different
- roles = client.listRolesByUserName(requestorUserName, user3);
- assertEquals(1, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName2.equals(role.getRoleName()));
- }
- // user has 2 groups whose role list are the same
- roles = client.listRolesByUserName(requestorUserName, user4);
- assertEquals(1, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName3.equals(role.getRoleName()));
- }
- // user can get his own role list if he isn't an admin
- roles = client.listRolesByUserName(user3, user3);
- assertEquals(1, roles.size());
- // user can't get other's role list if he isn't an admin
- try {
- client.listRolesByUserName(user3, user2);
- fail("SentryAccessDeniedException should be caught.");
- } catch (SentryAccessDeniedException e) {
- // excepted exception
- }
- // the user's name can't be empty
- try {
- client.listRolesByUserName(user3, "");
- fail("SentryAccessDeniedException should be caught.");
- } catch (SentryAccessDeniedException e) {
- // excepted exception
- }
- client.revokeRoleFromUser(requestorUserName, user2, roleName3);
- client.revokeRoleFromUsers(requestorUserName, roleName3, Sets.newHashSet(user4));
- // test the result of revokeRoleFromUser() and revokeRoleFromUsers()
- roles = client.listRolesByUserName(requestorUserName, user2);
- assertEquals(1, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName2.equals(role.getRoleName()));
- }
- roles = client.listRolesByUserName(requestorUserName, user4);
- assertEquals(0, roles.size());
- }
- });
- }
-
- @Test
- public void testGranRevokePrivilegeForRoleWithUG() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
-
- // user1_1->group1
- // user1_2->group1
- // user2_1->group2
- // user2_2->group2
- // group1->r1
- // group2->r2
- // user1_1->r3
- // user2_1->r4
- String roleName1 = "r1";
- String roleName2 = "r2";
- String roleName3 = "r3";
- String roleName4 = "r4";
- String user1_1 = "u1_1";
- String user1_2 = "u1_2";
- String user2_1 = "u2_1";
- String user2_2 = "u2_2";
- String group1 = "g1";
- String group2 = "g2";
- Map<String, String> userToGroup = Maps.newHashMap();
- userToGroup.put(user1_1, group1);
- userToGroup.put(user1_2, group1);
- userToGroup.put(user2_1, group2);
- userToGroup.put(user2_2, user2_1);
-
- Set<String> groupSet = Sets.newHashSet(group1);
- setLocalGroupMapping(user1_1, groupSet);
- setLocalGroupMapping(user1_2, groupSet);
- groupSet = Sets.newHashSet(group2);
- setLocalGroupMapping(user2_1, groupSet);
- setLocalGroupMapping(user2_2, groupSet);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.dropRoleIfExists(requestorUserName, roleName3);
- client.dropRoleIfExists(requestorUserName, roleName4);
- client.createRole(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName3);
- client.createRole(requestorUserName, roleName4);
-
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
- client.grantRoleToGroup(requestorUserName, group2, roleName2);
- client.grantRoleToUser(requestorUserName, user1_1, roleName3);
- client.grantRoleToUsers(requestorUserName, roleName4, Sets.newHashSet(user2_1));
-
- client
- .grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1_1", "ALL");
- client
- .grantTablePrivilege(requestorUserName, roleName1, "server", "db1", "table1_2", "ALL");
- client
- .grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2_1", "ALL");
- client
- .grantTablePrivilege(requestorUserName, roleName2, "server", "db1", "table2_2", "ALL");
- client
- .grantTablePrivilege(requestorUserName, roleName3, "server", "db1", "table3_1", "ALL");
- client
- .grantTablePrivilege(requestorUserName, roleName3, "server", "db1", "table3_2", "ALL");
- client
- .grantTablePrivilege(requestorUserName, roleName4, "server", "db1", "table4_1", "ALL");
- client
- .grantTablePrivilege(requestorUserName, roleName4, "server", "db1", "table4_2", "ALL");
-
- Set<String> listPrivilegesForProvider = client.listPrivilegesForProvider(
- Sets.newHashSet(group1), Sets.newHashSet(""), ActiveRoleSet.ALL, (Authorizable[]) null);
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(
- "server=server->db=db1->table=table1_1->action=all",
- "server=server->db=db1->table=table1_2->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(
- Sets.newHashSet(userToGroup.get(user1_2)),
- Sets.newHashSet(user1_2), ActiveRoleSet.ALL, (Authorizable[]) null);
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(
- "server=server->db=db1->table=table1_1->action=all",
- "server=server->db=db1->table=table1_2->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(
- Sets.newHashSet(userToGroup.get(user1_1)),
- Sets.newHashSet(user1_1), ActiveRoleSet.ALL, (Authorizable[]) null);
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(
- "server=server->db=db1->table=table1_1->action=all",
- "server=server->db=db1->table=table1_2->action=all",
- "server=server->db=db1->table=table3_1->action=all",
- "server=server->db=db1->table=table3_2->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(Sets.newHashSet(group1),
- Sets.newHashSet(user1_1, user1_2), ActiveRoleSet.ALL, (Authorizable[]) null);
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(
- "server=server->db=db1->table=table1_1->action=all",
- "server=server->db=db1->table=table1_2->action=all",
- "server=server->db=db1->table=table3_1->action=all",
- "server=server->db=db1->table=table3_2->action=all"), listPrivilegesForProvider);
-
- listPrivilegesForProvider = client.listPrivilegesForProvider(
- Sets.newHashSet(group1, group2), Sets.newHashSet(user1_1, user1_2, user2_1, user2_2),
- ActiveRoleSet.ALL, (Authorizable[]) null);
- assertEquals("Privilege not correctly assigned to roles !!", Sets.newHashSet(
- "server=server->db=db1->table=table1_1->action=all",
- "server=server->db=db1->table=table1_2->action=all",
- "server=server->db=db1->table=table2_1->action=all",
- "server=server->db=db1->table=table2_2->action=all",
- "server=server->db=db1->table=table3_1->action=all",
- "server=server->db=db1->table=table3_2->action=all",
- "server=server->db=db1->table=table4_1->action=all",
- "server=server->db=db1->table=table4_2->action=all"), listPrivilegesForProvider);
-
- client.revokeRoleFromUser(requestorUserName, user1_1, roleName3);
- client.revokeRoleFromUsers(requestorUserName, roleName4, Sets.newHashSet(user2_1));
- }
- });
- }
-
- @Test
- public void testMultipleRolesSamePrivilege() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
-
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
-
- client.grantTablePrivilege(requestorUserName, roleName1, "server", "db", "table", "ALL");
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not assigned to role1 !!", listPrivilegesByRoleName.size() == 1);
-
- client.grantTablePrivilege(requestorUserName, roleName2, "server", "db", "table", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertTrue("Privilege not assigned to role2 !!", listPrivilegesByRoleName.size() == 1);
- }});
- }
-
- @Test
- public void testShowRoleGrant() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_testdb";
- String groupName = "group1";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
-
- Set<TSentryRole> roles = client.listRoles(requestorUserName);
- assertEquals("Incorrect number of roles", 1, roles.size());
-
- client.grantRoleToGroup(requestorUserName, groupName, roleName);
- Set<TSentryRole> groupRoles = client.listRolesByGroupName(requestorUserName, groupName);
- assertTrue(groupRoles.size() == 1);
- for (TSentryRole role:groupRoles) {
- assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName));
- assertTrue(role.getGroups().size() == 1);
- for (TSentryGroup group :role.getGroups()) {
- assertTrue(group.getGroupName(), group.getGroupName().equalsIgnoreCase(groupName));
- }
- }
-
- client.dropRole(requestorUserName, roleName);
- }});
- }
-
- @Test
- public void testShowGrant() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_testdb";
- String server = "server1";
- String db = "testDB";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
-
- Set<TSentryRole> roles = client.listRoles(requestorUserName);
- assertEquals("Incorrect number of roles", 1, roles.size());
-
- client.grantDatabasePrivilege(requestorUserName, roleName, server, db, AccessConstants.ALL);
- Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName);
- assertTrue(privileges.size() == 1);
-
- client.revokeDatabasePrivilege(requestorUserName, roleName, server, db, AccessConstants.ALL);
- client.dropRole(requestorUserName, roleName);
- }});
- }
-
- //See SENTRY-166
- @Test
- public void testUriWithEquals() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_testdb";
- String server = "server1";
- String uri = "file://u/w/h/t/partition=value/";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- // Creating associated role
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
- Set<TSentryRole> roles = client.listRoles(requestorUserName);
- assertEquals("Incorrect number of roles", 1, roles.size());
-
- client.grantURIPrivilege(requestorUserName, roleName, server, uri);
- Set<TSentryPrivilege> privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName);
- assertTrue(privileges.size() == 1);
-
- // Revoking the same privilege
- client.revokeURIPrivilege(requestorUserName, roleName, server, uri);
- privileges = client.listAllPrivilegesByRoleName(requestorUserName, roleName);
- assertTrue(privileges.size() == 0);
-
- // Clean up
- client.dropRole(requestorUserName, roleName);
- }});
- }
-
-
- //See SENTRY-181
- @Test
- public void testSameGrantTwice() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r1";
-
- client.createRole(requestorUserName, roleName);
- client.grantTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL");
- client.grantTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL");
- assertEquals(1, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
- }});
- }
-
- @Test
- public void testGrantRevokeWithGrantOption() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- // Grant a privilege with Grant Option
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r1";
- boolean grantOption = true;
- boolean withoutGrantOption = false;
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
-
- client.grantTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL", grantOption);
- assertEquals(1, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
-
- // Try to revoke the privilege without grantOption and can't revoke the privilege.
- client.revokeTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL", withoutGrantOption);
- assertEquals(1, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
-
- // Try to revoke the privilege with grantOption, the privilege will be revoked.
- client.revokeTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL", grantOption);
- assertEquals(0, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
- }});
- }
-
- @Test
- public void testGrantTwoPrivilegeDiffInGrantOption() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- // Grant a privilege with 'Grant Option'.
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r1";
- boolean grantOption = true;
- boolean withoutGrantOption = false;
-
- client.dropRoleIfExists(requestorUserName, roleName);
- client.createRole(requestorUserName, roleName);
-
- client.grantTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL", grantOption);
- assertEquals(1, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
-
- // Grant a privilege without 'Grant Option'.
- client.grantTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL", withoutGrantOption);
- assertEquals(2, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
-
- // Use 'grantOption = null', the two privileges will be revoked.
- client.revokeTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL", null);
- assertEquals(0, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
- }});
- }
-
- @Test
- public void testGranRevokePrivilegeOnColumnForRole() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
-
- client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table1", "col1", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table1", "col2", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table2", "col1", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table2", "col2", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db2", "table1", "col1", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName1, "server", "db2", "table2", "col1", "ALL");
-
-
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
-
- client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table1", "col1", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table1", "col2", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table2", "col1", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table2", "col2", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db2", "table1", "col1", "ALL");
- client.grantColumnPrivilege(requestorUserName, roleName2, "server", "db2", "table2", "col1", "ALL");
-
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertEquals("Privilege not assigned to role1 !!", 6, listPrivilegesByRoleName.size());
-
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertEquals("Privilege not assigned to role2 !!", 6, listPrivilegesByRoleName.size());
-
-
- client.revokeColumnPrivilege(requestorUserName, roleName1, "server", "db1", "table1", "col1", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 5);
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 6);
-
- client.revokeTablePrivilege(requestorUserName, roleName2, "server", "db1", "table1", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 4);
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 5);
-
- client.revokeDatabasePrivilege(requestorUserName, roleName1, "server", "db1", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 2);
- client.revokeColumnPrivilege(requestorUserName, roleName1, "server", "db2", "table1", "col1", "ALL");
- client.revokeColumnPrivilege(requestorUserName, roleName1, "server", "db2", "table2", "col1", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 0);
-
- client.revokeColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table2", "col1", "ALL");
- client.revokeColumnPrivilege(requestorUserName, roleName2, "server", "db1", "table2", "col2", "ALL");
- client.revokeColumnPrivilege(requestorUserName, roleName2, "server", "db2", "table1", "col1", "ALL");
- client.revokeColumnPrivilege(requestorUserName, roleName2, "server", "db2", "table2", "col1", "ALL");
- listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName2);
- assertTrue("Privilege not correctly revoked !!", listPrivilegesByRoleName.size() == 0);
- }});
- }
-
- @Test
- public void testListByAuthDB() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName1 = "role1";
- String roleName2 = "role2";
- Set<String> testRoleSet = Sets.newHashSet(roleName1, roleName2);
- String group1 = "group1";
- String group2 = "group2";
- Set<String> testGroupSet = Sets.newHashSet(group1, group2);
- String server = "server1";
- String db = "testDB";
- String db2 = "testDB2";
- String tab = "testTab";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- String group1user = "group1user";
- setLocalGroupMapping(group1user, Sets.newHashSet(group1));
- String group2user = "group2user";
- setLocalGroupMapping(group2user, Sets.newHashSet(group2));
- setLocalGroupMapping("random", Sets.newHashSet("foo"));
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
-
- TSentryPrivilege role1db1 = client.grantDatabasePrivilege(
- requestorUserName, roleName1, server, db, AccessConstants.SELECT);
- client.grantTablePrivilege(requestorUserName, roleName1, server, db, tab,
- AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName1, server, db2, tab,
- AccessConstants.SELECT);
- client.grantURIPrivilege(requestorUserName, roleName1, server, "hdfs:///fooUri");
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
-
- TSentryPrivilege role2db1 = client.grantDatabasePrivilege(
- requestorUserName, roleName2, server, db,
- AccessConstants.ALL);
- client.grantDatabasePrivilege(requestorUserName, roleName2, server, db2,
- AccessConstants.SELECT);
- client.grantTablePrivilege(requestorUserName, roleName2, server, db2, tab,
- AccessConstants.ALL);
- client.grantRoleToGroup(requestorUserName, group2, roleName2);
-
- // build expected output
- TSentryPrivilegeMap db1RoleToPrivMap = new TSentryPrivilegeMap(
- new TreeMap<String, Set<TSentryPrivilege>>());
- db1RoleToPrivMap.getPrivilegeMap()
- .put(roleName1, Sets.newHashSet(role1db1));
- db1RoleToPrivMap.getPrivilegeMap()
- .put(roleName2, Sets.newHashSet(role2db1));
- Map<TSentryAuthorizable, TSentryPrivilegeMap> expectedResults = Maps
- .newTreeMap();
- List<? extends Authorizable> db1Authrizable = Lists.newArrayList(
- new Server(server), new Database(db));
- expectedResults.put(
- SentryPolicyServiceClientDefaultImpl.setupSentryAuthorizable(db1Authrizable),
- db1RoleToPrivMap);
-
- Set<List<? extends Authorizable>> authorizableSet = Sets.newHashSet();
- authorizableSet.add(db1Authrizable);
-
- // verify for null group and null roleset
- Map<TSentryAuthorizable, TSentryPrivilegeMap> authPrivMap = client
- .listPrivilegsbyAuthorizable(requestorUserName, authorizableSet, null, null);
- assertEquals(expectedResults, authPrivMap);
-
- // verify for null group and specific roleset
- authPrivMap = client.listPrivilegsbyAuthorizable(requestorUserName, authorizableSet,
- null, new ActiveRoleSet(testRoleSet));
- assertEquals(expectedResults, authPrivMap);
-
- // verify for null group and specific roleset
- authPrivMap = client.listPrivilegsbyAuthorizable(requestorUserName, authorizableSet, null,
- ActiveRoleSet.ALL);
- assertEquals(expectedResults, authPrivMap);
-
- // verify for specific group and null roleset
- authPrivMap = client.listPrivilegsbyAuthorizable(requestorUserName, authorizableSet,
- testGroupSet, null);
- assertEquals(expectedResults, authPrivMap);
-
- // verify for specific group and specific roleset
- authPrivMap = client.listPrivilegsbyAuthorizable(requestorUserName, authorizableSet,
- testGroupSet, new ActiveRoleSet(testRoleSet));
- assertEquals(expectedResults, authPrivMap);
-
- // verify for specific group and ALL roleset
- authPrivMap = client.listPrivilegsbyAuthorizable(requestorUserName, authorizableSet,
- testGroupSet, ActiveRoleSet.ALL);
- assertEquals(expectedResults, authPrivMap);
-
- // verify users not belonging to any group are not shown anything
- authPrivMap = client
- .listPrivilegsbyAuthorizable("random", authorizableSet,
- new HashSet<String>(), ActiveRoleSet.ALL);
- expectedResults.clear();
- expectedResults.put(
- SentryPolicyServiceClientDefaultImpl.setupSentryAuthorizable(db1Authrizable),
- new TSentryPrivilegeMap(new HashMap<String, Set<TSentryPrivilege>>()));
- assertEquals(expectedResults, authPrivMap);
- }});
- }
-
- @Test
- public void testListByAuthTab() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName1 = "role1";
- String roleName2 = "role2";
- String server = "server1";
- String db = "testDB";
- String db2 = "testDB2";
- String tab = "testTab";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
-
- client.grantDatabasePrivilege(
- requestorUserName, roleName1, server, db, AccessConstants.SELECT);
- client.grantTablePrivilege(requestorUserName, roleName1, server, db, tab,
- AccessConstants.ALL);
- TSentryPrivilege role1db2tab = client.grantTablePrivilege(
- requestorUserName, roleName1, server, db2, tab,
- AccessConstants.SELECT);
-
- client.grantDatabasePrivilege(
- requestorUserName, roleName2, server, db,
- AccessConstants.ALL);
- client.grantDatabasePrivilege(requestorUserName, roleName2, server, db2,
- AccessConstants.SELECT);
- TSentryPrivilege role2db2tab = client.grantTablePrivilege(
- requestorUserName, roleName2, server, db2, tab,
- AccessConstants.ALL);
- client.grantURIPrivilege(requestorUserName, roleName1, server,
- "hdfs:///fooUri");
-
- // build expected output
- TSentryPrivilegeMap db1RoleToPrivMap = new TSentryPrivilegeMap(
- new TreeMap<String, Set<TSentryPrivilege>>());
- db1RoleToPrivMap.getPrivilegeMap().put(roleName1,
- Sets.newHashSet(role1db2tab));
- db1RoleToPrivMap.getPrivilegeMap().put(roleName2,
- Sets.newHashSet(role2db2tab));
- Map<TSentryAuthorizable, TSentryPrivilegeMap> expectedResults = Maps
- .newTreeMap();
- List<? extends Authorizable> db2TabAuthrizable = Lists.newArrayList(
- new Server(server), new Database(db2), new Table(tab));
- expectedResults.put(
- SentryPolicyServiceClientDefaultImpl.setupSentryAuthorizable(db2TabAuthrizable),
- db1RoleToPrivMap);
-
- Set<List<? extends Authorizable>> authorizableSet = Sets.newHashSet();
- authorizableSet.add(db2TabAuthrizable);
- Map<TSentryAuthorizable, TSentryPrivilegeMap> authPrivMap = client
- .listPrivilegsbyAuthorizable(requestorUserName, authorizableSet, null, null);
-
- assertEquals(expectedResults, authPrivMap);
- }});
- }
-
- @Test
- public void testListByAuthUri() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName1 = "role1";
- String roleName2 = "role2";
- String server = "server1";
- String db = "testDB";
- String db2 = "testDB2";
- String tab = "testTab";
- String uri1 = "hdfs:///fooUri";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
-
- client.grantDatabasePrivilege(requestorUserName, roleName1, server, db,
- AccessConstants.SELECT);
- client.grantTablePrivilege(requestorUserName, roleName1, server, db, tab,
- AccessConstants.ALL);
- client.grantTablePrivilege(requestorUserName, roleName1, server, db2, tab,
- AccessConstants.SELECT);
- TSentryPrivilege role1uri1 = client.grantURIPrivilege(requestorUserName,
- roleName1, server, uri1);
-
- client.grantDatabasePrivilege(requestorUserName, roleName2, server, db,
- AccessConstants.ALL);
- client.grantDatabasePrivilege(requestorUserName, roleName2, server, db2,
- AccessConstants.SELECT);
- client.grantTablePrivilege(requestorUserName, roleName2, server, db2, tab,
- AccessConstants.ALL);
- TSentryPrivilege role2uri2 = client.grantURIPrivilege(requestorUserName,
- roleName2, server, uri1);
-
- // build expected output
- TSentryPrivilegeMap db1RoleToPrivMap = new TSentryPrivilegeMap(
- new TreeMap<String, Set<TSentryPrivilege>>());
- db1RoleToPrivMap.getPrivilegeMap().put(roleName1,
- Sets.newHashSet(role1uri1));
- db1RoleToPrivMap.getPrivilegeMap().put(roleName2,
- Sets.newHashSet(role2uri2));
- Map<TSentryAuthorizable, TSentryPrivilegeMap> expectedResults = Maps
- .newTreeMap();
- List<? extends Authorizable> uri1Authrizable = Lists.newArrayList(
- new Server(server), new AccessURI(uri1));
- expectedResults.put(
- SentryPolicyServiceClientDefaultImpl.setupSentryAuthorizable(uri1Authrizable),
- db1RoleToPrivMap);
-
- Set<List<? extends Authorizable>> authorizableSet = Sets.newHashSet();
- authorizableSet.add(uri1Authrizable);
- Map<TSentryAuthorizable, TSentryPrivilegeMap> authPrivMap = client
- .listPrivilegsbyAuthorizable(requestorUserName, authorizableSet, null, null);
-
- assertEquals(expectedResults, authPrivMap);
- }});
- }
-
- /**
- * List privileges by authorizables executed by non-admin user
- * Test various positive and negative cases for non-admin user
- * @throws Exception
- */
- @Test
- public void testListByAuthTabForNonAdmin() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- String user1 = "user1";
- String group1 = "group1";
- String group2 = "group2";
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- Set<String> userGroupNames1 = Sets.newHashSet(group1);
- Set<String> userGroupNames2 = Sets.newHashSet(group2);
- String roleName1 = "role1";
- String roleName2 = "role2";
- String server = "server1";
- String db = "testDB";
- String db2 = "testDB2";
- String tab = "testTab";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- setLocalGroupMapping(user1, userGroupNames1);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.dropRoleIfExists(requestorUserName, roleName2);
- client.createRole(requestorUserName, roleName2);
-
- client.grantDatabasePrivilege(requestorUserName, roleName1, server, db,
- AccessConstants.SELECT);
- client.grantTablePrivilege(requestorUserName, roleName1, server, db, tab,
- AccessConstants.ALL);
- TSentryPrivilege role1db2tab = client.grantTablePrivilege(
- requestorUserName, roleName1, server, db2, tab, AccessConstants.SELECT);
- client.grantRoleToGroup(requestorUserName, group1, roleName1);
-
- client.grantDatabasePrivilege(requestorUserName, roleName2, server, db,
- AccessConstants.ALL);
- client.grantDatabasePrivilege(requestorUserName, roleName2, server, db2,
- AccessConstants.SELECT);
- client.grantTablePrivilege(requestorUserName, roleName2, server, db2, tab,
- AccessConstants.ALL);
- client.grantURIPrivilege(requestorUserName, roleName1, server,
- "hdfs:///fooUri");
-
- // build expected output. user1 should see privileges on tab1 from role1
- TSentryPrivilegeMap db1RoleToPrivMap = new TSentryPrivilegeMap(
- new TreeMap<String, Set<TSentryPrivilege>>());
- db1RoleToPrivMap.getPrivilegeMap().put(roleName1, Sets.newHashSet(role1db2tab));
- Map<TSentryAuthorizable, TSentryPrivilegeMap> expectedResults = Maps.newTreeMap();
- List<? extends Authorizable> db2TabAuthorizable = Lists.newArrayList(
- new Server(server), new Database(db2), new Table(tab));
- expectedResults.put(
- SentryPolicyServiceClientDefaultImpl.setupSentryAuthorizable(db2TabAuthorizable),
- db1RoleToPrivMap);
-
- Set<List<? extends Authorizable>> authorizableSet = Sets.newHashSet();
- authorizableSet.add(db2TabAuthorizable);
-
- // list privileges with null group and roles
- Map<TSentryAuthorizable, TSentryPrivilegeMap> authPrivMap = client
- .listPrivilegsbyAuthorizable(user1, authorizableSet, null, null);
- assertEquals(expectedResults, authPrivMap);
-
- // list privileges with empty group set and null roles
- authPrivMap = client.listPrivilegsbyAuthorizable(user1, authorizableSet,
- new HashSet<String>(), null);
- assertEquals(expectedResults, authPrivMap);
-
- // list privileges with null group set and ALL roleset
- authPrivMap = client.listPrivilegsbyAuthorizable(user1, authorizableSet,
- null, new ActiveRoleSet(true));
- assertEquals(expectedResults, authPrivMap);
-
- // list privileges with user1's group set and null roles
- authPrivMap = client.listPrivilegsbyAuthorizable(user1, authorizableSet,
- userGroupNames1, null);
- assertEquals(expectedResults, authPrivMap);
-
- // list privileges with user1's group set and ALL roles
- authPrivMap = client.listPrivilegsbyAuthorizable(user1, authorizableSet,
- userGroupNames1, new ActiveRoleSet(true));
- assertEquals(expectedResults, authPrivMap);
-
- // list privileges with null group and user's specific roles with uppercase name
- authPrivMap = client.listPrivilegsbyAuthorizable(user1, authorizableSet,
- null, new ActiveRoleSet(Sets.newHashSet(roleName1.toUpperCase())));
- assertEquals(expectedResults, authPrivMap);
-
- // verify that user1 can't query group2
- try {
- client.listPrivilegsbyAuthorizable(user1, authorizableSet, userGroupNames2, null);
- fail("listPrivilegsbyAuthorizable() should fail for user1 accessing " + group2);
- } catch (SentryAccessDeniedException e) {
- // expected
- }
-
- // verify that user1 can't query role2
- ActiveRoleSet roleSet2 = new ActiveRoleSet(Sets.newHashSet(roleName2));
- try {
- client.listPrivilegsbyAuthorizable(user1, authorizableSet, null, roleSet2);
- fail("listPrivilegsbyAuthorizable() should fail for user1 accessing " + roleName2);
- } catch (SentryAccessDeniedException e) {
- // expected
- }
- }});
- }
-
- /**
- * Attempt to access a configuration value that is forbidden in getConfigVal
- * @param configVal The banned value
- * @param defaultVal A default to pass to getConfigValue
- * @throws Exception
- */
- private void checkBannedConfigVal(final String configVal, final String defaultVal)
- throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- try {
- client.getConfigValue(configVal, defaultVal);
- fail("Attempt to access " + configVal + " succeeded");
- } catch (SentryAccessDeniedException e) {
- assertTrue(e.toString().contains("was denied"));
- assertTrue(e.toString().contains(configVal));
- }
- }});
- }
-
- @Test
- public void testGetConfigVal() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- String val;
-
- // Basic success case
- val = client.getConfigValue("sentry.service.admin.group", "xxx");
- assertEquals(val, "admin_group");
-
- // Undefined value gets the default back
- val = client.getConfigValue("sentry.this.is.not.defined", "hello");
- assertEquals(val, "hello");
-
- // Undefined value and null default gets null back
- val = client.getConfigValue("sentry.this.is.not.defined", null);
- assertEquals(val, null);
-
- // Known config value with null default works as expected
- val = client.getConfigValue("sentry.service.admin.group", null);
- assertEquals(val, "admin_group");
-
- // Value that is forbidden (anything not starting with "sentry") dies
- checkBannedConfigVal("notsentry", "xxx");
-
- // Ditto with a null default
- checkBannedConfigVal("notsentry", null);
-
- // Values with .jdbc. are forbidden
- checkBannedConfigVal("sentry.xxx.jdbc.xxx", null);
-
- // Values with password are forbidden
- checkBannedConfigVal("sentry.xxx.password", null);
-
- // Attempt to get the location of the keytab also fails
- checkBannedConfigVal("sentry.service.server.keytab", null);
-
- }});
- }
-
- /* SENTRY-841 */
- @Test
- public void testGranRevokePrivilegeOnServerForRole() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- String roleName1 = "admin_r1";
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
-
- client.grantServerPrivilege(requestorUserName, roleName1, "server", false);
-
- Set<TSentryPrivilege> listPrivs = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege should be all:",listPrivs.iterator().next().getAction().equals("*"));
-
- client.revokeServerPrivilege(requestorUserName, roleName1, "server", false);
- listPrivs = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivs.size() == 0);
-
- }});
- }
-
- @Test
- public void testGranRevokePrivilegeWithoutAction() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- String roleName1 = "admin_r1";
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName1);
- client.createRole(requestorUserName, roleName1);
- client.grantServerPrivilege(requestorUserName, roleName1, "server1", false);
-
- Set<TSentryPrivilege> listPrivs = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege should be all:", listPrivs.iterator().next().getAction().equals("*"));
-
- client.revokeServerPrivilege(requestorUserName, roleName1, "server1", "ALL", false);
- listPrivs = client.listAllPrivilegesByRoleName(requestorUserName, roleName1);
- assertTrue("Privilege not correctly revoked !!", listPrivs.size() == 0);
-
- }});
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java
deleted file mode 100644
index 15eab15..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithInvalidMsgSize.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import com.google.common.collect.Sets;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.service.thrift.SentryServiceClientFactory;
-import org.apache.sentry.service.thrift.SentryServiceFactory;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.junit.Assert;
-import org.junit.Test;
-
-import java.util.Set;
-
-/**
- * Test sentry service with a larger message size than the server's or client's thrift max message size.
- */
-public class TestSentryServiceWithInvalidMsgSize extends SentryServiceIntegrationBase {
- private final Set<String> REQUESTER_USER_GROUP_NAMES = Sets.newHashSet(ADMIN_GROUP);
- private final String ROLE_NAME = "admin_r";
-
- /**
- * Test the case when the message size is larger than the client's thrift max message size.
- */
- @Test
- public void testClientWithSmallMaxMsgSize() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Configuration confWithSmallMaxMsgSize = new Configuration(conf);
- confWithSmallMaxMsgSize.setLong(ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE, 20);
- // create a client with a small thrift max message size
- SentryPolicyServiceClient clientWithSmallMaxMsgSize = SentryServiceClientFactory.create(confWithSmallMaxMsgSize);
-
- setLocalGroupMapping(ADMIN_USER, REQUESTER_USER_GROUP_NAMES);
- writePolicyFile();
-
- boolean exceptionThrown = false;
- try {
- // client throws exception when message size is larger than the client's thrift max message size.
- clientWithSmallMaxMsgSize.listRoles(ADMIN_USER);
- } catch (SentryUserException e) {
- exceptionThrown = true;
- Assert.assertTrue(e.getMessage().contains("Thrift exception occurred"));
- Assert.assertTrue(e.getCause().getMessage().contains("Length exceeded max allowed"));
- } finally {
- Assert.assertEquals(true, exceptionThrown);
- clientWithSmallMaxMsgSize.close();
- }
-
- // client can still talk with sentry server when message size is smaller.
- client.dropRoleIfExists(ADMIN_USER, ROLE_NAME);
- client.listRoles(ADMIN_USER);
- client.createRole(ADMIN_USER, ROLE_NAME);
- client.listRoles(ADMIN_USER);
- }
- });
- }
-
- /**
- * Test the case when the message size is larger than the server's thrift max message size.
- */
- @Test
- public void testServerWithSmallMaxMsgSize() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Configuration confWithSmallMaxMsgSize = new Configuration(conf);
- confWithSmallMaxMsgSize.setLong(ServiceConstants.ServerConfig.SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE,
- 50);
- stopSentryService();
-
- // create a server with a small max thrift message size
- server = new SentryServiceFactory().create(confWithSmallMaxMsgSize);
- startSentryService();
-
- setLocalGroupMapping(ADMIN_USER, REQUESTER_USER_GROUP_NAMES);
- writePolicyFile();
-
- // client can talk with server when message size is smaller.
- client.listRoles(ADMIN_USER);
- client.createRole(ADMIN_USER, ROLE_NAME);
-
- boolean exceptionThrown = false;
- try {
- // client throws exception when message size is larger than the server's thrift max message size.
- client.grantServerPrivilege(ADMIN_USER, ROLE_NAME, "server", false);
- } catch (SentryUserException e) {
- exceptionThrown = true;
- Assert.assertTrue(e.getMessage().contains("org.apache.thrift.transport.TTransportException"));
- } finally {
- Assert.assertEquals(true, exceptionThrown);
- }
-
- // client can still talk with sentry server when message size is smaller.
- Set<TSentryRole> roles = client.listRoles(ADMIN_USER);
- Assert.assertTrue(roles.size() == 1);
- Assert.assertEquals(ROLE_NAME, roles.iterator().next().getRoleName());
- }
- });
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java
deleted file mode 100644
index ff73382..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceWithKerberos.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-/**
- * Test various kerberos related stuff on the SentryService side
- */
-public class TestSentryServiceWithKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- SERVER_KERBEROS_NAME = "sentry/_HOST@" + REALM;
- SentryServiceIntegrationBase.setup();
- }
-
- @Override
- @Before
- public void before() throws Exception {
- }
-
- @Override
- @After
- public void after() {
- }
-
- /**
- * Test that we are correctly substituting "_HOST" if/when needed.
- *
- * @throws Exception
- */
- @Test
- public void testHostSubstitution() throws Exception {
- // We just need to ensure that we are able to correct connect to the server
- connectToSentryService();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java
deleted file mode 100644
index ece2ee8..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithKerberos.java
+++ /dev/null
@@ -1,136 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import static org.junit.Assert.fail;
-
-import java.io.File;
-import java.net.HttpURLConnection;
-import java.net.URL;
-import java.security.PrivilegedExceptionAction;
-import java.util.HashSet;
-
-import javax.security.auth.Subject;
-import javax.security.auth.kerberos.KerberosPrincipal;
-import javax.security.auth.login.LoginContext;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.hadoop.security.authentication.client.AuthenticatedURL;
-import org.apache.hadoop.security.authentication.client.AuthenticationException;
-import org.apache.hadoop.security.authentication.client.KerberosAuthenticator;
-import org.apache.sentry.service.thrift.KerberosConfiguration;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Sets;
-
-public class TestSentryWebServerWithKerberos extends SentryServiceIntegrationBase {
-
- private static Logger LOG = LoggerFactory.getLogger(TestSentryWebServerWithKerberos.class);
-
- @BeforeClass
- public static void setup() throws Exception {
- webServerEnabled = true;
- webSecurity = true;
- SentryServiceIntegrationBase.setup();
- }
-
- @Override
- @Before
- public void before() throws Exception {
- }
-
- @Override
- @After
- public void after() {
- }
-
- @Test
- public void testPing() throws Exception {
- clientUgi.doAs(new PrivilegedExceptionAction<Void>() {
- @Override
- public Void run() throws Exception {
- final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
- HttpURLConnection conn = new AuthenticatedURL(new KerberosAuthenticator()).
- openConnection(url, new AuthenticatedURL.Token());
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
- String response = IOUtils.toString(conn.getInputStream());
- Assert.assertEquals("pong\n", response);
- return null;
- }} );
- }
-
- @Test
- public void testPingWithoutSubject() throws Exception {
- final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
- try {
- new AuthenticatedURL(new KerberosAuthenticator()).openConnection(url, new AuthenticatedURL.Token());
- fail("Here should fail.");
- } catch (Exception e) {
- boolean isExpectError = e.getMessage().contains("No valid credentials provided");
- Assert.assertTrue("Here should fail by 'No valid credentials provided'," +
- " but the exception is:" + e, isExpectError);
- }
- }
-
- @Test
- public void testPingUsingHttpURLConnection() throws Exception {
- final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_UNAUTHORIZED, conn.getResponseCode());
- String errorMessage = IOUtils.toString(conn.getErrorStream());
- Assert.assertTrue(errorMessage.contains("Authentication required"));
- }
-
- @Test
- public void testPingWithUnauthorizedUser() throws Exception {
- // create an unauthorized User with Kerberos
- String userPrinciple = "user/" + SERVER_HOST;
- String userKerberosName = userPrinciple + "@" + REALM;
- Subject userSubject = new Subject(false, Sets.newHashSet(
- new KerberosPrincipal(userKerberosName)), new HashSet<Object>(),new HashSet<Object>());
- File userKeytab = new File(kdcWorkDir, "user.keytab");
- kdc.createPrincipal(userKeytab, userPrinciple);
- LoginContext userLoginContext = new LoginContext("", userSubject, null,
- KerberosConfiguration.createClientConfig(userKerberosName, userKeytab));
- userLoginContext.login();
- Subject.doAs(userLoginContext.getSubject(), new PrivilegedExceptionAction<Void>() {
- @Override
- public Void run() throws Exception {
- final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
- try {
- new AuthenticatedURL(new KerberosAuthenticator()).openConnection(url, new AuthenticatedURL.Token());
- fail("Here should fail.");
- } catch (AuthenticationException e) {
- String expectedError = "status code: 403";
- if (!e.getMessage().contains(expectedError)) {
- LOG.error("UnexpectedError: " + e.getMessage(), e);
- fail("UnexpectedError: " + e.getMessage());
- }
- }
- return null;
- }
- });
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithSSL.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithSSL.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithSSL.java
deleted file mode 100644
index d1d0b4b..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithSSL.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import com.google.common.io.Resources;
-import org.apache.commons.io.IOUtils;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.*;
-
-import javax.net.ssl.HttpsURLConnection;
-import java.net.URL;
-import java.util.Properties;
-
-/**
- * Test sentry web server when ssl is enabled.
- */
-public class TestSentryWebServerWithSSL extends SentryServiceIntegrationBase {
- @BeforeClass
- public static void setup() throws Exception {
- webServerEnabled = true;
- webSecurity = false;
- useSSL = true;
- SentryServiceIntegrationBase.setup();
- }
-
- @Test
- public void testPing() throws Exception {
- final URL url = new URL("https://"+ SERVER_HOST + ":" + webServerPort + "/ping");
- Properties systemProps = System.getProperties();
- systemProps.put( "javax.net.ssl.trustStore", Resources.getResource("cacerts.jks").getPath());
- System.setProperties(systemProps);
- HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
- Assert.assertEquals(HttpsURLConnection.HTTP_OK, conn.getResponseCode());
- String response = IOUtils.toString(conn.getInputStream());
- Assert.assertEquals("pong\n", response);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java
deleted file mode 100644
index 4a913e5..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryWebServerWithoutSecurity.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.net.HttpURLConnection;
-import java.net.URL;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class TestSentryWebServerWithoutSecurity extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setup() throws Exception {
- webServerEnabled = true;
- webSecurity = false;
- SentryServiceIntegrationBase.setup();
- }
-
- @Override
- @Before
- public void before() throws Exception {
- }
-
- @Override
- @After
- public void after() {
- }
-
- @Test
- public void testPing() throws Exception {
- final URL url = new URL("http://"+ SERVER_HOST + ":" + webServerPort + "/ping");
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
- String response = IOUtils.toString(conn.getInputStream());
- Assert.assertEquals("pong\n", response);
- }
-
- @Test
- public void testConf() throws Exception {
- // test bad format
- final URL url = new URL("http://" + SERVER_HOST + ":" + webServerPort + "/conf?"
- + ConfServlet.FORMAT_PARAM + "=badformat");
- HttpURLConnection conn = (HttpURLConnection) url.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_BAD_REQUEST, conn.getResponseCode());
-
- // test json format
- final URL url1 = new URL("http://" + SERVER_HOST + ":" + webServerPort + "/conf?"
- + ConfServlet.FORMAT_PARAM +"=" + ConfServlet.FORMAT_JSON);
- conn = (HttpURLConnection) url1.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
-
- // test xml format
- final URL url2 = new URL("http://" + SERVER_HOST + ":" + webServerPort + "/conf?"
- + ConfServlet.FORMAT_PARAM +"=" + ConfServlet.FORMAT_XML);
- conn = (HttpURLConnection) url2.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
- String xmlResponse = IOUtils.toString(conn.getInputStream());
-
- // test default is xml format
- final URL url3 = new URL("http://" + SERVER_HOST + ":" + webServerPort + "/conf");
- conn = (HttpURLConnection) url3.openConnection();
- Assert.assertEquals(HttpURLConnection.HTTP_OK, conn.getResponseCode());
- String defaultResponse = IOUtils.toString(conn.getInputStream());
- Assert.assertEquals(xmlResponse, defaultResponse);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentrySchemaTool.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentrySchemaTool.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentrySchemaTool.java
deleted file mode 100644
index 68abf27..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/tools/TestSentrySchemaTool.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.tools;
-
-import java.io.File;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.service.persistent.SentryStoreSchemaInfo;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.common.io.Files;
-
-public class TestSentrySchemaTool {
- private Configuration sentryConf;
- private SentrySchemaTool schemaTool;
-
- private static final String OLDEST_INIT_VERSION = "1.4.0";
-
- @Before
- public void defaultSetup() throws Exception {
- sentryConf = new Configuration();
- File dbDir = new File(Files.createTempDir(), "sentry_policy_db");
- sentryConf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
- "jdbc:derby:;databaseName=" + dbDir.getPath() + ";create=true");
- sentryConf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
- schemaTool = new SentrySchemaTool("./src/main/resources", sentryConf,
- "derby");
- }
-
- private void nonDefaultsetup() throws Exception {
- sentryConf = new Configuration();
- File dbDir = new File(Files.createTempDir(), "sentry_policy_db");
- sentryConf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
- "jdbc:derby:;databaseName=" + dbDir.getPath() + ";create=true");
- sentryConf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
- schemaTool = new SentrySchemaTool("./src/main/resources", sentryConf,
- "derby");
- }
-
- @Test
- public void testInitNonDefault() throws Exception {
- nonDefaultsetup();
- schemaTool.doInit();
- schemaTool.verifySchemaVersion();
- }
-
- @Test
- public void testInit() throws Exception {
- schemaTool.doInit();
- schemaTool.verifySchemaVersion();
- }
-
- @Test
- public void testInitTo() throws Exception {
- schemaTool.doInit(SentryStoreSchemaInfo.getSentryVersion());
- schemaTool.verifySchemaVersion();
- }
-
- @Test(expected = SentryUserException.class)
- public void testDryRun() throws Exception {
- schemaTool.setDryRun(true);
- schemaTool.doInit();
- schemaTool.setDryRun(false);
- // verification should fail since dryRun didn't create the actual schema
- schemaTool.verifySchemaVersion();
- }
-
- @Test
- public void testUpgrade() throws Exception {
- schemaTool.doInit(OLDEST_INIT_VERSION);
- schemaTool.doUpgrade();
- schemaTool.verifySchemaVersion();
- }
-
-}
[39/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
deleted file mode 100644
index 521a7db..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
+++ /dev/null
@@ -1,15564 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class SentryPolicyService {
-
- public interface Iface {
-
- public TCreateSentryRoleResponse create_sentry_role(TCreateSentryRoleRequest request) throws org.apache.thrift.TException;
-
- public TDropSentryRoleResponse drop_sentry_role(TDropSentryRoleRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleAddUsersResponse alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleDeleteUsersResponse alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request) throws org.apache.thrift.TException;
-
- public TListSentryRolesResponse list_sentry_roles_by_group(TListSentryRolesRequest request) throws org.apache.thrift.TException;
-
- public TListSentryRolesResponse list_sentry_roles_by_user(TListSentryRolesForUserRequest request) throws org.apache.thrift.TException;
-
- public TListSentryPrivilegesResponse list_sentry_privileges_by_role(TListSentryPrivilegesRequest request) throws org.apache.thrift.TException;
-
- public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException;
-
- public TDropPrivilegesResponse drop_sentry_privilege(TDropPrivilegesRequest request) throws org.apache.thrift.TException;
-
- public TRenamePrivilegesResponse rename_sentry_privilege(TRenamePrivilegesRequest request) throws org.apache.thrift.TException;
-
- public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException;
-
- public TSentryConfigValueResponse get_sentry_config_value(TSentryConfigValueRequest request) throws org.apache.thrift.TException;
-
- public TSentryExportMappingDataResponse export_sentry_mapping_data(TSentryExportMappingDataRequest request) throws org.apache.thrift.TException;
-
- public TSentryImportMappingDataResponse import_sentry_mapping_data(TSentryImportMappingDataRequest request) throws org.apache.thrift.TException;
-
- }
-
- public interface AsyncIface {
-
- public void create_sentry_role(TCreateSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void drop_sentry_role(TDropSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_roles_by_group(TListSentryRolesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_roles_by_user(TListSentryRolesForUserRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_privileges_by_role(TListSentryPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void drop_sentry_privilege(TDropPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void rename_sentry_privilege(TRenamePrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void get_sentry_config_value(TSentryConfigValueRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void export_sentry_mapping_data(TSentryExportMappingDataRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void import_sentry_mapping_data(TSentryImportMappingDataRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- }
-
- public static class Client extends org.apache.thrift.TServiceClient implements Iface {
- public static class Factory implements org.apache.thrift.TServiceClientFactory<Client> {
- public Factory() {}
- public Client getClient(org.apache.thrift.protocol.TProtocol prot) {
- return new Client(prot);
- }
- public Client getClient(org.apache.thrift.protocol.TProtocol iprot, org.apache.thrift.protocol.TProtocol oprot) {
- return new Client(iprot, oprot);
- }
- }
-
- public Client(org.apache.thrift.protocol.TProtocol prot)
- {
- super(prot, prot);
- }
-
- public Client(org.apache.thrift.protocol.TProtocol iprot, org.apache.thrift.protocol.TProtocol oprot) {
- super(iprot, oprot);
- }
-
- public TCreateSentryRoleResponse create_sentry_role(TCreateSentryRoleRequest request) throws org.apache.thrift.TException
- {
- send_create_sentry_role(request);
- return recv_create_sentry_role();
- }
-
- public void send_create_sentry_role(TCreateSentryRoleRequest request) throws org.apache.thrift.TException
- {
- create_sentry_role_args args = new create_sentry_role_args();
- args.setRequest(request);
- sendBase("create_sentry_role", args);
- }
-
- public TCreateSentryRoleResponse recv_create_sentry_role() throws org.apache.thrift.TException
- {
- create_sentry_role_result result = new create_sentry_role_result();
- receiveBase(result, "create_sentry_role");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "create_sentry_role failed: unknown result");
- }
-
- public TDropSentryRoleResponse drop_sentry_role(TDropSentryRoleRequest request) throws org.apache.thrift.TException
- {
- send_drop_sentry_role(request);
- return recv_drop_sentry_role();
- }
-
- public void send_drop_sentry_role(TDropSentryRoleRequest request) throws org.apache.thrift.TException
- {
- drop_sentry_role_args args = new drop_sentry_role_args();
- args.setRequest(request);
- sendBase("drop_sentry_role", args);
- }
-
- public TDropSentryRoleResponse recv_drop_sentry_role() throws org.apache.thrift.TException
- {
- drop_sentry_role_result result = new drop_sentry_role_result();
- receiveBase(result, "drop_sentry_role");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "drop_sentry_role failed: unknown result");
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_grant_privilege(request);
- return recv_alter_sentry_role_grant_privilege();
- }
-
- public void send_alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_grant_privilege_args args = new alter_sentry_role_grant_privilege_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_grant_privilege", args);
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse recv_alter_sentry_role_grant_privilege() throws org.apache.thrift.TException
- {
- alter_sentry_role_grant_privilege_result result = new alter_sentry_role_grant_privilege_result();
- receiveBase(result, "alter_sentry_role_grant_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_grant_privilege failed: unknown result");
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_revoke_privilege(request);
- return recv_alter_sentry_role_revoke_privilege();
- }
-
- public void send_alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_revoke_privilege_args args = new alter_sentry_role_revoke_privilege_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_revoke_privilege", args);
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse recv_alter_sentry_role_revoke_privilege() throws org.apache.thrift.TException
- {
- alter_sentry_role_revoke_privilege_result result = new alter_sentry_role_revoke_privilege_result();
- receiveBase(result, "alter_sentry_role_revoke_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_revoke_privilege failed: unknown result");
- }
-
- public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_add_groups(request);
- return recv_alter_sentry_role_add_groups();
- }
-
- public void send_alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_add_groups_args args = new alter_sentry_role_add_groups_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_add_groups", args);
- }
-
- public TAlterSentryRoleAddGroupsResponse recv_alter_sentry_role_add_groups() throws org.apache.thrift.TException
- {
- alter_sentry_role_add_groups_result result = new alter_sentry_role_add_groups_result();
- receiveBase(result, "alter_sentry_role_add_groups");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_add_groups failed: unknown result");
- }
-
- public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_delete_groups(request);
- return recv_alter_sentry_role_delete_groups();
- }
-
- public void send_alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_delete_groups_args args = new alter_sentry_role_delete_groups_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_delete_groups", args);
- }
-
- public TAlterSentryRoleDeleteGroupsResponse recv_alter_sentry_role_delete_groups() throws org.apache.thrift.TException
- {
- alter_sentry_role_delete_groups_result result = new alter_sentry_role_delete_groups_result();
- receiveBase(result, "alter_sentry_role_delete_groups");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_delete_groups failed: unknown result");
- }
-
- public TAlterSentryRoleAddUsersResponse alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_add_users(request);
- return recv_alter_sentry_role_add_users();
- }
-
- public void send_alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_add_users_args args = new alter_sentry_role_add_users_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_add_users", args);
- }
-
- public TAlterSentryRoleAddUsersResponse recv_alter_sentry_role_add_users() throws org.apache.thrift.TException
- {
- alter_sentry_role_add_users_result result = new alter_sentry_role_add_users_result();
- receiveBase(result, "alter_sentry_role_add_users");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_add_users failed: unknown result");
- }
-
- public TAlterSentryRoleDeleteUsersResponse alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_delete_users(request);
- return recv_alter_sentry_role_delete_users();
- }
-
- public void send_alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_delete_users_args args = new alter_sentry_role_delete_users_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_delete_users", args);
- }
-
- public TAlterSentryRoleDeleteUsersResponse recv_alter_sentry_role_delete_users() throws org.apache.thrift.TException
- {
- alter_sentry_role_delete_users_result result = new alter_sentry_role_delete_users_result();
- receiveBase(result, "alter_sentry_role_delete_users");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_delete_users failed: unknown result");
- }
-
- public TListSentryRolesResponse list_sentry_roles_by_group(TListSentryRolesRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_roles_by_group(request);
- return recv_list_sentry_roles_by_group();
- }
-
- public void send_list_sentry_roles_by_group(TListSentryRolesRequest request) throws org.apache.thrift.TException
- {
- list_sentry_roles_by_group_args args = new list_sentry_roles_by_group_args();
- args.setRequest(request);
- sendBase("list_sentry_roles_by_group", args);
- }
-
- public TListSentryRolesResponse recv_list_sentry_roles_by_group() throws org.apache.thrift.TException
- {
- list_sentry_roles_by_group_result result = new list_sentry_roles_by_group_result();
- receiveBase(result, "list_sentry_roles_by_group");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_roles_by_group failed: unknown result");
- }
-
- public TListSentryRolesResponse list_sentry_roles_by_user(TListSentryRolesForUserRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_roles_by_user(request);
- return recv_list_sentry_roles_by_user();
- }
-
- public void send_list_sentry_roles_by_user(TListSentryRolesForUserRequest request) throws org.apache.thrift.TException
- {
- list_sentry_roles_by_user_args args = new list_sentry_roles_by_user_args();
- args.setRequest(request);
- sendBase("list_sentry_roles_by_user", args);
- }
-
- public TListSentryRolesResponse recv_list_sentry_roles_by_user() throws org.apache.thrift.TException
- {
- list_sentry_roles_by_user_result result = new list_sentry_roles_by_user_result();
- receiveBase(result, "list_sentry_roles_by_user");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_roles_by_user failed: unknown result");
- }
-
- public TListSentryPrivilegesResponse list_sentry_privileges_by_role(TListSentryPrivilegesRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_privileges_by_role(request);
- return recv_list_sentry_privileges_by_role();
- }
-
- public void send_list_sentry_privileges_by_role(TListSentryPrivilegesRequest request) throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_role_args args = new list_sentry_privileges_by_role_args();
- args.setRequest(request);
- sendBase("list_sentry_privileges_by_role", args);
- }
-
- public TListSentryPrivilegesResponse recv_list_sentry_privileges_by_role() throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_role_result result = new list_sentry_privileges_by_role_result();
- receiveBase(result, "list_sentry_privileges_by_role");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_by_role failed: unknown result");
- }
-
- public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_privileges_for_provider(request);
- return recv_list_sentry_privileges_for_provider();
- }
-
- public void send_list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException
- {
- list_sentry_privileges_for_provider_args args = new list_sentry_privileges_for_provider_args();
- args.setRequest(request);
- sendBase("list_sentry_privileges_for_provider", args);
- }
-
- public TListSentryPrivilegesForProviderResponse recv_list_sentry_privileges_for_provider() throws org.apache.thrift.TException
- {
- list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
- receiveBase(result, "list_sentry_privileges_for_provider");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_for_provider failed: unknown result");
- }
-
- public TDropPrivilegesResponse drop_sentry_privilege(TDropPrivilegesRequest request) throws org.apache.thrift.TException
- {
- send_drop_sentry_privilege(request);
- return recv_drop_sentry_privilege();
- }
-
- public void send_drop_sentry_privilege(TDropPrivilegesRequest request) throws org.apache.thrift.TException
- {
- drop_sentry_privilege_args args = new drop_sentry_privilege_args();
- args.setRequest(request);
- sendBase("drop_sentry_privilege", args);
- }
-
- public TDropPrivilegesResponse recv_drop_sentry_privilege() throws org.apache.thrift.TException
- {
- drop_sentry_privilege_result result = new drop_sentry_privilege_result();
- receiveBase(result, "drop_sentry_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "drop_sentry_privilege failed: unknown result");
- }
-
- public TRenamePrivilegesResponse rename_sentry_privilege(TRenamePrivilegesRequest request) throws org.apache.thrift.TException
- {
- send_rename_sentry_privilege(request);
- return recv_rename_sentry_privilege();
- }
-
- public void send_rename_sentry_privilege(TRenamePrivilegesRequest request) throws org.apache.thrift.TException
- {
- rename_sentry_privilege_args args = new rename_sentry_privilege_args();
- args.setRequest(request);
- sendBase("rename_sentry_privilege", args);
- }
-
- public TRenamePrivilegesResponse recv_rename_sentry_privilege() throws org.apache.thrift.TException
- {
- rename_sentry_privilege_result result = new rename_sentry_privilege_result();
- receiveBase(result, "rename_sentry_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "rename_sentry_privilege failed: unknown result");
- }
-
- public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_privileges_by_authorizable(request);
- return recv_list_sentry_privileges_by_authorizable();
- }
-
- public void send_list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_authorizable_args args = new list_sentry_privileges_by_authorizable_args();
- args.setRequest(request);
- sendBase("list_sentry_privileges_by_authorizable", args);
- }
-
- public TListSentryPrivilegesByAuthResponse recv_list_sentry_privileges_by_authorizable() throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
- receiveBase(result, "list_sentry_privileges_by_authorizable");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_by_authorizable failed: unknown result");
- }
-
- public TSentryConfigValueResponse get_sentry_config_value(TSentryConfigValueRequest request) throws org.apache.thrift.TException
- {
- send_get_sentry_config_value(request);
- return recv_get_sentry_config_value();
- }
-
- public void send_get_sentry_config_value(TSentryConfigValueRequest request) throws org.apache.thrift.TException
- {
- get_sentry_config_value_args args = new get_sentry_config_value_args();
- args.setRequest(request);
- sendBase("get_sentry_config_value", args);
- }
-
- public TSentryConfigValueResponse recv_get_sentry_config_value() throws org.apache.thrift.TException
- {
- get_sentry_config_value_result result = new get_sentry_config_value_result();
- receiveBase(result, "get_sentry_config_value");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "get_sentry_config_value failed: unknown result");
- }
-
- public TSentryExportMappingDataResponse export_sentry_mapping_data(TSentryExportMappingDataRequest request) throws org.apache.thrift.TException
- {
- send_export_sentry_mapping_data(request);
- return recv_export_sentry_mapping_data();
- }
-
- public void send_export_sentry_mapping_data(TSentryExportMappingDataRequest request) throws org.apache.thrift.TException
- {
- export_sentry_mapping_data_args args = new export_sentry_mapping_data_args();
- args.setRequest(request);
- sendBase("export_sentry_mapping_data", args);
- }
-
- public TSentryExportMappingDataResponse recv_export_sentry_mapping_data() throws org.apache.thrift.TException
- {
- export_sentry_mapping_data_result result = new export_sentry_mapping_data_result();
- receiveBase(result, "export_sentry_mapping_data");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "export_sentry_mapping_data failed: unknown result");
- }
-
- public TSentryImportMappingDataResponse import_sentry_mapping_data(TSentryImportMappingDataRequest request) throws org.apache.thrift.TException
- {
- send_import_sentry_mapping_data(request);
- return recv_import_sentry_mapping_data();
- }
-
- public void send_import_sentry_mapping_data(TSentryImportMappingDataRequest request) throws org.apache.thrift.TException
- {
- import_sentry_mapping_data_args args = new import_sentry_mapping_data_args();
- args.setRequest(request);
- sendBase("import_sentry_mapping_data", args);
- }
-
- public TSentryImportMappingDataResponse recv_import_sentry_mapping_data() throws org.apache.thrift.TException
- {
- import_sentry_mapping_data_result result = new import_sentry_mapping_data_result();
- receiveBase(result, "import_sentry_mapping_data");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "import_sentry_mapping_data failed: unknown result");
- }
-
- }
- public static class AsyncClient extends org.apache.thrift.async.TAsyncClient implements AsyncIface {
- public static class Factory implements org.apache.thrift.async.TAsyncClientFactory<AsyncClient> {
- private org.apache.thrift.async.TAsyncClientManager clientManager;
- private org.apache.thrift.protocol.TProtocolFactory protocolFactory;
- public Factory(org.apache.thrift.async.TAsyncClientManager clientManager, org.apache.thrift.protocol.TProtocolFactory protocolFactory) {
- this.clientManager = clientManager;
- this.protocolFactory = protocolFactory;
- }
- public AsyncClient getAsyncClient(org.apache.thrift.transport.TNonblockingTransport transport) {
- return new AsyncClient(protocolFactory, clientManager, transport);
- }
- }
-
- public AsyncClient(org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.async.TAsyncClientManager clientManager, org.apache.thrift.transport.TNonblockingTransport transport) {
- super(protocolFactory, clientManager, transport);
- }
-
- public void create_sentry_role(TCreateSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- create_sentry_role_call method_call = new create_sentry_role_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class create_sentry_role_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TCreateSentryRoleRequest request;
- public create_sentry_role_call(TCreateSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("create_sentry_role", org.apache.thrift.protocol.TMessageType.CALL, 0));
- create_sentry_role_args args = new create_sentry_role_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TCreateSentryRoleResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_create_sentry_role();
- }
- }
-
- public void drop_sentry_role(TDropSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- drop_sentry_role_call method_call = new drop_sentry_role_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class drop_sentry_role_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TDropSentryRoleRequest request;
- public drop_sentry_role_call(TDropSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("drop_sentry_role", org.apache.thrift.protocol.TMessageType.CALL, 0));
- drop_sentry_role_args args = new drop_sentry_role_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TDropSentryRoleResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_drop_sentry_role();
- }
- }
-
- public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_grant_privilege_call method_call = new alter_sentry_role_grant_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_grant_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleGrantPrivilegeRequest request;
- public alter_sentry_role_grant_privilege_call(TAlterSentryRoleGrantPrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_grant_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_grant_privilege_args args = new alter_sentry_role_grant_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_grant_privilege();
- }
- }
-
- public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_revoke_privilege_call method_call = new alter_sentry_role_revoke_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_revoke_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleRevokePrivilegeRequest request;
- public alter_sentry_role_revoke_privilege_call(TAlterSentryRoleRevokePrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_revoke_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_revoke_privilege_args args = new alter_sentry_role_revoke_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_revoke_privilege();
- }
- }
-
- public void alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_add_groups_call method_call = new alter_sentry_role_add_groups_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_add_groups_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleAddGroupsRequest request;
- public alter_sentry_role_add_groups_call(TAlterSentryRoleAddGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_add_groups", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_add_groups_args args = new alter_sentry_role_add_groups_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleAddGroupsResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_add_groups();
- }
- }
-
- public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_delete_groups_call method_call = new alter_sentry_role_delete_groups_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_delete_groups_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleDeleteGroupsRequest request;
- public alter_sentry_role_delete_groups_call(TAlterSentryRoleDeleteGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_delete_groups", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_delete_groups_args args = new alter_sentry_role_delete_groups_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleDeleteGroupsResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_delete_groups();
- }
- }
-
- public void alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_add_users_call method_call = new alter_sentry_role_add_users_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_add_users_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleAddUsersRequest request;
- public alter_sentry_role_add_users_call(TAlterSentryRoleAddUsersRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_add_users", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_add_users_args args = new alter_sentry_role_add_users_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleAddUsersResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_add_users();
- }
- }
-
- public void alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_delete_users_call method_call = new alter_sentry_role_delete_users_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_delete_users_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleDeleteUsersRequest request;
- public alter_sentry_role_delete_users_call(TAlterSentryRoleDeleteUsersRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_delete_users", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_delete_users_args args = new alter_sentry_role_delete_users_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleDeleteUsersResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_delete_users();
- }
- }
-
- public void list_sentry_roles_by_group(TListSentryRolesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_roles_by_group_call method_call = new list_sentry_roles_by_group_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_roles_by_group_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryRolesRequest request;
- public list_sentry_roles_by_group_call(TListSentryRolesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_roles_by_group", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_roles_by_group_args args = new list_sentry_roles_by_group_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryRolesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_roles_by_group();
- }
- }
-
- public void list_sentry_roles_by_user(TListSentryRolesForUserRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_roles_by_user_call method_call = new list_sentry_roles_by_user_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_roles_by_user_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryRolesForUserRequest request;
- public list_sentry_roles_by_user_call(TListSentryRolesForUserRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_roles_by_user", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_roles_by_user_args args = new list_sentry_roles_by_user_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryRolesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_roles_by_user();
- }
- }
-
- public void list_sentry_privileges_by_role(TListSentryPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_privileges_by_role_call method_call = new list_sentry_privileges_by_role_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_privileges_by_role_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryPrivilegesRequest request;
- public list_sentry_privileges_by_role_call(TListSentryPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_by_role", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_privileges_by_role_args args = new list_sentry_privileges_by_role_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryPrivilegesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_privileges_by_role();
- }
- }
-
- public void list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_privileges_for_provider_call method_call = new list_sentry_privileges_for_provider_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_privileges_for_provider_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryPrivilegesForProviderRequest request;
- public list_sentry_privileges_for_provider_call(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_for_provider", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_privileges_for_provider_args args = new list_sentry_privileges_for_provider_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryPrivilegesForProviderResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_privileges_for_provider();
- }
- }
-
- public void drop_sentry_privilege(TDropPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- drop_sentry_privilege_call method_call = new drop_sentry_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class drop_sentry_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TDropPrivilegesRequest request;
- public drop_sentry_privilege_call(TDropPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("drop_sentry_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- drop_sentry_privilege_args args = new drop_sentry_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TDropPrivilegesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_drop_sentry_privilege();
- }
- }
-
- public void rename_sentry_privilege(TRenamePrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- rename_sentry_privilege_call method_call = new rename_sentry_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class rename_sentry_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TRenamePrivilegesRequest request;
- public rename_sentry_privilege_call(TRenamePrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("rename_sentry_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- rename_sentry_privilege_args args = new rename_sentry_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TRenamePrivilegesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_rename_sentry_privilege();
- }
- }
-
- public void list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_privileges_by_authorizable_call method_call = new list_sentry_privileges_by_authorizable_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_privileges_by_authorizable_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryPrivilegesByAuthRequest request;
- public list_sentry_privileges_by_authorizable_call(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_by_authorizable", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_privileges_by_authorizable_args args = new list_sentry_privileges_by_authorizable_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryPrivilegesByAuthResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_privileges_by_authorizable();
- }
- }
-
- public void get_sentry_config_value(TSentryConfigValueRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- get_sentry_config_value_call method_call = new get_sentry_config_value_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class get_sentry_config_value_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TSentryConfigValueRequest request;
- public get_sentry_config_value_call(TSentryConfigValueRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("get_sentry_config_value", org.apache.thrift.protocol.TMessageType.CALL, 0));
- get_sentry_config_value_args args = new get_sentry_config_value_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TSentryConfigValueResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_get_sentry_config_value();
- }
- }
-
- public void export_sentry_mapping_data(TSentryExportMappingDataRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- export_sentry_mapping_data_call method_call = new export_sentry_mapping_data_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class export_sentry_mapping_data_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TSentryExportMappingDataRequest request;
- public export_sentry_mapping_data_call(TSentryExportMappingDataRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("export_sentry_mapping_data", org.apache.thrift.protocol.TMessageType.CALL, 0));
- export_sentry_mapping_data_args args = new export_sentry_mapping_data_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TSentryExportMappingDataResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_export_sentry_mapping_data();
- }
- }
-
- public void import_sentry_mapping_data(TSentryImportMappingDataRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- import_sentry_mapping_data_call method_call = new import_sentry_mapping_data_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class import_sentry_mapping_data_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TSentryImportMappingDataRequest request;
- public import_sentry_mapping_data_call(TSentryImportMappingDataRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("import_sentry_mapping_data", org.apache.thrift.protocol.TMessageType.CALL, 0));
- import_sentry_mapping_data_args args = new import_sentry_mapping_data_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TSentryImportMappingDataResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_import_sentry_mapping_data();
- }
- }
-
- }
-
- public static class Processor<I extends Iface> extends org.apache.thrift.TBaseProcessor<I> implements org.apache.thrift.TProcessor {
- private static final Logger LOGGER = LoggerFactory.getLogger(Processor.class.getName());
- public Processor(I iface) {
- super(iface, getProcessMap(new HashMap<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>>()));
- }
-
- protected Processor(I iface, Map<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>> processMap) {
- super(iface, getProcessMap(processMap));
- }
-
- private static <I extends Iface> Map<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>> getProcessMap(Map<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>> processMap) {
- processMap.put("create_sentry_role", new create_sentry_role());
- processMap.put("drop_sentry_role", new drop_sentry_role());
- processMap.put("alter_sentry_role_grant_privilege", new alter_sentry_role_grant_privilege());
- processMap.put("alter_sentry_role_revoke_privilege", new alter_sentry_role_revoke_privilege());
- processMap.put("alter_sentry_role_add_groups", new alter_sentry_role_add_groups());
- processMap.put("alter_sentry_role_delete_groups", new alter_sentry_role_delete_groups());
- processMap.put("alter_sentry_role_add_users", new alter_sentry_role_add_users());
- processMap.put("alter_sentry_role_delete_users", new alter_sentry_role_delete_users());
- processMap.put("list_sentry_roles_by_group", new list_sentry_roles_by_group());
- processMap.put("list_sentry_roles_by_user", new list_sentry_roles_by_user());
- processMap.put("list_sentry_privileges_by_role", new list_sentry_privileges_by_role());
- processMap.put("list_sentry_privileges_for_provider", new list_sentry_privileges_for_provider());
- processMap.put("drop_sentry_privilege", new drop_sentry_privilege());
- processMap.put("rename_sentry_privilege", new rename_sentry_privilege());
- processMap.put("list_sentry_privileges_by_authorizable", new list_sentry_privileges_by_authorizable());
- processMap.put("get_sentry_config_value", new get_sentry_config_value());
- processMap.put("export_sentry_mapping_data", new export_sentry_mapping_data());
- processMap.put("import_sentry_mapping_data", new import_sentry_mapping_data());
- return processMap;
- }
-
- public static class create_sentry_role<I extends Iface> extends org.apache.thrift.ProcessFunction<I, create_sentry_role_args> {
- public create_sentry_role() {
- super("create_sentry_role");
- }
-
- public create_sentry_role_args getEmptyArgsInstance() {
- return new create_sentry_role_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public create_sentry_role_result getResult(I iface, create_sentry_role_args args) throws org.apache.thrift.TException {
- create_sentry_role_result result = new create_sentry_role_result();
- result.success = iface.create_sentry_role(args.request);
- return result;
- }
- }
-
- public static class drop_sentry_role<I extends Iface> extends org.apache.thrift.ProcessFunction<I, drop_sentry_role_args> {
- public drop_sentry_role() {
- super("drop_sentry_role");
- }
-
- public drop_sentry_role_args getEmptyArgsInstance() {
- return new drop_sentry_role_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public drop_sentry_role_result getResult(I iface, drop_sentry_role_args args) throws org.apache.thrift.TException {
- drop_sentry_role_result result = new drop_sentry_role_result();
- result.success = iface.drop_sentry_role(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_grant_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_grant_privilege_args> {
- public alter_sentry_role_grant_privilege() {
- super("alter_sentry_role_grant_privilege");
- }
-
- public alter_sentry_role_grant_privilege_args getEmptyArgsInstance() {
- return new alter_sentry_role_grant_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_grant_privilege_result getResult(I iface, alter_sentry_role_grant_privilege_args args) throws org.apache.thrift.TException {
- alter_sentry_role_grant_privilege_result result = new alter_sentry_role_grant_privilege_result();
- result.success = iface.alter_sentry_role_grant_privilege(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_revoke_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_revoke_privilege_args> {
- public alter_sentry_role_revoke_privilege() {
- super("alter_sentry_role_revoke_privilege");
- }
-
- public alter_sentry_role_revoke_privilege_args getEmptyArgsInstance() {
- return new alter_sentry_role_revoke_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_revoke_privilege_result getResult(I iface, alter_sentry_role_revoke_privilege_args args) throws org.apache.thrift.TException {
- alter_sentry_role_revoke_privilege_result result = new alter_sentry_role_revoke_privilege_result();
- result.success = iface.alter_sentry_role_revoke_privilege(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_add_groups<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_add_groups_args> {
- public alter_sentry_role_add_groups() {
- super("alter_sentry_role_add_groups");
- }
-
- public alter_sentry_role_add_groups_args getEmptyArgsInstance() {
- return new alter_sentry_role_add_groups_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_add_groups_result getResult(I iface, alter_sentry_role_add_groups_args args) throws org.apache.thrift.TException {
- alter_sentry_role_add_groups_result result = new alter_sentry_role_add_groups_result();
- result.success = iface.alter_sentry_role_add_groups(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_delete_groups<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_delete_groups_args> {
- public alter_sentry_role_delete_groups() {
- super("alter_sentry_role_delete_groups");
- }
-
- public alter_sentry_role_delete_groups_args getEmptyArgsInstance() {
- return new alter_sentry_role_delete_groups_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_delete_groups_result getResult(I iface, alter_sentry_role_delete_groups_args args) throws org.apache.thrift.TException {
- alter_sentry_role_delete_groups_result result = new alter_sentry_role_delete_groups_result();
- result.success = iface.alter_sentry_role_delete_groups(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_add_users<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_add_users_args> {
- public alter_sentry_role_add_users() {
- super("alter_sentry_role_add_users");
- }
-
- public alter_sentry_role_add_users_args getEmptyArgsInstance() {
- return new alter_sentry_role_add_users_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_add_users_result getResult(I iface, alter_sentry_role_add_users_args args) throws org.apache.thrift.TException {
- alter_sentry_role_add_users_result result = new alter_sentry_role_add_users_result();
- result.success = iface.alter_sentry_role_add_users(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_delete_users<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_delete_users_args> {
- public alter_sentry_role_delete_users() {
- super("alter_sentry_role_delete_users");
- }
-
- public alter_sentry_role_delete_users_args getEmptyArgsInstance() {
- return new alter_sentry_role_delete_users_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_delete_users_result getResult(I iface, alter_sentry_role_delete_users_args args) throws org.apache.thrift.TException {
- alter_sentry_role_delete_users_result result = new alter_sentry_role_delete_users_result();
- result.success = iface.alter_sentry_role_delete_users(args.request);
- return result;
- }
- }
-
- public static class list_sentry_roles_by_group<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_roles_by_group_args> {
- public list_sentry_roles_by_group() {
- super("list_sentry_roles_by_group");
- }
-
- public list_sentry_roles_by_group_args getEmptyArgsInstance() {
- return new list_sentry_roles_by_group_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_roles_by_group_result getResult(I iface, list_sentry_roles_by_group_args args) throws org.apache.thrift.TException {
- list_sentry_roles_by_group_result result = new list_sentry_roles_by_group_result();
- result.success = iface.list_sentry_roles_by_group(args.request);
- return result;
- }
- }
-
- public static class list_sentry_roles_by_user<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_roles_by_user_args> {
- public list_sentry_roles_by_user() {
- super("list_sentry_roles_by_user");
- }
-
- public list_sentry_roles_by_user_args getEmptyArgsInstance() {
- return new list_sentry_roles_by_user_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_roles_by_user_result getResult(I iface, list_sentry_roles_by_user_args args) throws org.apache.thrift.TException {
- list_sentry_roles_by_user_result result = new list_sentry_roles_by_user_result();
- result.success = iface.list_sentry_roles_by_user(args.request);
- return result;
- }
- }
-
- public static class list_sentry_privileges_by_role<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_by_role_args> {
- public list_sentry_privileges_by_role() {
- super("list_sentry_privileges_by_role");
- }
-
- public list_sentry_privileges_by_role_args getEmptyArgsInstance() {
- return new list_sentry_privileges_by_role_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_privileges_by_role_result getResult(I iface, list_sentry_privileges_by_role_args args) throws org.apache.thrift.TException {
- list_sentry_privileges_by_role_result result = new list_sentry_privileges_by_role_result();
- result.success = iface.list_sentry_privileges_by_role(args.request);
- return result;
- }
- }
-
- public static class list_sentry_privileges_for_provider<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_for_provider_args> {
- public list_sentry_privileges_for_provider() {
- super("list_sentry_privileges_for_provider");
- }
-
- public list_sentry_privileges_for_provider_args getEmptyArgsInstance() {
- return new list_sentry_privileges_for_provider_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_privileges_for_provider_result getResult(I iface, list_sentry_privileges_for_provider_args args) throws org.apache.thrift.TException {
- list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
- result.success = iface.list_sentry_privileges_for_provider(args.request);
- return result;
- }
- }
-
- public static class drop_sentry_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, drop_sentry_privilege_args> {
- public drop_sentry_privilege() {
- super("drop_sentry_privilege");
- }
-
- public drop_sentry_privilege_args getEmptyArgsInstance() {
- return new drop_sentry_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public drop_sentry_privilege_result getResult(I iface, drop_sentry_privilege_args args) throws org.apache.thrift.TException {
- drop_sentry_privilege_result result = new drop_sentry_privilege_result();
- result.success = iface.drop_sentry_privilege(args.request);
- return result;
- }
- }
-
- public static class rename_sentry_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, rename_sentry_privilege_args> {
- public rename_sentry_privilege() {
- super("rename_sentry_privilege");
- }
-
- public rename_sentry_privilege_args getEmptyArgsInstance() {
- return new rename_sentry_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public rename_sentry_privilege_result getResult(I iface, rename_sentry_privilege_args args) throws org.apache.thrift.TException {
- rename_sentry_privilege_result result = new rename_sentry_privilege_result();
- result.success = iface.rename_sentry_privilege(args.request);
- return result;
- }
- }
-
- public static class list_sentry_privileges_by_authorizable<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_by_authorizable_args> {
- public list_sentry_privileges_by_authorizable() {
- super("list_sentry_privileges_by_authorizable");
- }
-
- public list_sentry_privileges_by_authorizable_args getEmptyArgsInstance() {
- return new list_sentry_privileges_by_authorizable_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_privileges_by_authorizable_result getResult(I iface, list_sentry_privileges_by_authorizable_args args) throws org.apache.thrift.TException {
- list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
- result.success = iface.list_sentry_privileges_by_authorizable(args.request);
- return result;
- }
- }
-
- public static class get_sentry_config_value<I extends Iface> extends org.apache.thrift.ProcessFunction<I, get_sentry_config_value_args> {
- public get_sentry_config_value() {
- super("get_sentry_config_value");
- }
-
- public get_sentry_config_value_args getEmptyArgsInstance() {
- return new get_sentry_config_value_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public get_sentry_config_value_result getResult(I iface, get_sentry_config_value_args args) throws org.apache.thrift.TException {
- get_sentry_config_value_result result = new get_sentry_config_value_result();
- result.success = iface.get_sentry_config_value(args.request);
- return result;
- }
- }
-
- public static class export_sentry_mapping_data<I extends Iface> extends org.apache.thrift.ProcessFunction<I, export_sentry_mapping_data_args> {
- public export_sentry_mapping_data() {
- super("export_sentry_mapping_data");
- }
-
- public export_sentry_mapping_data_args getEmptyArgsInstance() {
- return new export_sentry_mapping_data_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public export_sentry_mapping_data_result getResult(I iface, export_sentry_mapping_data_args args) throws org.apache.thrift.TException {
- export_sentry_mapping_data_result result = new export_sentry_mapping_data_result();
- result.success = iface.export_sentry_mapping_data(args.request);
- return result;
- }
- }
-
- public static class import_sentry_mapping_data<I extends Iface> extends org.apache.thrift.ProcessFunction<I, import_sentry_mapping_data_args> {
- public import_sentry_mapping_data() {
- super("import_sentry_mapping_data");
- }
-
- public import_sentry_mapping_data_args getEmptyArgsInstance() {
- return new import_sentry_mapping_data_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public import_sentry_mapping_data_result getResult(I iface, import_sentry_mapping_data_args args) throws org.apache.thrift.TException {
- import_sentry_mapping_data_result result = new import_sentry_mapping_data_result();
- result.success = iface.import_sentry_mapping_data(args.request);
- return result;
- }
- }
-
- }
-
- public static class AsyncProcessor<I extends AsyncIface> extends org.apache.thrift.TBaseAsyncProcessor<I> {
- private static final Logger LOGGER = LoggerFactory.getLogger(AsyncProcessor.class.getName());
- public AsyncProcessor(I iface) {
- super(iface, getProcessMap(new HashMap<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase, ?>>()));
- }
-
- protected AsyncProcessor(I iface, Map<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase, ?>> processMap) {
- super(iface, getProcessMap(processMap));
- }
-
- private static <I extends AsyncIface> Map<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase,?>> getProcessMap(Map<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase, ?>> processMap) {
- processMap.put("create_sentry_role", new create_sentry_role());
- processMap.put("drop_sentry_role", new drop_sentry_role());
- processMap.put("alter_sentry_role_grant_privilege", new alter_sentry_role_grant_privilege());
- processMap.put("alter_sentry_role_revoke_privilege", new alter_sentry_role_revoke_privilege());
- processMap.put("alter_sentry_role_add_groups", new alter_sentry_role_add_groups());
- processMap.put("alter_sentry_role_delete_groups", new alter_sentry_role_delete_groups());
- processMap.put("alter_sentry_role_add_users", new alter_sentry_role_add_users());
- processMap.put("alter_sentry_role_delete_users", new alter_sentry_role_delete_users());
- processMap.put("list_sentry_roles_by_group", new list_sentry_roles_by_group());
- processMap.put("list_sentry_roles_by_user", new list_sentry_roles_by_user());
- processMap.put("list_sentry_privileges_by_role", new list_sentry_privileges_by_role());
- processMap.put("list_sentry_privileges_for_provider", new list_sentry_privileges_for_provider());
- processMap.put("drop_sentry_privilege", new drop_sentry_privilege());
- processMap.put("rename_sentry_privilege", new rename_sentry_privilege());
- processMap.put("list_sentry_privileges_by_authorizable", new list_sentry_privileges_by_authorizable());
- processMap.put("get_sentry_config_value", new get_sentry_config_value());
- processMap.put("export_sentry_mapping_data", new export_sentry_mapping_data());
- processMap.put("import_sentry_mapping_data", new import_sentry_mapping_data());
- return processMap;
- }
-
- public static class create_sentry_role<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, create_sentry_role_args, TCreateSentryRoleResponse> {
- public create_sentry_role() {
- super("create_sentry_role");
- }
-
- public create_sentry_role_args getEmptyArgsInstance() {
- return new create_sentry_role_args();
- }
-
- public AsyncMethodCallback<TCreateSentryRoleResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunctio
<TRUNCATED>
[37/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
deleted file mode 100644
index dbe91df..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
+++ /dev/null
@@ -1,746 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TBase<TAlterSentryRoleDeleteGroupsRequest, TAlterSentryRoleDeleteGroupsRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleDeleteGroupsRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleDeleteGroupsRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleDeleteGroupsRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleDeleteGroupsRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private Set<TSentryGroup> groups; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- GROUPS((short)5, "groups");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 5: // GROUPS
- return GROUPS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryGroup.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleDeleteGroupsRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleDeleteGroupsRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleDeleteGroupsRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- Set<TSentryGroup> groups)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.groups = groups;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleDeleteGroupsRequest(TAlterSentryRoleDeleteGroupsRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetGroups()) {
- Set<TSentryGroup> __this__groups = new HashSet<TSentryGroup>(other.groups.size());
- for (TSentryGroup other_element : other.groups) {
- __this__groups.add(new TSentryGroup(other_element));
- }
- this.groups = __this__groups;
- }
- }
-
- public TAlterSentryRoleDeleteGroupsRequest deepCopy() {
- return new TAlterSentryRoleDeleteGroupsRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.groups = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<TSentryGroup> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(TSentryGroup elem) {
- if (this.groups == null) {
- this.groups = new HashSet<TSentryGroup>();
- }
- this.groups.add(elem);
- }
-
- public Set<TSentryGroup> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<TSentryGroup> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<TSentryGroup>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case GROUPS:
- return getGroups();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case GROUPS:
- return isSetGroups();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleDeleteGroupsRequest)
- return this.equals((TAlterSentryRoleDeleteGroupsRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleDeleteGroupsRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleDeleteGroupsRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleDeleteGroupsRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsRequestStandardScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestStandardScheme extends StandardScheme<TAlterSentryRoleDeleteGroupsRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set16 = iprot.readSetBegin();
- struct.groups = new HashSet<TSentryGroup>(2*_set16.size);
- TSentryGroup _elem17;
- for (int _i18 = 0; _i18 < _set16.size; ++_i18)
- {
- _elem17 = new TSentryGroup();
- _elem17.read(iprot);
- struct.groups.add(_elem17);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.groups.size()));
- for (TSentryGroup _iter19 : struct.groups)
- {
- _iter19.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsRequestTupleScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestTupleScheme extends TupleScheme<TAlterSentryRoleDeleteGroupsRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- {
- oprot.writeI32(struct.groups.size());
- for (TSentryGroup _iter20 : struct.groups)
- {
- _iter20.write(oprot);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set21 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.groups = new HashSet<TSentryGroup>(2*_set21.size);
- TSentryGroup _elem22;
- for (int _i23 = 0; _i23 < _set21.size; ++_i23)
- {
- _elem22 = new TSentryGroup();
- _elem22.read(iprot);
- struct.groups.add(_elem22);
- }
- }
- struct.setGroupsIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java
deleted file mode 100644
index ac2f69d..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleDeleteGroupsResponse implements org.apache.thrift.TBase<TAlterSentryRoleDeleteGroupsResponse, TAlterSentryRoleDeleteGroupsResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleDeleteGroupsResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleDeleteGroupsResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleDeleteGroupsResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleDeleteGroupsResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleDeleteGroupsResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleDeleteGroupsResponse() {
- }
-
- public TAlterSentryRoleDeleteGroupsResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleDeleteGroupsResponse(TAlterSentryRoleDeleteGroupsResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TAlterSentryRoleDeleteGroupsResponse deepCopy() {
- return new TAlterSentryRoleDeleteGroupsResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleDeleteGroupsResponse)
- return this.equals((TAlterSentryRoleDeleteGroupsResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleDeleteGroupsResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleDeleteGroupsResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleDeleteGroupsResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsResponseStandardScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseStandardScheme extends StandardScheme<TAlterSentryRoleDeleteGroupsResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsResponseTupleScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseTupleScheme extends TupleScheme<TAlterSentryRoleDeleteGroupsResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersRequest.java
deleted file mode 100644
index 693088e..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersRequest.java
+++ /dev/null
@@ -1,741 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleDeleteUsersRequest implements org.apache.thrift.TBase<TAlterSentryRoleDeleteUsersRequest, TAlterSentryRoleDeleteUsersRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleDeleteUsersRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleDeleteUsersRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField USERS_FIELD_DESC = new org.apache.thrift.protocol.TField("users", org.apache.thrift.protocol.TType.SET, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleDeleteUsersRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleDeleteUsersRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private Set<String> users; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- USERS((short)4, "users");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // USERS
- return USERS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.USERS, new org.apache.thrift.meta_data.FieldMetaData("users", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleDeleteUsersRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleDeleteUsersRequest() {
- this.protocol_version = 1;
-
- }
-
- public TAlterSentryRoleDeleteUsersRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- Set<String> users)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.users = users;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleDeleteUsersRequest(TAlterSentryRoleDeleteUsersRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetUsers()) {
- Set<String> __this__users = new HashSet<String>(other.users);
- this.users = __this__users;
- }
- }
-
- public TAlterSentryRoleDeleteUsersRequest deepCopy() {
- return new TAlterSentryRoleDeleteUsersRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 1;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.users = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public int getUsersSize() {
- return (this.users == null) ? 0 : this.users.size();
- }
-
- public java.util.Iterator<String> getUsersIterator() {
- return (this.users == null) ? null : this.users.iterator();
- }
-
- public void addToUsers(String elem) {
- if (this.users == null) {
- this.users = new HashSet<String>();
- }
- this.users.add(elem);
- }
-
- public Set<String> getUsers() {
- return this.users;
- }
-
- public void setUsers(Set<String> users) {
- this.users = users;
- }
-
- public void unsetUsers() {
- this.users = null;
- }
-
- /** Returns true if field users is set (has been assigned a value) and false otherwise */
- public boolean isSetUsers() {
- return this.users != null;
- }
-
- public void setUsersIsSet(boolean value) {
- if (!value) {
- this.users = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case USERS:
- if (value == null) {
- unsetUsers();
- } else {
- setUsers((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case USERS:
- return getUsers();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case USERS:
- return isSetUsers();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleDeleteUsersRequest)
- return this.equals((TAlterSentryRoleDeleteUsersRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleDeleteUsersRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_users = true && this.isSetUsers();
- boolean that_present_users = true && that.isSetUsers();
- if (this_present_users || that_present_users) {
- if (!(this_present_users && that_present_users))
- return false;
- if (!this.users.equals(that.users))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_users = true && (isSetUsers());
- list.add(present_users);
- if (present_users)
- list.add(users);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleDeleteUsersRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetUsers()).compareTo(other.isSetUsers());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetUsers()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.users, other.users);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleDeleteUsersRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("users:");
- if (this.users == null) {
- sb.append("null");
- } else {
- sb.append(this.users);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetUsers()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'users' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleDeleteUsersRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteUsersRequestStandardScheme getScheme() {
- return new TAlterSentryRoleDeleteUsersRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteUsersRequestStandardScheme extends StandardScheme<TAlterSentryRoleDeleteUsersRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleDeleteUsersRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // USERS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set24 = iprot.readSetBegin();
- struct.users = new HashSet<String>(2*_set24.size);
- String _elem25;
- for (int _i26 = 0; _i26 < _set24.size; ++_i26)
- {
- _elem25 = iprot.readString();
- struct.users.add(_elem25);
- }
- iprot.readSetEnd();
- }
- struct.setUsersIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleDeleteUsersRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.users != null) {
- oprot.writeFieldBegin(USERS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.users.size()));
- for (String _iter27 : struct.users)
- {
- oprot.writeString(_iter27);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleDeleteUsersRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteUsersRequestTupleScheme getScheme() {
- return new TAlterSentryRoleDeleteUsersRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteUsersRequestTupleScheme extends TupleScheme<TAlterSentryRoleDeleteUsersRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteUsersRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- {
- oprot.writeI32(struct.users.size());
- for (String _iter28 : struct.users)
- {
- oprot.writeString(_iter28);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteUsersRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set29 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.users = new HashSet<String>(2*_set29.size);
- String _elem30;
- for (int _i31 = 0; _i31 < _set29.size; ++_i31)
- {
- _elem30 = iprot.readString();
- struct.users.add(_elem30);
- }
- }
- struct.setUsersIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersResponse.java
deleted file mode 100644
index af36fc8..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteUsersResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleDeleteUsersResponse implements org.apache.thrift.TBase<TAlterSentryRoleDeleteUsersResponse, TAlterSentryRoleDeleteUsersResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleDeleteUsersResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleDeleteUsersResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleDeleteUsersResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleDeleteUsersResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleDeleteUsersResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleDeleteUsersResponse() {
- }
-
- public TAlterSentryRoleDeleteUsersResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleDeleteUsersResponse(TAlterSentryRoleDeleteUsersResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TAlterSentryRoleDeleteUsersResponse deepCopy() {
- return new TAlterSentryRoleDeleteUsersResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleDeleteUsersResponse)
- return this.equals((TAlterSentryRoleDeleteUsersResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleDeleteUsersResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleDeleteUsersResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleDeleteUsersResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleDeleteUsersResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteUsersResponseStandardScheme getScheme() {
- return new TAlterSentryRoleDeleteUsersResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteUsersResponseStandardScheme extends StandardScheme<TAlterSentryRoleDeleteUsersResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleDeleteUsersResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleDeleteUsersResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleDeleteUsersResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteUsersResponseTupleScheme getScheme() {
- return new TAlterSentryRoleDeleteUsersResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteUsersResponseTupleScheme extends TupleScheme<TAlterSentryRoleDeleteUsersResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteUsersResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteUsersResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
[44/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthRequest.java
deleted file mode 100644
index b4b68e2..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthRequest.java
+++ /dev/null
@@ -1,1112 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesByAuthRequest implements org.apache.thrift.TBase<TListSentryPrivilegesByAuthRequest, TListSentryPrivilegesByAuthRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesByAuthRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField SERVICE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("serviceName", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLES_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizablesSet", org.apache.thrift.protocol.TType.SET, (short)5);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)6);
- private static final org.apache.thrift.protocol.TField ROLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("roleSet", org.apache.thrift.protocol.TType.STRUCT, (short)7);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String component; // required
- private String serviceName; // required
- private Set<String> authorizablesSet; // required
- private Set<String> groups; // optional
- private TSentryActiveRoleSet roleSet; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- COMPONENT((short)3, "component"),
- SERVICE_NAME((short)4, "serviceName"),
- AUTHORIZABLES_SET((short)5, "authorizablesSet"),
- GROUPS((short)6, "groups"),
- ROLE_SET((short)7, "roleSet");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // COMPONENT
- return COMPONENT;
- case 4: // SERVICE_NAME
- return SERVICE_NAME;
- case 5: // AUTHORIZABLES_SET
- return AUTHORIZABLES_SET;
- case 6: // GROUPS
- return GROUPS;
- case 7: // ROLE_SET
- return ROLE_SET;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.GROUPS,_Fields.ROLE_SET};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.SERVICE_NAME, new org.apache.thrift.meta_data.FieldMetaData("serviceName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.AUTHORIZABLES_SET, new org.apache.thrift.meta_data.FieldMetaData("authorizablesSet", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- tmpMap.put(_Fields.ROLE_SET, new org.apache.thrift.meta_data.FieldMetaData("roleSet", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryActiveRoleSet.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthRequest.class, metaDataMap);
- }
-
- public TListSentryPrivilegesByAuthRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryPrivilegesByAuthRequest(
- int protocol_version,
- String requestorUserName,
- String component,
- String serviceName,
- Set<String> authorizablesSet)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.component = component;
- this.serviceName = serviceName;
- this.authorizablesSet = authorizablesSet;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesByAuthRequest(TListSentryPrivilegesByAuthRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetServiceName()) {
- this.serviceName = other.serviceName;
- }
- if (other.isSetAuthorizablesSet()) {
- Set<String> __this__authorizablesSet = new HashSet<String>(other.authorizablesSet);
- this.authorizablesSet = __this__authorizablesSet;
- }
- if (other.isSetGroups()) {
- Set<String> __this__groups = new HashSet<String>(other.groups);
- this.groups = __this__groups;
- }
- if (other.isSetRoleSet()) {
- this.roleSet = new TSentryActiveRoleSet(other.roleSet);
- }
- }
-
- public TListSentryPrivilegesByAuthRequest deepCopy() {
- return new TListSentryPrivilegesByAuthRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.component = null;
- this.serviceName = null;
- this.authorizablesSet = null;
- this.groups = null;
- this.roleSet = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public String getServiceName() {
- return this.serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public void unsetServiceName() {
- this.serviceName = null;
- }
-
- /** Returns true if field serviceName is set (has been assigned a value) and false otherwise */
- public boolean isSetServiceName() {
- return this.serviceName != null;
- }
-
- public void setServiceNameIsSet(boolean value) {
- if (!value) {
- this.serviceName = null;
- }
- }
-
- public int getAuthorizablesSetSize() {
- return (this.authorizablesSet == null) ? 0 : this.authorizablesSet.size();
- }
-
- public java.util.Iterator<String> getAuthorizablesSetIterator() {
- return (this.authorizablesSet == null) ? null : this.authorizablesSet.iterator();
- }
-
- public void addToAuthorizablesSet(String elem) {
- if (this.authorizablesSet == null) {
- this.authorizablesSet = new HashSet<String>();
- }
- this.authorizablesSet.add(elem);
- }
-
- public Set<String> getAuthorizablesSet() {
- return this.authorizablesSet;
- }
-
- public void setAuthorizablesSet(Set<String> authorizablesSet) {
- this.authorizablesSet = authorizablesSet;
- }
-
- public void unsetAuthorizablesSet() {
- this.authorizablesSet = null;
- }
-
- /** Returns true if field authorizablesSet is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizablesSet() {
- return this.authorizablesSet != null;
- }
-
- public void setAuthorizablesSetIsSet(boolean value) {
- if (!value) {
- this.authorizablesSet = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<String> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(String elem) {
- if (this.groups == null) {
- this.groups = new HashSet<String>();
- }
- this.groups.add(elem);
- }
-
- public Set<String> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<String> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public TSentryActiveRoleSet getRoleSet() {
- return this.roleSet;
- }
-
- public void setRoleSet(TSentryActiveRoleSet roleSet) {
- this.roleSet = roleSet;
- }
-
- public void unsetRoleSet() {
- this.roleSet = null;
- }
-
- /** Returns true if field roleSet is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleSet() {
- return this.roleSet != null;
- }
-
- public void setRoleSetIsSet(boolean value) {
- if (!value) {
- this.roleSet = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case SERVICE_NAME:
- if (value == null) {
- unsetServiceName();
- } else {
- setServiceName((String)value);
- }
- break;
-
- case AUTHORIZABLES_SET:
- if (value == null) {
- unsetAuthorizablesSet();
- } else {
- setAuthorizablesSet((Set<String>)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<String>)value);
- }
- break;
-
- case ROLE_SET:
- if (value == null) {
- unsetRoleSet();
- } else {
- setRoleSet((TSentryActiveRoleSet)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case COMPONENT:
- return getComponent();
-
- case SERVICE_NAME:
- return getServiceName();
-
- case AUTHORIZABLES_SET:
- return getAuthorizablesSet();
-
- case GROUPS:
- return getGroups();
-
- case ROLE_SET:
- return getRoleSet();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case COMPONENT:
- return isSetComponent();
- case SERVICE_NAME:
- return isSetServiceName();
- case AUTHORIZABLES_SET:
- return isSetAuthorizablesSet();
- case GROUPS:
- return isSetGroups();
- case ROLE_SET:
- return isSetRoleSet();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesByAuthRequest)
- return this.equals((TListSentryPrivilegesByAuthRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesByAuthRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_serviceName = true && this.isSetServiceName();
- boolean that_present_serviceName = true && that.isSetServiceName();
- if (this_present_serviceName || that_present_serviceName) {
- if (!(this_present_serviceName && that_present_serviceName))
- return false;
- if (!this.serviceName.equals(that.serviceName))
- return false;
- }
-
- boolean this_present_authorizablesSet = true && this.isSetAuthorizablesSet();
- boolean that_present_authorizablesSet = true && that.isSetAuthorizablesSet();
- if (this_present_authorizablesSet || that_present_authorizablesSet) {
- if (!(this_present_authorizablesSet && that_present_authorizablesSet))
- return false;
- if (!this.authorizablesSet.equals(that.authorizablesSet))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- boolean this_present_roleSet = true && this.isSetRoleSet();
- boolean that_present_roleSet = true && that.isSetRoleSet();
- if (this_present_roleSet || that_present_roleSet) {
- if (!(this_present_roleSet && that_present_roleSet))
- return false;
- if (!this.roleSet.equals(that.roleSet))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_serviceName = true && (isSetServiceName());
- list.add(present_serviceName);
- if (present_serviceName)
- list.add(serviceName);
-
- boolean present_authorizablesSet = true && (isSetAuthorizablesSet());
- list.add(present_authorizablesSet);
- if (present_authorizablesSet)
- list.add(authorizablesSet);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- boolean present_roleSet = true && (isSetRoleSet());
- list.add(present_roleSet);
- if (present_roleSet)
- list.add(roleSet);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesByAuthRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetServiceName()).compareTo(other.isSetServiceName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetServiceName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.serviceName, other.serviceName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizablesSet()).compareTo(other.isSetAuthorizablesSet());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizablesSet()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizablesSet, other.authorizablesSet);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleSet()).compareTo(other.isSetRoleSet());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleSet()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleSet, other.roleSet);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("serviceName:");
- if (this.serviceName == null) {
- sb.append("null");
- } else {
- sb.append(this.serviceName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("authorizablesSet:");
- if (this.authorizablesSet == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizablesSet);
- }
- first = false;
- if (isSetGroups()) {
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- }
- if (isSetRoleSet()) {
- if (!first) sb.append(", ");
- sb.append("roleSet:");
- if (this.roleSet == null) {
- sb.append("null");
- } else {
- sb.append(this.roleSet);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetServiceName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'serviceName' is unset! Struct:" + toString());
- }
-
- if (!isSetAuthorizablesSet()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'authorizablesSet' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (roleSet != null) {
- roleSet.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesByAuthRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthRequestStandardScheme getScheme() {
- return new TListSentryPrivilegesByAuthRequestStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthRequestStandardScheme extends StandardScheme<TListSentryPrivilegesByAuthRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // SERVICE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // AUTHORIZABLES_SET
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set122 = iprot.readSetBegin();
- struct.authorizablesSet = new HashSet<String>(2*_set122.size);
- String _elem123;
- for (int _i124 = 0; _i124 < _set122.size; ++_i124)
- {
- _elem123 = iprot.readString();
- struct.authorizablesSet.add(_elem123);
- }
- iprot.readSetEnd();
- }
- struct.setAuthorizablesSetIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set125 = iprot.readSetBegin();
- struct.groups = new HashSet<String>(2*_set125.size);
- String _elem126;
- for (int _i127 = 0; _i127 < _set125.size; ++_i127)
- {
- _elem126 = iprot.readString();
- struct.groups.add(_elem126);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 7: // ROLE_SET
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.serviceName != null) {
- oprot.writeFieldBegin(SERVICE_NAME_FIELD_DESC);
- oprot.writeString(struct.serviceName);
- oprot.writeFieldEnd();
- }
- if (struct.authorizablesSet != null) {
- oprot.writeFieldBegin(AUTHORIZABLES_SET_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.authorizablesSet.size()));
- for (String _iter128 : struct.authorizablesSet)
- {
- oprot.writeString(_iter128);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- if (struct.isSetGroups()) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
- for (String _iter129 : struct.groups)
- {
- oprot.writeString(_iter129);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- if (struct.roleSet != null) {
- if (struct.isSetRoleSet()) {
- oprot.writeFieldBegin(ROLE_SET_FIELD_DESC);
- struct.roleSet.write(oprot);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesByAuthRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthRequestTupleScheme getScheme() {
- return new TListSentryPrivilegesByAuthRequestTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthRequestTupleScheme extends TupleScheme<TListSentryPrivilegesByAuthRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.component);
- oprot.writeString(struct.serviceName);
- {
- oprot.writeI32(struct.authorizablesSet.size());
- for (String _iter130 : struct.authorizablesSet)
- {
- oprot.writeString(_iter130);
- }
- }
- BitSet optionals = new BitSet();
- if (struct.isSetGroups()) {
- optionals.set(0);
- }
- if (struct.isSetRoleSet()) {
- optionals.set(1);
- }
- oprot.writeBitSet(optionals, 2);
- if (struct.isSetGroups()) {
- {
- oprot.writeI32(struct.groups.size());
- for (String _iter131 : struct.groups)
- {
- oprot.writeString(_iter131);
- }
- }
- }
- if (struct.isSetRoleSet()) {
- struct.roleSet.write(oprot);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set132 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.authorizablesSet = new HashSet<String>(2*_set132.size);
- String _elem133;
- for (int _i134 = 0; _i134 < _set132.size; ++_i134)
- {
- _elem133 = iprot.readString();
- struct.authorizablesSet.add(_elem133);
- }
- }
- struct.setAuthorizablesSetIsSet(true);
- BitSet incoming = iprot.readBitSet(2);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TSet _set135 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.groups = new HashSet<String>(2*_set135.size);
- String _elem136;
- for (int _i137 = 0; _i137 < _set135.size; ++_i137)
- {
- _elem136 = iprot.readString();
- struct.groups.add(_elem136);
- }
- }
- struct.setGroupsIsSet(true);
- }
- if (incoming.get(1)) {
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthResponse.java
deleted file mode 100644
index 8162613..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesByAuthResponse.java
+++ /dev/null
@@ -1,569 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesByAuthResponse implements org.apache.thrift.TBase<TListSentryPrivilegesByAuthResponse, TListSentryPrivilegesByAuthResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesByAuthResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_MAP_BY_AUTH_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegesMapByAuth", org.apache.thrift.protocol.TType.MAP, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Map<String,TSentryPrivilegeMap> privilegesMapByAuth; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- PRIVILEGES_MAP_BY_AUTH((short)2, "privilegesMapByAuth");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // PRIVILEGES_MAP_BY_AUTH
- return PRIVILEGES_MAP_BY_AUTH;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.PRIVILEGES_MAP_BY_AUTH};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.PRIVILEGES_MAP_BY_AUTH, new org.apache.thrift.meta_data.FieldMetaData("privilegesMapByAuth", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING),
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilegeMap.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthResponse.class, metaDataMap);
- }
-
- public TListSentryPrivilegesByAuthResponse() {
- }
-
- public TListSentryPrivilegesByAuthResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesByAuthResponse(TListSentryPrivilegesByAuthResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetPrivilegesMapByAuth()) {
- Map<String,TSentryPrivilegeMap> __this__privilegesMapByAuth = new HashMap<String,TSentryPrivilegeMap>(other.privilegesMapByAuth.size());
- for (Map.Entry<String, TSentryPrivilegeMap> other_element : other.privilegesMapByAuth.entrySet()) {
-
- String other_element_key = other_element.getKey();
- TSentryPrivilegeMap other_element_value = other_element.getValue();
-
- String __this__privilegesMapByAuth_copy_key = other_element_key;
-
- TSentryPrivilegeMap __this__privilegesMapByAuth_copy_value = new TSentryPrivilegeMap(other_element_value);
-
- __this__privilegesMapByAuth.put(__this__privilegesMapByAuth_copy_key, __this__privilegesMapByAuth_copy_value);
- }
- this.privilegesMapByAuth = __this__privilegesMapByAuth;
- }
- }
-
- public TListSentryPrivilegesByAuthResponse deepCopy() {
- return new TListSentryPrivilegesByAuthResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.privilegesMapByAuth = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getPrivilegesMapByAuthSize() {
- return (this.privilegesMapByAuth == null) ? 0 : this.privilegesMapByAuth.size();
- }
-
- public void putToPrivilegesMapByAuth(String key, TSentryPrivilegeMap val) {
- if (this.privilegesMapByAuth == null) {
- this.privilegesMapByAuth = new HashMap<String,TSentryPrivilegeMap>();
- }
- this.privilegesMapByAuth.put(key, val);
- }
-
- public Map<String,TSentryPrivilegeMap> getPrivilegesMapByAuth() {
- return this.privilegesMapByAuth;
- }
-
- public void setPrivilegesMapByAuth(Map<String,TSentryPrivilegeMap> privilegesMapByAuth) {
- this.privilegesMapByAuth = privilegesMapByAuth;
- }
-
- public void unsetPrivilegesMapByAuth() {
- this.privilegesMapByAuth = null;
- }
-
- /** Returns true if field privilegesMapByAuth is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilegesMapByAuth() {
- return this.privilegesMapByAuth != null;
- }
-
- public void setPrivilegesMapByAuthIsSet(boolean value) {
- if (!value) {
- this.privilegesMapByAuth = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case PRIVILEGES_MAP_BY_AUTH:
- if (value == null) {
- unsetPrivilegesMapByAuth();
- } else {
- setPrivilegesMapByAuth((Map<String,TSentryPrivilegeMap>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case PRIVILEGES_MAP_BY_AUTH:
- return getPrivilegesMapByAuth();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case PRIVILEGES_MAP_BY_AUTH:
- return isSetPrivilegesMapByAuth();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesByAuthResponse)
- return this.equals((TListSentryPrivilegesByAuthResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesByAuthResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_privilegesMapByAuth = true && this.isSetPrivilegesMapByAuth();
- boolean that_present_privilegesMapByAuth = true && that.isSetPrivilegesMapByAuth();
- if (this_present_privilegesMapByAuth || that_present_privilegesMapByAuth) {
- if (!(this_present_privilegesMapByAuth && that_present_privilegesMapByAuth))
- return false;
- if (!this.privilegesMapByAuth.equals(that.privilegesMapByAuth))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_privilegesMapByAuth = true && (isSetPrivilegesMapByAuth());
- list.add(present_privilegesMapByAuth);
- if (present_privilegesMapByAuth)
- list.add(privilegesMapByAuth);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesByAuthResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilegesMapByAuth()).compareTo(other.isSetPrivilegesMapByAuth());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilegesMapByAuth()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegesMapByAuth, other.privilegesMapByAuth);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetPrivilegesMapByAuth()) {
- if (!first) sb.append(", ");
- sb.append("privilegesMapByAuth:");
- if (this.privilegesMapByAuth == null) {
- sb.append("null");
- } else {
- sb.append(this.privilegesMapByAuth);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesByAuthResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthResponseStandardScheme getScheme() {
- return new TListSentryPrivilegesByAuthResponseStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthResponseStandardScheme extends StandardScheme<TListSentryPrivilegesByAuthResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PRIVILEGES_MAP_BY_AUTH
- if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
- {
- org.apache.thrift.protocol.TMap _map138 = iprot.readMapBegin();
- struct.privilegesMapByAuth = new HashMap<String,TSentryPrivilegeMap>(2*_map138.size);
- String _key139;
- TSentryPrivilegeMap _val140;
- for (int _i141 = 0; _i141 < _map138.size; ++_i141)
- {
- _key139 = iprot.readString();
- _val140 = new TSentryPrivilegeMap();
- _val140.read(iprot);
- struct.privilegesMapByAuth.put(_key139, _val140);
- }
- iprot.readMapEnd();
- }
- struct.setPrivilegesMapByAuthIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.privilegesMapByAuth != null) {
- if (struct.isSetPrivilegesMapByAuth()) {
- oprot.writeFieldBegin(PRIVILEGES_MAP_BY_AUTH_FIELD_DESC);
- {
- oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.STRUCT, struct.privilegesMapByAuth.size()));
- for (Map.Entry<String, TSentryPrivilegeMap> _iter142 : struct.privilegesMapByAuth.entrySet())
- {
- oprot.writeString(_iter142.getKey());
- _iter142.getValue().write(oprot);
- }
- oprot.writeMapEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesByAuthResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthResponseTupleScheme getScheme() {
- return new TListSentryPrivilegesByAuthResponseTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthResponseTupleScheme extends TupleScheme<TListSentryPrivilegesByAuthResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetPrivilegesMapByAuth()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetPrivilegesMapByAuth()) {
- {
- oprot.writeI32(struct.privilegesMapByAuth.size());
- for (Map.Entry<String, TSentryPrivilegeMap> _iter143 : struct.privilegesMapByAuth.entrySet())
- {
- oprot.writeString(_iter143.getKey());
- _iter143.getValue().write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TMap _map144 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privilegesMapByAuth = new HashMap<String,TSentryPrivilegeMap>(2*_map144.size);
- String _key145;
- TSentryPrivilegeMap _val146;
- for (int _i147 = 0; _i147 < _map144.size; ++_i147)
- {
- _key145 = iprot.readString();
- _val146 = new TSentryPrivilegeMap();
- _val146.read(iprot);
- struct.privilegesMapByAuth.put(_key145, _val146);
- }
- }
- struct.setPrivilegesMapByAuthIsSet(true);
- }
- }
- }
-
-}
-
[08/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java
deleted file mode 100644
index 8cf0e70..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/util/TestCommandUtil.java
+++ /dev/null
@@ -1,416 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.util;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
-
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.junit.Assert;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-public class TestCommandUtil extends Assert {
-
- @Test
- public void testCreateCmdForCreateOrDropRole() {
- String roleName = "testRole";
-
- String createRoleCmdResult = CommandUtil.createCmdForCreateOrDropRole(
- roleName, true);
- String dropRoleCmdResult = CommandUtil.createCmdForCreateOrDropRole(
- roleName, false);
- String createRoleCmdExcepted = "CREATE ROLE testRole";
- String dropRoleCmdExcepted = "DROP ROLE testRole";
-
- assertEquals(createRoleCmdExcepted, createRoleCmdResult);
- assertEquals(dropRoleCmdResult, dropRoleCmdExcepted);
- }
-
- @Test
- public void testCreateCmdForRoleAddOrDeleteGroup1() {
-
- String createRoleAddGroupCmdResult = CommandUtil.createCmdForRoleAddGroup("testRole",
- getGroupStr(1));
- String createRoleAddGroupCmdExcepted = "GRANT ROLE testRole TO GROUP testGroup1";
- String createRoleDeleteGroupCmdResult = CommandUtil.createCmdForRoleDeleteGroup("testRole",
- getGroupStr(1));
- String createRoleDeleteGroupCmdExcepted = "REVOKE ROLE testRole FROM GROUP testGroup1";
-
- assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult);
- assertEquals(createRoleDeleteGroupCmdExcepted,
- createRoleDeleteGroupCmdResult);
- }
-
- @Test
- public void testCreateCmdForRoleAddOrDeleteGroup2() {
- String createRoleAddGroupCmdResult = CommandUtil.createCmdForRoleAddGroup("testRole",
- getGroupStr(3));
- String createRoleAddGroupCmdExcepted = "GRANT ROLE testRole TO GROUP testGroup1, testGroup2, testGroup3";
- String createRoleDeleteGroupCmdResult = CommandUtil.createCmdForRoleDeleteGroup("testRole",
- getGroupStr(3));
- String createRoleDeleteGroupCmdExcepted = "REVOKE ROLE testRole FROM GROUP testGroup1, testGroup2, testGroup3";
-
- assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult);
- assertEquals(createRoleDeleteGroupCmdExcepted,
- createRoleDeleteGroupCmdResult);
- }
-
- @Test
- public void testCreateCmdForRoleAddOrDeleteUser1() {
- String createRoleAddGroupCmdResult =
- CommandUtil.createCmdForRoleAddUser("testRole", getUserStr(1));
- String createRoleAddGroupCmdExcepted = "GRANT ROLE testRole TO USER testUser1";
- String createRoleDeleteGroupCmdResult =
- CommandUtil.createCmdForRoleDeleteUser("testRole", getUserStr(1));
- String createRoleDeleteGroupCmdExcepted = "REVOKE ROLE testRole FROM USER testUser1";
-
- assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult);
- assertEquals(createRoleDeleteGroupCmdExcepted, createRoleDeleteGroupCmdResult);
- }
-
- @Test
- public void testCreateCmdForRoleAddOrDeleteUser2() {
- String createRoleAddGroupCmdResult =
- CommandUtil.createCmdForRoleAddUser("testRole", getUserStr(3));
- String createRoleAddGroupCmdExcepted =
- "GRANT ROLE testRole TO USER testUser1, testUser2, testUser3";
- String createRoleDeleteGroupCmdResult =
- CommandUtil.createCmdForRoleDeleteUser("testRole", getUserStr(3));
- String createRoleDeleteGroupCmdExcepted =
- "REVOKE ROLE testRole FROM USER testUser1, testUser2, testUser3";
-
- assertEquals(createRoleAddGroupCmdExcepted, createRoleAddGroupCmdResult);
- assertEquals(createRoleDeleteGroupCmdExcepted, createRoleDeleteGroupCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege1() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.ALL,
- PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest",
- "hdfs://namenode:port/path/to/dir");
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil
- .createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT ALL ON DATABASE dbTest TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE ALL ON DATABASE dbTest FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted,
- createRevokePrivilegeCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege2() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.INSERT,
- PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest",
- "hdfs://namenode:port/path/to/dir");
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil
- .createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT INSERT ON DATABASE dbTest TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE INSERT ON DATABASE dbTest FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted,
- createRevokePrivilegeCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege3() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT,
- PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest",
- "hdfs://namenode:port/path/to/dir");
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil
- .createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON DATABASE dbTest TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON DATABASE dbTest FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted,
- createRevokePrivilegeCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege4() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(null,
- PrivilegeScope.DATABASE.name(), "dbTest", "tableTest", "serverTest",
- "hdfs://namenode:port/path/to/dir");
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil
- .createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT null ON DATABASE dbTest TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE null ON DATABASE dbTest FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted,
- createRevokePrivilegeCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege5() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT,
- PrivilegeScope.TABLE.name(), "dbTest", "tableTest", "serverTest",
- "hdfs://namenode:port/path/to/dir");
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil
- .createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON TABLE tableTest TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON TABLE tableTest FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted,
- createRevokePrivilegeCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege6() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT,
- PrivilegeScope.SERVER.name(), "dbTest", "tableTest", "serverTest",
- "hdfs://namenode:port/path/to/dir");
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil
- .createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON SERVER serverTest TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON SERVER serverTest FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted,
- createRevokePrivilegeCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege7() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT,
- PrivilegeScope.URI.name(), "dbTest", "tableTest", "serverTest",
- "hdfs://namenode:port/path/to/dir");
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil
- .createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON URI hdfs://namenode:port/path/to/dir TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON URI hdfs://namenode:port/path/to/dir FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted,
- createRevokePrivilegeCmdResult);
- }
-
- @Test
- public void testCreateCmdForGrantOrRevokePrivilege8() {
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantPrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokePrivilegeRequest();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.SELECT, PrivilegeScope.SERVER.name(),
- "dbTest", "tableTest", "serverTest", "hdfs://namenode:port/path/to/dir");
- privilege.setGrantOption(TSentryGrantOption.TRUE);
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- grantRequest.setPrivileges(privileges);
- revokeRequest.setPrivileges(privileges);
-
- String createGrantPrivilegeCmdResult = CommandUtil.createCmdForGrantPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT SELECT ON SERVER serverTest TO ROLE testRole WITH GRANT OPTION";
- String createRevokePrivilegeCmdResult = CommandUtil.createCmdForRevokePrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE SELECT ON SERVER serverTest FROM ROLE testRole WITH GRANT OPTION";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult);
- }
-
- // generate the command without grant option
- @Test
- public void testCreateCmdForGrantOrRevokeGMPrivilege1() {
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantGMPrivilegeRequest();
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokeGMPrivilegeRequest();
- org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege = getGMPrivilege();
- grantRequest.setPrivilege(privilege);
- revokeRequest.setPrivilege(privilege);
-
- String createGrantPrivilegeCmdResult = CommandUtil.createCmdForGrantGMPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 TO ROLE testRole";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokeGMPrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 FROM ROLE testRole";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult);
- }
-
- // generate the command with grant option
- @Test
- public void testCreateCmdForGrantOrRevokeGMPrivilege2() {
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest grantRequest = getGrantGMPrivilegeRequest();
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest revokeRequest = getRevokeGMPrivilegeRequest();
- org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege = getGMPrivilege();
- privilege
- .setGrantOption(org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.TRUE);
- grantRequest.setPrivilege(privilege);
- revokeRequest.setPrivilege(privilege);
-
- String createGrantPrivilegeCmdResult = CommandUtil.createCmdForGrantGMPrivilege(grantRequest);
- String createGrantPrivilegeCmdExcepted = "GRANT ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 TO ROLE testRole WITH GRANT OPTION";
- String createRevokePrivilegeCmdResult = CommandUtil
- .createCmdForRevokeGMPrivilege(revokeRequest);
- String createRevokePrivilegeCmdExcepted = "REVOKE ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 FROM ROLE testRole WITH GRANT OPTION";
-
- assertEquals(createGrantPrivilegeCmdExcepted, createGrantPrivilegeCmdResult);
- assertEquals(createRevokePrivilegeCmdExcepted, createRevokePrivilegeCmdResult);
- }
-
- private String getGroupStr(int num) {
- StringBuilder sb = new StringBuilder();
- for (int i = 0; i < num; i++) {
- if (i > 0) {
- sb.append(", ");
- }
- sb.append("testGroup" + (i + 1));
- }
- return sb.toString();
- }
-
- private String getUserStr(int num) {
- StringBuilder sb = new StringBuilder();
- for (int i = 0; i < num; i++) {
- if (i > 0) {
- sb.append(", ");
- }
- sb.append("testUser" + (i + 1));
- }
- return sb.toString();
- }
-
- private TAlterSentryRoleGrantPrivilegeRequest getGrantPrivilegeRequest() {
- TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
- request.setRoleName("testRole");
- return request;
- }
-
- private TAlterSentryRoleRevokePrivilegeRequest getRevokePrivilegeRequest() {
- TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
- request.setRoleName("testRole");
- return request;
- }
-
- private org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest getGrantGMPrivilegeRequest() {
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request = new org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest();
- request.setRoleName("testRole");
- return request;
- }
-
- private org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest getRevokeGMPrivilegeRequest() {
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request = new org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest();
- request.setRoleName("testRole");
- return request;
- }
-
- private TSentryPrivilege getPrivilege(String action, String privilegeScope,
- String dbName, String tableName, String serverName, String URI) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setAction(action);
- privilege.setPrivilegeScope(privilegeScope);
- privilege.setDbName(dbName);
- privilege.setTableName(tableName);
- privilege.setServerName(serverName);
- privilege.setURI(URI);
- return privilege;
- }
-
- private org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege getGMPrivilege() {
- org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege = new org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege();
- privilege.setAction("ACTION");
- privilege.setComponent("COMPONENT");
- List<TAuthorizable> authorizables = new ArrayList<TAuthorizable>();
- authorizables.add(new TAuthorizable("resourceType1", "resourceName1"));
- authorizables.add(new TAuthorizable("resourceType2", "resourceName2"));
- privilege.setAuthorizables(authorizables);
- return privilege;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java
deleted file mode 100644
index c31233b..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryPrivilege.java
+++ /dev/null
@@ -1,245 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertTrue;
-
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
-import org.junit.Test;
-
-public class TestSentryPrivilege {
- @Test
- public void testImpliesPrivilegePositive() throws Exception {
- // 1.test server+database+table+action
- MSentryPrivilege my = new MSentryPrivilege();
- MSentryPrivilege your = new MSentryPrivilege();
- my.setServerName("server1");
- my.setDbName("db1");
- my.setTableName("tb1");
- my.setAction(AccessConstants.SELECT);
- your.setServerName("server1");
- your.setDbName("db1");
- your.setTableName("tb1");
- your.setAction(AccessConstants.SELECT);
- assertTrue(my.implies(your));
-
- my.setAction(AccessConstants.ALL);
- assertTrue(my.implies(your));
-
- my.setTableName("");
- assertTrue(my.implies(your));
-
- my.setDbName("");
- assertTrue(my.implies(your));
-
- my.setAction(AccessConstants.ACTION_ALL);
- assertTrue(my.implies(your));
-
- my.setTableName("");
- assertTrue(my.implies(your));
-
- my.setDbName("");
- assertTrue(my.implies(your));
-
- // 2.test server+URI+action using all combinations of * and ALL for action
- String[][] actionMap = new String[][] {
- { AccessConstants.ALL, AccessConstants.ALL },
- { AccessConstants.ALL, AccessConstants.ACTION_ALL },
- { AccessConstants.ACTION_ALL, AccessConstants.ALL },
- { AccessConstants.ACTION_ALL, AccessConstants.ACTION_ALL } };
-
- for (int actions = 0; actions < actionMap.length; actions++) {
- my = new MSentryPrivilege();
- your = new MSentryPrivilege();
- my.setServerName("server1");
- my.setAction(actionMap[actions][0]);
- your.setServerName("server1");
- your.setAction(actionMap[actions][1]);
- my.setURI("hdfs://namenode:9000/path");
- your.setURI("hdfs://namenode:9000/path");
- assertTrue(my.implies(your));
-
- my.setURI("hdfs://namenode:9000/path");
- your.setURI("hdfs://namenode:9000/path/to/some/dir");
- assertTrue(my.implies(your));
-
- my.setURI("file:///path");
- your.setURI("file:///path");
- assertTrue(my.implies(your));
-
- my.setURI("file:///path");
- your.setURI("file:///path/to/some/dir");
- assertTrue(my.implies(your));
-
- // my is SERVER level privilege, your is URI level privilege
- my.setURI("");
- your.setURI("file:///path");
- assertTrue(my.implies(your));
- }
- }
-
- @Test
- public void testImpliesPrivilegeNegative() throws Exception {
- // 1.test server+database+table+action
- MSentryPrivilege my = new MSentryPrivilege();
- MSentryPrivilege your = new MSentryPrivilege();
- // bad action
- my.setServerName("server1");
- my.setDbName("db1");
- my.setTableName("tb1");
- my.setAction(AccessConstants.SELECT);
- your.setServerName("server1");
- your.setDbName("db1");
- your.setTableName("tb1");
- your.setAction(AccessConstants.INSERT);
- assertFalse(my.implies(your));
-
- // bad action
- your.setAction(AccessConstants.ALL);
- assertFalse(my.implies(your));
-
-
- // bad table
- your.setTableName("tb2");
- assertFalse(my.implies(your));
-
- // bad database
- your.setTableName("tb1");
- your.setDbName("db2");
- assertFalse(my.implies(your));
-
- // bad server
- your.setTableName("tb1");
- your.setDbName("db1");
- your.setServerName("server2");
- assertFalse(my.implies(your));
-
- // 2.test server+URI+action
- my = new MSentryPrivilege();
- your = new MSentryPrivilege();
- my.setServerName("server1");
- my.setAction(AccessConstants.ALL);
- your.setServerName("server2");
- your.setAction(AccessConstants.ALL);
-
- // relative path
- my.setURI("hdfs://namenode:9000/path");
- your.setURI("hdfs://namenode:9000/path/to/../../other");
- assertFalse(my.implies(your));
- my.setURI("file:///path");
- your.setURI("file:///path/to/../../other");
- assertFalse(my.implies(your));
-
- // bad uri
- my.setURI("blah");
- your.setURI("hdfs://namenode:9000/path/to/some/dir");
- assertFalse(my.implies(your));
- my.setURI("hdfs://namenode:9000/path/to/some/dir");
- your.setURI("blah");
- assertFalse(my.implies(your));
-
- // bad scheme
- my.setURI("hdfs://namenode:9000/path");
- your.setURI("file:///path/to/some/dir");
- assertFalse(my.implies(your));
- my.setURI("hdfs://namenode:9000/path");
- your.setURI("file://namenode:9000/path/to/some/dir");
- assertFalse(my.implies(your));
-
- // bad hostname
- my.setURI("hdfs://namenode1:9000/path");
- your.setURI("hdfs://namenode2:9000/path");
- assertFalse(my.implies(your));
-
- // bad port
- my.setURI("hdfs://namenode:9000/path");
- your.setURI("hdfs://namenode:9001/path");
- assertFalse(my.implies(your));
-
- // bad path
- my.setURI("hdfs://namenode:9000/path1");
- your.setURI("hdfs://namenode:9000/path2");
- assertFalse(my.implies(your));
- my.setURI("file:///path1");
- your.setURI("file:///path2");
- assertFalse(my.implies(your));
-
- // bad server
- your.setServerName("server2");
- my.setURI("hdfs://namenode:9000/path1");
- your.setURI("hdfs://namenode:9000/path1");
- assertFalse(my.implies(your));
-
- // bad implies
- my.setServerName("server1");
- my.setURI("hdfs://namenode:9000/path1");
- your.setServerName("server1");
- your.setURI("");
- assertFalse(my.implies(your));
- }
-
- @Test
- public void testImpliesPrivilegePositiveWithColumn() throws Exception {
- // 1.test server+database+table+column+action
- MSentryPrivilege my = new MSentryPrivilege();
- MSentryPrivilege your = new MSentryPrivilege();
- my.setServerName("server1");
- my.setAction(AccessConstants.SELECT);
- your.setServerName("server1");
- your.setDbName("db1");
- your.setTableName("tb1");
- your.setColumnName("c1");
- your.setAction(AccessConstants.SELECT);
- assertTrue(my.implies(your));
-
- my.setDbName("db1");
- assertTrue(my.implies(your));
-
- my.setTableName("tb1");
- assertTrue(my.implies(your));
-
- my.setColumnName("c1");
- assertTrue(my.implies(your));
- }
-
- @Test
- public void testImpliesPrivilegeNegativeWithColumn() throws Exception {
- // 1.test server+database+table+column+action
- MSentryPrivilege my = new MSentryPrivilege();
- MSentryPrivilege your = new MSentryPrivilege();
- // bad column
- my.setServerName("server1");
- my.setDbName("db1");
- my.setTableName("tb1");
- my.setColumnName("c1");
- my.setAction(AccessConstants.SELECT);
- your.setServerName("server1");
- your.setDbName("db1");
- your.setTableName("tb1");
- your.setColumnName("c2");
- your.setAction(AccessConstants.SELECT);
- assertFalse(my.implies(your));
-
- // bad scope
- your.setColumnName("");
- assertFalse(my.implies(your));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java
deleted file mode 100644
index 7cbcc11..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryServiceDiscovery.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.hadoop.conf.Configuration;
-
-import org.apache.curator.test.TestingServer;
-import org.apache.curator.x.discovery.ServiceInstance;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-import static org.junit.Assert.assertEquals;
-
-public class TestSentryServiceDiscovery {
-
- private HAContext haContext;
- private TestingServer server;
-
- @Before
- public void setup() throws Exception {
- server = new TestingServer();
- // HA conf
- Configuration conf = new Configuration(false);
- conf.set(ServerConfig.SENTRY_HA_ENABLED, "true");
- conf.set(ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE, "sentry-test");
- conf.set(ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM, server.getConnectString());
- haContext = HAContext.getHAContext(conf);
- }
-
- @After
- public void teardown() {
- HAContext.clearServerContext();
- if (server != null) {
- try {
- server.stop();
- } catch (IOException e) {
- }
- }
- }
-
- @Test
- public void testRegisterOneService() throws Exception {
- final String hostname = "localhost1";
- final Integer port = 123;
- ServiceRegister register = new ServiceRegister(haContext);
- register.regService(hostname, port);
- ServiceManager manager = new ServiceManager(haContext);
- ServiceInstance<Void> instance = manager.getServiceInstance();
- assertEquals("'hostname' doesn't match.", hostname, instance.getAddress());
- assertEquals("'port' doesn't match.", port, instance.getPort());
- }
-
- @Test
- public void testRegisterMultiService() throws Exception {
-
- final String hostname1 = "localhost1";
- final Integer port1 = 123;
- final String hostname2 = "localhost2";
- final Integer port2 = 456;
- final String hostname3 = "localhost3";
- final Integer port3 = 789;
-
- Map<String, Integer> servicesMap = new HashMap<String, Integer>();
- servicesMap.put(hostname1, port1);
- servicesMap.put(hostname2, port2);
- servicesMap.put(hostname3, port3);
-
- ServiceRegister register1 = new ServiceRegister(haContext);
- register1.regService(hostname1, port1);
- ServiceRegister register2 = new ServiceRegister(haContext);
- register2.regService(hostname2, port2);
- ServiceRegister register3 = new ServiceRegister(haContext);
- register3.regService(hostname3, port3);
-
- ServiceManager manager = new ServiceManager(haContext);
- ServiceInstance<Void> instance = manager.getServiceInstance();
- assertEquals("'instance' doesn't match.", instance.getPort(), servicesMap.get(instance.getAddress()));
- instance = manager.getServiceInstance();
- assertEquals("'instance' doesn't match.", instance.getPort(), servicesMap.get(instance.getAddress()));
- instance = manager.getServiceInstance();
- assertEquals("'instance' doesn't match.", instance.getPort(), servicesMap.get(instance.getAddress()));
- }
-
- @Test
- public void testReportError() throws Exception {
- final String hostname1 = "localhost1";
- final Integer port1 = 123;
-
- ServiceRegister register1 = new ServiceRegister(haContext);
- register1.regService(hostname1, port1);
-
- ServiceManager manager = new ServiceManager(haContext);
- ServiceInstance<Void> instance = manager.getServiceInstance();
- manager.reportError(instance);
- // report twice, manager will not return temporarily
- instance = manager.getServiceInstance();
- manager.reportError(instance);
- instance = manager.getServiceInstance();
- assertEquals("'instance' should be null.", null, instance);
- }
-
-}
[46/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAuthorizable.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAuthorizable.java
deleted file mode 100644
index e0af045..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAuthorizable.java
+++ /dev/null
@@ -1,490 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAuthorizable implements org.apache.thrift.TBase<TAuthorizable, TAuthorizable._Fields>, java.io.Serializable, Cloneable, Comparable<TAuthorizable> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAuthorizable");
-
- private static final org.apache.thrift.protocol.TField TYPE_FIELD_DESC = new org.apache.thrift.protocol.TField("type", org.apache.thrift.protocol.TType.STRING, (short)1);
- private static final org.apache.thrift.protocol.TField NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("name", org.apache.thrift.protocol.TType.STRING, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAuthorizableStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAuthorizableTupleSchemeFactory());
- }
-
- private String type; // required
- private String name; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- TYPE((short)1, "type"),
- NAME((short)2, "name");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // TYPE
- return TYPE;
- case 2: // NAME
- return NAME;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.TYPE, new org.apache.thrift.meta_data.FieldMetaData("type", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.NAME, new org.apache.thrift.meta_data.FieldMetaData("name", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAuthorizable.class, metaDataMap);
- }
-
- public TAuthorizable() {
- }
-
- public TAuthorizable(
- String type,
- String name)
- {
- this();
- this.type = type;
- this.name = name;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAuthorizable(TAuthorizable other) {
- if (other.isSetType()) {
- this.type = other.type;
- }
- if (other.isSetName()) {
- this.name = other.name;
- }
- }
-
- public TAuthorizable deepCopy() {
- return new TAuthorizable(this);
- }
-
- @Override
- public void clear() {
- this.type = null;
- this.name = null;
- }
-
- public String getType() {
- return this.type;
- }
-
- public void setType(String type) {
- this.type = type;
- }
-
- public void unsetType() {
- this.type = null;
- }
-
- /** Returns true if field type is set (has been assigned a value) and false otherwise */
- public boolean isSetType() {
- return this.type != null;
- }
-
- public void setTypeIsSet(boolean value) {
- if (!value) {
- this.type = null;
- }
- }
-
- public String getName() {
- return this.name;
- }
-
- public void setName(String name) {
- this.name = name;
- }
-
- public void unsetName() {
- this.name = null;
- }
-
- /** Returns true if field name is set (has been assigned a value) and false otherwise */
- public boolean isSetName() {
- return this.name != null;
- }
-
- public void setNameIsSet(boolean value) {
- if (!value) {
- this.name = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case TYPE:
- if (value == null) {
- unsetType();
- } else {
- setType((String)value);
- }
- break;
-
- case NAME:
- if (value == null) {
- unsetName();
- } else {
- setName((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case TYPE:
- return getType();
-
- case NAME:
- return getName();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case TYPE:
- return isSetType();
- case NAME:
- return isSetName();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAuthorizable)
- return this.equals((TAuthorizable)that);
- return false;
- }
-
- public boolean equals(TAuthorizable that) {
- if (that == null)
- return false;
-
- boolean this_present_type = true && this.isSetType();
- boolean that_present_type = true && that.isSetType();
- if (this_present_type || that_present_type) {
- if (!(this_present_type && that_present_type))
- return false;
- if (!this.type.equals(that.type))
- return false;
- }
-
- boolean this_present_name = true && this.isSetName();
- boolean that_present_name = true && that.isSetName();
- if (this_present_name || that_present_name) {
- if (!(this_present_name && that_present_name))
- return false;
- if (!this.name.equals(that.name))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_type = true && (isSetType());
- list.add(present_type);
- if (present_type)
- list.add(type);
-
- boolean present_name = true && (isSetName());
- list.add(present_name);
- if (present_name)
- list.add(name);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAuthorizable other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetType()).compareTo(other.isSetType());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetType()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.type, other.type);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetName()).compareTo(other.isSetName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.name, other.name);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAuthorizable(");
- boolean first = true;
-
- sb.append("type:");
- if (this.type == null) {
- sb.append("null");
- } else {
- sb.append(this.type);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("name:");
- if (this.name == null) {
- sb.append("null");
- } else {
- sb.append(this.name);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetType()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'type' is unset! Struct:" + toString());
- }
-
- if (!isSetName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'name' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAuthorizableStandardSchemeFactory implements SchemeFactory {
- public TAuthorizableStandardScheme getScheme() {
- return new TAuthorizableStandardScheme();
- }
- }
-
- private static class TAuthorizableStandardScheme extends StandardScheme<TAuthorizable> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAuthorizable struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // TYPE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.type = iprot.readString();
- struct.setTypeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.name = iprot.readString();
- struct.setNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAuthorizable struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.type != null) {
- oprot.writeFieldBegin(TYPE_FIELD_DESC);
- oprot.writeString(struct.type);
- oprot.writeFieldEnd();
- }
- if (struct.name != null) {
- oprot.writeFieldBegin(NAME_FIELD_DESC);
- oprot.writeString(struct.name);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAuthorizableTupleSchemeFactory implements SchemeFactory {
- public TAuthorizableTupleScheme getScheme() {
- return new TAuthorizableTupleScheme();
- }
- }
-
- private static class TAuthorizableTupleScheme extends TupleScheme<TAuthorizable> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAuthorizable struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeString(struct.type);
- oprot.writeString(struct.name);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAuthorizable struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.type = iprot.readString();
- struct.setTypeIsSet(true);
- struct.name = iprot.readString();
- struct.setNameIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleRequest.java
deleted file mode 100644
index f6a0358..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleRequest.java
+++ /dev/null
@@ -1,692 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreateSentryRoleRequest, TCreateSentryRoleRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TCreateSentryRoleRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TCreateSentryRoleRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TCreateSentryRoleRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TCreateSentryRoleRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private String component; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- COMPONENT((short)4, "component");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TCreateSentryRoleRequest.class, metaDataMap);
- }
-
- public TCreateSentryRoleRequest() {
- this.protocol_version = 2;
-
- }
-
- public TCreateSentryRoleRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- String component)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.component = component;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TCreateSentryRoleRequest(TCreateSentryRoleRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- }
-
- public TCreateSentryRoleRequest deepCopy() {
- return new TCreateSentryRoleRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.component = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case COMPONENT:
- return getComponent();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case COMPONENT:
- return isSetComponent();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TCreateSentryRoleRequest)
- return this.equals((TCreateSentryRoleRequest)that);
- return false;
- }
-
- public boolean equals(TCreateSentryRoleRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TCreateSentryRoleRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TCreateSentryRoleRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TCreateSentryRoleRequestStandardSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleRequestStandardScheme getScheme() {
- return new TCreateSentryRoleRequestStandardScheme();
- }
- }
-
- private static class TCreateSentryRoleRequestStandardScheme extends StandardScheme<TCreateSentryRoleRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TCreateSentryRoleRequestTupleSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleRequestTupleScheme getScheme() {
- return new TCreateSentryRoleRequestTupleScheme();
- }
- }
-
- private static class TCreateSentryRoleRequestTupleScheme extends TupleScheme<TCreateSentryRoleRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- oprot.writeString(struct.component);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleResponse.java
deleted file mode 100644
index f533a7e..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TCreateSentryRoleResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TCreateSentryRoleResponse implements org.apache.thrift.TBase<TCreateSentryRoleResponse, TCreateSentryRoleResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TCreateSentryRoleResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TCreateSentryRoleResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TCreateSentryRoleResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TCreateSentryRoleResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TCreateSentryRoleResponse.class, metaDataMap);
- }
-
- public TCreateSentryRoleResponse() {
- }
-
- public TCreateSentryRoleResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TCreateSentryRoleResponse(TCreateSentryRoleResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TCreateSentryRoleResponse deepCopy() {
- return new TCreateSentryRoleResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TCreateSentryRoleResponse)
- return this.equals((TCreateSentryRoleResponse)that);
- return false;
- }
-
- public boolean equals(TCreateSentryRoleResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TCreateSentryRoleResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TCreateSentryRoleResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TCreateSentryRoleResponseStandardSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleResponseStandardScheme getScheme() {
- return new TCreateSentryRoleResponseStandardScheme();
- }
- }
-
- private static class TCreateSentryRoleResponseStandardScheme extends StandardScheme<TCreateSentryRoleResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TCreateSentryRoleResponseTupleSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleResponseTupleScheme getScheme() {
- return new TCreateSentryRoleResponseTupleScheme();
- }
- }
-
- private static class TCreateSentryRoleResponseTupleScheme extends TupleScheme<TCreateSentryRoleResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesRequest.java
deleted file mode 100644
index 79724d3..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TDropPrivilegesRequest.java
+++ /dev/null
@@ -1,697 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropPrivilegesRequest implements org.apache.thrift.TBase<TDropPrivilegesRequest, TDropPrivilegesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TDropPrivilegesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropPrivilegesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropPrivilegesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropPrivilegesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private TSentryPrivilege privilege; // required
- private String component; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- PRIVILEGE((short)3, "privilege"),
- COMPONENT((short)4, "component");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // PRIVILEGE
- return PRIVILEGE;
- case 4: // COMPONENT
- return COMPONENT;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropPrivilegesRequest.class, metaDataMap);
- }
-
- public TDropPrivilegesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TDropPrivilegesRequest(
- int protocol_version,
- String requestorUserName,
- TSentryPrivilege privilege,
- String component)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.privilege = privilege;
- this.component = component;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropPrivilegesRequest(TDropPrivilegesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetPrivilege()) {
- this.privilege = new TSentryPrivilege(other.privilege);
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- }
-
- public TDropPrivilegesRequest deepCopy() {
- return new TDropPrivilegesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.privilege = null;
- this.component = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public TSentryPrivilege getPrivilege() {
- return this.privilege;
- }
-
- public void setPrivilege(TSentryPrivilege privilege) {
- this.privilege = privilege;
- }
-
- public void unsetPrivilege() {
- this.privilege = null;
- }
-
- /** Returns true if field privilege is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilege() {
- return this.privilege != null;
- }
-
- public void setPrivilegeIsSet(boolean value) {
- if (!value) {
- this.privilege = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case PRIVILEGE:
- if (value == null) {
- unsetPrivilege();
- } else {
- setPrivilege((TSentryPrivilege)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case PRIVILEGE:
- return getPrivilege();
-
- case COMPONENT:
- return getComponent();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case PRIVILEGE:
- return isSetPrivilege();
- case COMPONENT:
- return isSetComponent();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropPrivilegesRequest)
- return this.equals((TDropPrivilegesRequest)that);
- return false;
- }
-
- public boolean equals(TDropPrivilegesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_privilege = true && this.isSetPrivilege();
- boolean that_present_privilege = true && that.isSetPrivilege();
- if (this_present_privilege || that_present_privilege) {
- if (!(this_present_privilege && that_present_privilege))
- return false;
- if (!this.privilege.equals(that.privilege))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_privilege = true && (isSetPrivilege());
- list.add(present_privilege);
- if (present_privilege)
- list.add(privilege);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropPrivilegesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilege()).compareTo(other.isSetPrivilege());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilege()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilege, other.privilege);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropPrivilegesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("privilege:");
- if (this.privilege == null) {
- sb.append("null");
- } else {
- sb.append(this.privilege);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetPrivilege()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilege' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (privilege != null) {
- privilege.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropPrivilegesRequestStandardSchemeFactory implements SchemeFactory {
- public TDropPrivilegesRequestStandardScheme getScheme() {
- return new TDropPrivilegesRequestStandardScheme();
- }
- }
-
- private static class TDropPrivilegesRequestStandardScheme extends StandardScheme<TDropPrivilegesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // PRIVILEGE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.privilege != null) {
- oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
- struct.privilege.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropPrivilegesRequestTupleSchemeFactory implements SchemeFactory {
- public TDropPrivilegesRequestTupleScheme getScheme() {
- return new TDropPrivilegesRequestTupleScheme();
- }
- }
-
- private static class TDropPrivilegesRequestTupleScheme extends TupleScheme<TDropPrivilegesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- struct.privilege.write(oprot);
- oprot.writeString(struct.component);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- }
- }
-
-}
-
[25/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorWrapper.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorWrapper.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorWrapper.java
deleted file mode 100644
index d320d0f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorWrapper.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
-import org.apache.thrift.TException;
-import org.apache.thrift.protocol.TProtocol;
-
-public class SentryGenericPolicyProcessorWrapper<I extends SentryGenericPolicyService.Iface>
- extends SentryGenericPolicyService.Processor<SentryGenericPolicyService.Iface> {
-
- public SentryGenericPolicyProcessorWrapper(I iface) {
- super(iface);
- }
-
- @Override
- public boolean process(TProtocol in, TProtocol out) throws TException {
- // set the ip and impersonator for audit log
- ThriftUtil.setIpAddress(in);
- ThriftUtil.setImpersonator(in);
- return super.process(in, out);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
deleted file mode 100644
index 11cdee7..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
+++ /dev/null
@@ -1,196 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-
-public interface SentryGenericServiceClient {
-
- /**
- * Create a sentry role
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @throws SentryUserException
- */
- void createRole(String requestorUserName, String roleName,
- String component) throws SentryUserException;
-
- void createRoleIfNotExist(String requestorUserName,
- String roleName, String component) throws SentryUserException;
-
- /**
- * Drop a sentry role
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @throws SentryUserException
- */
- void dropRole(String requestorUserName, String roleName,
- String component) throws SentryUserException;
-
- void dropRoleIfExists(String requestorUserName, String roleName,
- String component) throws SentryUserException;
-
- /**
- * add a sentry role to groups.
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param groups: The name of groups
- * @throws SentryUserException
- */
- void addRoleToGroups(String requestorUserName, String roleName,
- String component, Set<String> groups) throws SentryUserException;
-
- /**
- * delete a sentry role from groups.
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param groups: The name of groups
- * @throws SentryUserException
- */
- void deleteRoleToGroups(String requestorUserName, String roleName,
- String component, Set<String> groups) throws SentryUserException;
-
- /**
- * grant privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- void grantPrivilege(String requestorUserName, String roleName,
- String component, TSentryPrivilege privilege) throws SentryUserException;
-
- /**
- * revoke privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- void revokePrivilege(String requestorUserName, String roleName,
- String component, TSentryPrivilege privilege) throws SentryUserException;
-
- /**
- * drop privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- void dropPrivilege(String requestorUserName,String component,
- TSentryPrivilege privilege) throws SentryUserException;
-
- /**
- * rename privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param component: The request is issued to which component
- * @param serviceName: The Authorizable belongs to which service
- * @param oldAuthorizables
- * @param newAuthorizables
- * @throws SentryUserException
- */
- void renamePrivilege(String requestorUserName, String component,
- String serviceName, List<? extends Authorizable> oldAuthorizables,
- List<? extends Authorizable> newAuthorizables) throws SentryUserException;
-
- /**
- * Gets sentry role objects for a given groupName using the Sentry service
- * @param requestorUserName : user on whose behalf the request is issued
- * @param groupName : groupName to look up ( if null returns all roles for groups related to requestorUserName)
- * @param component: The request is issued to which component
- * @return Set of thrift sentry role objects
- * @throws SentryUserException
- */
- Set<TSentryRole> listRolesByGroupName(
- String requestorUserName,
- String groupName,
- String component)
- throws SentryUserException;
-
- Set<TSentryRole> listUserRoles(String requestorUserName, String component)
- throws SentryUserException;
-
- Set<TSentryRole> listAllRoles(String requestorUserName, String component)
- throws SentryUserException;
-
- /**
- * Gets sentry privileges for a given roleName and Authorizable Hierarchy using the Sentry service
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName:
- * @param component: The request is issued to which component
- * @param serviceName
- * @param authorizables
- * @return
- * @throws SentryUserException
- */
- Set<TSentryPrivilege> listPrivilegesByRoleName(
- String requestorUserName, String roleName, String component,
- String serviceName, List<? extends Authorizable> authorizables)
- throws SentryUserException;
-
- Set<TSentryPrivilege> listPrivilegesByRoleName(
- String requestorUserName, String roleName, String component,
- String serviceName) throws SentryUserException;
-
- /**
- * get sentry permissions from provider as followings:
- * @param: component: The request is issued to which component
- * @param: serviceName: The privilege belongs to which service
- * @param: roleSet
- * @param: groupNames
- * @param: the authorizables
- * @returns the set of permissions
- * @throws SentryUserException
- */
- Set<String> listPrivilegesForProvider(String component,
- String serviceName, ActiveRoleSet roleSet, Set<String> groups,
- List<? extends Authorizable> authorizables) throws SentryUserException;
-
- /**
- * Get sentry privileges based on valid active roles and the authorize objects. Note that
- * it is client responsibility to ensure the requestor username, etc. is not impersonated.
- *
- * @param component: The request respond to which component.
- * @param serviceName: The name of service.
- * @param requestorUserName: The requestor user name.
- * @param authorizablesSet: The set of authorize objects. One authorize object is represented
- * as a string. e.g resourceType1=resourceName1->resourceType2=resourceName2->resourceType3=resourceName3.
- * @param groups: The requested groups.
- * @param roleSet: The active roles set.
- *
- * @returns The mapping of authorize objects and TSentryPrivilegeMap(<role, set<privileges>).
- * @throws SentryUserException
- */
- Map<String, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(String component,
- String serviceName, String requestorUserName, Set<String> authorizablesSet,
- Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException;
-
- void close();
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
deleted file mode 100644
index ee6cdf7..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
+++ /dev/null
@@ -1,591 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.security.PrivilegedExceptionAction;
-import java.util.*;
-
-import javax.security.auth.callback.CallbackHandler;
-
-import org.apache.hadoop.conf.Configuration;
-import static org.apache.hadoop.fs.CommonConfigurationKeysPublic.HADOOP_SECURITY_AUTHENTICATION;
-import org.apache.hadoop.net.NetUtils;
-import org.apache.hadoop.security.SaslRpcServer;
-import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.sentry.service.thrift.sentry_common_serviceConstants;
-import org.apache.thrift.TException;
-import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.protocol.TMultiplexedProtocol;
-import org.apache.thrift.transport.TSaslClientTransport;
-import org.apache.thrift.transport.TSocket;
-import org.apache.thrift.transport.TTransport;
-import org.apache.thrift.transport.TTransportException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Preconditions;
-import com.google.common.collect.Lists;
-
-public class SentryGenericServiceClientDefaultImpl implements SentryGenericServiceClient {
- private final Configuration conf;
- private final InetSocketAddress serverAddress;
- private final boolean kerberos;
- private final String[] serverPrincipalParts;
- private SentryGenericPolicyService.Client client;
- private TTransport transport;
- private int connectionTimeout;
- private static final Logger LOGGER = LoggerFactory
- .getLogger(SentryGenericServiceClientDefaultImpl.class);
- private static final String THRIFT_EXCEPTION_MESSAGE = "Thrift exception occured ";
-
- /**
- * This transport wraps the Sasl transports to set up the right UGI context for open().
- */
- public static class UgiSaslClientTransport extends TSaslClientTransport {
- protected UserGroupInformation ugi = null;
-
- public UgiSaslClientTransport(String mechanism, String authorizationId,
- String protocol, String serverName, Map<String, String> props,
- CallbackHandler cbh, TTransport transport, boolean wrapUgi, Configuration conf)
- throws IOException {
- super(mechanism, authorizationId, protocol, serverName, props, cbh,
- transport);
- if (wrapUgi) {
- // If we don't set the configuration, the UGI will be created based on
- // what's on the classpath, which may lack the kerberos changes we require
- UserGroupInformation.setConfiguration(conf);
- ugi = UserGroupInformation.getLoginUser();
- }
- }
-
- // open the SASL transport with using the current UserGroupInformation
- // This is needed to get the current login context stored
- @Override
- public void open() throws TTransportException {
- if (ugi == null) {
- baseOpen();
- } else {
- try {
- if (ugi.isFromKeytab()) {
- ugi.checkTGTAndReloginFromKeytab();
- }
- ugi.doAs(new PrivilegedExceptionAction<Void>() {
- public Void run() throws TTransportException {
- baseOpen();
- return null;
- }
- });
- } catch (IOException e) {
- throw new TTransportException("Failed to open SASL transport: " + e.getMessage(), e);
- } catch (InterruptedException e) {
- throw new TTransportException(
- "Interrupted while opening underlying transport: " + e.getMessage(), e);
- }
- }
- }
-
- private void baseOpen() throws TTransportException {
- super.open();
- }
- }
-
- public SentryGenericServiceClientDefaultImpl(Configuration conf) throws IOException {
- // copy the configuration because we may make modifications to it.
- this.conf = new Configuration(conf);
- Preconditions.checkNotNull(this.conf, "Configuration object cannot be null");
- this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(
- conf.get(ClientConfig.SERVER_RPC_ADDRESS), "Config key "
- + ClientConfig.SERVER_RPC_ADDRESS + " is required"), conf.getInt(
- ClientConfig.SERVER_RPC_PORT, ClientConfig.SERVER_RPC_PORT_DEFAULT));
- this.connectionTimeout = conf.getInt(ClientConfig.SERVER_RPC_CONN_TIMEOUT,
- ClientConfig.SERVER_RPC_CONN_TIMEOUT_DEFAULT);
- kerberos = ServerConfig.SECURITY_MODE_KERBEROS.equalsIgnoreCase(
- conf.get(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_KERBEROS).trim());
- transport = new TSocket(serverAddress.getHostName(),
- serverAddress.getPort(), connectionTimeout);
- if (kerberos) {
- String serverPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL), ServerConfig.PRINCIPAL + " is required");
- // since the client uses hadoop-auth, we need to set kerberos in
- // hadoop-auth if we plan to use kerberos
- conf.set(HADOOP_SECURITY_AUTHENTICATION, ServerConfig.SECURITY_MODE_KERBEROS);
-
- // Resolve server host in the same way as we are doing on server side
- serverPrincipal = SecurityUtil.getServerPrincipal(serverPrincipal, serverAddress.getAddress());
- LOGGER.debug("Using server kerberos principal: " + serverPrincipal);
-
- serverPrincipalParts = SaslRpcServer.splitKerberosName(serverPrincipal);
- Preconditions.checkArgument(serverPrincipalParts.length == 3,
- "Kerberos principal should have 3 parts: " + serverPrincipal);
- boolean wrapUgi = "true".equalsIgnoreCase(conf
- .get(ServerConfig.SECURITY_USE_UGI_TRANSPORT, "true"));
- transport = new UgiSaslClientTransport(AuthMethod.KERBEROS.getMechanismName(),
- null, serverPrincipalParts[0], serverPrincipalParts[1],
- ClientConfig.SASL_PROPERTIES, null, transport, wrapUgi, conf);
- } else {
- serverPrincipalParts = null;
- }
- try {
- transport.open();
- } catch (TTransportException e) {
- throw new IOException("Transport exception while opening transport: " + e.getMessage(), e);
- }
- LOGGER.debug("Successfully opened transport: " + transport + " to " + serverAddress);
- long maxMessageSize = conf.getLong(ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE,
- ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT);
- TMultiplexedProtocol protocol = new TMultiplexedProtocol(
- new TBinaryProtocol(transport, maxMessageSize, maxMessageSize, true, true),
- SentryGenericPolicyProcessor.SENTRY_GENERIC_SERVICE_NAME);
- client = new SentryGenericPolicyService.Client(protocol);
- LOGGER.debug("Successfully created client");
- }
-
-
-
- /**
- * Create a sentry role
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @throws SentryUserException
- */
- public synchronized void createRole(String requestorUserName, String roleName, String component)
- throws SentryUserException {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setComponent(component);
- try {
- TCreateSentryRoleResponse response = client.create_sentry_role(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public void createRoleIfNotExist(String requestorUserName, String roleName, String component) throws SentryUserException {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setComponent(component);
- try {
- TCreateSentryRoleResponse response = client.create_sentry_role(request);
- Status status = Status.fromCode(response.getStatus().getValue());
- if (status == Status.ALREADY_EXISTS) {
- return;
- }
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Drop a sentry role
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @throws SentryUserException
- */
- public void dropRole(String requestorUserName,
- String roleName, String component)
- throws SentryUserException {
- dropRole(requestorUserName, roleName, component, false);
- }
-
- public void dropRoleIfExists(String requestorUserName,
- String roleName, String component)
- throws SentryUserException {
- dropRole(requestorUserName, roleName, component, true);
- }
-
- private void dropRole(String requestorUserName,
- String roleName, String component , boolean ifExists)
- throws SentryUserException {
- TDropSentryRoleRequest request = new TDropSentryRoleRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setComponent(component);
- try {
- TDropSentryRoleResponse response = client.drop_sentry_role(request);
- Status status = Status.fromCode(response.getStatus().getValue());
- if (ifExists && status == Status.NO_SUCH_OBJECT) {
- return;
- }
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * add a sentry role to groups.
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param groups: The name of groups
- * @throws SentryUserException
- */
- public void addRoleToGroups(String requestorUserName, String roleName,
- String component, Set<String> groups) throws SentryUserException {
- TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setGroups(groups);
- request.setComponent(component);
-
- try {
- TAlterSentryRoleAddGroupsResponse response = client.alter_sentry_role_add_groups(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * delete a sentry role from groups.
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param groups: The name of groups
- * @throws SentryUserException
- */
- public void deleteRoleToGroups(String requestorUserName, String roleName,
- String component, Set<String> groups) throws SentryUserException {
- TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setGroups(groups);
- request.setComponent(component);
-
- try {
- TAlterSentryRoleDeleteGroupsResponse response = client.alter_sentry_role_delete_groups(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * grant privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- public void grantPrivilege(String requestorUserName, String roleName,
- String component, TSentryPrivilege privilege) throws SentryUserException {
- TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRoleName(roleName);
- request.setRequestorUserName(requestorUserName);
- request.setPrivilege(privilege);
-
- try {
- TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * revoke privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- public void revokePrivilege(String requestorUserName, String roleName,
- String component, TSentryPrivilege privilege) throws SentryUserException {
- TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setPrivilege(privilege);
-
- try {
- TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * drop privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- public void dropPrivilege(String requestorUserName,String component,
- TSentryPrivilege privilege) throws SentryUserException {
- TDropPrivilegesRequest request = new TDropPrivilegesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRequestorUserName(requestorUserName);
- request.setPrivilege(privilege);
-
- try {
- TDropPrivilegesResponse response = client.drop_sentry_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * rename privilege
- * @param requestorUserName: user on whose behalf the request is issued
- * @param component: The request is issued to which component
- * @param serviceName: The Authorizable belongs to which service
- * @param oldAuthorizables
- * @param newAuthorizables
- * @throws SentryUserException
- */
- public void renamePrivilege(String requestorUserName, String component,
- String serviceName, List<? extends Authorizable> oldAuthorizables,
- List<? extends Authorizable> newAuthorizables) throws SentryUserException {
- if (oldAuthorizables == null || oldAuthorizables.isEmpty()
- || newAuthorizables == null || newAuthorizables.isEmpty()) {
- throw new SentryUserException("oldAuthorizables or newAuthorizables can not be null or empty");
- }
-
- TRenamePrivilegesRequest request = new TRenamePrivilegesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRequestorUserName(requestorUserName);
- request.setServiceName(serviceName);
-
- List<TAuthorizable> oldTAuthorizables = Lists.newArrayList();
- List<TAuthorizable> newTAuthorizables = Lists.newArrayList();
- for (Authorizable authorizable : oldAuthorizables) {
- oldTAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- request.setOldAuthorizables(oldTAuthorizables);
- }
- for (Authorizable authorizable : newAuthorizables) {
- newTAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- request.setNewAuthorizables(newTAuthorizables);
- }
-
- try {
- TRenamePrivilegesResponse response = client.rename_sentry_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Gets sentry role objects for a given groupName using the Sentry service
- * @param requestorUserName : user on whose behalf the request is issued
- * @param groupName : groupName to look up ( if null returns all roles for groups related to requestorUserName)
- * @param component: The request is issued to which component
- * @return Set of thrift sentry role objects
- * @throws SentryUserException
- */
- public synchronized Set<TSentryRole> listRolesByGroupName(
- String requestorUserName,
- String groupName,
- String component)
- throws SentryUserException {
- TListSentryRolesRequest request = new TListSentryRolesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setGroupName(groupName);
- request.setComponent(component);
- TListSentryRolesResponse response;
- try {
- response = client.list_sentry_roles_by_group(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getRoles();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public Set<TSentryRole> listUserRoles(String requestorUserName, String component)
- throws SentryUserException {
- return listRolesByGroupName(requestorUserName, AccessConstants.ALL, component);
- }
-
- public Set<TSentryRole> listAllRoles(String requestorUserName, String component)
- throws SentryUserException {
- return listRolesByGroupName(requestorUserName, null, component);
- }
-
- /**
- * Gets sentry privileges for a given roleName and Authorizable Hirerchys using the Sentry service
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName:
- * @param component: The request is issued to which component
- * @param serviceName
- * @param authorizables
- * @return
- * @throws SentryUserException
- */
- public Set<TSentryPrivilege> listPrivilegesByRoleName(
- String requestorUserName, String roleName, String component,
- String serviceName, List<? extends Authorizable> authorizables)
- throws SentryUserException {
- TListSentryPrivilegesRequest request = new TListSentryPrivilegesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setServiceName(serviceName);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- if (authorizables != null && !authorizables.isEmpty()) {
- List<TAuthorizable> tAuthorizables = Lists.newArrayList();
- for (Authorizable authorizable : authorizables) {
- tAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- }
- request.setAuthorizables(tAuthorizables);
- }
-
- TListSentryPrivilegesResponse response;
- try {
- response = client.list_sentry_privileges_by_role(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- return response.getPrivileges();
- }
-
- public Set<TSentryPrivilege> listPrivilegesByRoleName(
- String requestorUserName, String roleName, String component,
- String serviceName) throws SentryUserException {
- return listPrivilegesByRoleName(requestorUserName, roleName, component, serviceName, null);
- }
-
- /**
- * get sentry permissions from provider as followings:
- * @param: component: The request is issued to which component
- * @param: serviceName: The privilege belongs to which service
- * @param: roleSet
- * @param: groupNames
- * @param: the authorizables
- * @returns the set of permissions
- * @throws SentryUserException
- */
- public Set<String> listPrivilegesForProvider(String component,
- String serviceName, ActiveRoleSet roleSet, Set<String> groups,
- List<? extends Authorizable> authorizables) throws SentryUserException {
- TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles());
- TListSentryPrivilegesForProviderRequest request = new TListSentryPrivilegesForProviderRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setServiceName(serviceName);
- request.setRoleSet(thriftRoleSet);
- if (groups == null) {
- request.setGroups(new HashSet<String>());
- } else {
- request.setGroups(groups);
- }
- List<TAuthorizable> tAuthoriables = Lists.newArrayList();
- if (authorizables != null && !authorizables.isEmpty()) {
- for (Authorizable authorizable : authorizables) {
- tAuthoriables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- }
- request.setAuthorizables(tAuthoriables);
- }
-
- try {
- TListSentryPrivilegesForProviderResponse response = client.list_sentry_privileges_for_provider(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivileges();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Get sentry privileges based on valid active roles and the authorize objects. Note that
- * it is client responsibility to ensure the requestor username, etc. is not impersonated.
- *
- * @param component: The request respond to which component.
- * @param serviceName: The name of service.
- * @param requestorUserName: The requestor user name.
- * @param authorizablesSet: The set of authorize objects. One authorize object is represented
- * as a string. e.g resourceType1=resourceName1->resourceType2=resourceName2->resourceType3=resourceName3.
- * @param groups: The requested groups.
- * @param roleSet: The active roles set.
- *
- * @returns The mapping of authorize objects and TSentryPrivilegeMap(<role, set<privileges>).
- * @throws SentryUserException
- */
- public Map<String, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(String component,
- String serviceName, String requestorUserName, Set<String> authorizablesSet,
- Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException {
-
- TListSentryPrivilegesByAuthRequest request = new TListSentryPrivilegesByAuthRequest();
-
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setServiceName(serviceName);
- request.setRequestorUserName(requestorUserName);
- request.setAuthorizablesSet(authorizablesSet);
-
- if (groups == null) {
- request.setGroups(new HashSet<String>());
- } else {
- request.setGroups(groups);
- }
-
- if (roleSet != null) {
- request.setRoleSet(new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles()));
- }
-
- try {
- TListSentryPrivilegesByAuthResponse response = client.list_sentry_privileges_by_authorizable(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivilegesMapByAuth();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public void close() {
- if (transport != null) {
- transport.close();
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java
deleted file mode 100644
index 980d930..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.hadoop.conf.Configuration;
-
-/**
- * SentryGenericServiceClientFactory is a public class for the components which using Generic Model to create sentry client.
- */
-public final class SentryGenericServiceClientFactory {
-
- private SentryGenericServiceClientFactory() {
- }
-
- public static SentryGenericServiceClient create(Configuration conf) throws Exception {
- return new SentryGenericServiceClientDefaultImpl(conf);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
deleted file mode 100644
index 688bc9e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/KafkaTSentryPrivilegeConverter.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import com.google.common.collect.Lists;
-import org.apache.sentry.core.common.utils.KeyValue;
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.common.validator.PrivilegeValidatorContext;
-import org.apache.sentry.core.model.kafka.KafkaAuthorizable;
-import org.apache.sentry.core.model.kafka.KafkaModelAuthorizables;
-import org.apache.sentry.core.model.kafka.validator.KafkaPrivilegeValidator;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.generic.tools.command.TSentryPrivilegeConverter;
-
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-
-import static org.apache.sentry.core.common.utils.SentryConstants.AUTHORIZABLE_SEPARATOR;
-import static org.apache.sentry.core.common.utils.SentryConstants.KV_SEPARATOR;
-import static org.apache.sentry.core.common.utils.SentryConstants.RESOURCE_WILDCARD_VALUE;
-
-public class KafkaTSentryPrivilegeConverter implements TSentryPrivilegeConverter {
- private String component;
- private String service;
-
- public KafkaTSentryPrivilegeConverter(String component, String service) {
- this.component = component;
- this.service = service;
- }
-
- public TSentryPrivilege fromString(String privilegeStr) throws Exception {
- final String hostPrefix = KafkaAuthorizable.AuthorizableType.HOST.name() + KV_SEPARATOR;
- final String hostPrefixLowerCase = hostPrefix.toLowerCase();
- if (!privilegeStr.toLowerCase().startsWith(hostPrefixLowerCase)) {
- privilegeStr = hostPrefix + RESOURCE_WILDCARD_VALUE + AUTHORIZABLE_SEPARATOR + privilegeStr;
- }
- validatePrivilegeHierarchy(privilegeStr);
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
- List<TAuthorizable> authorizables = new LinkedList<TAuthorizable>();
- for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
- KeyValue keyValue = new KeyValue(authorizable);
- String key = keyValue.getKey();
- String value = keyValue.getValue();
-
- // is it an authorizable?
- KafkaAuthorizable authz = KafkaModelAuthorizables.from(keyValue);
- if (authz != null) {
- authorizables.add(new TAuthorizable(authz.getTypeName(), authz.getName()));
-
- } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setAction(value);
- }
- }
-
- if (tSentryPrivilege.getAction() == null) {
- throw new IllegalArgumentException("Privilege is invalid: action required but not specified.");
- }
- tSentryPrivilege.setComponent(component);
- tSentryPrivilege.setServiceName(service);
- tSentryPrivilege.setAuthorizables(authorizables);
- return tSentryPrivilege;
- }
-
- public String toString(TSentryPrivilege tSentryPrivilege) {
- List<String> privileges = Lists.newArrayList();
- if (tSentryPrivilege != null) {
- List<TAuthorizable> authorizables = tSentryPrivilege.getAuthorizables();
- String action = tSentryPrivilege.getAction();
- String grantOption = (tSentryPrivilege.getGrantOption() == TSentryGrantOption.TRUE ? "true"
- : "false");
-
- Iterator<TAuthorizable> it = authorizables.iterator();
- if (it != null) {
- while (it.hasNext()) {
- TAuthorizable tAuthorizable = it.next();
- privileges.add(SentryConstants.KV_JOINER.join(
- tAuthorizable.getType(), tAuthorizable.getName()));
- }
- }
-
- if (!authorizables.isEmpty()) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_ACTION_NAME, action));
- }
-
- // only append the grant option to privilege string if it's true
- if ("true".equals(grantOption)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME, grantOption));
- }
- }
- return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
- }
-
- private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception {
- new KafkaPrivilegeValidator().validate(new PrivilegeValidatorContext(privilegeStr));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolCommon.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolCommon.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolCommon.java
deleted file mode 100644
index 013e824..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolCommon.java
+++ /dev/null
@@ -1,152 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import com.google.common.annotations.VisibleForTesting;
-
-import org.apache.commons.cli.CommandLine;
-import org.apache.commons.cli.GnuParser;
-import org.apache.commons.cli.HelpFormatter;
-import org.apache.commons.cli.Option;
-import org.apache.commons.cli.Options;
-import org.apache.commons.cli.ParseException;
-import org.apache.commons.cli.Parser;
-
-abstract public class SentryConfigToolCommon {
- private String policyFile;
- private boolean validate;
- private boolean importPolicy;
- private boolean checkCompat;
- private String confPath;
-
- /**
- * parse arguments
- * <pre>
- * -conf,--sentry_conf <filepath> sentry config file path
- * -p,--policy_ini <arg> policy file path
- * -v,--validate validate policy file
- * -c,--checkcompat check compatibility with service
- * -i,--import import policy file
- * -h,--help print usage
- * </pre>
- * @param args
- */
- protected boolean parseArgs(String [] args) {
- Options options = new Options();
-
- Option globalPolicyPath = new Option("p", "policy_ini", true,
- "Policy file path");
- globalPolicyPath.setRequired(true);
- options.addOption(globalPolicyPath);
-
- Option validateOpt = new Option("v", "validate", false,
- "Validate policy file");
- validateOpt.setRequired(false);
- options.addOption(validateOpt);
-
- Option checkCompatOpt = new Option("c","checkcompat",false,
- "Check compatibility with Sentry Service");
- checkCompatOpt.setRequired(false);
- options.addOption(checkCompatOpt);
-
- Option importOpt = new Option("i", "import", false,
- "Import policy file");
- importOpt.setRequired(false);
- options.addOption(importOpt);
-
- // file path of sentry-site
- Option sentrySitePathOpt = new Option("conf", "sentry_conf", true, "sentry-site file path");
- sentrySitePathOpt.setRequired(true);
- options.addOption(sentrySitePathOpt);
-
- // help option
- Option helpOpt = new Option("h", "help", false, "Shell usage");
- helpOpt.setRequired(false);
- options.addOption(helpOpt);
-
- // this Options is parsed first for help option
- Options helpOptions = new Options();
- helpOptions.addOption(helpOpt);
-
- try {
- Parser parser = new GnuParser();
-
- // parse help option first
- CommandLine cmd = parser.parse(helpOptions, args, true);
- for (Option opt : cmd.getOptions()) {
- if (opt.getOpt().equals("h")) {
- // get the help option, print the usage and exit
- usage(options);
- return false;
- }
- }
-
- // without help option
- cmd = parser.parse(options, args);
-
- for (Option opt : cmd.getOptions()) {
- if (opt.getOpt().equals("p")) {
- policyFile = opt.getValue();
- } else if (opt.getOpt().equals("v")) {
- validate = true;
- } else if (opt.getOpt().equals("i")) {
- importPolicy = true;
- } else if (opt.getOpt().equals("c")) {
- checkCompat = true;
- } else if (opt.getOpt().equals("conf")) {
- confPath = opt.getValue();
- }
- }
-
- if (!validate && !importPolicy) {
- throw new IllegalArgumentException("No action specified; at least one of action or import must be specified");
- }
- } catch (ParseException pe) {
- System.out.println(pe.getMessage());
- usage(options);
- return false;
- }
- return true;
- }
-
- // print usage
- private void usage(Options sentryOptions) {
- HelpFormatter formatter = new HelpFormatter();
- formatter.printHelp("sentryConfigTool", sentryOptions);
- }
-
- public abstract void run() throws Exception;
-
- @VisibleForTesting
- public boolean executeConfigTool(String [] args) throws Exception {
- boolean result = true;
- if (parseArgs(args)) {
- run();
- } else {
- result = false;
- }
- return result;
- }
-
- public String getPolicyFile() { return policyFile; }
- public boolean getValidate() { return validate; }
- public boolean getImportPolicy() { return importPolicy; }
- public boolean getCheckCompat() { return checkCompat; }
- public String getConfPath() { return confPath; }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java
deleted file mode 100644
index 404adb8..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java
+++ /dev/null
@@ -1,262 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
-import com.google.common.collect.Table;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.core.common.Action;
-import org.apache.sentry.core.common.exception.SentryConfigurationException;
-import org.apache.sentry.core.common.utils.KeyValue;
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.model.search.SearchPrivilegeModel;
-import org.apache.sentry.provider.common.ProviderBackend;
-import org.apache.sentry.provider.common.ProviderBackendContext;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
-import org.apache.sentry.provider.file.SimpleFileProviderBackend;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.util.HashMap;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
-import java.util.Set;
-
-/**
- * SentryConfigToolSolr is an administrative tool used to parse a Solr policy file
- * and add the role, group mappings, and privileges therein to the Sentry service.
- */
-public class SentryConfigToolSolr extends SentryConfigToolCommon {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryConfigToolSolr.class);
- public static final String SOLR_SERVICE_NAME = "sentry.service.client.solr.service.name";
-
- @Override
- public void run() throws Exception {
- String component = "SOLR";
- Configuration conf = getSentryConf();
-
- String service = conf.get(SOLR_SERVICE_NAME, "service1");
- // instantiate a solr client for sentry service. This sets the ugi, so must
- // be done before getting the ugi below.
- SentryGenericServiceClient client = SentryGenericServiceClientFactory.create(conf);
- UserGroupInformation ugi = UserGroupInformation.getLoginUser();
- String requestorName = ugi.getShortUserName();
-
- convertINIToSentryServiceCmds(component, service, requestorName, conf, client,
- getPolicyFile(), getValidate(), getImportPolicy(), getCheckCompat());
- }
-
- private Configuration getSentryConf() {
- Configuration conf = new Configuration();
- conf.addResource(new Path(getConfPath()));
- return conf;
- }
-
- /**
- * Convert policy file to solrctl commands -- based on SENTRY-480
- */
- private void convertINIToSentryServiceCmds(String component,
- String service, String requestorName,
- Configuration conf, SentryGenericServiceClient client,
- String policyFile, boolean validate, boolean importPolicy,
- boolean checkCompat) throws Exception {
-
- //instantiate a file providerBackend for parsing
- LOGGER.info("Reading policy file at: " + policyFile);
- SimpleFileProviderBackend policyFileBackend =
- new SimpleFileProviderBackend(conf, policyFile);
- ProviderBackendContext context = new ProviderBackendContext();
- context.setValidators(SearchPrivilegeModel.getInstance().getPrivilegeValidators());
- policyFileBackend.initialize(context);
- if (validate) {
- validatePolicy(policyFileBackend);
- }
-
- if (checkCompat) {
- checkCompat(policyFileBackend);
- }
-
- //import the relations about group,role and privilege into the DB store
- Set<String> roles = Sets.newHashSet();
- Table<String, String, Set<String>> groupRolePrivilegeTable =
- policyFileBackend.getGroupRolePrivilegeTable();
- SolrTSentryPrivilegeConverter converter = new SolrTSentryPrivilegeConverter(component, service, false);
-
- for (String groupName : groupRolePrivilegeTable.rowKeySet()) {
- for (String roleName : groupRolePrivilegeTable.columnKeySet()) {
- if (!roles.contains(roleName)) {
- LOGGER.info(dryRunMessage(importPolicy) + "Creating role: " + roleName.toLowerCase(Locale.US));
- if (importPolicy) {
- client.createRoleIfNotExist(requestorName, roleName, component);
- }
- roles.add(roleName);
- }
-
- Set<String> privileges = groupRolePrivilegeTable.get(groupName, roleName);
- if (privileges == null) {
- continue;
- }
- LOGGER.info(dryRunMessage(importPolicy) + "Adding role: " + roleName.toLowerCase(Locale.US) + " to group: " + groupName);
- if (importPolicy) {
- client.addRoleToGroups(requestorName, roleName, component, Sets.newHashSet(groupName));
- }
-
- for (String permission : privileges) {
- String action = null;
-
- for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.
- trimResults().split(permission)) {
- KeyValue kv = new KeyValue(authorizable);
- String key = kv.getKey();
- String value = kv.getValue();
- if ("action".equalsIgnoreCase(key)) {
- action = value;
- }
- }
-
- // Service doesn't support not specifying action
- if (action == null) {
- permission += "->action=" + Action.ALL;
- }
- LOGGER.info(dryRunMessage(importPolicy) + "Adding permission: " + permission + " to role: " + roleName.toLowerCase(Locale.US));
- if (importPolicy) {
- client.grantPrivilege(requestorName, roleName, component, converter.fromString(permission));
- }
- }
- }
- }
- }
-
- private void validatePolicy(ProviderBackend backend) throws Exception {
- try {
- backend.validatePolicy(true);
- } catch (SentryConfigurationException e) {
- printConfigErrorsWarnings(e);
- throw e;
- }
- }
-
- private void printConfigErrorsWarnings(SentryConfigurationException configException) {
- System.out.println(" *** Found configuration problems *** ");
- for (String errMsg : configException.getConfigErrors()) {
- System.out.println("ERROR: " + errMsg);
- }
- for (String warnMsg : configException.getConfigWarnings()) {
- System.out.println("Warning: " + warnMsg);
- }
- }
-
- private void checkCompat(SimpleFileProviderBackend backend) throws Exception {
- Map<String, Set<String>> rolesCaseMapping = new HashMap<String, Set<String>>();
- Table<String, String, Set<String>> groupRolePrivilegeTable =
- backend.getGroupRolePrivilegeTable();
-
- for (String roleName : groupRolePrivilegeTable.columnKeySet()) {
- String roleNameLower = roleName.toLowerCase(Locale.US);
- if (!roleName.equals(roleNameLower)) {
- if (!rolesCaseMapping.containsKey(roleNameLower)) {
- rolesCaseMapping.put(roleNameLower, Sets.newHashSet(roleName));
- } else {
- rolesCaseMapping.get(roleNameLower).add(roleName);
- }
- }
- }
-
- List<String> errors = new LinkedList<String>();
- StringBuilder warningString = new StringBuilder();
- if (!rolesCaseMapping.isEmpty()) {
- warningString.append("The following roles names will be lower cased when added to the Sentry Service.\n");
- warningString.append("This will cause document-level security to fail to match the role tokens.\n");
- warningString.append("Role names: ");
- }
- boolean firstWarning = true;
-
- for (Map.Entry<String, Set<String>> entry : rolesCaseMapping.entrySet()) {
- Set<String> caseMapping = entry.getValue();
- if (caseMapping.size() > 1) {
- StringBuilder errorString = new StringBuilder();
- errorString.append("The following (cased) roles map to the same role in the sentry service: ");
- boolean first = true;
- for (String casedRole : caseMapping) {
- errorString.append(first ? "" : ", ");
- errorString.append(casedRole);
- first = false;
- }
- errorString.append(". Role in service: ").append(entry.getKey());
- errors.add(errorString.toString());
- }
-
- for (String casedRole : caseMapping) {
- warningString.append(firstWarning? "" : ", ");
- warningString.append(casedRole);
- firstWarning = false;
- }
- }
-
- for (String error : errors) {
- System.out.println("ERROR: " + error);
- }
- System.out.println("\n");
-
- System.out.println("Warning: " + warningString.toString());
- if (errors.size() > 0) {
- SentryConfigurationException ex =
- new SentryConfigurationException("Compatibility check failure");
- ex.setConfigErrors(errors);
- ex.setConfigWarnings(Lists.<String>asList(warningString.toString(), new String[0]));
- throw ex;
- }
- }
-
- private String dryRunMessage(boolean importPolicy) {
- if (importPolicy) {
- return "";
- } else {
- return "[Dry Run] ";
- }
- }
-
- public static void main(String[] args) throws Exception {
- SentryConfigToolSolr solrTool = new SentryConfigToolSolr();
- try {
- solrTool.executeConfigTool(args);
- } catch (Exception e) {
- LOGGER.error(e.getMessage(), e);
- Throwable current = e;
- // find the first printable message;
- while (current != null && current.getMessage() == null) {
- current = current.getCause();
- }
- String error = "";
- if (current != null && current.getMessage() != null) {
- error = "Message: " + current.getMessage();
- }
- System.out.println("The operation failed. " + error);
- System.exit(1);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellKafka.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellKafka.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellKafka.java
deleted file mode 100644
index d6d9014..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellKafka.java
+++ /dev/null
@@ -1,113 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.provider.common.AuthorizationComponent;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
-import org.apache.sentry.provider.db.generic.tools.command.*;
-import org.apache.sentry.provider.db.tools.SentryShellCommon;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * SentryShellKafka is an admin tool, and responsible for the management of repository.
- * The following commands are supported:
- * create role, drop role, add group to role, grant privilege to role,
- * revoke privilege from role, list roles, list privilege for role.
- */
-public class SentryShellKafka extends SentryShellCommon {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryShellKafka.class);
- public static final String KAFKA_SERVICE_NAME = "sentry.service.client.kafka.service.name";
-
- @Override
- public void run() throws Exception {
- Command command = null;
- String component = AuthorizationComponent.KAFKA;
- Configuration conf = getSentryConf();
-
- String service = conf.get(KAFKA_SERVICE_NAME, "kafka1");
- SentryGenericServiceClient client = SentryGenericServiceClientFactory.create(conf);
- UserGroupInformation ugi = UserGroupInformation.getLoginUser();
- String requestorName = ugi.getShortUserName();
-
- if (isCreateRole) {
- command = new CreateRoleCmd(roleName, component);
- } else if (isDropRole) {
- command = new DropRoleCmd(roleName, component);
- } else if (isAddRoleGroup) {
- command = new AddRoleToGroupCmd(roleName, groupName, component);
- } else if (isDeleteRoleGroup) {
- command = new DeleteRoleFromGroupCmd(roleName, groupName, component);
- } else if (isGrantPrivilegeRole) {
- command = new GrantPrivilegeToRoleCmd(roleName, component,
- privilegeStr, new KafkaTSentryPrivilegeConverter(component, service));
- } else if (isRevokePrivilegeRole) {
- command = new RevokePrivilegeFromRoleCmd(roleName, component,
- privilegeStr, new KafkaTSentryPrivilegeConverter(component, service));
- } else if (isListRole) {
- command = new ListRolesCmd(groupName, component);
- } else if (isListPrivilege) {
- command = new ListPrivilegesByRoleCmd(roleName, component,
- service, new KafkaTSentryPrivilegeConverter(component, service));
- }
-
- // check the requestor name
- if (StringUtils.isEmpty(requestorName)) {
- // The exception message will be recorded in log file.
- throw new Exception("The requestor name is empty.");
- }
-
- if (command != null) {
- command.execute(client, requestorName);
- }
- }
-
- private Configuration getSentryConf() {
- Configuration conf = new Configuration();
- conf.addResource(new Path(confPath));
- return conf;
- }
-
- public static void main(String[] args) throws Exception {
- SentryShellKafka sentryShell = new SentryShellKafka();
- try {
- sentryShell.executeShell(args);
- } catch (Exception e) {
- LOGGER.error(e.getMessage(), e);
- Throwable current = e;
- // find the first printable message;
- while (current != null && current.getMessage() == null) {
- current = current.getCause();
- }
- String error = "";
- if (current != null && current.getMessage() != null) {
- error = "Message: " + current.getMessage();
- }
- System.out.println("The operation failed. " + error);
- System.exit(1);
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellSolr.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellSolr.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellSolr.java
deleted file mode 100644
index 695c008..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryShellSolr.java
+++ /dev/null
@@ -1,112 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClientFactory;
-import org.apache.sentry.provider.db.generic.tools.command.*;
-import org.apache.sentry.provider.db.tools.SentryShellCommon;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * SentryShellSolr is an admin tool, and responsible for the management of repository.
- * The following commands are supported:
- * create role, drop role, add group to role, grant privilege to role,
- * revoke privilege from role, list roles, list privilege for role.
- */
-public class SentryShellSolr extends SentryShellCommon {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryShellSolr.class);
- public static final String SOLR_SERVICE_NAME = "sentry.service.client.solr.service.name";
-
- @Override
- public void run() throws Exception {
- Command command = null;
- String component = "SOLR";
- Configuration conf = getSentryConf();
-
- String service = conf.get(SOLR_SERVICE_NAME, "service1");
- SentryGenericServiceClient client = SentryGenericServiceClientFactory.create(conf);
- UserGroupInformation ugi = UserGroupInformation.getLoginUser();
- String requestorName = ugi.getShortUserName();
-
- if (isCreateRole) {
- command = new CreateRoleCmd(roleName, component);
- } else if (isDropRole) {
- command = new DropRoleCmd(roleName, component);
- } else if (isAddRoleGroup) {
- command = new AddRoleToGroupCmd(roleName, groupName, component);
- } else if (isDeleteRoleGroup) {
- command = new DeleteRoleFromGroupCmd(roleName, groupName, component);
- } else if (isGrantPrivilegeRole) {
- command = new GrantPrivilegeToRoleCmd(roleName, component,
- privilegeStr, new SolrTSentryPrivilegeConverter(component, service));
- } else if (isRevokePrivilegeRole) {
- command = new RevokePrivilegeFromRoleCmd(roleName, component,
- privilegeStr, new SolrTSentryPrivilegeConverter(component, service));
- } else if (isListRole) {
- command = new ListRolesCmd(groupName, component);
- } else if (isListPrivilege) {
- command = new ListPrivilegesByRoleCmd(roleName, component,
- service, new SolrTSentryPrivilegeConverter(component, service));
- }
-
- // check the requestor name
- if (StringUtils.isEmpty(requestorName)) {
- // The exception message will be recorded in log file.
- throw new Exception("The requestor name is empty.");
- }
-
- if (command != null) {
- command.execute(client, requestorName);
- }
- }
-
- private Configuration getSentryConf() {
- Configuration conf = new Configuration();
- conf.addResource(new Path(confPath));
- return conf;
- }
-
- public static void main(String[] args) throws Exception {
- SentryShellSolr sentryShell = new SentryShellSolr();
- try {
- sentryShell.executeShell(args);
- } catch (Exception e) {
- LOGGER.error(e.getMessage(), e);
- Throwable current = e;
- // find the first printable message;
- while (current != null && current.getMessage() == null) {
- current = current.getCause();
- }
- String error = "";
- if (current != null && current.getMessage() != null) {
- error = "Message: " + current.getMessage();
- }
- System.out.println("The operation failed. " + error);
- System.exit(1);
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
deleted file mode 100644
index 92c6c59..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SolrTSentryPrivilegeConverter.java
+++ /dev/null
@@ -1,137 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import com.google.common.collect.Lists;
-
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.SearchModelAuthorizable;
-import org.apache.sentry.core.common.validator.PrivilegeValidator;
-import org.apache.sentry.core.common.validator.PrivilegeValidatorContext;
-import org.apache.sentry.core.model.search.SearchModelAuthorizables;
-import org.apache.sentry.core.model.search.SearchPrivilegeModel;
-import org.apache.sentry.core.common.utils.KeyValue;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.generic.tools.command.TSentryPrivilegeConverter;
-import org.apache.shiro.config.ConfigurationException;
-
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-
-public class SolrTSentryPrivilegeConverter implements TSentryPrivilegeConverter {
- private String component;
- private String service;
- private boolean validate;
-
- public SolrTSentryPrivilegeConverter(String component, String service) {
- this(component, service, true);
- }
-
- public SolrTSentryPrivilegeConverter(String component, String service, boolean validate) {
- this.component = component;
- this.service = service;
- this.validate = validate;
- }
-
- public TSentryPrivilege fromString(String privilegeStr) throws Exception {
- if (validate) {
- validatePrivilegeHierarchy(privilegeStr);
- }
-
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
- List<TAuthorizable> authorizables = new LinkedList<TAuthorizable>();
- for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
- KeyValue keyValue = new KeyValue(authorizable);
- String key = keyValue.getKey();
- String value = keyValue.getValue();
-
- // is it an authorizable?
- SearchModelAuthorizable authz = SearchModelAuthorizables.from(keyValue);
- if (authz != null) {
- if (authz instanceof Collection) {
- Collection coll = (Collection)authz;
- authorizables.add(new TAuthorizable(coll.getTypeName(), coll.getName()));
- } else {
- throw new IllegalArgumentException("Unknown authorizable type: " + authz.getTypeName());
- }
- } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setAction(value);
- // Limitation: don't support grant at this time, since the existing solr use cases don't need it.
- } else {
- throw new IllegalArgumentException("Unknown key: " + key);
- }
- }
-
- if (tSentryPrivilege.getAction() == null) {
- throw new IllegalArgumentException("Privilege is invalid: action required but not specified.");
- }
- tSentryPrivilege.setComponent(component);
- tSentryPrivilege.setServiceName(service);
- tSentryPrivilege.setAuthorizables(authorizables);
- return tSentryPrivilege;
- }
-
- public String toString(TSentryPrivilege tSentryPrivilege) {
- List<String> privileges = Lists.newArrayList();
- if (tSentryPrivilege != null) {
- List<TAuthorizable> authorizables = tSentryPrivilege.getAuthorizables();
- String action = tSentryPrivilege.getAction();
- String grantOption = (tSentryPrivilege.getGrantOption() == TSentryGrantOption.TRUE ? "true"
- : "false");
-
- Iterator<TAuthorizable> it = authorizables.iterator();
- if (it != null) {
- while (it.hasNext()) {
- TAuthorizable tAuthorizable = it.next();
- privileges.add(SentryConstants.KV_JOINER.join(
- tAuthorizable.getType(), tAuthorizable.getName()));
- }
- }
-
- if (!authorizables.isEmpty()) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_ACTION_NAME, action));
- }
-
- // only append the grant option to privilege string if it's true
- if ("true".equals(grantOption)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME, grantOption));
- }
- }
- return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
- }
-
- private static void validatePrivilegeHierarchy(String privilegeStr) throws Exception {
- List<PrivilegeValidator> validators = SearchPrivilegeModel.getInstance().getPrivilegeValidators();
- PrivilegeValidatorContext context = new PrivilegeValidatorContext(null, privilegeStr);
- for (PrivilegeValidator validator : validators) {
- try {
- validator.validate(context);
- } catch (ConfigurationException e) {
- throw new IllegalArgumentException(e);
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/AddRoleToGroupCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/AddRoleToGroupCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/AddRoleToGroupCmd.java
deleted file mode 100644
index a45d7e4..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/AddRoleToGroupCmd.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import com.google.common.collect.Sets;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.tools.SentryShellCommon;
-
-import java.util.Set;
-
-/**
- * Command for adding groups to a role.
- */
-public class AddRoleToGroupCmd implements Command {
-
- private String roleName;
- private String groups;
- private String component;
-
- public AddRoleToGroupCmd(String roleName, String groups, String component) {
- this.roleName = roleName;
- this.groups = groups;
- this.component = component;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- Set<String> groupSet = Sets.newHashSet(groups.split(SentryShellCommon.GROUP_SPLIT_CHAR));
- client.addRoleToGroups(requestorName, roleName, component, groupSet);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/Command.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/Command.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/Command.java
deleted file mode 100644
index e824fb3..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/Command.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-
-/**
- * The interface for all admin commands, eg, CreateRoleCmd.
- */
-public interface Command {
- void execute(SentryGenericServiceClient client, String requestorName) throws Exception;
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/CreateRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/CreateRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/CreateRoleCmd.java
deleted file mode 100644
index da60a64..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/CreateRoleCmd.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-
-/**
- * The class for admin command to create role.
- */
-public class CreateRoleCmd implements Command {
-
- private String roleName;
- private String component;
-
- public CreateRoleCmd(String roleName, String component) {
- this.roleName = roleName;
- this.component = component;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- client.createRole(requestorName, roleName, component);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DeleteRoleFromGroupCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DeleteRoleFromGroupCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DeleteRoleFromGroupCmd.java
deleted file mode 100644
index 95f39ea..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DeleteRoleFromGroupCmd.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import com.google.common.collect.Sets;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.tools.SentryShellCommon;
-
-import java.util.Set;
-
-/**
- * Command for deleting groups from a role.
- */
-public class DeleteRoleFromGroupCmd implements Command {
-
- private String roleName;
- private String groups;
- private String component;
-
- public DeleteRoleFromGroupCmd(String roleName, String groups, String component) {
- this.groups = groups;
- this.roleName = roleName;
- this.component = component;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- Set<String> groupSet = Sets.newHashSet(groups.split(SentryShellCommon.GROUP_SPLIT_CHAR));
- client.deleteRoleToGroups(requestorName, roleName, component, groupSet);
- }
-}
[32/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesRequest.java
deleted file mode 100644
index e74495b..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesRequest.java
+++ /dev/null
@@ -1,706 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesRequest implements org.apache.thrift.TBase<TListSentryPrivilegesRequest, TListSentryPrivilegesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLE_HIERARCHY_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizableHierarchy", org.apache.thrift.protocol.TType.STRUCT, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private TSentryAuthorizable authorizableHierarchy; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)4, "roleName"),
- AUTHORIZABLE_HIERARCHY((short)5, "authorizableHierarchy");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 4: // ROLE_NAME
- return ROLE_NAME;
- case 5: // AUTHORIZABLE_HIERARCHY
- return AUTHORIZABLE_HIERARCHY;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.AUTHORIZABLE_HIERARCHY};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.AUTHORIZABLE_HIERARCHY, new org.apache.thrift.meta_data.FieldMetaData("authorizableHierarchy", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesRequest.class, metaDataMap);
- }
-
- public TListSentryPrivilegesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryPrivilegesRequest(
- int protocol_version,
- String requestorUserName,
- String roleName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesRequest(TListSentryPrivilegesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetAuthorizableHierarchy()) {
- this.authorizableHierarchy = new TSentryAuthorizable(other.authorizableHierarchy);
- }
- }
-
- public TListSentryPrivilegesRequest deepCopy() {
- return new TListSentryPrivilegesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.authorizableHierarchy = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public TSentryAuthorizable getAuthorizableHierarchy() {
- return this.authorizableHierarchy;
- }
-
- public void setAuthorizableHierarchy(TSentryAuthorizable authorizableHierarchy) {
- this.authorizableHierarchy = authorizableHierarchy;
- }
-
- public void unsetAuthorizableHierarchy() {
- this.authorizableHierarchy = null;
- }
-
- /** Returns true if field authorizableHierarchy is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizableHierarchy() {
- return this.authorizableHierarchy != null;
- }
-
- public void setAuthorizableHierarchyIsSet(boolean value) {
- if (!value) {
- this.authorizableHierarchy = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case AUTHORIZABLE_HIERARCHY:
- if (value == null) {
- unsetAuthorizableHierarchy();
- } else {
- setAuthorizableHierarchy((TSentryAuthorizable)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case AUTHORIZABLE_HIERARCHY:
- return getAuthorizableHierarchy();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case AUTHORIZABLE_HIERARCHY:
- return isSetAuthorizableHierarchy();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesRequest)
- return this.equals((TListSentryPrivilegesRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_authorizableHierarchy = true && this.isSetAuthorizableHierarchy();
- boolean that_present_authorizableHierarchy = true && that.isSetAuthorizableHierarchy();
- if (this_present_authorizableHierarchy || that_present_authorizableHierarchy) {
- if (!(this_present_authorizableHierarchy && that_present_authorizableHierarchy))
- return false;
- if (!this.authorizableHierarchy.equals(that.authorizableHierarchy))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_authorizableHierarchy = true && (isSetAuthorizableHierarchy());
- list.add(present_authorizableHierarchy);
- if (present_authorizableHierarchy)
- list.add(authorizableHierarchy);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizableHierarchy()).compareTo(other.isSetAuthorizableHierarchy());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizableHierarchy()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizableHierarchy, other.authorizableHierarchy);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (isSetAuthorizableHierarchy()) {
- if (!first) sb.append(", ");
- sb.append("authorizableHierarchy:");
- if (this.authorizableHierarchy == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizableHierarchy);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (authorizableHierarchy != null) {
- authorizableHierarchy.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesRequestStandardScheme getScheme() {
- return new TListSentryPrivilegesRequestStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesRequestStandardScheme extends StandardScheme<TListSentryPrivilegesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // AUTHORIZABLE_HIERARCHY
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.authorizableHierarchy = new TSentryAuthorizable();
- struct.authorizableHierarchy.read(iprot);
- struct.setAuthorizableHierarchyIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.authorizableHierarchy != null) {
- if (struct.isSetAuthorizableHierarchy()) {
- oprot.writeFieldBegin(AUTHORIZABLE_HIERARCHY_FIELD_DESC);
- struct.authorizableHierarchy.write(oprot);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesRequestTupleScheme getScheme() {
- return new TListSentryPrivilegesRequestTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesRequestTupleScheme extends TupleScheme<TListSentryPrivilegesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- BitSet optionals = new BitSet();
- if (struct.isSetAuthorizableHierarchy()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetAuthorizableHierarchy()) {
- struct.authorizableHierarchy.write(oprot);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- struct.authorizableHierarchy = new TSentryAuthorizable();
- struct.authorizableHierarchy.read(iprot);
- struct.setAuthorizableHierarchyIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesResponse.java
deleted file mode 100644
index 9e8f01b..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesResponse.java
+++ /dev/null
@@ -1,558 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesResponse implements org.apache.thrift.TBase<TListSentryPrivilegesResponse, TListSentryPrivilegesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Set<TSentryPrivilege> privileges; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- PRIVILEGES((short)2, "privileges");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // PRIVILEGES
- return PRIVILEGES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.PRIVILEGES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesResponse.class, metaDataMap);
- }
-
- public TListSentryPrivilegesResponse() {
- }
-
- public TListSentryPrivilegesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesResponse(TListSentryPrivilegesResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetPrivileges()) {
- Set<TSentryPrivilege> __this__privileges = new HashSet<TSentryPrivilege>(other.privileges.size());
- for (TSentryPrivilege other_element : other.privileges) {
- __this__privileges.add(new TSentryPrivilege(other_element));
- }
- this.privileges = __this__privileges;
- }
- }
-
- public TListSentryPrivilegesResponse deepCopy() {
- return new TListSentryPrivilegesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.privileges = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getPrivilegesSize() {
- return (this.privileges == null) ? 0 : this.privileges.size();
- }
-
- public java.util.Iterator<TSentryPrivilege> getPrivilegesIterator() {
- return (this.privileges == null) ? null : this.privileges.iterator();
- }
-
- public void addToPrivileges(TSentryPrivilege elem) {
- if (this.privileges == null) {
- this.privileges = new HashSet<TSentryPrivilege>();
- }
- this.privileges.add(elem);
- }
-
- public Set<TSentryPrivilege> getPrivileges() {
- return this.privileges;
- }
-
- public void setPrivileges(Set<TSentryPrivilege> privileges) {
- this.privileges = privileges;
- }
-
- public void unsetPrivileges() {
- this.privileges = null;
- }
-
- /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivileges() {
- return this.privileges != null;
- }
-
- public void setPrivilegesIsSet(boolean value) {
- if (!value) {
- this.privileges = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case PRIVILEGES:
- if (value == null) {
- unsetPrivileges();
- } else {
- setPrivileges((Set<TSentryPrivilege>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case PRIVILEGES:
- return getPrivileges();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case PRIVILEGES:
- return isSetPrivileges();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesResponse)
- return this.equals((TListSentryPrivilegesResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_privileges = true && this.isSetPrivileges();
- boolean that_present_privileges = true && that.isSetPrivileges();
- if (this_present_privileges || that_present_privileges) {
- if (!(this_present_privileges && that_present_privileges))
- return false;
- if (!this.privileges.equals(that.privileges))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_privileges = true && (isSetPrivileges());
- list.add(present_privileges);
- if (present_privileges)
- list.add(privileges);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(other.isSetPrivileges());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivileges()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, other.privileges);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetPrivileges()) {
- if (!first) sb.append(", ");
- sb.append("privileges:");
- if (this.privileges == null) {
- sb.append("null");
- } else {
- sb.append(this.privileges);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesResponseStandardScheme getScheme() {
- return new TListSentryPrivilegesResponseStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesResponseStandardScheme extends StandardScheme<TListSentryPrivilegesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PRIVILEGES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set72 = iprot.readSetBegin();
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set72.size);
- TSentryPrivilege _elem73;
- for (int _i74 = 0; _i74 < _set72.size; ++_i74)
- {
- _elem73 = new TSentryPrivilege();
- _elem73.read(iprot);
- struct.privileges.add(_elem73);
- }
- iprot.readSetEnd();
- }
- struct.setPrivilegesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.privileges != null) {
- if (struct.isSetPrivileges()) {
- oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.privileges.size()));
- for (TSentryPrivilege _iter75 : struct.privileges)
- {
- _iter75.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesResponseTupleScheme getScheme() {
- return new TListSentryPrivilegesResponseTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesResponseTupleScheme extends TupleScheme<TListSentryPrivilegesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetPrivileges()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetPrivileges()) {
- {
- oprot.writeI32(struct.privileges.size());
- for (TSentryPrivilege _iter76 : struct.privileges)
- {
- _iter76.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TSet _set77 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set77.size);
- TSentryPrivilege _elem78;
- for (int _i79 = 0; _i79 < _set77.size; ++_i79)
- {
- _elem78 = new TSentryPrivilege();
- _elem78.read(iprot);
- struct.privileges.add(_elem78);
- }
- }
- struct.setPrivilegesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesForUserRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesForUserRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesForUserRequest.java
deleted file mode 100644
index 9ec6a34..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesForUserRequest.java
+++ /dev/null
@@ -1,591 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryRolesForUserRequest implements org.apache.thrift.TBase<TListSentryRolesForUserRequest, TListSentryRolesForUserRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryRolesForUserRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryRolesForUserRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("userName", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryRolesForUserRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryRolesForUserRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String userName; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- USER_NAME((short)3, "userName");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // USER_NAME
- return USER_NAME;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("userName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryRolesForUserRequest.class, metaDataMap);
- }
-
- public TListSentryRolesForUserRequest() {
- this.protocol_version = 1;
-
- }
-
- public TListSentryRolesForUserRequest(
- int protocol_version,
- String requestorUserName,
- String userName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.userName = userName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryRolesForUserRequest(TListSentryRolesForUserRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetUserName()) {
- this.userName = other.userName;
- }
- }
-
- public TListSentryRolesForUserRequest deepCopy() {
- return new TListSentryRolesForUserRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 1;
-
- this.requestorUserName = null;
- this.userName = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getUserName() {
- return this.userName;
- }
-
- public void setUserName(String userName) {
- this.userName = userName;
- }
-
- public void unsetUserName() {
- this.userName = null;
- }
-
- /** Returns true if field userName is set (has been assigned a value) and false otherwise */
- public boolean isSetUserName() {
- return this.userName != null;
- }
-
- public void setUserNameIsSet(boolean value) {
- if (!value) {
- this.userName = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case USER_NAME:
- if (value == null) {
- unsetUserName();
- } else {
- setUserName((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case USER_NAME:
- return getUserName();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case USER_NAME:
- return isSetUserName();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryRolesForUserRequest)
- return this.equals((TListSentryRolesForUserRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryRolesForUserRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_userName = true && this.isSetUserName();
- boolean that_present_userName = true && that.isSetUserName();
- if (this_present_userName || that_present_userName) {
- if (!(this_present_userName && that_present_userName))
- return false;
- if (!this.userName.equals(that.userName))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_userName = true && (isSetUserName());
- list.add(present_userName);
- if (present_userName)
- list.add(userName);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryRolesForUserRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetUserName()).compareTo(other.isSetUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.userName, other.userName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryRolesForUserRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("userName:");
- if (this.userName == null) {
- sb.append("null");
- } else {
- sb.append(this.userName);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'userName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryRolesForUserRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryRolesForUserRequestStandardScheme getScheme() {
- return new TListSentryRolesForUserRequestStandardScheme();
- }
- }
-
- private static class TListSentryRolesForUserRequestStandardScheme extends StandardScheme<TListSentryRolesForUserRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryRolesForUserRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.userName = iprot.readString();
- struct.setUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryRolesForUserRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.userName != null) {
- oprot.writeFieldBegin(USER_NAME_FIELD_DESC);
- oprot.writeString(struct.userName);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryRolesForUserRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryRolesForUserRequestTupleScheme getScheme() {
- return new TListSentryRolesForUserRequestTupleScheme();
- }
- }
-
- private static class TListSentryRolesForUserRequestTupleScheme extends TupleScheme<TListSentryRolesForUserRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesForUserRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.userName);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesForUserRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.userName = iprot.readString();
- struct.setUserNameIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
deleted file mode 100644
index b4b41eb..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
+++ /dev/null
@@ -1,600 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSentryRolesRequest, TListSentryRolesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryRolesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryRolesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("groupName", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryRolesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryRolesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String groupName; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- GROUP_NAME((short)3, "groupName");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // GROUP_NAME
- return GROUP_NAME;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.GROUP_NAME};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("groupName", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryRolesRequest.class, metaDataMap);
- }
-
- public TListSentryRolesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryRolesRequest(
- int protocol_version,
- String requestorUserName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryRolesRequest(TListSentryRolesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetGroupName()) {
- this.groupName = other.groupName;
- }
- }
-
- public TListSentryRolesRequest deepCopy() {
- return new TListSentryRolesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.groupName = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getGroupName() {
- return this.groupName;
- }
-
- public void setGroupName(String groupName) {
- this.groupName = groupName;
- }
-
- public void unsetGroupName() {
- this.groupName = null;
- }
-
- /** Returns true if field groupName is set (has been assigned a value) and false otherwise */
- public boolean isSetGroupName() {
- return this.groupName != null;
- }
-
- public void setGroupNameIsSet(boolean value) {
- if (!value) {
- this.groupName = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case GROUP_NAME:
- if (value == null) {
- unsetGroupName();
- } else {
- setGroupName((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case GROUP_NAME:
- return getGroupName();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case GROUP_NAME:
- return isSetGroupName();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryRolesRequest)
- return this.equals((TListSentryRolesRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryRolesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_groupName = true && this.isSetGroupName();
- boolean that_present_groupName = true && that.isSetGroupName();
- if (this_present_groupName || that_present_groupName) {
- if (!(this_present_groupName && that_present_groupName))
- return false;
- if (!this.groupName.equals(that.groupName))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_groupName = true && (isSetGroupName());
- list.add(present_groupName);
- if (present_groupName)
- list.add(groupName);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryRolesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroupName()).compareTo(other.isSetGroupName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groupName, other.groupName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryRolesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (isSetGroupName()) {
- if (!first) sb.append(", ");
- sb.append("groupName:");
- if (this.groupName == null) {
- sb.append("null");
- } else {
- sb.append(this.groupName);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryRolesRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryRolesRequestStandardScheme getScheme() {
- return new TListSentryRolesRequestStandardScheme();
- }
- }
-
- private static class TListSentryRolesRequestStandardScheme extends StandardScheme<TListSentryRolesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // GROUP_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.groupName = iprot.readString();
- struct.setGroupNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.groupName != null) {
- if (struct.isSetGroupName()) {
- oprot.writeFieldBegin(GROUP_NAME_FIELD_DESC);
- oprot.writeString(struct.groupName);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryRolesRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryRolesRequestTupleScheme getScheme() {
- return new TListSentryRolesRequestTupleScheme();
- }
- }
-
- private static class TListSentryRolesRequestTupleScheme extends TupleScheme<TListSentryRolesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- BitSet optionals = new BitSet();
- if (struct.isSetGroupName()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetGroupName()) {
- oprot.writeString(struct.groupName);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- struct.groupName = iprot.readString();
- struct.setGroupNameIsSet(true);
- }
- }
- }
-
-}
-
[06/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreImportExport.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreImportExport.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreImportExport.java
deleted file mode 100644
index 3ff97df..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreImportExport.java
+++ /dev/null
@@ -1,1164 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-
-import java.io.File;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.service.model.MSentryGroup;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.model.MSentryUser;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryMappingData;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-import com.google.common.io.Files;
-
-public class TestSentryStoreImportExport {
-
- private static File dataDir;
- private static SentryStore sentryStore;
- private static String[] adminGroups = { "adminGroup1" };
- private static PolicyFile policyFile;
- private static File policyFilePath;
- private TSentryPrivilege tSentryPrivilege1;
- private TSentryPrivilege tSentryPrivilege2;
- private TSentryPrivilege tSentryPrivilege3;
- private TSentryPrivilege tSentryPrivilege4;
- private TSentryPrivilege tSentryPrivilege5;
- private TSentryPrivilege tSentryPrivilege6;
- private TSentryPrivilege tSentryPrivilege7;
- private TSentryPrivilege tSentryPrivilege8;
- private TSentryPrivilege tSentryPrivilege9;
-
- @BeforeClass
- public static void setupEnv() throws Exception {
- dataDir = new File(Files.createTempDir(), "sentry_policy_db");
- Configuration conf = new Configuration(false);
- conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_URL, "jdbc:derby:;databaseName=" + dataDir.getPath()
- + ";create=true");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "sentry");
- conf.setStrings(ServerConfig.ADMIN_GROUPS, adminGroups);
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING, ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING);
- policyFilePath = new File(dataDir, "local_policy_file.ini");
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE, policyFilePath.getPath());
- policyFile = new PolicyFile();
- sentryStore = new SentryStore(conf);
-
- String adminUser = "g1";
- addGroupsToUser(adminUser, adminGroups);
- writePolicyFile();
- }
-
- @Before
- public void setupPrivilege() {
- preparePrivilege();
- }
-
- @After
- public void clearStore() {
- sentryStore.clearAllTables();
- }
-
- // create the privileges instance for test case:
- // privilege1=[server=server1]
- // privilege2=[server=server1, action=select, grantOption=false]
- // privilege3=[server=server1, db=db2, action=insert, grantOption=true]
- // privilege4=[server=server1, db=db1, table=tbl1, action=insert, grantOption=false]
- // privilege5=[server=server1, db=db1, table=tbl2, column=col1, action=insert, grantOption=false]
- // privilege6=[server=server1, db=db1, table=tbl3, column=col1, action=*, grantOption=true]
- // privilege7=[server=server1, db=db1, table=tbl4, column=col1, action=all, grantOption=true]
- // privilege8=[server=server1, uri=hdfs://testserver:9999/path1, action=insert, grantOption=false]
- // privilege9=[server=server1, db=db2, table=tbl1, action=insert, grantOption=false]
- private void preparePrivilege() {
- tSentryPrivilege1 = createTSentryPrivilege(PrivilegeScope.SERVER.name(), "server1", "", "", "",
- "", "", TSentryGrantOption.UNSET);
- tSentryPrivilege2 = createTSentryPrivilege(PrivilegeScope.SERVER.name(), "server1", "", "", "",
- "", AccessConstants.SELECT, TSentryGrantOption.FALSE);
- tSentryPrivilege3 = createTSentryPrivilege(PrivilegeScope.DATABASE.name(), "server1", "db2",
- "", "", "", AccessConstants.INSERT, TSentryGrantOption.TRUE);
- tSentryPrivilege4 = createTSentryPrivilege(PrivilegeScope.TABLE.name(), "server1", "db1",
- "tbl1", "", "", AccessConstants.INSERT, TSentryGrantOption.FALSE);
- tSentryPrivilege5 = createTSentryPrivilege(PrivilegeScope.COLUMN.name(), "server1", "db1",
- "tbl2", "col1", "", AccessConstants.INSERT, TSentryGrantOption.FALSE);
- tSentryPrivilege6 = createTSentryPrivilege(PrivilegeScope.COLUMN.name(), "server1", "db1",
- "tbl3", "col1", "", AccessConstants.ALL, TSentryGrantOption.TRUE);
- tSentryPrivilege7 = createTSentryPrivilege(PrivilegeScope.COLUMN.name(), "server1", "db1",
- "tbl4", "col1", "", AccessConstants.ACTION_ALL, TSentryGrantOption.TRUE);
- tSentryPrivilege8 = createTSentryPrivilege(PrivilegeScope.URI.name(), "server1", "", "", "",
- "hdfs://testserver:9999/path1", AccessConstants.INSERT, TSentryGrantOption.FALSE);
- tSentryPrivilege9 = createTSentryPrivilege(PrivilegeScope.TABLE.name(), "server1", "db2",
- "tbl1", "", "", AccessConstants.INSERT, TSentryGrantOption.FALSE);
- }
-
- @AfterClass
- public static void teardown() {
- if (sentryStore != null) {
- sentryStore.stop();
- }
- if (dataDir != null) {
- FileUtils.deleteQuietly(dataDir);
- }
- }
-
- protected static void addGroupsToUser(String user, String... groupNames) {
- policyFile.addGroupsToUser(user, groupNames);
- }
-
- protected static void writePolicyFile() throws Exception {
- policyFile.write(policyFilePath);
- }
-
- // Befor import, database is empty.
- // The following information is imported:
- // group1=role1,role2,role3
- // group2=role1,role2,role3
- // group3=role1,role2,role3
- // role1=privilege1,privilege2,privilege3,privilege4,privilege5,privilege6,privilege7,privilege8
- // role2=privilege1,privilege2,privilege3,privilege4,privilege5,privilege6,privilege7,privilege8
- // role3=privilege1,privilege2,privilege3,privilege4,privilege5,privilege6,privilege7,privilege8
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getPrivilegesList are tested.
- @Test
- public void testImportExportPolicy1() throws Exception {
- TSentryMappingData tSentryMappingData = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap = Maps.newHashMap();
- sentryGroupRolesMap.put("group1", Sets.newHashSet("Role1", "role2", "role3"));
- sentryGroupRolesMap.put("group2", Sets.newHashSet("Role1", "role2", "role3"));
- sentryGroupRolesMap.put("group3", Sets.newHashSet("Role1", "role2", "role3"));
- sentryRolePrivilegesMap.put("Role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- sentryRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- sentryRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- tSentryMappingData.setGroupRolesMap(sentryGroupRolesMap);
- tSentryMappingData.setRolePrivilegesMap(sentryRolePrivilegesMap);
- sentryStore.importSentryMetaData(tSentryMappingData, false);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2", "role3"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1", "group2", "group3"));
-
- // test the result data for the privilege
- verifyPrivileges(privilegesList, Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1", "role2", "role3"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2", "role3"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
-
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- // call import twice, and there has no duplicate data:
- // The data for 1st import:
- // group1=role1
- // role1=privilege1,privilege2,privilege3,privilege4
- // The data for 2nd import:
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege5,privilege6,privilege7,privilege8
- // role3=privilege5,privilege6,privilege7,privilege8
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getPrivilegesList are tested.
- @Test
- public void testImportExportPolicy2() throws Exception {
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1"));
- sentryRolePrivilegesMap1
- .put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2, tSentryPrivilege3,
- tSentryPrivilege4));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- sentryStore.importSentryMetaData(tSentryMappingData1, false);
-
- TSentryMappingData tSentryMappingData2 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap2 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap2 = Maps.newHashMap();
- sentryGroupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- sentryGroupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- sentryRolePrivilegesMap2
- .put("role2", Sets.newHashSet(tSentryPrivilege5, tSentryPrivilege6, tSentryPrivilege7,
- tSentryPrivilege8));
- sentryRolePrivilegesMap2
- .put("role3", Sets.newHashSet(tSentryPrivilege5, tSentryPrivilege6, tSentryPrivilege7,
- tSentryPrivilege8));
- tSentryMappingData2.setGroupRolesMap(sentryGroupRolesMap2);
- tSentryMappingData2.setRolePrivilegesMap(sentryRolePrivilegesMap2);
- sentryStore.importSentryMetaData(tSentryMappingData2, false);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2", "role3"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1", "group2", "group3"));
-
- // test the result data for the privilege
- verifyPrivileges(privilegesList, Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role2", "role3"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap
- .put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2, tSentryPrivilege3,
- tSentryPrivilege4));
- exceptedRolePrivilegesMap
- .put("role2", Sets.newHashSet(tSentryPrivilege5, tSentryPrivilege6, tSentryPrivilege7,
- tSentryPrivilege8));
- exceptedRolePrivilegesMap
- .put("role3", Sets.newHashSet(tSentryPrivilege5, tSentryPrivilege6, tSentryPrivilege7,
- tSentryPrivilege8));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- // call import twice, and there has data overlap:
- // The data for 1st import:
- // group1=role1, role2
- // group2=role1, role2
- // group3=role1, role2
- // role1=privilege1,privilege2,privilege3,privilege4,privilege5
- // role2=privilege1,privilege2,privilege3,privilege4,privilege5
- // The data for 2nd import:
- // group1=role2,role3
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege4,privilege5,privilege6,privilege7,privilege8
- // role3=privilege4,privilege5,privilege6,privilege7,privilege8
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getPrivilegesList are tested.
- @Test
- public void testImportExportPolicy3() throws Exception {
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- sentryGroupRolesMap1.put("group2", Sets.newHashSet("role1", "role2"));
- sentryGroupRolesMap1.put("group3", Sets.newHashSet("role1", "role2"));
- sentryRolePrivilegesMap1.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5));
- sentryRolePrivilegesMap1.put("role2", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- sentryStore.importSentryMetaData(tSentryMappingData1, false);
-
- TSentryMappingData tSentryMappingData2 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap2 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap2 = Maps.newHashMap();
- sentryGroupRolesMap2.put("group1", Sets.newHashSet("role2", "role3"));
- sentryGroupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- sentryGroupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- sentryRolePrivilegesMap2.put("role2", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6, tSentryPrivilege7, tSentryPrivilege8));
- sentryRolePrivilegesMap2.put("role3", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6, tSentryPrivilege7, tSentryPrivilege8));
- tSentryMappingData2.setGroupRolesMap(sentryGroupRolesMap2);
- tSentryMappingData2.setRolePrivilegesMap(sentryRolePrivilegesMap2);
- sentryStore.importSentryMetaData(tSentryMappingData2, false);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2", "role3"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1", "group2", "group3"));
-
- // test the result data for the privilege
- verifyPrivileges(privilegesList, Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1", "role2", "role3"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2", "role3"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6, tSentryPrivilege7, tSentryPrivilege8));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- // call import twice, and there has one role without group.
- // The data for 1st import:
- // group1=role1, role2
- // role1=privilege1,privilege2
- // role2=privilege3,privilege4
- // The data for 2nd import:
- // group2=role2
- // role2=privilege5,privilege6
- // role3=privilege7,privilege8
- // role3 is without group, will be imported also
- @Test
- public void testImportExportPolicy4() throws Exception {
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- sentryRolePrivilegesMap1.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2));
- sentryRolePrivilegesMap1.put("role2", Sets.newHashSet(tSentryPrivilege3, tSentryPrivilege4));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- sentryStore.importSentryMetaData(tSentryMappingData1, false);
-
- TSentryMappingData tSentryMappingData2 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap2 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap2 = Maps.newHashMap();
- sentryGroupRolesMap2.put("group2", Sets.newHashSet("role2"));
- sentryRolePrivilegesMap2.put("role2", Sets.newHashSet(tSentryPrivilege5, tSentryPrivilege6));
- sentryRolePrivilegesMap2.put("role3", Sets.newHashSet(tSentryPrivilege7, tSentryPrivilege8));
- tSentryMappingData2.setGroupRolesMap(sentryGroupRolesMap2);
- tSentryMappingData2.setRolePrivilegesMap(sentryRolePrivilegesMap2);
- sentryStore.importSentryMetaData(tSentryMappingData2, false);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2", "role3"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1", "group2"));
-
- // test the result data for the privilege
- verifyPrivileges(privilegesList, Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1", "role2"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role2"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2));
- exceptedRolePrivilegesMap
- .put("role2", Sets.newHashSet(tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege7, tSentryPrivilege8));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- // test for import mapping data for [group,role] only:
- // group1=role1, role2
- @Test
- public void testImportExportPolicy5() throws Exception {
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- sentryStore.importSentryMetaData(tSentryMappingData1, false);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1"));
-
- // test the result data for the privilege
- assertTrue(privilegesList.isEmpty());
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1", "role2"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- assertTrue(actualRolePrivilegesMap.isEmpty());
- }
-
- // test for filter the orphaned group:
- // group1=role1, role2
- // group2=role2
- @Test
- public void testImportExportPolicy6() throws Exception {
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- sentryGroupRolesMap1.put("group2", Sets.newHashSet("role2"));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- sentryStore.importSentryMetaData(tSentryMappingData1, false);
-
- // drop the role2, the group2 is orphaned group
- sentryStore.dropSentryRole("role2");
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1", "group2"));
-
- // test the result data for the privilege
- assertTrue(privilegesList.isEmpty());
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- assertTrue(actualRolePrivilegesMap.isEmpty());
- }
-
- // call import twice, and there has no duplicate data, the import will be with the overwrite mode:
- // The data for 1st import:
- // group1=role1
- // role1=privilege1
- // The data for 2nd import:
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege2
- // role3=privilege2
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getPrivilegesList are tested.
- @Test
- public void testImportExportPolicy7() throws Exception {
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1"));
- sentryRolePrivilegesMap1.put("role1", Sets.newHashSet(tSentryPrivilege1));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- // the import with overwrite mode
- sentryStore.importSentryMetaData(tSentryMappingData1, true);
-
- TSentryMappingData tSentryMappingData2 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap2 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap2 = Maps.newHashMap();
- sentryGroupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- sentryGroupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- sentryRolePrivilegesMap2.put("role2", Sets.newHashSet(tSentryPrivilege2));
- sentryRolePrivilegesMap2.put("role3", Sets.newHashSet(tSentryPrivilege2));
- tSentryMappingData2.setGroupRolesMap(sentryGroupRolesMap2);
- tSentryMappingData2.setRolePrivilegesMap(sentryRolePrivilegesMap2);
- // the import with overwrite mode
- sentryStore.importSentryMetaData(tSentryMappingData2, true);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2", "role3"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1", "group2", "group3"));
-
- // test the result data for the privilege
- verifyPrivileges(privilegesList, Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role2", "role3"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege1));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege2));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege2));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- // call import twice, and there has data overlap, the import will be with the overwrite mode:
- // The data for 1st import:
- // group1=role1, role2
- // group2=role1, role2
- // group3=role1, role2
- // role1=privilege1,privilege2,privilege3,privilege4,privilege5
- // role2=privilege1,privilege2,privilege3,privilege4,privilege5
- // The data for 2nd import:
- // group1=role2,role3
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege4,privilege5,privilege6,privilege7,privilege8
- // role3=privilege4,privilege5,privilege6,privilege7,privilege8
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getPrivilegesList are tested.
- @Test
- public void testImportExportPolicy8() throws Exception {
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- sentryGroupRolesMap1.put("group2", Sets.newHashSet("role1", "role2"));
- sentryGroupRolesMap1.put("group3", Sets.newHashSet("role1", "role2"));
- sentryRolePrivilegesMap1.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5));
- sentryRolePrivilegesMap1.put("role2", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- // the import with overwrite mode
- sentryStore.importSentryMetaData(tSentryMappingData1, true);
-
- TSentryMappingData tSentryMappingData2 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap2 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap2 = Maps.newHashMap();
- sentryGroupRolesMap2.put("group1", Sets.newHashSet("role2", "role3"));
- sentryGroupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- sentryGroupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- sentryRolePrivilegesMap2.put("role2", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6, tSentryPrivilege7, tSentryPrivilege8));
- sentryRolePrivilegesMap2.put("role3", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6, tSentryPrivilege7, tSentryPrivilege8));
- tSentryMappingData2.setGroupRolesMap(sentryGroupRolesMap2);
- tSentryMappingData2.setRolePrivilegesMap(sentryRolePrivilegesMap2);
- // the import with overwrite mode
- sentryStore.importSentryMetaData(tSentryMappingData2, true);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2", "role3"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1", "group2", "group3"));
-
- // test the result data for the privilege
- verifyPrivileges(privilegesList, Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1", "role2", "role3"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2", "role3"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5));
- // role2 should be overwrite
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6, tSentryPrivilege7, tSentryPrivilege8));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege5,
- tSentryPrivilege6, tSentryPrivilege7, tSentryPrivilege8));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- // test the import privileges with the action: All, *, select, insert
- // All and * should replace the select and insert
- // The data for import:
- // group1=role1, role2
- // role1=testPrivilege1,testPrivilege2,testPrivilege3,testPrivilege4
- // role2=testPrivilege5, testPrivilege6,testPrivilege7,testPrivilege8
- @Test
- public void testImportExportPolicy9() throws Exception {
- TSentryPrivilege testPrivilege1 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl1", "", "", AccessConstants.SELECT, TSentryGrantOption.TRUE);
- TSentryPrivilege testPrivilege2 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl1", "", "", AccessConstants.INSERT, TSentryGrantOption.FALSE);
- TSentryPrivilege testPrivilege3 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl1", "", "", AccessConstants.ACTION_ALL, TSentryGrantOption.TRUE);
- TSentryPrivilege testPrivilege4 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl1", "", "", AccessConstants.INSERT, TSentryGrantOption.TRUE);
- TSentryPrivilege testPrivilege5 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl2", "", "", AccessConstants.SELECT, TSentryGrantOption.TRUE);
- TSentryPrivilege testPrivilege6 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl2", "", "", AccessConstants.INSERT, TSentryGrantOption.FALSE);
- TSentryPrivilege testPrivilege7 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl2", "", "", AccessConstants.ALL, TSentryGrantOption.TRUE);
- TSentryPrivilege testPrivilege8 = createTSentryPrivilege(PrivilegeScope.TABLE.name(),
- "server1", "db1", "tbl2", "", "", AccessConstants.INSERT, TSentryGrantOption.TRUE);
-
- TSentryMappingData tSentryMappingData1 = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap1 = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap1 = Maps.newHashMap();
- sentryGroupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- // after import there should be only testPrivilege2, testPrivilege3
- sentryRolePrivilegesMap1.put("role1",
- Sets.newHashSet(testPrivilege1, testPrivilege2, testPrivilege3, testPrivilege4));
- // after import there should be only testPrivilege6,testPrivilege7
- sentryRolePrivilegesMap1.put("role2",
- Sets.newHashSet(testPrivilege5, testPrivilege6, testPrivilege7, testPrivilege8));
- tSentryMappingData1.setGroupRolesMap(sentryGroupRolesMap1);
- tSentryMappingData1.setRolePrivilegesMap(sentryRolePrivilegesMap1);
- // the import with overwrite mode
- sentryStore.importSentryMetaData(tSentryMappingData1, true);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1"));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1", "role2"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(testPrivilege2, testPrivilege3));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(testPrivilege6, testPrivilege7));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- // The following data is imported:
- // group1=role1
- // group2=role1,role2
- // group3=role2,role3
- // group4=role1,role2,role3
- // role1=privilege3,privilege4,privilege9
- // role2=privilege3,privilege4,privilege5,privilege6,privilege7
- // role3=privilege4,privilege5,privilege6,privilege7,privilege8
- // Export APIs getRoleNameTPrivilegesMap, getGroupNameRoleNamesMap are tested.
- @Test
- public void testExportPolicyWithSpecificObject() throws Exception {
- // import the data for test
- TSentryMappingData tSentryMappingData = new TSentryMappingData();
- Map<String, Set<String>> sentryGroupRolesMap = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap = Maps.newHashMap();
- sentryGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- sentryGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2"));
- sentryGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- sentryGroupRolesMap.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- sentryRolePrivilegesMap.put("role1", Sets.newHashSet(
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege9));
- sentryRolePrivilegesMap.put("role2", Sets.newHashSet(
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7));
- sentryRolePrivilegesMap.put("role3", Sets.newHashSet(
- tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- tSentryMappingData.setGroupRolesMap(sentryGroupRolesMap);
- tSentryMappingData.setRolePrivilegesMap(sentryRolePrivilegesMap);
- sentryStore.importSentryMetaData(tSentryMappingData, false);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db1
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap =
- sentryStore.getRoleNameTPrivilegesMap("db1", "");
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege4));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege4,
- tSentryPrivilege5, tSentryPrivilege6, tSentryPrivilege7));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege4,
- tSentryPrivilege5, tSentryPrivilege6, tSentryPrivilege7));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
-
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(
- actualRolePrivilegesMap.keySet());
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- exceptedGroupRolesMap.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db2
- actualRolePrivilegesMap = sentryStore.getRoleNameTPrivilegesMap("db2", "");
- exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege3, tSentryPrivilege9));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege3));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
-
- mapList = sentryStore.getGroupUserRoleMapList(actualRolePrivilegesMap.keySet());
- actualGroupRolesMap = mapList.get(SentryStore.INDEX_GROUP_ROLES_MAP);
- exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2"));
- exceptedGroupRolesMap.put("group4", Sets.newHashSet("role1", "role2"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db1 and table=tbl1
- actualRolePrivilegesMap = sentryStore.getRoleNameTPrivilegesMap("db1", "tbl1");
- exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege4));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege4));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege4));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
-
- mapList = sentryStore.getGroupUserRoleMapList(actualRolePrivilegesMap.keySet());
- actualGroupRolesMap = mapList.get(SentryStore.INDEX_GROUP_ROLES_MAP);
- exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- exceptedGroupRolesMap.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db1 and table=tbl2
- actualRolePrivilegesMap = sentryStore.getRoleNameTPrivilegesMap("db1", "tbl2");
- exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege5));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege5));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
-
- mapList = sentryStore.getGroupUserRoleMapList(actualRolePrivilegesMap.keySet());
- actualGroupRolesMap = mapList.get(SentryStore.INDEX_GROUP_ROLES_MAP);
- exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role2"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- exceptedGroupRolesMap.put("group4", Sets.newHashSet("role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // verify the rolePrivilegesMap and groupRolesMap for table=tbl1
- actualRolePrivilegesMap = sentryStore.getRoleNameTPrivilegesMap("", "tbl1");
- exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege4, tSentryPrivilege9));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege4));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege4));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
-
- mapList = sentryStore.getGroupUserRoleMapList(actualRolePrivilegesMap.keySet());
- actualGroupRolesMap = mapList.get(SentryStore.INDEX_GROUP_ROLES_MAP);
- exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- exceptedGroupRolesMap.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- // verify the rolePrivilegesMap and groupRolesMap for empty parameter
- actualRolePrivilegesMap = sentryStore.getRoleNameTPrivilegesMap("", "");
- exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege3,
- tSentryPrivilege4, tSentryPrivilege9));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege3,
- tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6, tSentryPrivilege7));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege4,
- tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
-
- mapList = sentryStore.getGroupUserRoleMapList(actualRolePrivilegesMap.keySet());
- actualGroupRolesMap = mapList.get(SentryStore.INDEX_GROUP_ROLES_MAP);
- exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedGroupRolesMap.put("group2", Sets.newHashSet("role1", "role2"));
- exceptedGroupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- exceptedGroupRolesMap.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
- }
-
- // Befor import, database is empty.
- // The following information is imported:
- // group1=role1,role2,role3
- // user1=role1,role2
- // user2=role2,role3
- // role1=privilege1,privilege2,privilege3,privilege4
- // role2=privilege5,privilege6,privilege7,privilege8
- // role3=privilege3,privilege4,privilege5,privilege6
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getUsersMap getPrivilegesList are tested.
- @Test
- public void testImportExportWithUser() throws Exception {
- TSentryMappingData tSentryMappingData = new TSentryMappingData();
- Map<String, Set<String>> groupRolesMap = Maps.newHashMap();
- Map<String, Set<String>> userRolesMap = Maps.newHashMap();
- Map<String, Set<TSentryPrivilege>> sentryRolePrivilegesMap = Maps.newHashMap();
- groupRolesMap.put("group1", Sets.newHashSet("Role1", "role2", "role3"));
- userRolesMap.put("user1", Sets.newHashSet("Role1", "role2"));
- userRolesMap.put("user2", Sets.newHashSet("role2", "role3"));
- sentryRolePrivilegesMap.put("Role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4));
- sentryRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- sentryRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege3,
- tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6));
- tSentryMappingData.setGroupRolesMap(groupRolesMap);
- tSentryMappingData.setRolePrivilegesMap(sentryRolePrivilegesMap);
- tSentryMappingData.setUserRolesMap(userRolesMap);
- sentryStore.importSentryMetaData(tSentryMappingData, false);
-
- Map<String, MSentryRole> rolesMap = sentryStore.getRolesMap();
- Map<String, MSentryGroup> groupsMap = sentryStore.getGroupNameToGroupMap();
- Map<String, MSentryUser> usersMap = sentryStore.getUserNameToUserMap();
- List<MSentryPrivilege> privilegesList = sentryStore.getPrivilegesList();
-
- // test the result data for the role
- verifyRoles(rolesMap, Sets.newHashSet("role1", "role2", "role3"));
-
- // test the result data for the group
- verifyGroups(groupsMap, Sets.newHashSet("group1"));
-
- // test the result data for the user
- verifyUsers(usersMap, Sets.newHashSet("user1", "user2"));
-
- // test the result data for the privilege
- verifyPrivileges(privilegesList, Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
-
- // test the mapping data for group and role
- List<Map<String, Set<String>>> mapList = sentryStore.getGroupUserRoleMapList(null);
- Map<String, Set<String>> actualGroupRolesMap = mapList.get(
- SentryStore.INDEX_GROUP_ROLES_MAP);
- Map<String, Set<String>> exceptedGroupRolesMap = Maps.newHashMap();
- exceptedGroupRolesMap.put("group1", Sets.newHashSet("role1", "role2", "role3"));
- verifyUserGroupRolesMap(actualGroupRolesMap, exceptedGroupRolesMap);
-
- Map<String, Set<String>> actualUserRolesMap = mapList.get(
- SentryStore.INDEX_USER_ROLES_MAP);
- Map<String, Set<String>> exceptedUserRolesMap = Maps.newHashMap();
- exceptedUserRolesMap.put("user1", Sets.newHashSet("role1", "role2"));
- exceptedUserRolesMap.put("user2", Sets.newHashSet("role2", "role3"));
- verifyUserGroupRolesMap(actualUserRolesMap, exceptedUserRolesMap);
-
- // test the mapping data for role and privilege
- Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap = sentryStore
- .getRoleNameTPrivilegesMap();
- Map<String, Set<TSentryPrivilege>> exceptedRolePrivilegesMap = Maps.newHashMap();
- exceptedRolePrivilegesMap.put("role1", Sets.newHashSet(tSentryPrivilege1, tSentryPrivilege2,
- tSentryPrivilege3, tSentryPrivilege4));
- exceptedRolePrivilegesMap.put("role2", Sets.newHashSet(tSentryPrivilege5, tSentryPrivilege6,
- tSentryPrivilege7, tSentryPrivilege8));
- exceptedRolePrivilegesMap.put("role3", Sets.newHashSet(tSentryPrivilege3,
- tSentryPrivilege4, tSentryPrivilege5, tSentryPrivilege6));
-
- verifyRolePrivilegesMap(actualRolePrivilegesMap, exceptedRolePrivilegesMap);
- }
-
- private void verifyRoles(Map<String, MSentryRole> actualRoleMap, Set<String> expectedRoleNameSet) {
- assertEquals(expectedRoleNameSet.size(), actualRoleMap.keySet().size());
- for (String roleName : actualRoleMap.keySet()) {
- assertTrue(expectedRoleNameSet.contains(roleName));
- }
- }
-
- private void verifyGroups(Map<String, MSentryGroup> actualGroupsMap,
- Set<String> expectedGroupNameSet) {
- assertEquals(expectedGroupNameSet.size(), actualGroupsMap.keySet().size());
- for (String groupName : actualGroupsMap.keySet()) {
- assertTrue(expectedGroupNameSet.contains(groupName));
- }
- }
-
- private void verifyUsers(Map<String, MSentryUser> actualUsersMap,
- Set<String> expectedUserNameSet) {
- assertEquals(expectedUserNameSet.size(), actualUsersMap.keySet().size());
- for (String userName : actualUsersMap.keySet()) {
- assertTrue(expectedUserNameSet.contains(userName));
- }
- }
-
- private void verifyPrivileges(List<MSentryPrivilege> actualPrivileges,
- Set<TSentryPrivilege> expectedTSentryPrivilegeSet) {
- assertEquals(expectedTSentryPrivilegeSet.size(), actualPrivileges.size());
- for (MSentryPrivilege mSentryPrivilege : actualPrivileges) {
- boolean isFound = false;
- for (TSentryPrivilege tSentryPrivilege : expectedTSentryPrivilegeSet) {
- isFound = compareTSentryPrivilege(sentryStore.convertToTSentryPrivilege(mSentryPrivilege),
- tSentryPrivilege);
- if (isFound) {
- break;
- }
- }
- assertTrue(isFound);
- }
- }
-
- private void verifyUserGroupRolesMap(Map<String, Set<String>> actualMap,
- Map<String, Set<String>> exceptedMap) {
- assertEquals(exceptedMap.keySet().size(), actualMap.keySet().size());
- for (String name : actualMap.keySet()) {
- Set<String> exceptedRoles = exceptedMap.get(name);
- Set<String> actualRoles = actualMap.get(name);
- assertEquals(actualRoles.size(), exceptedRoles.size());
- assertTrue(actualRoles.equals(exceptedRoles));
- }
- }
-
- private void verifyRolePrivilegesMap(Map<String, Set<TSentryPrivilege>> actualRolePrivilegesMap,
- Map<String, Set<TSentryPrivilege>> expectedRolePrivilegesMap) {
- assertEquals(expectedRolePrivilegesMap.keySet().size(), actualRolePrivilegesMap.keySet().size());
- for (String roleName : expectedRolePrivilegesMap.keySet()) {
- Set<TSentryPrivilege> exceptedTSentryPrivileges = expectedRolePrivilegesMap.get(roleName);
- Set<TSentryPrivilege> actualTSentryPrivileges = actualRolePrivilegesMap.get(roleName);
- assertEquals(exceptedTSentryPrivileges.size(), actualTSentryPrivileges.size());
- for (TSentryPrivilege actualPrivilege : actualTSentryPrivileges) {
- boolean isFound = false;
- for (TSentryPrivilege expectedPrivilege : exceptedTSentryPrivileges) {
- isFound = compareTSentryPrivilege(expectedPrivilege, actualPrivilege);
- if (isFound) {
- break;
- }
- }
- assertTrue(isFound);
- }
- }
- }
-
- private TSentryPrivilege createTSentryPrivilege(String scope, String server, String dbName,
- String tableName, String columnName, String uri, String action, TSentryGrantOption grantOption) {
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
- tSentryPrivilege.setPrivilegeScope(scope);
- tSentryPrivilege.setServerName(server);
- tSentryPrivilege.setDbName(dbName);
- tSentryPrivilege.setTableName(tableName);
- tSentryPrivilege.setColumnName(columnName);
- tSentryPrivilege.setURI(uri);
- tSentryPrivilege.setAction(action);
- tSentryPrivilege.setGrantOption(grantOption);
- return tSentryPrivilege;
- }
-
- // compare the TSentryPrivilege without the create time
- private boolean compareTSentryPrivilege(TSentryPrivilege tSentryPrivilege1,
- TSentryPrivilege tSentryPrivilege2) {
- if (tSentryPrivilege1 == null) {
- if (tSentryPrivilege2 == null) {
- return true;
- } else {
- return false;
- }
- } else {
- if (tSentryPrivilege2 == null) {
- return false;
- }
- }
-
- boolean this_present_privilegeScope = true && tSentryPrivilege1.isSetPrivilegeScope();
- boolean that_present_privilegeScope = true && tSentryPrivilege2.isSetPrivilegeScope();
- if (this_present_privilegeScope || that_present_privilegeScope) {
- if (!(this_present_privilegeScope && that_present_privilegeScope)) {
- return false;
- }
- if (!tSentryPrivilege1.getPrivilegeScope().equalsIgnoreCase(
- tSentryPrivilege2.getPrivilegeScope())) {
- return false;
- }
- }
-
- boolean this_present_serverName = true && tSentryPrivilege1.isSetServerName();
- boolean that_present_serverName = true && tSentryPrivilege2.isSetServerName();
- if (this_present_serverName || that_present_serverName) {
- if (!(this_present_serverName && that_present_serverName)) {
- return false;
- }
- if (!tSentryPrivilege1.getServerName().equalsIgnoreCase(tSentryPrivilege2.getServerName())) {
- return false;
- }
- }
-
- boolean this_present_dbName = true && tSentryPrivilege1.isSetDbName();
- boolean that_present_dbName = true && tSentryPrivilege2.isSetDbName();
- if (this_present_dbName || that_present_dbName) {
- if (!(this_present_dbName && that_present_dbName)) {
- return false;
- }
- if (!tSentryPrivilege1.getDbName().equalsIgnoreCase(tSentryPrivilege2.getDbName())) {
- return false;
- }
- }
-
- boolean this_present_tableName = true && tSentryPrivilege1.isSetTableName();
- boolean that_present_tableName = true && tSentryPrivilege2.isSetTableName();
- if (this_present_tableName || that_present_tableName) {
- if (!(this_present_tableName && that_present_tableName)) {
- return false;
- }
- if (!tSentryPrivilege1.getTableName().equalsIgnoreCase(tSentryPrivilege2.getTableName())) {
- return false;
- }
- }
-
- boolean this_present_URI = true && tSentryPrivilege1.isSetURI();
- boolean that_present_URI = true && tSentryPrivilege2.isSetURI();
- if (this_present_URI || that_present_URI) {
- if (!(this_present_URI && that_present_URI)) {
- return false;
- }
- if (!tSentryPrivilege1.getURI().equalsIgnoreCase(tSentryPrivilege2.getURI())) {
- return false;
- }
- }
-
- boolean this_present_action = true && tSentryPrivilege1.isSetAction();
- boolean that_present_action = true && tSentryPrivilege2.isSetAction();
- if (this_present_action || that_present_action) {
- if (!(this_present_action && that_present_action)) {
- return false;
- }
- if (!tSentryPrivilege1.getAction().equalsIgnoreCase(tSentryPrivilege2.getAction())) {
- return false;
- }
- }
-
- boolean this_present_grantOption = true && tSentryPrivilege1.isSetGrantOption();
- boolean that_present_grantOption = true && tSentryPrivilege2.isSetGrantOption();
- if (this_present_grantOption || that_present_grantOption) {
- if (!(this_present_grantOption && that_present_grantOption)) {
- return false;
- }
- if (!tSentryPrivilege1.getGrantOption().equals(tSentryPrivilege2.getGrantOption())) {
- return false;
- }
- }
-
- boolean this_present_columnName = true && tSentryPrivilege1.isSetColumnName();
- boolean that_present_columnName = true && tSentryPrivilege2.isSetColumnName();
- if (this_present_columnName || that_present_columnName) {
- if (!(this_present_columnName && that_present_columnName)) {
- return false;
- }
- if (!tSentryPrivilege1.getColumnName().equalsIgnoreCase(tSentryPrivilege2.getColumnName())) {
- return false;
- }
- }
-
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
deleted file mode 100644
index 25f94fa..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
+++ /dev/null
@@ -1,86 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import static org.junit.Assert.assertEquals;
-
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
-import org.junit.Test;
-
-public class TestSentryStoreToAuthorizable {
-
- private MSentryPrivilege privilege;
-
- @Test
- public void testServer() {
- privilege = new MSentryPrivilege(null, "server1", null, null, null, null, null);
- assertEquals("server=server1",
- SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, "server1", null, null, null, null,
- AccessConstants.ALL);
- assertEquals("server=server1",
- SentryStore.toAuthorizable(privilege));
- }
-
- @Test
- public void testTable() {
- privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null, null);
- assertEquals("server=server1->db=db1->table=tbl1",
- SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null,
- AccessConstants.INSERT);
- assertEquals("server=server1->db=db1->table=tbl1->action=insert",
- SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null,
- AccessConstants.SELECT);
- assertEquals("server=server1->db=db1->table=tbl1->action=select",
- SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null,
- AccessConstants.ALL);
- assertEquals("server=server1->db=db1->table=tbl1",
- SentryStore.toAuthorizable(privilege));
- }
-
- @Test
- public void testDb() {
- privilege = new MSentryPrivilege(null, "server1", "db1", null, null, null, null);
- assertEquals("server=server1->db=db1",
- SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, "server1", "db1", null, null, null,
- AccessConstants.ALL);
- assertEquals("server=server1->db=db1",
- SentryStore.toAuthorizable(privilege));
- }
-
- @Test
- public void testUri() {
- privilege = new MSentryPrivilege(null, "server1", null, null, null, "file:///", null);
- assertEquals("server=server1->uri=file:///",
- SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, "server1", null, null, null, "file:///",
- AccessConstants.SELECT);
- assertEquals("server=server1->uri=file:///->action=select",
- SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, "server1", null, null, null, "file:///",
- AccessConstants.ALL);
- assertEquals("server=server1->uri=file:///",
- SentryStore.toAuthorizable(privilege));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryVersion.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryVersion.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryVersion.java
deleted file mode 100644
index a8e8a03..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryVersion.java
+++ /dev/null
@@ -1,85 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import static org.junit.Assert.assertEquals;
-
-import java.io.File;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.common.io.Files;
-
-public class TestSentryVersion {
-
- private File dataDir;
- private Configuration conf;
-
- @Before
- public void setup() throws Exception {
- dataDir = new File(Files.createTempDir(), "sentry_policy_db");
- conf = new Configuration(false);
- conf.set(ServerConfig.SENTRY_STORE_JDBC_URL, "jdbc:derby:;databaseName="
- + dataDir.getPath() + ";create=true");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
- }
-
- /**
- * Create the schema using auto creation Create new sentry store without
- * implicit schema creation on the same backend db and make sure it starts
- *
- * @throws Exception
- */
- @Test
- public void testVerifySentryVersionCheck() throws Exception {
- conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
- SentryStore sentryStore = new SentryStore(conf);
- sentryStore.stop();
- conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "true");
- sentryStore = new SentryStore(conf);
- }
-
- /**
- * Verify that store is not initialized by default without schema pre-created
- *
- * @throws Exception
- */
- @Test(expected = SentryNoSuchObjectException.class)
- public void testNegSentrySchemaDefault() throws Exception {
- new SentryStore(conf);
- }
-
- /**
- * With schema verification turned off, Sentry Store should autoCreate the
- * schema
- * @throws Exception
- */
- @Test
- public void testSentryImplicitVersion() throws Exception {
- conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
- SentryStore sentryStore = new SentryStore(conf);
- assertEquals(SentryStoreSchemaInfo.getSentryVersion(),
- sentryStore.getSentryVersion());
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/SentryMiniKdcTestcase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/SentryMiniKdcTestcase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/SentryMiniKdcTestcase.java
deleted file mode 100644
index 1114194..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/SentryMiniKdcTestcase.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.io.File;
-import java.util.Properties;
-
-import org.apache.hadoop.minikdc.MiniKdc;
-
-public class SentryMiniKdcTestcase {
-
- private static File workDir;
- private static Properties conf;
- private static MiniKdc kdc;
-
- public static void startMiniKdc(Properties confOverlay) throws Exception {
- createTestDir();
- createMiniKdcConf(confOverlay);
- kdc = new MiniKdc(conf, workDir);
- kdc.start();
- }
-
- private static void createMiniKdcConf(Properties confOverlay) {
- conf = MiniKdc.createConf();
- for ( Object property : confOverlay.keySet()) {
- conf.put(property, confOverlay.get(property));
- }
- }
-
- private static void createTestDir() {
- workDir = new File(System.getProperty("test.dir", "target"));
- }
-
- public static void stopMiniKdc() {
- if (kdc != null) {
- kdc.stop();
- }
- }
-
- public static MiniKdc getKdc() {
- return kdc;
- }
-
- public static File getWorkDir() {
- return workDir;
- }
-
- public Properties getConf() {
- return conf;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestAuthorizingDDLAuditLogWithKerberos.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestAuthorizingDDLAuditLogWithKerberos.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestAuthorizingDDLAuditLogWithKerberos.java
deleted file mode 100644
index 426b2f7..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestAuthorizingDDLAuditLogWithKerberos.java
+++ /dev/null
@@ -1,295 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import static org.hamcrest.core.Is.is;
-import static org.junit.Assert.assertThat;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.log4j.Level;
-import org.apache.log4j.Logger;
-import org.apache.sentry.provider.db.log.appender.AuditLoggerTestAppender;
-import org.apache.sentry.provider.db.log.util.CommandUtil;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.codehaus.jettison.json.JSONObject;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-public class TestAuthorizingDDLAuditLogWithKerberos extends SentryServiceIntegrationBase {
-
- @BeforeClass
- public static void setupLog4j() throws Exception {
- Logger logger = Logger.getLogger("sentry.hive.authorization.ddl.logger");
- AuditLoggerTestAppender testAppender = new AuditLoggerTestAppender();
- logger.addAppender(testAppender);
- logger.setLevel(Level.INFO);
- }
-
- @Test
- public void testBasic() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- String roleName = "testRole";
- String errorRoleName = "errorRole";
- String serverName = "server1";
- String groupName = "testGroup";
- String dbName = "dbTest";
- String tableName = "tableTest";
- Map<String, String> fieldValueMap = new HashMap<String, String>();
-
- // for successful audit log
- client.createRole(requestorUserName, roleName);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- // for ip address, there is another logic to test the result
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- client.grantRoleToGroup(requestorUserName, groupName, roleName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE " + roleName
- + " TO GROUP " + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- client.grantDatabasePrivilege(requestorUserName, roleName, serverName, dbName, "ALL");
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ALL ON DATABASE " + dbName
- + " TO ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_DATABASE_NAME, dbName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- client.grantTablePrivilege(requestorUserName, roleName, serverName, dbName, tableName,
- "SELECT", true);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON TABLE " + tableName
- + " TO ROLE " + roleName + " WITH GRANT OPTION");
- fieldValueMap.put(Constants.LOG_FIELD_TABLE_NAME, tableName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // for error audit log
- try {
- client.createRole(requestorUserName, roleName);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- client.grantRoleToGroup(requestorUserName, groupName, errorRoleName);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE " + errorRoleName
- + " TO GROUP " + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- client
- .grantDatabasePrivilege(requestorUserName, errorRoleName, serverName, dbName, "ALL");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ALL ON DATABASE " + dbName
- + " TO ROLE " + errorRoleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- client.grantDatabasePrivilege(requestorUserName, errorRoleName, serverName, dbName,
- "INSERT");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT INSERT ON DATABASE "
- + dbName + " TO ROLE " + errorRoleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- client.grantDatabasePrivilege(requestorUserName, errorRoleName, serverName, dbName,
- "SELECT");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON DATABASE "
- + dbName + " TO ROLE " + errorRoleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- try {
- client.grantTablePrivilege(requestorUserName, errorRoleName, serverName, dbName,
- tableName, "SELECT");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT SELECT ON TABLE "
- + tableName + " TO ROLE " + errorRoleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- client.revokeTablePrivilege(requestorUserName, roleName, serverName, dbName, tableName,
- "SELECT");
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE SELECT ON TABLE " + tableName
- + " FROM ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_TABLE_NAME, tableName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- client.revokeDatabasePrivilege(requestorUserName, roleName, serverName, dbName, "ALL");
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ALL ON DATABASE " + dbName
- + " FROM ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_DATABASE_NAME, dbName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- client.revokeRoleFromGroup(requestorUserName, groupName, roleName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ROLE " + roleName
- + " FROM GROUP " + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- client.dropRole(requestorUserName, roleName);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // for error audit log
- try {
- client.revokeTablePrivilege(requestorUserName, errorRoleName, serverName, dbName,
- tableName, "SELECT");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE SELECT ON TABLE "
- + tableName + " FROM ROLE " + errorRoleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- try {
- client.revokeDatabasePrivilege(requestorUserName, errorRoleName, serverName, dbName,
- "ALL");
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ALL ON DATABASE " + dbName
- + " FROM ROLE " + errorRoleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- try {
- client.revokeRoleFromGroup(requestorUserName, groupName, errorRoleName);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ROLE " + errorRoleName
- + " FROM GROUP " + groupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- try {
- client.dropRole(requestorUserName, errorRoleName);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE " + errorRoleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- }
- });
- }
-
- private void assertAuditLog(Map<String, String> fieldValueMap) throws Exception {
- assertThat(AuditLoggerTestAppender.getLastLogLevel(), is(Level.INFO));
- JSONObject jsonObject = new JSONObject(AuditLoggerTestAppender.getLastLogEvent());
- if (fieldValueMap != null) {
- for (Map.Entry<String, String> entry : fieldValueMap.entrySet()) {
- String entryKey = entry.getKey();
- if (Constants.LOG_FIELD_IP_ADDRESS.equals(entryKey)) {
- assertTrue(CommandUtil.assertIPInAuditLog(jsonObject.get(entryKey).toString()));
- } else {
- assertTrue(entry.getValue().equalsIgnoreCase(jsonObject.get(entryKey).toString()));
- }
- }
- }
- }
-}
[14/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.4.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.4.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.4.0.sql
deleted file mode 100644
index 5dfae03..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.4.0.sql
+++ /dev/null
@@ -1,124 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-START TRANSACTION;
-
-SET statement_timeout = 0;
-SET client_encoding = 'UTF8';
-SET standard_conforming_strings = off;
-SET check_function_bodies = false;
-SET client_min_messages = warning;
-SET escape_string_warning = off;
-SET search_path = public, pg_catalog;
-SET default_tablespace = '';
-SET default_with_oids = false;
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "PRIVILEGE_NAME" character varying(4000) NOT NULL,
- "PRIVILEGE_SCOPE" character varying(32) NOT NULL,
- "SERVER_NAME" character varying(128) NOT NULL,
- "DB_NAME" character varying(128) DEFAULT NULL::character varying,
- "TABLE_NAME" character varying(128) DEFAULT NULL::character varying,
- "URI" character varying(4000) DEFAULT NULL::character varying,
- "ACTION" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR(128) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" BIGINT NOT NULL,
- "ROLE_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128) NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" BIGINT NOT NULL,
- "GROUP_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "DB_PRIVILEGE_ID" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GROUP_ID" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" bigint,
- "SCHEMA_VERSION" character varying(127) NOT NULL,
- "VERSION_COMMENT" character varying(255) NOT NULL
-);
-
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("PRIVILEGE_NAME");
-
-CREATE INDEX "SENTRY_PRIV_SERV_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_PRIV_DB_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("DB_NAME");
-
-CREATE INDEX "SENTRY_PRIV_TBL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_PRIV_URI_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("URI");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_DB_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") DEFERRABLE;
-
-INSERT INTO "SENTRY_VERSION" ("VER_ID", "SCHEMA_VERSION", "VERSION_COMMENT") VALUES (1, '1.4.0', 'Sentry release version 1.4.0');
-
-COMMIT;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.5.0.sql
deleted file mode 100644
index fb26770..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.5.0.sql
+++ /dev/null
@@ -1,182 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-START TRANSACTION;
-
-SET statement_timeout = 0;
-SET client_encoding = 'UTF8';
-SET standard_conforming_strings = off;
-SET check_function_bodies = false;
-SET client_min_messages = warning;
-SET escape_string_warning = off;
-SET search_path = public, pg_catalog;
-SET default_tablespace = '';
-SET default_with_oids = false;
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "PRIVILEGE_SCOPE" character varying(32) NOT NULL,
- "SERVER_NAME" character varying(128) NOT NULL,
- "DB_NAME" character varying(128) DEFAULT '__NULL__',
- "TABLE_NAME" character varying(128) DEFAULT '__NULL__',
- "COLUMN_NAME" character varying(128) DEFAULT '__NULL__',
- "URI" character varying(4000) DEFAULT '__NULL__',
- "ACTION" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" BIGINT NOT NULL,
- "ROLE_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" BIGINT NOT NULL,
- "GROUP_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GROUP_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" bigint,
- "SCHEMA_VERSION" character varying(127) NOT NULL,
- "VERSION_COMMENT" character varying(255) NOT NULL
-);
-
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI", "ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_PRIV_SERV_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_PRIV_DB_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("DB_NAME");
-
-CREATE INDEX "SENTRY_PRIV_TBL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_PRIV_COL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_PRIV_URI_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("URI");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_DB_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") DEFERRABLE;
-
-INSERT INTO "SENTRY_VERSION" ("VER_ID", "SCHEMA_VERSION", "VERSION_COMMENT") VALUES (1, '1.5.0', 'Sentry release version 1.5.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" BIGINT NOT NULL,
- "COMPONENT_NAME" character varying(32) NOT NULL,
- "SERVICE_NAME" character varying(64) NOT NULL,
- "RESOURCE_NAME_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" character varying(64) DEFAULT '__NULL__',
- "ACTION" character varying(32) NOT NULL,
- "SCOPE" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GM_PRIVILEGE_ID" BIGINT NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GM_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") DEFERRABLE;
-
-COMMIT;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.6.0.sql
deleted file mode 100644
index 62edf3e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.6.0.sql
+++ /dev/null
@@ -1,182 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-START TRANSACTION;
-
-SET statement_timeout = 0;
-SET client_encoding = 'UTF8';
-SET standard_conforming_strings = off;
-SET check_function_bodies = false;
-SET client_min_messages = warning;
-SET escape_string_warning = off;
-SET search_path = public, pg_catalog;
-SET default_tablespace = '';
-SET default_with_oids = false;
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "PRIVILEGE_SCOPE" character varying(32) NOT NULL,
- "SERVER_NAME" character varying(128) NOT NULL,
- "DB_NAME" character varying(128) DEFAULT '__NULL__',
- "TABLE_NAME" character varying(128) DEFAULT '__NULL__',
- "COLUMN_NAME" character varying(128) DEFAULT '__NULL__',
- "URI" character varying(4000) DEFAULT '__NULL__',
- "ACTION" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" BIGINT NOT NULL,
- "ROLE_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" BIGINT NOT NULL,
- "GROUP_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GROUP_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" bigint,
- "SCHEMA_VERSION" character varying(127) NOT NULL,
- "VERSION_COMMENT" character varying(255) NOT NULL
-);
-
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI", "ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_PRIV_SERV_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_PRIV_DB_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("DB_NAME");
-
-CREATE INDEX "SENTRY_PRIV_TBL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_PRIV_COL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_PRIV_URI_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("URI");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_DB_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") DEFERRABLE;
-
-INSERT INTO "SENTRY_VERSION" ("VER_ID", "SCHEMA_VERSION", "VERSION_COMMENT") VALUES (1, '1.6.0', 'Sentry release version 1.6.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" BIGINT NOT NULL,
- "COMPONENT_NAME" character varying(32) NOT NULL,
- "SERVICE_NAME" character varying(64) NOT NULL,
- "RESOURCE_NAME_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" character varying(64) DEFAULT '__NULL__',
- "ACTION" character varying(32) NOT NULL,
- "SCOPE" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GM_PRIVILEGE_ID" BIGINT NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GM_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") DEFERRABLE;
-
-COMMIT;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.7.0.sql
deleted file mode 100644
index 9f4f85b..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.7.0.sql
+++ /dev/null
@@ -1,182 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-START TRANSACTION;
-
-SET statement_timeout = 0;
-SET client_encoding = 'UTF8';
-SET standard_conforming_strings = off;
-SET check_function_bodies = false;
-SET client_min_messages = warning;
-SET escape_string_warning = off;
-SET search_path = public, pg_catalog;
-SET default_tablespace = '';
-SET default_with_oids = false;
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "PRIVILEGE_SCOPE" character varying(32) NOT NULL,
- "SERVER_NAME" character varying(128) NOT NULL,
- "DB_NAME" character varying(128) DEFAULT '__NULL__',
- "TABLE_NAME" character varying(128) DEFAULT '__NULL__',
- "COLUMN_NAME" character varying(128) DEFAULT '__NULL__',
- "URI" character varying(4000) DEFAULT '__NULL__',
- "ACTION" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" BIGINT NOT NULL,
- "ROLE_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" BIGINT NOT NULL,
- "GROUP_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GROUP_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" bigint,
- "SCHEMA_VERSION" character varying(127) NOT NULL,
- "VERSION_COMMENT" character varying(255) NOT NULL
-);
-
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI", "ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_PRIV_SERV_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_PRIV_DB_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("DB_NAME");
-
-CREATE INDEX "SENTRY_PRIV_TBL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_PRIV_COL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_PRIV_URI_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("URI");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_DB_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") DEFERRABLE;
-
-INSERT INTO "SENTRY_VERSION" ("VER_ID", "SCHEMA_VERSION", "VERSION_COMMENT") VALUES (1, '1.7.0', 'Sentry release version 1.7.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" BIGINT NOT NULL,
- "COMPONENT_NAME" character varying(32) NOT NULL,
- "SERVICE_NAME" character varying(64) NOT NULL,
- "RESOURCE_NAME_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" character varying(64) DEFAULT '__NULL__',
- "ACTION" character varying(32) NOT NULL,
- "SCOPE" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GM_PRIVILEGE_ID" BIGINT NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GM_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") DEFERRABLE;
-
-COMMIT;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
deleted file mode 100644
index 6d56332..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-postgres-1.8.0.sql
+++ /dev/null
@@ -1,211 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-START TRANSACTION;
-
-SET statement_timeout = 0;
-SET client_encoding = 'UTF8';
-SET standard_conforming_strings = off;
-SET check_function_bodies = false;
-SET client_min_messages = warning;
-SET escape_string_warning = off;
-SET search_path = public, pg_catalog;
-SET default_tablespace = '';
-SET default_with_oids = false;
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "PRIVILEGE_SCOPE" character varying(32) NOT NULL,
- "SERVER_NAME" character varying(128) NOT NULL,
- "DB_NAME" character varying(128) DEFAULT '__NULL__',
- "TABLE_NAME" character varying(128) DEFAULT '__NULL__',
- "COLUMN_NAME" character varying(128) DEFAULT '__NULL__',
- "URI" character varying(4000) DEFAULT '__NULL__',
- "ACTION" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" BIGINT NOT NULL,
- "ROLE_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" BIGINT NOT NULL,
- "GROUP_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "DB_PRIVILEGE_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GROUP_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" bigint,
- "SCHEMA_VERSION" character varying(127) NOT NULL,
- "VERSION_COMMENT" character varying(255) NOT NULL
-);
-
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE ONLY "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI", "ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_PRIV_SERV_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_PRIV_DB_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("DB_NAME");
-
-CREATE INDEX "SENTRY_PRIV_TBL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_PRIV_COL_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_PRIV_URI_IDX" ON "SENTRY_DB_PRIVILEGE" USING btree ("URI");
-
-ALTER TABLE ONLY "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE ONLY "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_DB_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") DEFERRABLE;
-
-INSERT INTO "SENTRY_VERSION" ("VER_ID", "SCHEMA_VERSION", "VERSION_COMMENT") VALUES (1, '1.8.0', 'Sentry release version 1.8.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" BIGINT NOT NULL,
- "COMPONENT_NAME" character varying(32) NOT NULL,
- "SERVICE_NAME" character varying(64) NOT NULL,
- "RESOURCE_NAME_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" character varying(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" character varying(64) DEFAULT '__NULL__',
- "ACTION" character varying(32) NOT NULL,
- "SCOPE" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) NOT NULL
-);
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE ONLY "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" USING btree ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "GM_PRIVILEGE_ID" BIGINT NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GM_PRIVILEGE_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") DEFERRABLE;
-
-CREATE TABLE "SENTRY_USER" (
- "USER_ID" BIGINT NOT NULL,
- "USER_NAME" character varying(128) NOT NULL,
- "CREATE_TIME" BIGINT NOT NULL
-);
-
-ALTER TABLE ONLY "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_PK" PRIMARY KEY ("USER_ID");
-
-ALTER TABLE ONLY "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_USER_NAME_UNIQUE" UNIQUE ("USER_NAME");
-
-CREATE TABLE "SENTRY_ROLE_USER_MAP" (
- "ROLE_ID" BIGINT NOT NULL,
- "USER_ID" BIGINT NOT NULL,
- "GRANTOR_PRINCIPAL" character varying(128)
-);
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_USER_MAP_PK" PRIMARY KEY ("ROLE_ID","USER_ID");
-
-ALTER TABLE ONLY "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE;
-
-ALTER TABLE ONLY "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_USER_FK"
- FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") DEFERRABLE;
-
-COMMIT;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.4.0-to-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.4.0-to-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.4.0-to-1.5.0.sql
deleted file mode 100644
index 26721c9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.4.0-to-1.5.0.sql
+++ /dev/null
@@ -1,61 +0,0 @@
--- SENTRY-327
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD WITH_GRANT_OPTION CHAR(1) NOT NULL;
-
--- SENTRY-339
-DROP INDEX SENTRYPRIVILEGENAME;
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-ALTER TABLE SENTRY_DB_PRIVILEGE DROP PRIVILEGE_NAME;
-
--- SENTRY-380
-ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP `GRANTOR_PRINCIPAL`;
-ALTER TABLE `SENTRY_ROLE` DROP `GRANTOR_PRINCIPAL`;
-ALTER TABLE `SENTRY_GROUP` DROP `GRANTOR_PRINCIPAL`;
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128);
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128);
-
--- SENTRY-74
-ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD `COLUMN_NAME` CHAR(4000);
-DROP INDEX SENTRYPRIVILEGENAME;
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
--- SENTRY-398
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400),
- RESOURCE_NAME_1 VARCHAR(400),
- RESOURCE_NAME_2 VARCHAR(400),
- RESOURCE_NAME_3 VARCHAR(400),
- RESOURCE_TYPE_0 VARCHAR(400),
- RESOURCE_TYPE_1 VARCHAR(400),
- RESOURCE_TYPE_2 VARCHAR(400),
- RESOURCE_TYPE_3 VARCHAR(400),
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
-
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.5.0-to-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.5.0-to-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.5.0-to-1.6.0.sql
deleted file mode 100644
index 5560d9f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.5.0-to-1.6.0.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.6.0-to-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.6.0-to-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.6.0-to-1.7.0.sql
deleted file mode 100644
index e2494a2..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.6.0-to-1.7.0.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
deleted file mode 100644
index 927f302..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql
+++ /dev/null
@@ -1,31 +0,0 @@
--- SENTRY-711
-CREATE TABLE SENTRY_USER
-(
- USER_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- USER_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_USER ADD CONSTRAINT SENTRY_USER_PK PRIMARY KEY (USER_ID);
-
-CREATE UNIQUE INDEX SENTRYUSERNAME ON SENTRY_USER (USER_NAME);
-
-CREATE TABLE SENTRY_ROLE_USER_MAP
-(
- USER_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_PK PRIMARY KEY (USER_ID,ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N49 ON SENTRY_ROLE_USER_MAP (USER_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N50 ON SENTRY_ROLE_USER_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK1 FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER (USER_ID) ;
-
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.4.0-to-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.4.0-to-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.4.0-to-1.5.0.sql
deleted file mode 100644
index bc06849..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.4.0-to-1.5.0.sql
+++ /dev/null
@@ -1,8 +0,0 @@
-RUN '001-SENTRY-327.derby.sql';
-RUN '002-SENTRY-339.derby.sql';
-RUN '003-SENTRY-380.derby.sql';
-RUN '004-SENTRY-74.derby.sql';
-RUN '005-SENTRY-398.derby.sql';
-
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.5.0-to-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.5.0-to-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.5.0-to-1.6.0.sql
deleted file mode 100644
index 5560d9f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.5.0-to-1.6.0.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.6.0-to-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.6.0-to-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.6.0-to-1.7.0.sql
deleted file mode 100644
index e2494a2..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.6.0-to-1.7.0.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.7.0-to-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.7.0-to-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.7.0-to-1.8.0.sql
deleted file mode 100644
index fbe2dc8..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.7.0-to-1.8.0.sql
+++ /dev/null
@@ -1,4 +0,0 @@
-RUN '006-SENTRY-711.derby.sql';
-
--- Version update
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.4.0-to-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.4.0-to-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.4.0-to-1.5.0.sql
deleted file mode 100644
index a7bc9d0..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.4.0-to-1.5.0.sql
+++ /dev/null
@@ -1,10 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0' AS ' ';
-SOURCE 001-SENTRY-327.mysql.sql;
-SOURCE 002-SENTRY-339.mysql.sql;
-SOURCE 003-SENTRY-380.mysql.sql;
-SOURCE 004-SENTRY-74.mysql.sql;
-SOURCE 005-SENTRY-398.mysql.sql;
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1;
-SELECT 'Finish upgrading Sentry store schema from 1.4.0 to 1.5.0' AS ' ';
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.5.0-to-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.5.0-to-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.5.0-to-1.6.0.sql
deleted file mode 100644
index 352332c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.5.0-to-1.6.0.sql
+++ /dev/null
@@ -1,5 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0' AS ' ';
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1;
-
-SELECT 'Finish upgrading Sentry store schema from 1.5.0 to 1.6.0' AS ' ';
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.6.0-to-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.6.0-to-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.6.0-to-1.7.0.sql
deleted file mode 100644
index 3413ede..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.6.0-to-1.7.0.sql
+++ /dev/null
@@ -1,5 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.6.0 to 1.7.0' AS ' ';
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1;
-
-SELECT 'Finish upgrading Sentry store schema from 1.6.0 to 1.7.0' AS ' ';
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.7.0-to-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.7.0-to-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.7.0-to-1.8.0.sql
deleted file mode 100644
index f0df187..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.7.0-to-1.8.0.sql
+++ /dev/null
@@ -1,6 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.7.0 to 1.8.0' AS ' ';
-SOURCE 006-SENTRY-711.mysql.sql;
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1;
-
-SELECT 'Finish upgrading Sentry store schema from 1.7.0 to 1.8.0' AS ' ';
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.4.0-to-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.4.0-to-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.4.0-to-1.5.0.sql
deleted file mode 100644
index 9526366..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.4.0-to-1.5.0.sql
+++ /dev/null
@@ -1,9 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0' AS Status from dual;
-@001-SENTRY-327.oracle.sql;
-@002-SENTRY-339.oracle.sql;
-@003-SENTRY-380.oracle.sql;
-@004-SENTRY-74.oracle.sql;
-@005-SENTRY-398.oracle.sql;
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1;
-SELECT 'Finished upgrading Sentry store schema from 1.4.0 to 1.5.0' AS Status from dual;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.5.0-to-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.5.0-to-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.5.0-to-1.6.0.sql
deleted file mode 100644
index 3437075..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.5.0-to-1.6.0.sql
+++ /dev/null
@@ -1,5 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0' AS Status from dual;
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1;
-
-SELECT 'Finished upgrading Sentry store schema from 1.5.0 to 1.6.0' AS Status from dual;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.6.0-to-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.6.0-to-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.6.0-to-1.7.0.sql
deleted file mode 100644
index fa82c87..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.6.0-to-1.7.0.sql
+++ /dev/null
@@ -1,5 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.6.0 to 1.7.0' AS Status from dual;
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1;
-
-SELECT 'Finished upgrading Sentry store schema from 1.6.0 to 1.7.0' AS Status from dual;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.7.0-to-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.7.0-to-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.7.0-to-1.8.0.sql
deleted file mode 100644
index f1666be..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.7.0-to-1.8.0.sql
+++ /dev/null
@@ -1,6 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.7.0 to 1.8.0' AS Status from dual;
-@006-SENTRY-711.oracle.sql;
-
-UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1;
-
-SELECT 'Finished upgrading Sentry store schema from 1.7.0 to 1.8.0' AS Status from dual;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.4.0-to-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.4.0-to-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.4.0-to-1.5.0.sql
deleted file mode 100644
index 2f03d5e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.4.0-to-1.5.0.sql
+++ /dev/null
@@ -1,9 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0';
-\i 001-SENTRY-327.postgres.sql;
-\i 002-SENTRY-339.postgres.sql;
-\i 003-SENTRY-380.postgres.sql;
-\i 004-SENTRY-74.postgres.sql;
-\i 005-SENTRY-398.postgres.sql;
-
-UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.5.0', "VERSION_COMMENT"='Sentry release version 1.5.0' WHERE "VER_ID"=1;
-SELECT 'Finished upgrading Sentry store schema from 1.4.0 to 1.5.0';
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.5.0-to-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.5.0-to-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.5.0-to-1.6.0.sql
deleted file mode 100644
index 5982596..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.5.0-to-1.6.0.sql
+++ /dev/null
@@ -1,5 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0';
-
-UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.6.0', "VERSION_COMMENT"='Sentry release version 1.6.0' WHERE "VER_ID"=1;
-
-SELECT 'Finished upgrading Sentry store schema from 1.5.0 to 1.6.0';
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.6.0-to-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.6.0-to-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.6.0-to-1.7.0.sql
deleted file mode 100644
index ff10e10..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.6.0-to-1.7.0.sql
+++ /dev/null
@@ -1,5 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.6.0 to 1.7.0';
-
-UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.7.0', "VERSION_COMMENT"='Sentry release version 1.7.0' WHERE "VER_ID"=1;
-
-SELECT 'Finished upgrading Sentry store schema from 1.6.0 to 1.7.0';
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.7.0-to-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.7.0-to-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.7.0-to-1.8.0.sql
deleted file mode 100644
index b39292d..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.7.0-to-1.8.0.sql
+++ /dev/null
@@ -1,6 +0,0 @@
-SELECT 'Upgrading Sentry store schema from 1.7.0 to 1.8.0';
-\i 006-SENTRY-711.postgres.sql;
-
-UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.8.0', "VERSION_COMMENT"='Sentry release version 1.8.0' WHERE "VER_ID"=1;
-
-SELECT 'Finished upgrading Sentry store schema from 1.7.0 to 1.8.0';
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry_common_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_common_service.thrift b/sentry-provider/sentry-provider-db/src/main/resources/sentry_common_service.thrift
deleted file mode 100644
index 65c6934..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_common_service.thrift
+++ /dev/null
@@ -1,46 +0,0 @@
-#!/usr/local/bin/thrift -java
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-include "share/fb303/if/fb303.thrift"
-
-namespace java org.apache.sentry.service.thrift
-namespace php sentry.service.thrift
-namespace cpp Apache.Sentry.Service.Thrift
-
-const i32 TSENTRY_SERVICE_V1 = 1;
-// Made a backward incompatible change when adding column level privileges.
-// We also added generalized model in this version
-const i32 TSENTRY_SERVICE_V2 = 2;
-
-const i32 TSENTRY_STATUS_OK = 0;
-const i32 TSENTRY_STATUS_ALREADY_EXISTS = 1;
-const i32 TSENTRY_STATUS_NO_SUCH_OBJECT = 2;
-const i32 TSENTRY_STATUS_RUNTIME_ERROR = 3;
-const i32 TSENTRY_STATUS_INVALID_INPUT = 4;
-const i32 TSENTRY_STATUS_ACCESS_DENIED = 5;
-const i32 TSENTRY_STATUS_THRIFT_VERSION_MISMATCH = 6;
-
-struct TSentryResponseStatus {
-1: required i32 value,
-// message will be set to empty string when status is OK
-2: required string message
-3: optional string stack
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift b/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift
deleted file mode 100644
index db107bf..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift
+++ /dev/null
@@ -1,279 +0,0 @@
-#!/usr/local/bin/thrift -java
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#
-# Thrift Service that the MetaStore is built on
-#
-
-include "share/fb303/if/fb303.thrift"
-include "sentry_common_service.thrift"
-include "sentry_policy_service.thrift"
-
-namespace java org.apache.sentry.provider.db.generic.service.thrift
-namespace php sentry.provider.db.service.db.generic.serivce.thrift
-namespace cpp Apache.Sentry.Provider.Db.Generic.Service.Thrift
-
-typedef sentry_common_service.TSentryResponseStatus TSentryResponseStatus
-
-# Represents a new generic model privilege for solr or other component in transport
-# from the client to the server
-enum TSentryGrantOption {
- TRUE = 1,
- FALSE = 0,
- UNSET = -1
-}
-
-# Represents a authorizable resource in the privilege
-# like DATABASE=db1 in the hive, COLLECTION=collection1 in the solr
-struct TAuthorizable {
-1: required string type,
-2: required string name
-}
-
-struct TSentryPrivilege {
-1: required string component,
-2: required string serviceName,
-3: required list<TAuthorizable> authorizables,
-4: required string action,
-5: optional i64 createTime, # Set on server side
-6: optional string grantorPrincipal, # Set on server side
-7: optional TSentryGrantOption grantOption = sentry_policy_service.TSentryGrantOption.FALSE
-}
-
-# CREATE ROLE r1
-struct TCreateSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component # The request is issued to which component
-}
-
-struct TCreateSentryRoleResponse {
-1: required TSentryResponseStatus status
-}
-
-# DROP ROLE r1
-struct TDropSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component # The request is issued to which component
-}
-
-struct TDropSentryRoleResponse {
-1: required TSentryResponseStatus status
-}
-
-# GRANT ROLE r1 TO GROUP g1
-struct TAlterSentryRoleAddGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required set<string> groups
-}
-struct TAlterSentryRoleAddGroupsResponse {
-1: required TSentryResponseStatus status
-}
-
-# REVOLE ROLE r1 FROM GROUP g1
-struct TAlterSentryRoleDeleteGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required set<string> groups
-}
-struct TAlterSentryRoleDeleteGroupsResponse {
-1: required TSentryResponseStatus status
-}
-
-# GRANT ... ON ... TO ROLE ...
-struct TAlterSentryRoleGrantPrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required TSentryPrivilege privilege
-}
-struct TAlterSentryRoleGrantPrivilegeResponse {
-1: required TSentryResponseStatus status
-}
-
-# REVOKE ... ON ... FROM ROLE ...
-struct TAlterSentryRoleRevokePrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required TSentryPrivilege privilege
-}
-struct TAlterSentryRoleRevokePrivilegeResponse {
-1: required TSentryResponseStatus status
-}
-
-# SHOW ROLE GRANT
-struct TListSentryRolesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: optional string groupName, # for this group, or all roles for all groups if null
-4: required string component # The request is issued to which component
-}
-# used only for TListSentryRolesResponse
-struct TSentryRole {
-1: required string roleName,
-2: required set<string> groups
-}
-
-struct TListSentryRolesResponse {
-1: required TSentryResponseStatus status
-2: optional set<TSentryRole> roles
-}
-# SHOW GRANT
-struct TListSentryPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName, # get privileges assigned for this role
-4: required string component, # The request is issued to which component
-5: required string serviceName, # The privilege belongs to which service
-6: optional list<TAuthorizable> authorizables # get privileges assigned for this authorizable hierarchys
-}
-
-struct TListSentryPrivilegesResponse {
-1: required TSentryResponseStatus status
-2: optional set<TSentryPrivilege> privileges
-}
-
-# Drop privilege
-struct TDropPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required TSentryPrivilege privilege
-4: required string component, # The request is issued to which component
-}
-
-struct TDropPrivilegesResponse {
-1: required TSentryResponseStatus status
-}
-
-# Rename privilege
-struct TRenamePrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string component, # The request is issued to which component
-4: required string serviceName, # The privilege belongs to which service
-5: required list<TAuthorizable> oldAuthorizables, # get old privileges assigned for this authorizable hierarchys
-6: required list<TAuthorizable> newAuthorizables # change to new authorizable hierarchys
-}
-
-struct TRenamePrivilegesResponse {
-1: required TSentryResponseStatus status
-}
-
-# This API was created specifically for ProviderBackend.getPrivileges
-# and is not mean for general purpose privilege retrieval.
-# This request/response pair are created specifically so we can
-# efficiently obtain the specific privilges for a user query
-struct TSentryActiveRoleSet {
-1: required bool all,
-2: required set<string> roles,
-}
-
-struct TListSentryPrivilegesForProviderRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string component, # The request is issued to which component
-3: required string serviceName, # The privilege belongs to which service
-4: required set<string> groups,
-5: required TSentryActiveRoleSet roleSet,
-6: optional list<TAuthorizable> authorizables # authorizable hierarchys
-}
-
-struct TListSentryPrivilegesForProviderResponse {
-1: required TSentryResponseStatus status
-2: required set<string> privileges
-}
-
-# Map of role:set<privileges> for the given authorizable
-# Optionally use the set of groups to filter the roles
-struct TSentryPrivilegeMap {
-1: required map<string, set<TSentryPrivilege>> privilegeMap
-}
-
-struct TListSentryPrivilegesByAuthRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-
-# User on whose behalf the request is issued
-2: required string requestorUserName,
-
-# The request is issued to which component
-3: required string component,
-
-# The privilege belongs to which service
-4: required string serviceName,
-
-# The authorizable hierarchys, it is represented as a string. e.g
-# resourceType1=resourceName1->resourceType2=resourceName2->resourceType3=resourceName3
-5: required set<string> authorizablesSet,
-
-# The requested groups. For admin, the requested groups can be empty, if so it is
-# treated as a wildcard query. Otherwise, it is a query on this specifc groups.
-# For non-admin user, the requested groups must be the groups they are part of.
-6: optional set<string> groups,
-
-# The active role set.
-7: optional TSentryActiveRoleSet roleSet
-}
-
-struct TListSentryPrivilegesByAuthResponse {
-1: required sentry_common_service.TSentryResponseStatus status,
-
-# Will not be set in case of an error. Otherwise it will be a
-# <Authorizables, <Role, Set<Privileges>>> mapping. For non-admin
-# requestor, the roles are intersection of active roles and granted roles.
-# For admin requestor, the roles are filtered based on the active roles
-# and requested group from TListSentryPrivilegesByAuthRequest.
-# The authorizable hierarchys is represented as a string in the form
-# of the request.
-2: optional map<string, TSentryPrivilegeMap> privilegesMapByAuth
-}
-
-service SentryGenericPolicyService
-{
- TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
- TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
-
- TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(1:TAlterSentryRoleGrantPrivilegeRequest request)
- TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(1:TAlterSentryRoleRevokePrivilegeRequest request)
-
- TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(1:TAlterSentryRoleAddGroupsRequest request)
- TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(1:TAlterSentryRoleDeleteGroupsRequest request)
-
- TListSentryRolesResponse list_sentry_roles_by_group(1:TListSentryRolesRequest request)
-
- TListSentryPrivilegesResponse list_sentry_privileges_by_role(1:TListSentryPrivilegesRequest request)
-
- TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(1:TListSentryPrivilegesForProviderRequest request)
-
- TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(1:TListSentryPrivilegesByAuthRequest request);
-
- TDropPrivilegesResponse drop_sentry_privilege(1:TDropPrivilegesRequest request);
-
- TRenamePrivilegesResponse rename_sentry_privilege(1:TRenamePrivilegesRequest request);
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
deleted file mode 100644
index 82cd947..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
+++ /dev/null
@@ -1,330 +0,0 @@
-#!/usr/local/bin/thrift -java
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#
-# Thrift Service that the MetaStore is built on
-#
-
-include "share/fb303/if/fb303.thrift"
-include "sentry_common_service.thrift"
-
-namespace java org.apache.sentry.provider.db.service.thrift
-namespace php sentry.provider.db.service.thrift
-namespace cpp Apache.Sentry.Provider.Db.Service.Thrift
-
-enum TSentryGrantOption {
- TRUE = 1,
- FALSE = 0,
- # UNSET is used for revoke privilege, the component like 'hive'
- # didn't support getting grant option, so use UNSET is stand
- # for revoke both privileges with grant option and without grant
- # option.
- UNSET = -1
-}
-
-# Represents a Privilege in transport from the client to the server
-struct TSentryPrivilege {
-1: required string privilegeScope, # Valid values are SERVER, DATABASE, TABLE, COLUMN, URI
-3: required string serverName,
-4: optional string dbName = "",
-5: optional string tableName = "",
-6: optional string URI = "",
-7: required string action = "",
-8: optional i64 createTime, # Set on server side
-9: optional TSentryGrantOption grantOption = TSentryGrantOption.FALSE
-10: optional string columnName = "",
-}
-
-# TODO can this be deleted? it's not adding value to TAlterSentryRoleAddGroupsRequest
-struct TSentryGroup {
-1: required string groupName
-}
-
-# CREATE ROLE r1
-struct TCreateSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName, # TSentryRole is not required for this request
-}
-struct TCreateSentryRoleResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# DROP ROLE r1
-struct TDropSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName # role to drop
-}
-struct TDropSentryRoleResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# GRANT ROLE r1 TO GROUP g1
-struct TAlterSentryRoleAddGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: required set<TSentryGroup> groups
-}
-
-struct TAlterSentryRoleAddGroupsResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# GRANT ROLE r1 TO USER u1
-struct TAlterSentryRoleAddUsersRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required set<string> users
-}
-
-struct TAlterSentryRoleAddUsersResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# REVOKE ROLE r1 FROM GROUP g1
-struct TAlterSentryRoleDeleteGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: required set<TSentryGroup> groups
-}
-struct TAlterSentryRoleDeleteGroupsResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# REVOKE ROLE r1 FROM USER u1
-struct TAlterSentryRoleDeleteUsersRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required set<string> users
-}
-struct TAlterSentryRoleDeleteUsersResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# GRANT ... ON ... TO ROLE ...
-struct TAlterSentryRoleGrantPrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: optional TSentryPrivilege privilege,
-6: optional set<TSentryPrivilege> privileges
-}
-struct TAlterSentryRoleGrantPrivilegeResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional TSentryPrivilege privilege
-3: optional set<TSentryPrivilege> privileges
-}
-
-# REVOKE ... ON ... FROM ROLE ...
-struct TAlterSentryRoleRevokePrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: optional TSentryPrivilege privilege,
-6: optional set<TSentryPrivilege> privileges
-}
-struct TAlterSentryRoleRevokePrivilegeResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# SHOW ROLE GRANT
-struct TListSentryRolesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: optional string groupName # for this group, or all roles for all groups if null
-}
-
-struct TListSentryRolesForUserRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string userName
-}
-
-# used only for TListSentryRolesResponse
-struct TSentryRole {
-1: required string roleName,
-2: required set<TSentryGroup> groups,
-3: required string grantorPrincipal #Deprecated
-}
-struct TListSentryRolesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional set<TSentryRole> roles
-}
-
-struct TSentryAuthorizable {
-1: required string server,
-2: optional string uri,
-3: optional string db,
-4: optional string table,
-5: optional string column,
-}
-
-# SHOW GRANT
-struct TListSentryPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-4: required string roleName, # get privileges assigned for this role
-5: optional TSentryAuthorizable authorizableHierarchy # get privileges assigned for this role
-}
-struct TListSentryPrivilegesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional set<TSentryPrivilege> privileges
-}
-
-# Drop privilege
-struct TDropPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required TSentryAuthorizable authorizable
-}
-
-struct TDropPrivilegesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-struct TRenamePrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required TSentryAuthorizable oldAuthorizable
-4: required TSentryAuthorizable newAuthorizable
-}
-
-struct TRenamePrivilegesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# This API was created specifically for ProviderBackend.getPrivileges
-# and is not mean for general purpose privilege retrieval.
-# This request/response pair are created specifically so we can
-# efficiently obtain the specific privilges for a user query
-struct TSentryActiveRoleSet {
-1: required bool all,
-2: required set<string> roles,
-}
-struct TListSentryPrivilegesForProviderRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required set<string> groups,
-3: required TSentryActiveRoleSet roleSet,
-4: optional TSentryAuthorizable authorizableHierarchy,
-5: optional set<string> users
-}
-struct TListSentryPrivilegesForProviderResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: required set<string> privileges
-}
-
-# List role:set<privileges> for the given authorizable
-# Optionally use the set of groups to filter the roles
-struct TSentryPrivilegeMap {
-1: required map<string, set<TSentryPrivilege>> privilegeMap
-}
-struct TListSentryPrivilegesByAuthRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required set<TSentryAuthorizable> authorizableSet,
-4: optional set<string> groups,
-5: optional TSentryActiveRoleSet roleSet
-}
-struct TListSentryPrivilegesByAuthResponse {
-1: required sentry_common_service.TSentryResponseStatus status,
-2: optional map<TSentryAuthorizable, TSentryPrivilegeMap> privilegesMapByAuth # will not be set in case of an error
-}
-
-# Obtain a config value from the Sentry service
-struct TSentryConfigValueRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string propertyName, # Config attribute to obtain
-3: optional string defaultValue # Value if propertyName not found
-}
-struct TSentryConfigValueResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional string value
-}
-
-# struct for the mapping data like group to role, role to privilege
-struct TSentryMappingData {
-1: optional map<string, set<string>> groupRolesMap, # for the groupName -> role mapping
-2: optional map<string, set<TSentryPrivilege>> rolePrivilegesMap, # for the roleName -> privilege mapping
-3: optional map<string, set<string>> userRolesMap # for the userName -> role mapping
-}
-
-struct TSentryExportMappingDataRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: optional string objectPath # for specific auth object
-}
-
-struct TSentryExportMappingDataResponse {
-1: required sentry_common_service.TSentryResponseStatus status,
-2: required TSentryMappingData mappingData
-}
-
-struct TSentryImportMappingDataRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required bool overwriteRole = false, # if overwrite the exist role with the imported privileges, default is false
-4: required TSentryMappingData mappingData
-}
-
-struct TSentryImportMappingDataResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-service SentryPolicyService
-{
- TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
- TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
-
- TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(1:TAlterSentryRoleGrantPrivilegeRequest request)
- TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(1:TAlterSentryRoleRevokePrivilegeRequest request)
-
- TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(1:TAlterSentryRoleAddGroupsRequest request)
- TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(1:TAlterSentryRoleDeleteGroupsRequest request)
-
- TAlterSentryRoleAddUsersResponse alter_sentry_role_add_users(1:TAlterSentryRoleAddUsersRequest request)
- TAlterSentryRoleDeleteUsersResponse alter_sentry_role_delete_users(1:TAlterSentryRoleDeleteUsersRequest request)
-
- TListSentryRolesResponse list_sentry_roles_by_group(1:TListSentryRolesRequest request)
- TListSentryRolesResponse list_sentry_roles_by_user(1:TListSentryRolesForUserRequest request)
-
- TListSentryPrivilegesResponse list_sentry_privileges_by_role(1:TListSentryPrivilegesRequest request)
-
- # For use with ProviderBackend.getPrivileges only
- TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(1:TListSentryPrivilegesForProviderRequest request)
-
- TDropPrivilegesResponse drop_sentry_privilege(1:TDropPrivilegesRequest request);
-
- TRenamePrivilegesResponse rename_sentry_privilege(1:TRenamePrivilegesRequest request);
-
- TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(1:TListSentryPrivilegesByAuthRequest request);
-
- TSentryConfigValueResponse get_sentry_config_value(1:TSentryConfigValueRequest request);
-
- # export the mapping data in sentry
- TSentryExportMappingDataResponse export_sentry_mapping_data(1:TSentryExportMappingDataRequest request);
-
- # import the mapping data in sentry
- TSentryImportMappingDataResponse import_sentry_mapping_data(1:TSentryImportMappingDataRequest request);
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.db2
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.db2 b/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.db2
deleted file mode 100644
index 8da8c9c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.db2
+++ /dev/null
@@ -1,4 +0,0 @@
-1.4.0-to-1.5.0
-1.5.0-to-1.6.0
-1.6.0-to-1.7.0
-1.7.0-to-1.8.0
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.derby
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.derby b/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.derby
deleted file mode 100644
index 8da8c9c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.derby
+++ /dev/null
@@ -1,4 +0,0 @@
-1.4.0-to-1.5.0
-1.5.0-to-1.6.0
-1.6.0-to-1.7.0
-1.7.0-to-1.8.0
[12/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap.min.css
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap.min.css b/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap.min.css
deleted file mode 100644
index a553c4f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/webapp/css/bootstrap.min.css
+++ /dev/null
@@ -1,9 +0,0 @@
-/*!
- * Bootstrap v3.0.0
- *
- * Copyright 2013 Twitter, Inc
- * Licensed under the Apache License v2.0
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Designed and built with all the love in the world by @mdo and @fat.
- *//*! normalize.css v2.1.0 | MIT License | git.io/normalize */article,aside,details,figcaption,figure,footer,header,hgroup,main,nav,section,summary{display:block}audio,canvas,video{display:inline-block}audio:not([controls]){display:none;height:0}[hidden]{display:none}html{font-family:sans-serif;-webkit-text-size-adjust:100%;-ms-text-size-adjust:100%}body{margin:0}a:focus{outline:thin dotted}a:active,a:hover{outline:0}h1{margin:.67em 0;font-size:2em}abbr[title]{border-bottom:1px dotted}b,strong{font-weight:bold}dfn{font-style:italic}hr{height:0;-moz-box-sizing:content-box;box-sizing:content-box}mark{color:#000;background:#ff0}code,kbd,pre,samp{font-family:monospace,serif;font-size:1em}pre{white-space:pre-wrap}q{quotes:"\201C" "\201D" "\2018" "\2019"}small{font-size:80%}sub,sup{position:relative;font-size:75%;line-height:0;vertical-align:baseline}sup{top:-0.5em}sub{bottom:-0.25em}img{border:0}svg:not(:root){overflow:hidden}figure{margin:0}fieldset{padding:.35em .625em .75em;margin:0
2px;border:1px solid #c0c0c0}legend{padding:0;border:0}button,input,select,textarea{margin:0;font-family:inherit;font-size:100%}button,input{line-height:normal}button,select{text-transform:none}button,html input[type="button"],input[type="reset"],input[type="submit"]{cursor:pointer;-webkit-appearance:button}button[disabled],html input[disabled]{cursor:default}input[type="checkbox"],input[type="radio"]{padding:0;box-sizing:border-box}input[type="search"]{-webkit-box-sizing:content-box;-moz-box-sizing:content-box;box-sizing:content-box;-webkit-appearance:textfield}input[type="search"]::-webkit-search-cancel-button,input[type="search"]::-webkit-search-decoration{-webkit-appearance:none}button::-moz-focus-inner,input::-moz-focus-inner{padding:0;border:0}textarea{overflow:auto;vertical-align:top}table{border-collapse:collapse;border-spacing:0}@media print{*{color:#000!important;text-shadow:none!important;background:transparent!important;box-shadow:none!important}a,a:visited{text-decorati
on:underline}a[href]:after{content:" (" attr(href) ")"}abbr[title]:after{content:" (" attr(title) ")"}.ir a:after,a[href^="javascript:"]:after,a[href^="#"]:after{content:""}pre,blockquote{border:1px solid #999;page-break-inside:avoid}thead{display:table-header-group}tr,img{page-break-inside:avoid}img{max-width:100%!important}@page{margin:2cm .5cm}p,h2,h3{orphans:3;widows:3}h2,h3{page-break-after:avoid}.navbar{display:none}.table td,.table th{background-color:#fff!important}.btn>.caret,.dropup>.btn>.caret{border-top-color:#000!important}.label{border:1px solid #000}.table{border-collapse:collapse!important}.table-bordered th,.table-bordered td{border:1px solid #ddd!important}}*,*:before,*:after{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}html{font-size:62.5%;-webkit-tap-highlight-color:rgba(0,0,0,0)}body{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:14px;line-height:1.428571429;color:#333;background-color:#fff}input,button,select
,textarea{font-family:inherit;font-size:inherit;line-height:inherit}button,input,select[multiple],textarea{background-image:none}a{color:#428bca;text-decoration:none}a:hover,a:focus{color:#2a6496;text-decoration:underline}a:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}img{vertical-align:middle}.img-responsive{display:block;height:auto;max-width:100%}.img-rounded{border-radius:6px}.img-thumbnail{display:inline-block;height:auto;max-width:100%;padding:4px;line-height:1.428571429;background-color:#fff;border:1px solid #ddd;border-radius:4px;-webkit-transition:all .2s ease-in-out;transition:all .2s ease-in-out}.img-circle{border-radius:50%}hr{margin-top:20px;margin-bottom:20px;border:0;border-top:1px solid #eee}.sr-only{position:absolute;width:1px;height:1px;padding:0;margin:-1px;overflow:hidden;clip:rect(0 0 0 0);border:0}p{margin:0 0 10px}.lead{margin-bottom:20px;font-size:16.099999999999998px;font-weight:200;line-height:1.4}@media(min-w
idth:768px){.lead{font-size:21px}}small{font-size:85%}cite{font-style:normal}.text-muted{color:#999}.text-primary{color:#428bca}.text-warning{color:#c09853}.text-danger{color:#b94a48}.text-success{color:#468847}.text-info{color:#3a87ad}.text-left{text-align:left}.text-right{text-align:right}.text-center{text-align:center}h1,h2,h3,h4,h5,h6,.h1,.h2,.h3,.h4,.h5,.h6{font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-weight:500;line-height:1.1}h1 small,h2 small,h3 small,h4 small,h5 small,h6 small,.h1 small,.h2 small,.h3 small,.h4 small,.h5 small,.h6 small{font-weight:normal;line-height:1;color:#999}h1,h2,h3{margin-top:20px;margin-bottom:10px}h4,h5,h6{margin-top:10px;margin-bottom:10px}h1,.h1{font-size:36px}h2,.h2{font-size:30px}h3,.h3{font-size:24px}h4,.h4{font-size:18px}h5,.h5{font-size:14px}h6,.h6{font-size:12px}h1 small,.h1 small{font-size:24px}h2 small,.h2 small{font-size:18px}h3 small,.h3 small,h4 small,.h4 small{font-size:14px}.page-header{padding-bottom:9px;margin:40px 0
20px;border-bottom:1px solid #eee}ul,ol{margin-top:0;margin-bottom:10px}ul ul,ol ul,ul ol,ol ol{margin-bottom:0}.list-unstyled{padding-left:0;list-style:none}.list-inline{padding-left:0;list-style:none}.list-inline>li{display:inline-block;padding-right:5px;padding-left:5px}dl{margin-bottom:20px}dt,dd{line-height:1.428571429}dt{font-weight:bold}dd{margin-left:0}@media(min-width:768px){.dl-horizontal dt{float:left;width:160px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap}.dl-horizontal dd{margin-left:180px}.dl-horizontal dd:before,.dl-horizontal dd:after{display:table;content:" "}.dl-horizontal dd:after{clear:both}.dl-horizontal dd:before,.dl-horizontal dd:after{display:table;content:" "}.dl-horizontal dd:after{clear:both}}abbr[title],abbr[data-original-title]{cursor:help;border-bottom:1px dotted #999}abbr.initialism{font-size:90%;text-transform:uppercase}blockquote{padding:10px 20px;margin:0 0 20px;border-left:5px solid #eee}blockquote p{font-
size:17.5px;font-weight:300;line-height:1.25}blockquote p:last-child{margin-bottom:0}blockquote small{display:block;line-height:1.428571429;color:#999}blockquote small:before{content:'\2014 \00A0'}blockquote.pull-right{padding-right:15px;padding-left:0;border-right:5px solid #eee;border-left:0}blockquote.pull-right p,blockquote.pull-right small{text-align:right}blockquote.pull-right small:before{content:''}blockquote.pull-right small:after{content:'\00A0 \2014'}q:before,q:after,blockquote:before,blockquote:after{content:""}address{display:block;margin-bottom:20px;font-style:normal;line-height:1.428571429}code,pre{font-family:Monaco,Menlo,Consolas,"Courier New",monospace}code{padding:2px 4px;font-size:90%;color:#c7254e;white-space:nowrap;background-color:#f9f2f4;border-radius:4px}pre{display:block;padding:9.5px;margin:0 0 10px;font-size:13px;line-height:1.428571429;color:#333;word-break:break-all;word-wrap:break-word;background-color:#f5f5f5;border:1px solid #ccc;border-radius:4px}pr
e.prettyprint{margin-bottom:20px}pre code{padding:0;font-size:inherit;color:inherit;white-space:pre-wrap;background-color:transparent;border:0}.pre-scrollable{max-height:340px;overflow-y:scroll}.container{padding-right:15px;padding-left:15px;margin-right:auto;margin-left:auto}.container:before,.container:after{display:table;content:" "}.container:after{clear:both}.container:before,.container:after{display:table;content:" "}.container:after{clear:both}.row{margin-right:-15px;margin-left:-15px}.row:before,.row:after{display:table;content:" "}.row:after{clear:both}.row:before,.row:after{display:table;content:" "}.row:after{clear:both}.col-xs-1,.col-xs-2,.col-xs-3,.col-xs-4,.col-xs-5,.col-xs-6,.col-xs-7,.col-xs-8,.col-xs-9,.col-xs-10,.col-xs-11,.col-xs-12,.col-sm-1,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-sm-10,.col-sm-11,.col-sm-12,.col-md-1,.col-md-2,.col-md-3,.col-md-4,.col-md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9,.col-md-10,.col-md-11,
.col-md-12,.col-lg-1,.col-lg-2,.col-lg-3,.col-lg-4,.col-lg-5,.col-lg-6,.col-lg-7,.col-lg-8,.col-lg-9,.col-lg-10,.col-lg-11,.col-lg-12{position:relative;min-height:1px;padding-right:15px;padding-left:15px}.col-xs-1,.col-xs-2,.col-xs-3,.col-xs-4,.col-xs-5,.col-xs-6,.col-xs-7,.col-xs-8,.col-xs-9,.col-xs-10,.col-xs-11{float:left}.col-xs-1{width:8.333333333333332%}.col-xs-2{width:16.666666666666664%}.col-xs-3{width:25%}.col-xs-4{width:33.33333333333333%}.col-xs-5{width:41.66666666666667%}.col-xs-6{width:50%}.col-xs-7{width:58.333333333333336%}.col-xs-8{width:66.66666666666666%}.col-xs-9{width:75%}.col-xs-10{width:83.33333333333334%}.col-xs-11{width:91.66666666666666%}.col-xs-12{width:100%}@media(min-width:768px){.container{max-width:750px}.col-sm-1,.col-sm-2,.col-sm-3,.col-sm-4,.col-sm-5,.col-sm-6,.col-sm-7,.col-sm-8,.col-sm-9,.col-sm-10,.col-sm-11{float:left}.col-sm-1{width:8.333333333333332%}.col-sm-2{width:16.666666666666664%}.col-sm-3{width:25%}.col-sm-4{width:33.33333333333333%}.col
-sm-5{width:41.66666666666667%}.col-sm-6{width:50%}.col-sm-7{width:58.333333333333336%}.col-sm-8{width:66.66666666666666%}.col-sm-9{width:75%}.col-sm-10{width:83.33333333333334%}.col-sm-11{width:91.66666666666666%}.col-sm-12{width:100%}.col-sm-push-1{left:8.333333333333332%}.col-sm-push-2{left:16.666666666666664%}.col-sm-push-3{left:25%}.col-sm-push-4{left:33.33333333333333%}.col-sm-push-5{left:41.66666666666667%}.col-sm-push-6{left:50%}.col-sm-push-7{left:58.333333333333336%}.col-sm-push-8{left:66.66666666666666%}.col-sm-push-9{left:75%}.col-sm-push-10{left:83.33333333333334%}.col-sm-push-11{left:91.66666666666666%}.col-sm-pull-1{right:8.333333333333332%}.col-sm-pull-2{right:16.666666666666664%}.col-sm-pull-3{right:25%}.col-sm-pull-4{right:33.33333333333333%}.col-sm-pull-5{right:41.66666666666667%}.col-sm-pull-6{right:50%}.col-sm-pull-7{right:58.333333333333336%}.col-sm-pull-8{right:66.66666666666666%}.col-sm-pull-9{right:75%}.col-sm-pull-10{right:83.33333333333334%}.col-sm-pull-11
{right:91.66666666666666%}.col-sm-offset-1{margin-left:8.333333333333332%}.col-sm-offset-2{margin-left:16.666666666666664%}.col-sm-offset-3{margin-left:25%}.col-sm-offset-4{margin-left:33.33333333333333%}.col-sm-offset-5{margin-left:41.66666666666667%}.col-sm-offset-6{margin-left:50%}.col-sm-offset-7{margin-left:58.333333333333336%}.col-sm-offset-8{margin-left:66.66666666666666%}.col-sm-offset-9{margin-left:75%}.col-sm-offset-10{margin-left:83.33333333333334%}.col-sm-offset-11{margin-left:91.66666666666666%}}@media(min-width:992px){.container{max-width:970px}.col-md-1,.col-md-2,.col-md-3,.col-md-4,.col-md-5,.col-md-6,.col-md-7,.col-md-8,.col-md-9,.col-md-10,.col-md-11{float:left}.col-md-1{width:8.333333333333332%}.col-md-2{width:16.666666666666664%}.col-md-3{width:25%}.col-md-4{width:33.33333333333333%}.col-md-5{width:41.66666666666667%}.col-md-6{width:50%}.col-md-7{width:58.333333333333336%}.col-md-8{width:66.66666666666666%}.col-md-9{width:75%}.col-md-10{width:83.33333333333334%}.
col-md-11{width:91.66666666666666%}.col-md-12{width:100%}.col-md-push-0{left:auto}.col-md-push-1{left:8.333333333333332%}.col-md-push-2{left:16.666666666666664%}.col-md-push-3{left:25%}.col-md-push-4{left:33.33333333333333%}.col-md-push-5{left:41.66666666666667%}.col-md-push-6{left:50%}.col-md-push-7{left:58.333333333333336%}.col-md-push-8{left:66.66666666666666%}.col-md-push-9{left:75%}.col-md-push-10{left:83.33333333333334%}.col-md-push-11{left:91.66666666666666%}.col-md-pull-0{right:auto}.col-md-pull-1{right:8.333333333333332%}.col-md-pull-2{right:16.666666666666664%}.col-md-pull-3{right:25%}.col-md-pull-4{right:33.33333333333333%}.col-md-pull-5{right:41.66666666666667%}.col-md-pull-6{right:50%}.col-md-pull-7{right:58.333333333333336%}.col-md-pull-8{right:66.66666666666666%}.col-md-pull-9{right:75%}.col-md-pull-10{right:83.33333333333334%}.col-md-pull-11{right:91.66666666666666%}.col-md-offset-0{margin-left:0}.col-md-offset-1{margin-left:8.333333333333332%}.col-md-offset-2{margin
-left:16.666666666666664%}.col-md-offset-3{margin-left:25%}.col-md-offset-4{margin-left:33.33333333333333%}.col-md-offset-5{margin-left:41.66666666666667%}.col-md-offset-6{margin-left:50%}.col-md-offset-7{margin-left:58.333333333333336%}.col-md-offset-8{margin-left:66.66666666666666%}.col-md-offset-9{margin-left:75%}.col-md-offset-10{margin-left:83.33333333333334%}.col-md-offset-11{margin-left:91.66666666666666%}}@media(min-width:1200px){.container{max-width:1170px}.col-lg-1,.col-lg-2,.col-lg-3,.col-lg-4,.col-lg-5,.col-lg-6,.col-lg-7,.col-lg-8,.col-lg-9,.col-lg-10,.col-lg-11{float:left}.col-lg-1{width:8.333333333333332%}.col-lg-2{width:16.666666666666664%}.col-lg-3{width:25%}.col-lg-4{width:33.33333333333333%}.col-lg-5{width:41.66666666666667%}.col-lg-6{width:50%}.col-lg-7{width:58.333333333333336%}.col-lg-8{width:66.66666666666666%}.col-lg-9{width:75%}.col-lg-10{width:83.33333333333334%}.col-lg-11{width:91.66666666666666%}.col-lg-12{width:100%}.col-lg-push-0{left:auto}.col-lg-push-
1{left:8.333333333333332%}.col-lg-push-2{left:16.666666666666664%}.col-lg-push-3{left:25%}.col-lg-push-4{left:33.33333333333333%}.col-lg-push-5{left:41.66666666666667%}.col-lg-push-6{left:50%}.col-lg-push-7{left:58.333333333333336%}.col-lg-push-8{left:66.66666666666666%}.col-lg-push-9{left:75%}.col-lg-push-10{left:83.33333333333334%}.col-lg-push-11{left:91.66666666666666%}.col-lg-pull-0{right:auto}.col-lg-pull-1{right:8.333333333333332%}.col-lg-pull-2{right:16.666666666666664%}.col-lg-pull-3{right:25%}.col-lg-pull-4{right:33.33333333333333%}.col-lg-pull-5{right:41.66666666666667%}.col-lg-pull-6{right:50%}.col-lg-pull-7{right:58.333333333333336%}.col-lg-pull-8{right:66.66666666666666%}.col-lg-pull-9{right:75%}.col-lg-pull-10{right:83.33333333333334%}.col-lg-pull-11{right:91.66666666666666%}.col-lg-offset-0{margin-left:0}.col-lg-offset-1{margin-left:8.333333333333332%}.col-lg-offset-2{margin-left:16.666666666666664%}.col-lg-offset-3{margin-left:25%}.col-lg-offset-4{margin-left:33.3333
3333333333%}.col-lg-offset-5{margin-left:41.66666666666667%}.col-lg-offset-6{margin-left:50%}.col-lg-offset-7{margin-left:58.333333333333336%}.col-lg-offset-8{margin-left:66.66666666666666%}.col-lg-offset-9{margin-left:75%}.col-lg-offset-10{margin-left:83.33333333333334%}.col-lg-offset-11{margin-left:91.66666666666666%}}table{max-width:100%;background-color:transparent}th{text-align:left}.table{width:100%;margin-bottom:20px}.table thead>tr>th,.table tbody>tr>th,.table tfoot>tr>th,.table thead>tr>td,.table tbody>tr>td,.table tfoot>tr>td{padding:8px;line-height:1.428571429;vertical-align:top;border-top:1px solid #ddd}.table thead>tr>th{vertical-align:bottom;border-bottom:2px solid #ddd}.table caption+thead tr:first-child th,.table colgroup+thead tr:first-child th,.table thead:first-child tr:first-child th,.table caption+thead tr:first-child td,.table colgroup+thead tr:first-child td,.table thead:first-child tr:first-child td{border-top:0}.table tbody+tbody{border-top:2px solid #ddd}.t
able .table{background-color:#fff}.table-condensed thead>tr>th,.table-condensed tbody>tr>th,.table-condensed tfoot>tr>th,.table-condensed thead>tr>td,.table-condensed tbody>tr>td,.table-condensed tfoot>tr>td{padding:5px}.table-bordered{border:1px solid #ddd}.table-bordered>thead>tr>th,.table-bordered>tbody>tr>th,.table-bordered>tfoot>tr>th,.table-bordered>thead>tr>td,.table-bordered>tbody>tr>td,.table-bordered>tfoot>tr>td{border:1px solid #ddd}.table-bordered>thead>tr>th,.table-bordered>thead>tr>td{border-bottom-width:2px}.table-striped>tbody>tr:nth-child(odd)>td,.table-striped>tbody>tr:nth-child(odd)>th{background-color:#f9f9f9}.table-hover>tbody>tr:hover>td,.table-hover>tbody>tr:hover>th{background-color:#f5f5f5}table col[class*="col-"]{display:table-column;float:none}table td[class*="col-"],table th[class*="col-"]{display:table-cell;float:none}.table>thead>tr>td.active,.table>tbody>tr>td.active,.table>tfoot>tr>td.active,.table>thead>tr>th.active,.table>tbody>tr>th.active,.table>t
foot>tr>th.active,.table>thead>tr.active>td,.table>tbody>tr.active>td,.table>tfoot>tr.active>td,.table>thead>tr.active>th,.table>tbody>tr.active>th,.table>tfoot>tr.active>th{background-color:#f5f5f5}.table>thead>tr>td.success,.table>tbody>tr>td.success,.table>tfoot>tr>td.success,.table>thead>tr>th.success,.table>tbody>tr>th.success,.table>tfoot>tr>th.success,.table>thead>tr.success>td,.table>tbody>tr.success>td,.table>tfoot>tr.success>td,.table>thead>tr.success>th,.table>tbody>tr.success>th,.table>tfoot>tr.success>th{background-color:#dff0d8;border-color:#d6e9c6}.table-hover>tbody>tr>td.success:hover,.table-hover>tbody>tr>th.success:hover,.table-hover>tbody>tr.success:hover>td{background-color:#d0e9c6;border-color:#c9e2b3}.table>thead>tr>td.danger,.table>tbody>tr>td.danger,.table>tfoot>tr>td.danger,.table>thead>tr>th.danger,.table>tbody>tr>th.danger,.table>tfoot>tr>th.danger,.table>thead>tr.danger>td,.table>tbody>tr.danger>td,.table>tfoot>tr.danger>td,.table>thead>tr.danger>th,.tabl
e>tbody>tr.danger>th,.table>tfoot>tr.danger>th{background-color:#f2dede;border-color:#eed3d7}.table-hover>tbody>tr>td.danger:hover,.table-hover>tbody>tr>th.danger:hover,.table-hover>tbody>tr.danger:hover>td{background-color:#ebcccc;border-color:#e6c1c7}.table>thead>tr>td.warning,.table>tbody>tr>td.warning,.table>tfoot>tr>td.warning,.table>thead>tr>th.warning,.table>tbody>tr>th.warning,.table>tfoot>tr>th.warning,.table>thead>tr.warning>td,.table>tbody>tr.warning>td,.table>tfoot>tr.warning>td,.table>thead>tr.warning>th,.table>tbody>tr.warning>th,.table>tfoot>tr.warning>th{background-color:#fcf8e3;border-color:#fbeed5}.table-hover>tbody>tr>td.warning:hover,.table-hover>tbody>tr>th.warning:hover,.table-hover>tbody>tr.warning:hover>td{background-color:#faf2cc;border-color:#f8e5be}@media(max-width:768px){.table-responsive{width:100%;margin-bottom:15px;overflow-x:scroll;overflow-y:hidden;border:1px solid #ddd}.table-responsive>.table{margin-bottom:0;background-color:#fff}.table-responsive>
.table>thead>tr>th,.table-responsive>.table>tbody>tr>th,.table-responsive>.table>tfoot>tr>th,.table-responsive>.table>thead>tr>td,.table-responsive>.table>tbody>tr>td,.table-responsive>.table>tfoot>tr>td{white-space:nowrap}.table-responsive>.table-bordered{border:0}.table-responsive>.table-bordered>thead>tr>th:first-child,.table-responsive>.table-bordered>tbody>tr>th:first-child,.table-responsive>.table-bordered>tfoot>tr>th:first-child,.table-responsive>.table-bordered>thead>tr>td:first-child,.table-responsive>.table-bordered>tbody>tr>td:first-child,.table-responsive>.table-bordered>tfoot>tr>td:first-child{border-left:0}.table-responsive>.table-bordered>thead>tr>th:last-child,.table-responsive>.table-bordered>tbody>tr>th:last-child,.table-responsive>.table-bordered>tfoot>tr>th:last-child,.table-responsive>.table-bordered>thead>tr>td:last-child,.table-responsive>.table-bordered>tbody>tr>td:last-child,.table-responsive>.table-bordered>tfoot>tr>td:last-child{border-right:0}.table-respo
nsive>.table-bordered>thead>tr:last-child>th,.table-responsive>.table-bordered>tbody>tr:last-child>th,.table-responsive>.table-bordered>tfoot>tr:last-child>th,.table-responsive>.table-bordered>thead>tr:last-child>td,.table-responsive>.table-bordered>tbody>tr:last-child>td,.table-responsive>.table-bordered>tfoot>tr:last-child>td{border-bottom:0}}fieldset{padding:0;margin:0;border:0}legend{display:block;width:100%;padding:0;margin-bottom:20px;font-size:21px;line-height:inherit;color:#333;border:0;border-bottom:1px solid #e5e5e5}label{display:inline-block;margin-bottom:5px;font-weight:bold}input[type="search"]{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}input[type="radio"],input[type="checkbox"]{margin:4px 0 0;margin-top:1px \9;line-height:normal}input[type="file"]{display:block}select[multiple],select[size]{height:auto}select optgroup{font-family:inherit;font-size:inherit;font-style:inherit}input[type="file"]:focus,input[type="radio"]:focus,input[typ
e="checkbox"]:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}input[type="number"]::-webkit-outer-spin-button,input[type="number"]::-webkit-inner-spin-button{height:auto}.form-control:-moz-placeholder{color:#999}.form-control::-moz-placeholder{color:#999}.form-control:-ms-input-placeholder{color:#999}.form-control::-webkit-input-placeholder{color:#999}.form-control{display:block;width:100%;height:34px;padding:6px 12px;font-size:14px;line-height:1.428571429;color:#555;vertical-align:middle;background-color:#fff;border:1px solid #ccc;border-radius:4px;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);-webkit-transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s;transition:border-color ease-in-out .15s,box-shadow ease-in-out .15s}.form-control:focus{border-color:#66afe9;outline:0;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 8px rgba(102,175,233,0.6);box-shadow:inset 0
1px 1px rgba(0,0,0,0.075),0 0 8px rgba(102,175,233,0.6)}.form-control[disabled],.form-control[readonly],fieldset[disabled] .form-control{cursor:not-allowed;background-color:#eee}textarea.form-control{height:auto}.form-group{margin-bottom:15px}.radio,.checkbox{display:block;min-height:20px;padding-left:20px;margin-top:10px;margin-bottom:10px;vertical-align:middle}.radio label,.checkbox label{display:inline;margin-bottom:0;font-weight:normal;cursor:pointer}.radio input[type="radio"],.radio-inline input[type="radio"],.checkbox input[type="checkbox"],.checkbox-inline input[type="checkbox"]{float:left;margin-left:-20px}.radio+.radio,.checkbox+.checkbox{margin-top:-5px}.radio-inline,.checkbox-inline{display:inline-block;padding-left:20px;margin-bottom:0;font-weight:normal;vertical-align:middle;cursor:pointer}.radio-inline+.radio-inline,.checkbox-inline+.checkbox-inline{margin-top:0;margin-left:10px}input[type="radio"][disabled],input[type="checkbox"][disabled],.radio[disabled],.radio-inl
ine[disabled],.checkbox[disabled],.checkbox-inline[disabled],fieldset[disabled] input[type="radio"],fieldset[disabled] input[type="checkbox"],fieldset[disabled] .radio,fieldset[disabled] .radio-inline,fieldset[disabled] .checkbox,fieldset[disabled] .checkbox-inline{cursor:not-allowed}.input-sm{height:30px;padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}select.input-sm{height:30px;line-height:30px}textarea.input-sm{height:auto}.input-lg{height:45px;padding:10px 16px;font-size:18px;line-height:1.33;border-radius:6px}select.input-lg{height:45px;line-height:45px}textarea.input-lg{height:auto}.has-warning .help-block,.has-warning .control-label{color:#c09853}.has-warning .form-control{border-color:#c09853;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075)}.has-warning .form-control:focus{border-color:#a47e3c;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 6px #dbc59e;box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0
6px #dbc59e}.has-warning .input-group-addon{color:#c09853;background-color:#fcf8e3;border-color:#c09853}.has-error .help-block,.has-error .control-label{color:#b94a48}.has-error .form-control{border-color:#b94a48;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075)}.has-error .form-control:focus{border-color:#953b39;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 6px #d59392;box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 6px #d59392}.has-error .input-group-addon{color:#b94a48;background-color:#f2dede;border-color:#b94a48}.has-success .help-block,.has-success .control-label{color:#468847}.has-success .form-control{border-color:#468847;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075);box-shadow:inset 0 1px 1px rgba(0,0,0,0.075)}.has-success .form-control:focus{border-color:#356635;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 6px #7aba7b;box-shadow:inset 0 1px 1px rgba(0,0,0,0.075),0 0 6px #7aba7b}.has-success .in
put-group-addon{color:#468847;background-color:#dff0d8;border-color:#468847}.form-control-static{padding-top:7px;margin-bottom:0}.help-block{display:block;margin-top:5px;margin-bottom:10px;color:#737373}@media(min-width:768px){.form-inline .form-group{display:inline-block;margin-bottom:0;vertical-align:middle}.form-inline .form-control{display:inline-block}.form-inline .radio,.form-inline .checkbox{display:inline-block;padding-left:0;margin-top:0;margin-bottom:0}.form-inline .radio input[type="radio"],.form-inline .checkbox input[type="checkbox"]{float:none;margin-left:0}}.form-horizontal .control-label,.form-horizontal .radio,.form-horizontal .checkbox,.form-horizontal .radio-inline,.form-horizontal .checkbox-inline{padding-top:7px;margin-top:0;margin-bottom:0}.form-horizontal .form-group{margin-right:-15px;margin-left:-15px}.form-horizontal .form-group:before,.form-horizontal .form-group:after{display:table;content:" "}.form-horizontal .form-group:after{clear:both}.form-horizontal
.form-group:before,.form-horizontal .form-group:after{display:table;content:" "}.form-horizontal .form-group:after{clear:both}@media(min-width:768px){.form-horizontal .control-label{text-align:right}}.btn{display:inline-block;padding:6px 12px;margin-bottom:0;font-size:14px;font-weight:normal;line-height:1.428571429;text-align:center;white-space:nowrap;vertical-align:middle;cursor:pointer;border:1px solid transparent;border-radius:4px;-webkit-user-select:none;-moz-user-select:none;-ms-user-select:none;-o-user-select:none;user-select:none}.btn:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px}.btn:hover,.btn:focus{color:#333;text-decoration:none}.btn:active,.btn.active{background-image:none;outline:0;-webkit-box-shadow:inset 0 3px 5px rgba(0,0,0,0.125);box-shadow:inset 0 3px 5px rgba(0,0,0,0.125)}.btn.disabled,.btn[disabled],fieldset[disabled] .btn{pointer-events:none;cursor:not-allowed;opacity:.65;filter:alpha(opacity=65);-webkit-box-shadow
:none;box-shadow:none}.btn-default{color:#333;background-color:#fff;border-color:#ccc}.btn-default:hover,.btn-default:focus,.btn-default:active,.btn-default.active,.open .dropdown-toggle.btn-default{color:#333;background-color:#ebebeb;border-color:#adadad}.btn-default:active,.btn-default.active,.open .dropdown-toggle.btn-default{background-image:none}.btn-default.disabled,.btn-default[disabled],fieldset[disabled] .btn-default,.btn-default.disabled:hover,.btn-default[disabled]:hover,fieldset[disabled] .btn-default:hover,.btn-default.disabled:focus,.btn-default[disabled]:focus,fieldset[disabled] .btn-default:focus,.btn-default.disabled:active,.btn-default[disabled]:active,fieldset[disabled] .btn-default:active,.btn-default.disabled.active,.btn-default[disabled].active,fieldset[disabled] .btn-default.active{background-color:#fff;border-color:#ccc}.btn-primary{color:#fff;background-color:#428bca;border-color:#357ebd}.btn-primary:hover,.btn-primary:focus,.btn-primary:active,.btn-primary.
active,.open .dropdown-toggle.btn-primary{color:#fff;background-color:#3276b1;border-color:#285e8e}.btn-primary:active,.btn-primary.active,.open .dropdown-toggle.btn-primary{background-image:none}.btn-primary.disabled,.btn-primary[disabled],fieldset[disabled] .btn-primary,.btn-primary.disabled:hover,.btn-primary[disabled]:hover,fieldset[disabled] .btn-primary:hover,.btn-primary.disabled:focus,.btn-primary[disabled]:focus,fieldset[disabled] .btn-primary:focus,.btn-primary.disabled:active,.btn-primary[disabled]:active,fieldset[disabled] .btn-primary:active,.btn-primary.disabled.active,.btn-primary[disabled].active,fieldset[disabled] .btn-primary.active{background-color:#428bca;border-color:#357ebd}.btn-warning{color:#fff;background-color:#f0ad4e;border-color:#eea236}.btn-warning:hover,.btn-warning:focus,.btn-warning:active,.btn-warning.active,.open .dropdown-toggle.btn-warning{color:#fff;background-color:#ed9c28;border-color:#d58512}.btn-warning:active,.btn-warning.active,.open .dropd
own-toggle.btn-warning{background-image:none}.btn-warning.disabled,.btn-warning[disabled],fieldset[disabled] .btn-warning,.btn-warning.disabled:hover,.btn-warning[disabled]:hover,fieldset[disabled] .btn-warning:hover,.btn-warning.disabled:focus,.btn-warning[disabled]:focus,fieldset[disabled] .btn-warning:focus,.btn-warning.disabled:active,.btn-warning[disabled]:active,fieldset[disabled] .btn-warning:active,.btn-warning.disabled.active,.btn-warning[disabled].active,fieldset[disabled] .btn-warning.active{background-color:#f0ad4e;border-color:#eea236}.btn-danger{color:#fff;background-color:#d9534f;border-color:#d43f3a}.btn-danger:hover,.btn-danger:focus,.btn-danger:active,.btn-danger.active,.open .dropdown-toggle.btn-danger{color:#fff;background-color:#d2322d;border-color:#ac2925}.btn-danger:active,.btn-danger.active,.open .dropdown-toggle.btn-danger{background-image:none}.btn-danger.disabled,.btn-danger[disabled],fieldset[disabled] .btn-danger,.btn-danger.disabled:hover,.btn-danger[di
sabled]:hover,fieldset[disabled] .btn-danger:hover,.btn-danger.disabled:focus,.btn-danger[disabled]:focus,fieldset[disabled] .btn-danger:focus,.btn-danger.disabled:active,.btn-danger[disabled]:active,fieldset[disabled] .btn-danger:active,.btn-danger.disabled.active,.btn-danger[disabled].active,fieldset[disabled] .btn-danger.active{background-color:#d9534f;border-color:#d43f3a}.btn-success{color:#fff;background-color:#5cb85c;border-color:#4cae4c}.btn-success:hover,.btn-success:focus,.btn-success:active,.btn-success.active,.open .dropdown-toggle.btn-success{color:#fff;background-color:#47a447;border-color:#398439}.btn-success:active,.btn-success.active,.open .dropdown-toggle.btn-success{background-image:none}.btn-success.disabled,.btn-success[disabled],fieldset[disabled] .btn-success,.btn-success.disabled:hover,.btn-success[disabled]:hover,fieldset[disabled] .btn-success:hover,.btn-success.disabled:focus,.btn-success[disabled]:focus,fieldset[disabled] .btn-success:focus,.btn-success.d
isabled:active,.btn-success[disabled]:active,fieldset[disabled] .btn-success:active,.btn-success.disabled.active,.btn-success[disabled].active,fieldset[disabled] .btn-success.active{background-color:#5cb85c;border-color:#4cae4c}.btn-info{color:#fff;background-color:#5bc0de;border-color:#46b8da}.btn-info:hover,.btn-info:focus,.btn-info:active,.btn-info.active,.open .dropdown-toggle.btn-info{color:#fff;background-color:#39b3d7;border-color:#269abc}.btn-info:active,.btn-info.active,.open .dropdown-toggle.btn-info{background-image:none}.btn-info.disabled,.btn-info[disabled],fieldset[disabled] .btn-info,.btn-info.disabled:hover,.btn-info[disabled]:hover,fieldset[disabled] .btn-info:hover,.btn-info.disabled:focus,.btn-info[disabled]:focus,fieldset[disabled] .btn-info:focus,.btn-info.disabled:active,.btn-info[disabled]:active,fieldset[disabled] .btn-info:active,.btn-info.disabled.active,.btn-info[disabled].active,fieldset[disabled] .btn-info.active{background-color:#5bc0de;border-color:#46
b8da}.btn-link{font-weight:normal;color:#428bca;cursor:pointer;border-radius:0}.btn-link,.btn-link:active,.btn-link[disabled],fieldset[disabled] .btn-link{background-color:transparent;-webkit-box-shadow:none;box-shadow:none}.btn-link,.btn-link:hover,.btn-link:focus,.btn-link:active{border-color:transparent}.btn-link:hover,.btn-link:focus{color:#2a6496;text-decoration:underline;background-color:transparent}.btn-link[disabled]:hover,fieldset[disabled] .btn-link:hover,.btn-link[disabled]:focus,fieldset[disabled] .btn-link:focus{color:#999;text-decoration:none}.btn-lg{padding:10px 16px;font-size:18px;line-height:1.33;border-radius:6px}.btn-sm,.btn-xs{padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}.btn-xs{padding:1px 5px}.btn-block{display:block;width:100%;padding-right:0;padding-left:0}.btn-block+.btn-block{margin-top:5px}input[type="submit"].btn-block,input[type="reset"].btn-block,input[type="button"].btn-block{width:100%}.fade{opacity:0;-webkit-transition:opacity .1
5s linear;transition:opacity .15s linear}.fade.in{opacity:1}.collapse{display:none}.collapse.in{display:block}.collapsing{position:relative;height:0;overflow:hidden;-webkit-transition:height .35s ease;transition:height .35s ease}@font-face{font-family:'Glyphicons Halflings';src:url('../fonts/glyphicons-halflings-regular.eot');src:url('../fonts/glyphicons-halflings-regular.eot?#iefix') format('embedded-opentype'),url('../fonts/glyphicons-halflings-regular.woff') format('woff'),url('../fonts/glyphicons-halflings-regular.ttf') format('truetype'),url('../fonts/glyphicons-halflings-regular.svg#glyphicons-halflingsregular') format('svg')}.glyphicon{position:relative;top:1px;display:inline-block;font-family:'Glyphicons Halflings';-webkit-font-smoothing:antialiased;font-style:normal;font-weight:normal;line-height:1}.glyphicon-asterisk:before{content:"\2a"}.glyphicon-plus:before{content:"\2b"}.glyphicon-euro:before{content:"\20ac"}.glyphicon-minus:before{content:"\2212"}.glyphicon-cloud:befo
re{content:"\2601"}.glyphicon-envelope:before{content:"\2709"}.glyphicon-pencil:before{content:"\270f"}.glyphicon-glass:before{content:"\e001"}.glyphicon-music:before{content:"\e002"}.glyphicon-search:before{content:"\e003"}.glyphicon-heart:before{content:"\e005"}.glyphicon-star:before{content:"\e006"}.glyphicon-star-empty:before{content:"\e007"}.glyphicon-user:before{content:"\e008"}.glyphicon-film:before{content:"\e009"}.glyphicon-th-large:before{content:"\e010"}.glyphicon-th:before{content:"\e011"}.glyphicon-th-list:before{content:"\e012"}.glyphicon-ok:before{content:"\e013"}.glyphicon-remove:before{content:"\e014"}.glyphicon-zoom-in:before{content:"\e015"}.glyphicon-zoom-out:before{content:"\e016"}.glyphicon-off:before{content:"\e017"}.glyphicon-signal:before{content:"\e018"}.glyphicon-cog:before{content:"\e019"}.glyphicon-trash:before{content:"\e020"}.glyphicon-home:before{content:"\e021"}.glyphicon-file:before{content:"\e022"}.glyphicon-time:before{content:"\e023"}.glyphicon-r
oad:before{content:"\e024"}.glyphicon-download-alt:before{content:"\e025"}.glyphicon-download:before{content:"\e026"}.glyphicon-upload:before{content:"\e027"}.glyphicon-inbox:before{content:"\e028"}.glyphicon-play-circle:before{content:"\e029"}.glyphicon-repeat:before{content:"\e030"}.glyphicon-refresh:before{content:"\e031"}.glyphicon-list-alt:before{content:"\e032"}.glyphicon-flag:before{content:"\e034"}.glyphicon-headphones:before{content:"\e035"}.glyphicon-volume-off:before{content:"\e036"}.glyphicon-volume-down:before{content:"\e037"}.glyphicon-volume-up:before{content:"\e038"}.glyphicon-qrcode:before{content:"\e039"}.glyphicon-barcode:before{content:"\e040"}.glyphicon-tag:before{content:"\e041"}.glyphicon-tags:before{content:"\e042"}.glyphicon-book:before{content:"\e043"}.glyphicon-print:before{content:"\e045"}.glyphicon-font:before{content:"\e047"}.glyphicon-bold:before{content:"\e048"}.glyphicon-italic:before{content:"\e049"}.glyphicon-text-height:before{content:"\e050"}.gly
phicon-text-width:before{content:"\e051"}.glyphicon-align-left:before{content:"\e052"}.glyphicon-align-center:before{content:"\e053"}.glyphicon-align-right:before{content:"\e054"}.glyphicon-align-justify:before{content:"\e055"}.glyphicon-list:before{content:"\e056"}.glyphicon-indent-left:before{content:"\e057"}.glyphicon-indent-right:before{content:"\e058"}.glyphicon-facetime-video:before{content:"\e059"}.glyphicon-picture:before{content:"\e060"}.glyphicon-map-marker:before{content:"\e062"}.glyphicon-adjust:before{content:"\e063"}.glyphicon-tint:before{content:"\e064"}.glyphicon-edit:before{content:"\e065"}.glyphicon-share:before{content:"\e066"}.glyphicon-check:before{content:"\e067"}.glyphicon-move:before{content:"\e068"}.glyphicon-step-backward:before{content:"\e069"}.glyphicon-fast-backward:before{content:"\e070"}.glyphicon-backward:before{content:"\e071"}.glyphicon-play:before{content:"\e072"}.glyphicon-pause:before{content:"\e073"}.glyphicon-stop:before{content:"\e074"}.glyphi
con-forward:before{content:"\e075"}.glyphicon-fast-forward:before{content:"\e076"}.glyphicon-step-forward:before{content:"\e077"}.glyphicon-eject:before{content:"\e078"}.glyphicon-chevron-left:before{content:"\e079"}.glyphicon-chevron-right:before{content:"\e080"}.glyphicon-plus-sign:before{content:"\e081"}.glyphicon-minus-sign:before{content:"\e082"}.glyphicon-remove-sign:before{content:"\e083"}.glyphicon-ok-sign:before{content:"\e084"}.glyphicon-question-sign:before{content:"\e085"}.glyphicon-info-sign:before{content:"\e086"}.glyphicon-screenshot:before{content:"\e087"}.glyphicon-remove-circle:before{content:"\e088"}.glyphicon-ok-circle:before{content:"\e089"}.glyphicon-ban-circle:before{content:"\e090"}.glyphicon-arrow-left:before{content:"\e091"}.glyphicon-arrow-right:before{content:"\e092"}.glyphicon-arrow-up:before{content:"\e093"}.glyphicon-arrow-down:before{content:"\e094"}.glyphicon-share-alt:before{content:"\e095"}.glyphicon-resize-full:before{content:"\e096"}.glyphicon-re
size-small:before{content:"\e097"}.glyphicon-exclamation-sign:before{content:"\e101"}.glyphicon-gift:before{content:"\e102"}.glyphicon-leaf:before{content:"\e103"}.glyphicon-eye-open:before{content:"\e105"}.glyphicon-eye-close:before{content:"\e106"}.glyphicon-warning-sign:before{content:"\e107"}.glyphicon-plane:before{content:"\e108"}.glyphicon-random:before{content:"\e110"}.glyphicon-comment:before{content:"\e111"}.glyphicon-magnet:before{content:"\e112"}.glyphicon-chevron-up:before{content:"\e113"}.glyphicon-chevron-down:before{content:"\e114"}.glyphicon-retweet:before{content:"\e115"}.glyphicon-shopping-cart:before{content:"\e116"}.glyphicon-folder-close:before{content:"\e117"}.glyphicon-folder-open:before{content:"\e118"}.glyphicon-resize-vertical:before{content:"\e119"}.glyphicon-resize-horizontal:before{content:"\e120"}.glyphicon-hdd:before{content:"\e121"}.glyphicon-bullhorn:before{content:"\e122"}.glyphicon-certificate:before{content:"\e124"}.glyphicon-thumbs-up:before{cont
ent:"\e125"}.glyphicon-thumbs-down:before{content:"\e126"}.glyphicon-hand-right:before{content:"\e127"}.glyphicon-hand-left:before{content:"\e128"}.glyphicon-hand-up:before{content:"\e129"}.glyphicon-hand-down:before{content:"\e130"}.glyphicon-circle-arrow-right:before{content:"\e131"}.glyphicon-circle-arrow-left:before{content:"\e132"}.glyphicon-circle-arrow-up:before{content:"\e133"}.glyphicon-circle-arrow-down:before{content:"\e134"}.glyphicon-globe:before{content:"\e135"}.glyphicon-tasks:before{content:"\e137"}.glyphicon-filter:before{content:"\e138"}.glyphicon-fullscreen:before{content:"\e140"}.glyphicon-dashboard:before{content:"\e141"}.glyphicon-heart-empty:before{content:"\e143"}.glyphicon-link:before{content:"\e144"}.glyphicon-phone:before{content:"\e145"}.glyphicon-usd:before{content:"\e148"}.glyphicon-gbp:before{content:"\e149"}.glyphicon-sort:before{content:"\e150"}.glyphicon-sort-by-alphabet:before{content:"\e151"}.glyphicon-sort-by-alphabet-alt:before{content:"\e152"}.
glyphicon-sort-by-order:before{content:"\e153"}.glyphicon-sort-by-order-alt:before{content:"\e154"}.glyphicon-sort-by-attributes:before{content:"\e155"}.glyphicon-sort-by-attributes-alt:before{content:"\e156"}.glyphicon-unchecked:before{content:"\e157"}.glyphicon-expand:before{content:"\e158"}.glyphicon-collapse-down:before{content:"\e159"}.glyphicon-collapse-up:before{content:"\e160"}.glyphicon-log-in:before{content:"\e161"}.glyphicon-flash:before{content:"\e162"}.glyphicon-log-out:before{content:"\e163"}.glyphicon-new-window:before{content:"\e164"}.glyphicon-record:before{content:"\e165"}.glyphicon-save:before{content:"\e166"}.glyphicon-open:before{content:"\e167"}.glyphicon-saved:before{content:"\e168"}.glyphicon-import:before{content:"\e169"}.glyphicon-export:before{content:"\e170"}.glyphicon-send:before{content:"\e171"}.glyphicon-floppy-disk:before{content:"\e172"}.glyphicon-floppy-saved:before{content:"\e173"}.glyphicon-floppy-remove:before{content:"\e174"}.glyphicon-floppy-sa
ve:before{content:"\e175"}.glyphicon-floppy-open:before{content:"\e176"}.glyphicon-credit-card:before{content:"\e177"}.glyphicon-transfer:before{content:"\e178"}.glyphicon-cutlery:before{content:"\e179"}.glyphicon-header:before{content:"\e180"}.glyphicon-compressed:before{content:"\e181"}.glyphicon-earphone:before{content:"\e182"}.glyphicon-phone-alt:before{content:"\e183"}.glyphicon-tower:before{content:"\e184"}.glyphicon-stats:before{content:"\e185"}.glyphicon-sd-video:before{content:"\e186"}.glyphicon-hd-video:before{content:"\e187"}.glyphicon-subtitles:before{content:"\e188"}.glyphicon-sound-stereo:before{content:"\e189"}.glyphicon-sound-dolby:before{content:"\e190"}.glyphicon-sound-5-1:before{content:"\e191"}.glyphicon-sound-6-1:before{content:"\e192"}.glyphicon-sound-7-1:before{content:"\e193"}.glyphicon-copyright-mark:before{content:"\e194"}.glyphicon-registration-mark:before{content:"\e195"}.glyphicon-cloud-download:before{content:"\e197"}.glyphicon-cloud-upload:before{conte
nt:"\e198"}.glyphicon-tree-conifer:before{content:"\e199"}.glyphicon-tree-deciduous:before{content:"\e200"}.glyphicon-briefcase:before{content:"\1f4bc"}.glyphicon-calendar:before{content:"\1f4c5"}.glyphicon-pushpin:before{content:"\1f4cc"}.glyphicon-paperclip:before{content:"\1f4ce"}.glyphicon-camera:before{content:"\1f4f7"}.glyphicon-lock:before{content:"\1f512"}.glyphicon-bell:before{content:"\1f514"}.glyphicon-bookmark:before{content:"\1f516"}.glyphicon-fire:before{content:"\1f525"}.glyphicon-wrench:before{content:"\1f527"}.caret{display:inline-block;width:0;height:0;margin-left:2px;vertical-align:middle;border-top:4px solid #000;border-right:4px solid transparent;border-bottom:0 dotted;border-left:4px solid transparent;content:""}.dropdown{position:relative}.dropdown-toggle:focus{outline:0}.dropdown-menu{position:absolute;top:100%;left:0;z-index:1000;display:none;float:left;min-width:160px;padding:5px 0;margin:2px 0 0;font-size:14px;list-style:none;background-color:#fff;border:1
px solid #ccc;border:1px solid rgba(0,0,0,0.15);border-radius:4px;-webkit-box-shadow:0 6px 12px rgba(0,0,0,0.175);box-shadow:0 6px 12px rgba(0,0,0,0.175);background-clip:padding-box}.dropdown-menu.pull-right{right:0;left:auto}.dropdown-menu .divider{height:1px;margin:9px 0;overflow:hidden;background-color:#e5e5e5}.dropdown-menu>li>a{display:block;padding:3px 20px;clear:both;font-weight:normal;line-height:1.428571429;color:#333;white-space:nowrap}.dropdown-menu>li>a:hover,.dropdown-menu>li>a:focus{color:#fff;text-decoration:none;background-color:#428bca}.dropdown-menu>.active>a,.dropdown-menu>.active>a:hover,.dropdown-menu>.active>a:focus{color:#fff;text-decoration:none;background-color:#428bca;outline:0}.dropdown-menu>.disabled>a,.dropdown-menu>.disabled>a:hover,.dropdown-menu>.disabled>a:focus{color:#999}.dropdown-menu>.disabled>a:hover,.dropdown-menu>.disabled>a:focus{text-decoration:none;cursor:not-allowed;background-color:transparent;background-image:none;filter:progid:DXImageTr
ansform.Microsoft.gradient(enabled=false)}.open>.dropdown-menu{display:block}.open>a{outline:0}.dropdown-header{display:block;padding:3px 20px;font-size:12px;line-height:1.428571429;color:#999}.dropdown-backdrop{position:fixed;top:0;right:0;bottom:0;left:0;z-index:990}.pull-right>.dropdown-menu{right:0;left:auto}.dropup .caret,.navbar-fixed-bottom .dropdown .caret{border-top:0 dotted;border-bottom:4px solid #000;content:""}.dropup .dropdown-menu,.navbar-fixed-bottom .dropdown .dropdown-menu{top:auto;bottom:100%;margin-bottom:1px}@media(min-width:768px){.navbar-right .dropdown-menu{right:0;left:auto}}.btn-default .caret{border-top-color:#333}.btn-primary .caret,.btn-success .caret,.btn-warning .caret,.btn-danger .caret,.btn-info .caret{border-top-color:#fff}.dropup .btn-default .caret{border-bottom-color:#333}.dropup .btn-primary .caret,.dropup .btn-success .caret,.dropup .btn-warning .caret,.dropup .btn-danger .caret,.dropup .btn-info .caret{border-bottom-color:#fff}.btn-group,.btn-
group-vertical{position:relative;display:inline-block;vertical-align:middle}.btn-group>.btn,.btn-group-vertical>.btn{position:relative;float:left}.btn-group>.btn:hover,.btn-group-vertical>.btn:hover,.btn-group>.btn:focus,.btn-group-vertical>.btn:focus,.btn-group>.btn:active,.btn-group-vertical>.btn:active,.btn-group>.btn.active,.btn-group-vertical>.btn.active{z-index:2}.btn-group>.btn:focus,.btn-group-vertical>.btn:focus{outline:0}.btn-group .btn+.btn,.btn-group .btn+.btn-group,.btn-group .btn-group+.btn,.btn-group .btn-group+.btn-group{margin-left:-1px}.btn-toolbar:before,.btn-toolbar:after{display:table;content:" "}.btn-toolbar:after{clear:both}.btn-toolbar:before,.btn-toolbar:after{display:table;content:" "}.btn-toolbar:after{clear:both}.btn-toolbar .btn-group{float:left}.btn-toolbar>.btn+.btn,.btn-toolbar>.btn-group+.btn,.btn-toolbar>.btn+.btn-group,.btn-toolbar>.btn-group+.btn-group{margin-left:5px}.btn-group>.btn:not(:first-child):not(:last-child):not(.dropdown-toggle){border-
radius:0}.btn-group>.btn:first-child{margin-left:0}.btn-group>.btn:first-child:not(:last-child):not(.dropdown-toggle){border-top-right-radius:0;border-bottom-right-radius:0}.btn-group>.btn:last-child:not(:first-child),.btn-group>.dropdown-toggle:not(:first-child){border-bottom-left-radius:0;border-top-left-radius:0}.btn-group>.btn-group{float:left}.btn-group>.btn-group:not(:first-child):not(:last-child)>.btn{border-radius:0}.btn-group>.btn-group:first-child>.btn:last-child,.btn-group>.btn-group:first-child>.dropdown-toggle{border-top-right-radius:0;border-bottom-right-radius:0}.btn-group>.btn-group:last-child>.btn:first-child{border-bottom-left-radius:0;border-top-left-radius:0}.btn-group .dropdown-toggle:active,.btn-group.open .dropdown-toggle{outline:0}.btn-group-xs>.btn{padding:5px 10px;padding:1px 5px;font-size:12px;line-height:1.5;border-radius:3px}.btn-group-sm>.btn{padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}.btn-group-lg>.btn{padding:10px 16px;font-size
:18px;line-height:1.33;border-radius:6px}.btn-group>.btn+.dropdown-toggle{padding-right:8px;padding-left:8px}.btn-group>.btn-lg+.dropdown-toggle{padding-right:12px;padding-left:12px}.btn-group.open .dropdown-toggle{-webkit-box-shadow:inset 0 3px 5px rgba(0,0,0,0.125);box-shadow:inset 0 3px 5px rgba(0,0,0,0.125)}.btn .caret{margin-left:0}.btn-lg .caret{border-width:5px 5px 0;border-bottom-width:0}.dropup .btn-lg .caret{border-width:0 5px 5px}.btn-group-vertical>.btn,.btn-group-vertical>.btn-group{display:block;float:none;width:100%;max-width:100%}.btn-group-vertical>.btn-group:before,.btn-group-vertical>.btn-group:after{display:table;content:" "}.btn-group-vertical>.btn-group:after{clear:both}.btn-group-vertical>.btn-group:before,.btn-group-vertical>.btn-group:after{display:table;content:" "}.btn-group-vertical>.btn-group:after{clear:both}.btn-group-vertical>.btn-group>.btn{float:none}.btn-group-vertical>.btn+.btn,.btn-group-vertical>.btn+.btn-group,.btn-group-vertical>.btn-group+.bt
n,.btn-group-vertical>.btn-group+.btn-group{margin-top:-1px;margin-left:0}.btn-group-vertical>.btn:not(:first-child):not(:last-child){border-radius:0}.btn-group-vertical>.btn:first-child:not(:last-child){border-top-right-radius:4px;border-bottom-right-radius:0;border-bottom-left-radius:0}.btn-group-vertical>.btn:last-child:not(:first-child){border-top-right-radius:0;border-bottom-left-radius:4px;border-top-left-radius:0}.btn-group-vertical>.btn-group:not(:first-child):not(:last-child)>.btn{border-radius:0}.btn-group-vertical>.btn-group:first-child>.btn:last-child,.btn-group-vertical>.btn-group:first-child>.dropdown-toggle{border-bottom-right-radius:0;border-bottom-left-radius:0}.btn-group-vertical>.btn-group:last-child>.btn:first-child{border-top-right-radius:0;border-top-left-radius:0}.btn-group-justified{display:table;width:100%;border-collapse:separate;table-layout:fixed}.btn-group-justified .btn{display:table-cell;float:none;width:1%}[data-toggle="buttons"]>.btn>input[type="radi
o"],[data-toggle="buttons"]>.btn>input[type="checkbox"]{display:none}.input-group{position:relative;display:table;border-collapse:separate}.input-group.col{float:none;padding-right:0;padding-left:0}.input-group .form-control{width:100%;margin-bottom:0}.input-group-lg>.form-control,.input-group-lg>.input-group-addon,.input-group-lg>.input-group-btn>.btn{height:45px;padding:10px 16px;font-size:18px;line-height:1.33;border-radius:6px}select.input-group-lg>.form-control,select.input-group-lg>.input-group-addon,select.input-group-lg>.input-group-btn>.btn{height:45px;line-height:45px}textarea.input-group-lg>.form-control,textarea.input-group-lg>.input-group-addon,textarea.input-group-lg>.input-group-btn>.btn{height:auto}.input-group-sm>.form-control,.input-group-sm>.input-group-addon,.input-group-sm>.input-group-btn>.btn{height:30px;padding:5px 10px;font-size:12px;line-height:1.5;border-radius:3px}select.input-group-sm>.form-control,select.input-group-sm>.input-group-addon,select.input-gr
oup-sm>.input-group-btn>.btn{height:30px;line-height:30px}textarea.input-group-sm>.form-control,textarea.input-group-sm>.input-group-addon,textarea.input-group-sm>.input-group-btn>.btn{height:auto}.input-group-addon,.input-group-btn,.input-group .form-control{display:table-cell}.input-group-addon:not(:first-child):not(:last-child),.input-group-btn:not(:first-child):not(:last-child),.input-group .form-control:not(:first-child):not(:last-child){border-radius:0}.input-group-addon,.input-group-btn{width:1%;white-space:nowrap;vertical-align:middle}.input-group-addon{padding:6px 12px;font-size:14px;font-weight:normal;line-height:1;text-align:center;background-color:#eee;border:1px solid #ccc;border-radius:4px}.input-group-addon.input-sm{padding:5px 10px;font-size:12px;border-radius:3px}.input-group-addon.input-lg{padding:10px 16px;font-size:18px;border-radius:6px}.input-group-addon input[type="radio"],.input-group-addon input[type="checkbox"]{margin-top:0}.input-group .form-control:first-
child,.input-group-addon:first-child,.input-group-btn:first-child>.btn,.input-group-btn:first-child>.dropdown-toggle,.input-group-btn:last-child>.btn:not(:last-child):not(.dropdown-toggle){border-top-right-radius:0;border-bottom-right-radius:0}.input-group-addon:first-child{border-right:0}.input-group .form-control:last-child,.input-group-addon:last-child,.input-group-btn:last-child>.btn,.input-group-btn:last-child>.dropdown-toggle,.input-group-btn:first-child>.btn:not(:first-child){border-bottom-left-radius:0;border-top-left-radius:0}.input-group-addon:last-child{border-left:0}.input-group-btn{position:relative;white-space:nowrap}.input-group-btn>.btn{position:relative}.input-group-btn>.btn+.btn{margin-left:-4px}.input-group-btn>.btn:hover,.input-group-btn>.btn:active{z-index:2}.nav{padding-left:0;margin-bottom:0;list-style:none}.nav:before,.nav:after{display:table;content:" "}.nav:after{clear:both}.nav:before,.nav:after{display:table;content:" "}.nav:after{clear:both}.nav>li{posit
ion:relative;display:block}.nav>li>a{position:relative;display:block;padding:10px 15px}.nav>li>a:hover,.nav>li>a:focus{text-decoration:none;background-color:#eee}.nav>li.disabled>a{color:#999}.nav>li.disabled>a:hover,.nav>li.disabled>a:focus{color:#999;text-decoration:none;cursor:not-allowed;background-color:transparent}.nav .open>a,.nav .open>a:hover,.nav .open>a:focus{background-color:#eee;border-color:#428bca}.nav .nav-divider{height:1px;margin:9px 0;overflow:hidden;background-color:#e5e5e5}.nav>li>a>img{max-width:none}.nav-tabs{border-bottom:1px solid #ddd}.nav-tabs>li{float:left;margin-bottom:-1px}.nav-tabs>li>a{margin-right:2px;line-height:1.428571429;border:1px solid transparent;border-radius:4px 4px 0 0}.nav-tabs>li>a:hover{border-color:#eee #eee #ddd}.nav-tabs>li.active>a,.nav-tabs>li.active>a:hover,.nav-tabs>li.active>a:focus{color:#555;cursor:default;background-color:#fff;border:1px solid #ddd;border-bottom-color:transparent}.nav-tabs.nav-justified{width:100%;border-botto
m:0}.nav-tabs.nav-justified>li{float:none}.nav-tabs.nav-justified>li>a{text-align:center}@media(min-width:768px){.nav-tabs.nav-justified>li{display:table-cell;width:1%}}.nav-tabs.nav-justified>li>a{margin-right:0;border-bottom:1px solid #ddd}.nav-tabs.nav-justified>.active>a{border-bottom-color:#fff}.nav-pills>li{float:left}.nav-pills>li>a{border-radius:5px}.nav-pills>li+li{margin-left:2px}.nav-pills>li.active>a,.nav-pills>li.active>a:hover,.nav-pills>li.active>a:focus{color:#fff;background-color:#428bca}.nav-stacked>li{float:none}.nav-stacked>li+li{margin-top:2px;margin-left:0}.nav-justified{width:100%}.nav-justified>li{float:none}.nav-justified>li>a{text-align:center}@media(min-width:768px){.nav-justified>li{display:table-cell;width:1%}}.nav-tabs-justified{border-bottom:0}.nav-tabs-justified>li>a{margin-right:0;border-bottom:1px solid #ddd}.nav-tabs-justified>.active>a{border-bottom-color:#fff}.tabbable:before,.tabbable:after{display:table;content:" "}.tabbable:after{clear:both}.t
abbable:before,.tabbable:after{display:table;content:" "}.tabbable:after{clear:both}.tab-content>.tab-pane,.pill-content>.pill-pane{display:none}.tab-content>.active,.pill-content>.active{display:block}.nav .caret{border-top-color:#428bca;border-bottom-color:#428bca}.nav a:hover .caret{border-top-color:#2a6496;border-bottom-color:#2a6496}.nav-tabs .dropdown-menu{margin-top:-1px;border-top-right-radius:0;border-top-left-radius:0}.navbar{position:relative;z-index:1000;min-height:50px;margin-bottom:20px;border:1px solid transparent}.navbar:before,.navbar:after{display:table;content:" "}.navbar:after{clear:both}.navbar:before,.navbar:after{display:table;content:" "}.navbar:after{clear:both}@media(min-width:768px){.navbar{border-radius:4px}}.navbar-header:before,.navbar-header:after{display:table;content:" "}.navbar-header:after{clear:both}.navbar-header:before,.navbar-header:after{display:table;content:" "}.navbar-header:after{clear:both}@media(min-width:768px){.navbar-header{float:left
}}.navbar-collapse{max-height:340px;padding-right:15px;padding-left:15px;overflow-x:visible;border-top:1px solid transparent;box-shadow:inset 0 1px 0 rgba(255,255,255,0.1);-webkit-overflow-scrolling:touch}.navbar-collapse:before,.navbar-collapse:after{display:table;content:" "}.navbar-collapse:after{clear:both}.navbar-collapse:before,.navbar-collapse:after{display:table;content:" "}.navbar-collapse:after{clear:both}.navbar-collapse.in{overflow-y:auto}@media(min-width:768px){.navbar-collapse{width:auto;border-top:0;box-shadow:none}.navbar-collapse.collapse{display:block!important;height:auto!important;padding-bottom:0;overflow:visible!important}.navbar-collapse.in{overflow-y:visible}.navbar-collapse .navbar-nav.navbar-left:first-child{margin-left:-15px}.navbar-collapse .navbar-nav.navbar-right:last-child{margin-right:-15px}.navbar-collapse .navbar-text:last-child{margin-right:0}}.container>.navbar-header,.container>.navbar-collapse{margin-right:-15px;margin-left:-15px}@media(min-widt
h:768px){.container>.navbar-header,.container>.navbar-collapse{margin-right:0;margin-left:0}}.navbar-static-top{border-width:0 0 1px}@media(min-width:768px){.navbar-static-top{border-radius:0}}.navbar-fixed-top,.navbar-fixed-bottom{position:fixed;right:0;left:0;border-width:0 0 1px}@media(min-width:768px){.navbar-fixed-top,.navbar-fixed-bottom{border-radius:0}}.navbar-fixed-top{top:0;z-index:1030}.navbar-fixed-bottom{bottom:0;margin-bottom:0}.navbar-brand{float:left;padding:15px 15px;font-size:18px;line-height:20px}.navbar-brand:hover,.navbar-brand:focus{text-decoration:none}@media(min-width:768px){.navbar>.container .navbar-brand{margin-left:-15px}}.navbar-toggle{position:relative;float:right;padding:9px 10px;margin-top:8px;margin-right:15px;margin-bottom:8px;background-color:transparent;border:1px solid transparent;border-radius:4px}.navbar-toggle .icon-bar{display:block;width:22px;height:2px;border-radius:1px}.navbar-toggle .icon-bar+.icon-bar{margin-top:4px}@media(min-width:768p
x){.navbar-toggle{display:none}}.navbar-nav{margin:7.5px -15px}.navbar-nav>li>a{padding-top:10px;padding-bottom:10px;line-height:20px}@media(max-width:767px){.navbar-nav .open .dropdown-menu{position:static;float:none;width:auto;margin-top:0;background-color:transparent;border:0;box-shadow:none}.navbar-nav .open .dropdown-menu>li>a,.navbar-nav .open .dropdown-menu .dropdown-header{padding:5px 15px 5px 25px}.navbar-nav .open .dropdown-menu>li>a{line-height:20px}.navbar-nav .open .dropdown-menu>li>a:hover,.navbar-nav .open .dropdown-menu>li>a:focus{background-image:none}}@media(min-width:768px){.navbar-nav{float:left;margin:0}.navbar-nav>li{float:left}.navbar-nav>li>a{padding-top:15px;padding-bottom:15px}}@media(min-width:768px){.navbar-left{float:left!important}.navbar-right{float:right!important}}.navbar-form{padding:10px 15px;margin-top:8px;margin-right:-15px;margin-bottom:8px;margin-left:-15px;border-top:1px solid transparent;border-bottom:1px solid transparent;-webkit-box-shadow:
inset 0 1px 0 rgba(255,255,255,0.1),0 1px 0 rgba(255,255,255,0.1);box-shadow:inset 0 1px 0 rgba(255,255,255,0.1),0 1px 0 rgba(255,255,255,0.1)}@media(min-width:768px){.navbar-form .form-group{display:inline-block;margin-bottom:0;vertical-align:middle}.navbar-form .form-control{display:inline-block}.navbar-form .radio,.navbar-form .checkbox{display:inline-block;padding-left:0;margin-top:0;margin-bottom:0}.navbar-form .radio input[type="radio"],.navbar-form .checkbox input[type="checkbox"]{float:none;margin-left:0}}@media(max-width:767px){.navbar-form .form-group{margin-bottom:5px}}@media(min-width:768px){.navbar-form{width:auto;padding-top:0;padding-bottom:0;margin-right:0;margin-left:0;border:0;-webkit-box-shadow:none;box-shadow:none}}.navbar-nav>li>.dropdown-menu{margin-top:0;border-top-right-radius:0;border-top-left-radius:0}.navbar-fixed-bottom .navbar-nav>li>.dropdown-menu{border-bottom-right-radius:0;border-bottom-left-radius:0}.navbar-nav.pull-right>li>.dropdown-menu,.navbar-n
av>li>.dropdown-menu.pull-right{right:0;left:auto}.navbar-btn{margin-top:8px;margin-bottom:8px}.navbar-text{float:left;margin-top:15px;margin-bottom:15px}@media(min-width:768px){.navbar-text{margin-right:15px;margin-left:15px}}.navbar-default{background-color:#f8f8f8;border-color:#e7e7e7}.navbar-default .navbar-brand{color:#777}.navbar-default .navbar-brand:hover,.navbar-default .navbar-brand:focus{color:#5e5e5e;background-color:transparent}.navbar-default .navbar-text{color:#777}.navbar-default .navbar-nav>li>a{color:#777}.navbar-default .navbar-nav>li>a:hover,.navbar-default .navbar-nav>li>a:focus{color:#333;background-color:transparent}.navbar-default .navbar-nav>.active>a,.navbar-default .navbar-nav>.active>a:hover,.navbar-default .navbar-nav>.active>a:focus{color:#555;background-color:#e7e7e7}.navbar-default .navbar-nav>.disabled>a,.navbar-default .navbar-nav>.disabled>a:hover,.navbar-default .navbar-nav>.disabled>a:focus{color:#ccc;background-color:transparent}.navbar-default
.navbar-toggle{border-color:#ddd}.navbar-default .navbar-toggle:hover,.navbar-default .navbar-toggle:focus{background-color:#ddd}.navbar-default .navbar-toggle .icon-bar{background-color:#ccc}.navbar-default .navbar-collapse,.navbar-default .navbar-form{border-color:#e6e6e6}.navbar-default .navbar-nav>.dropdown>a:hover .caret,.navbar-default .navbar-nav>.dropdown>a:focus .caret{border-top-color:#333;border-bottom-color:#333}.navbar-default .navbar-nav>.open>a,.navbar-default .navbar-nav>.open>a:hover,.navbar-default .navbar-nav>.open>a:focus{color:#555;background-color:#e7e7e7}.navbar-default .navbar-nav>.open>a .caret,.navbar-default .navbar-nav>.open>a:hover .caret,.navbar-default .navbar-nav>.open>a:focus .caret{border-top-color:#555;border-bottom-color:#555}.navbar-default .navbar-nav>.dropdown>a .caret{border-top-color:#777;border-bottom-color:#777}@media(max-width:767px){.navbar-default .navbar-nav .open .dropdown-menu>li>a{color:#777}.navbar-default .navbar-nav .open .dropdow
n-menu>li>a:hover,.navbar-default .navbar-nav .open .dropdown-menu>li>a:focus{color:#333;background-color:transparent}.navbar-default .navbar-nav .open .dropdown-menu>.active>a,.navbar-default .navbar-nav .open .dropdown-menu>.active>a:hover,.navbar-default .navbar-nav .open .dropdown-menu>.active>a:focus{color:#555;background-color:#e7e7e7}.navbar-default .navbar-nav .open .dropdown-menu>.disabled>a,.navbar-default .navbar-nav .open .dropdown-menu>.disabled>a:hover,.navbar-default .navbar-nav .open .dropdown-menu>.disabled>a:focus{color:#ccc;background-color:transparent}}.navbar-default .navbar-link{color:#777}.navbar-default .navbar-link:hover{color:#333}.navbar-inverse{background-color:#222;border-color:#080808}.navbar-inverse .navbar-brand{color:#999}.navbar-inverse .navbar-brand:hover,.navbar-inverse .navbar-brand:focus{color:#fff;background-color:transparent}.navbar-inverse .navbar-text{color:#999}.navbar-inverse .navbar-nav>li>a{color:#999}.navbar-inverse .navbar-nav>li>a:hov
er,.navbar-inverse .navbar-nav>li>a:focus{color:#fff;background-color:transparent}.navbar-inverse .navbar-nav>.active>a,.navbar-inverse .navbar-nav>.active>a:hover,.navbar-inverse .navbar-nav>.active>a:focus{color:#fff;background-color:#080808}.navbar-inverse .navbar-nav>.disabled>a,.navbar-inverse .navbar-nav>.disabled>a:hover,.navbar-inverse .navbar-nav>.disabled>a:focus{color:#444;background-color:transparent}.navbar-inverse .navbar-toggle{border-color:#333}.navbar-inverse .navbar-toggle:hover,.navbar-inverse .navbar-toggle:focus{background-color:#333}.navbar-inverse .navbar-toggle .icon-bar{background-color:#fff}.navbar-inverse .navbar-collapse,.navbar-inverse .navbar-form{border-color:#101010}.navbar-inverse .navbar-nav>.open>a,.navbar-inverse .navbar-nav>.open>a:hover,.navbar-inverse .navbar-nav>.open>a:focus{color:#fff;background-color:#080808}.navbar-inverse .navbar-nav>.dropdown>a:hover .caret{border-top-color:#fff;border-bottom-color:#fff}.navbar-inverse .navbar-nav>.dropd
own>a .caret{border-top-color:#999;border-bottom-color:#999}.navbar-inverse .navbar-nav>.open>a .caret,.navbar-inverse .navbar-nav>.open>a:hover .caret,.navbar-inverse .navbar-nav>.open>a:focus .caret{border-top-color:#fff;border-bottom-color:#fff}@media(max-width:767px){.navbar-inverse .navbar-nav .open .dropdown-menu>.dropdown-header{border-color:#080808}.navbar-inverse .navbar-nav .open .dropdown-menu>li>a{color:#999}.navbar-inverse .navbar-nav .open .dropdown-menu>li>a:hover,.navbar-inverse .navbar-nav .open .dropdown-menu>li>a:focus{color:#fff;background-color:transparent}.navbar-inverse .navbar-nav .open .dropdown-menu>.active>a,.navbar-inverse .navbar-nav .open .dropdown-menu>.active>a:hover,.navbar-inverse .navbar-nav .open .dropdown-menu>.active>a:focus{color:#fff;background-color:#080808}.navbar-inverse .navbar-nav .open .dropdown-menu>.disabled>a,.navbar-inverse .navbar-nav .open .dropdown-menu>.disabled>a:hover,.navbar-inverse .navbar-nav .open .dropdown-menu>.disabled>a
:focus{color:#444;background-color:transparent}}.navbar-inverse .navbar-link{color:#999}.navbar-inverse .navbar-link:hover{color:#fff}.breadcrumb{padding:8px 15px;margin-bottom:20px;list-style:none;background-color:#f5f5f5;border-radius:4px}.breadcrumb>li{display:inline-block}.breadcrumb>li+li:before{padding:0 5px;color:#ccc;content:"/\00a0"}.breadcrumb>.active{color:#999}.pagination{display:inline-block;padding-left:0;margin:20px 0;border-radius:4px}.pagination>li{display:inline}.pagination>li>a,.pagination>li>span{position:relative;float:left;padding:6px 12px;margin-left:-1px;line-height:1.428571429;text-decoration:none;background-color:#fff;border:1px solid #ddd}.pagination>li:first-child>a,.pagination>li:first-child>span{margin-left:0;border-bottom-left-radius:4px;border-top-left-radius:4px}.pagination>li:last-child>a,.pagination>li:last-child>span{border-top-right-radius:4px;border-bottom-right-radius:4px}.pagination>li>a:hover,.pagination>li>span:hover,.pagination>li>a:focus,.
pagination>li>span:focus{background-color:#eee}.pagination>.active>a,.pagination>.active>span,.pagination>.active>a:hover,.pagination>.active>span:hover,.pagination>.active>a:focus,.pagination>.active>span:focus{z-index:2;color:#fff;cursor:default;background-color:#428bca;border-color:#428bca}.pagination>.disabled>span,.pagination>.disabled>a,.pagination>.disabled>a:hover,.pagination>.disabled>a:focus{color:#999;cursor:not-allowed;background-color:#fff;border-color:#ddd}.pagination-lg>li>a,.pagination-lg>li>span{padding:10px 16px;font-size:18px}.pagination-lg>li:first-child>a,.pagination-lg>li:first-child>span{border-bottom-left-radius:6px;border-top-left-radius:6px}.pagination-lg>li:last-child>a,.pagination-lg>li:last-child>span{border-top-right-radius:6px;border-bottom-right-radius:6px}.pagination-sm>li>a,.pagination-sm>li>span{padding:5px 10px;font-size:12px}.pagination-sm>li:first-child>a,.pagination-sm>li:first-child>span{border-bottom-left-radius:3px;border-top-left-radius:3px
}.pagination-sm>li:last-child>a,.pagination-sm>li:last-child>span{border-top-right-radius:3px;border-bottom-right-radius:3px}.pager{padding-left:0;margin:20px 0;text-align:center;list-style:none}.pager:before,.pager:after{display:table;content:" "}.pager:after{clear:both}.pager:before,.pager:after{display:table;content:" "}.pager:after{clear:both}.pager li{display:inline}.pager li>a,.pager li>span{display:inline-block;padding:5px 14px;background-color:#fff;border:1px solid #ddd;border-radius:15px}.pager li>a:hover,.pager li>a:focus{text-decoration:none;background-color:#eee}.pager .next>a,.pager .next>span{float:right}.pager .previous>a,.pager .previous>span{float:left}.pager .disabled>a,.pager .disabled>a:hover,.pager .disabled>a:focus,.pager .disabled>span{color:#999;cursor:not-allowed;background-color:#fff}.label{display:inline;padding:.2em .6em .3em;font-size:75%;font-weight:bold;line-height:1;color:#fff;text-align:center;white-space:nowrap;vertical-align:baseline;border-radius:
.25em}.label[href]:hover,.label[href]:focus{color:#fff;text-decoration:none;cursor:pointer}.label:empty{display:none}.label-default{background-color:#999}.label-default[href]:hover,.label-default[href]:focus{background-color:#808080}.label-primary{background-color:#428bca}.label-primary[href]:hover,.label-primary[href]:focus{background-color:#3071a9}.label-success{background-color:#5cb85c}.label-success[href]:hover,.label-success[href]:focus{background-color:#449d44}.label-info{background-color:#5bc0de}.label-info[href]:hover,.label-info[href]:focus{background-color:#31b0d5}.label-warning{background-color:#f0ad4e}.label-warning[href]:hover,.label-warning[href]:focus{background-color:#ec971f}.label-danger{background-color:#d9534f}.label-danger[href]:hover,.label-danger[href]:focus{background-color:#c9302c}.badge{display:inline-block;min-width:10px;padding:3px 7px;font-size:12px;font-weight:bold;line-height:1;color:#fff;text-align:center;white-space:nowrap;vertical-align:baseline;back
ground-color:#999;border-radius:10px}.badge:empty{display:none}a.badge:hover,a.badge:focus{color:#fff;text-decoration:none;cursor:pointer}.btn .badge{position:relative;top:-1px}a.list-group-item.active>.badge,.nav-pills>.active>a>.badge{color:#428bca;background-color:#fff}.nav-pills>li>a>.badge{margin-left:3px}.jumbotron{padding:30px;margin-bottom:30px;font-size:21px;font-weight:200;line-height:2.1428571435;color:inherit;background-color:#eee}.jumbotron h1{line-height:1;color:inherit}.jumbotron p{line-height:1.4}.container .jumbotron{border-radius:6px}@media screen and (min-width:768px){.jumbotron{padding-top:48px;padding-bottom:48px}.container .jumbotron{padding-right:60px;padding-left:60px}.jumbotron h1{font-size:63px}}.thumbnail{display:inline-block;display:block;height:auto;max-width:100%;padding:4px;line-height:1.428571429;background-color:#fff;border:1px solid #ddd;border-radius:4px;-webkit-transition:all .2s ease-in-out;transition:all .2s ease-in-out}.thumbnail>img{display:bl
ock;height:auto;max-width:100%}a.thumbnail:hover,a.thumbnail:focus{border-color:#428bca}.thumbnail>img{margin-right:auto;margin-left:auto}.thumbnail .caption{padding:9px;color:#333}.alert{padding:15px;margin-bottom:20px;border:1px solid transparent;border-radius:4px}.alert h4{margin-top:0;color:inherit}.alert .alert-link{font-weight:bold}.alert>p,.alert>ul{margin-bottom:0}.alert>p+p{margin-top:5px}.alert-dismissable{padding-right:35px}.alert-dismissable .close{position:relative;top:-2px;right:-21px;color:inherit}.alert-success{color:#468847;background-color:#dff0d8;border-color:#d6e9c6}.alert-success hr{border-top-color:#c9e2b3}.alert-success .alert-link{color:#356635}.alert-info{color:#3a87ad;background-color:#d9edf7;border-color:#bce8f1}.alert-info hr{border-top-color:#a6e1ec}.alert-info .alert-link{color:#2d6987}.alert-warning{color:#c09853;background-color:#fcf8e3;border-color:#fbeed5}.alert-warning hr{border-top-color:#f8e5be}.alert-warning .alert-link{color:#a47e3c}.alert-dang
er{color:#b94a48;background-color:#f2dede;border-color:#eed3d7}.alert-danger hr{border-top-color:#e6c1c7}.alert-danger .alert-link{color:#953b39}@-webkit-keyframes progress-bar-stripes{from{background-position:40px 0}to{background-position:0 0}}@-moz-keyframes progress-bar-stripes{from{background-position:40px 0}to{background-position:0 0}}@-o-keyframes progress-bar-stripes{from{background-position:0 0}to{background-position:40px 0}}@keyframes progress-bar-stripes{from{background-position:40px 0}to{background-position:0 0}}.progress{height:20px;margin-bottom:20px;overflow:hidden;background-color:#f5f5f5;border-radius:4px;-webkit-box-shadow:inset 0 1px 2px rgba(0,0,0,0.1);box-shadow:inset 0 1px 2px rgba(0,0,0,0.1)}.progress-bar{float:left;width:0;height:100%;font-size:12px;color:#fff;text-align:center;background-color:#428bca;-webkit-box-shadow:inset 0 -1px 0 rgba(0,0,0,0.15);box-shadow:inset 0 -1px 0 rgba(0,0,0,0.15);-webkit-transition:width .6s ease;transition:width .6s ease}.progr
ess-striped .progress-bar{background-image:-webkit-gradient(linear,0 100%,100% 0,color-stop(0.25,rgba(255,255,255,0.15)),color-stop(0.25,transparent),color-stop(0.5,transparent),color-stop(0.5,rgba(255,255,255,0.15)),color-stop(0.75,rgba(255,255,255,0.15)),color-stop(0.75,transparent),to(transparent));background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:-moz-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-size:40px 40px}.progress.active .progress-bar{-webkit-animation:progress-bar-stripes 2s linear infinite;-moz-animation:progress
-bar-stripes 2s linear infinite;-ms-animation:progress-bar-stripes 2s linear infinite;-o-animation:progress-bar-stripes 2s linear infinite;animation:progress-bar-stripes 2s linear infinite}.progress-bar-success{background-color:#5cb85c}.progress-striped .progress-bar-success{background-image:-webkit-gradient(linear,0 100%,100% 0,color-stop(0.25,rgba(255,255,255,0.15)),color-stop(0.25,transparent),color-stop(0.5,transparent),color-stop(0.5,rgba(255,255,255,0.15)),color-stop(0.75,rgba(255,255,255,0.15)),color-stop(0.75,transparent),to(transparent));background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:-moz-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,0.15) 25%,tra
nsparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent)}.progress-bar-info{background-color:#5bc0de}.progress-striped .progress-bar-info{background-image:-webkit-gradient(linear,0 100%,100% 0,color-stop(0.25,rgba(255,255,255,0.15)),color-stop(0.25,transparent),color-stop(0.5,transparent),color-stop(0.5,rgba(255,255,255,0.15)),color-stop(0.75,rgba(255,255,255,0.15)),color-stop(0.75,transparent),to(transparent));background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:-moz-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,
transparent 75%,transparent)}.progress-bar-warning{background-color:#f0ad4e}.progress-striped .progress-bar-warning{background-image:-webkit-gradient(linear,0 100%,100% 0,color-stop(0.25,rgba(255,255,255,0.15)),color-stop(0.25,transparent),color-stop(0.5,transparent),color-stop(0.5,rgba(255,255,255,0.15)),color-stop(0.75,rgba(255,255,255,0.15)),color-stop(0.75,transparent),to(transparent));background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:-moz-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent)}.progress-bar-danger{background-color:#d9534f}.p
rogress-striped .progress-bar-danger{background-image:-webkit-gradient(linear,0 100%,100% 0,color-stop(0.25,rgba(255,255,255,0.15)),color-stop(0.25,transparent),color-stop(0.5,transparent),color-stop(0.5,rgba(255,255,255,0.15)),color-stop(0.75,rgba(255,255,255,0.15)),color-stop(0.75,transparent),to(transparent));background-image:-webkit-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:-moz-linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent);background-image:linear-gradient(45deg,rgba(255,255,255,0.15) 25%,transparent 25%,transparent 50%,rgba(255,255,255,0.15) 50%,rgba(255,255,255,0.15) 75%,transparent 75%,transparent)}.media,.media-body{overflow:hidden;zoom:1}.media,.media .media{margin-top:15px}.media:first-child{margin-top:0}.media-object{di
splay:block}.media-heading{margin:0 0 5px}.media>.pull-left{margin-right:10px}.media>.pull-right{margin-left:10px}.media-list{padding-left:0;list-style:none}.list-group{padding-left:0;margin-bottom:20px}.list-group-item{position:relative;display:block;padding:10px 15px;margin-bottom:-1px;background-color:#fff;border:1px solid #ddd}.list-group-item:first-child{border-top-right-radius:4px;border-top-left-radius:4px}.list-group-item:last-child{margin-bottom:0;border-bottom-right-radius:4px;border-bottom-left-radius:4px}.list-group-item>.badge{float:right}.list-group-item>.badge+.badge{margin-right:5px}a.list-group-item{color:#555}a.list-group-item .list-group-item-heading{color:#333}a.list-group-item:hover,a.list-group-item:focus{text-decoration:none;background-color:#f5f5f5}.list-group-item.active,.list-group-item.active:hover,.list-group-item.active:focus{z-index:2;color:#fff;background-color:#428bca;border-color:#428bca}.list-group-item.active .list-group-item-heading,.list-group-it
em.active:hover .list-group-item-heading,.list-group-item.active:focus .list-group-item-heading{color:inherit}.list-group-item.active .list-group-item-text,.list-group-item.active:hover .list-group-item-text,.list-group-item.active:focus .list-group-item-text{color:#e1edf7}.list-group-item-heading{margin-top:0;margin-bottom:5px}.list-group-item-text{margin-bottom:0;line-height:1.3}.panel{margin-bottom:20px;background-color:#fff;border:1px solid transparent;border-radius:4px;-webkit-box-shadow:0 1px 1px rgba(0,0,0,0.05);box-shadow:0 1px 1px rgba(0,0,0,0.05)}.panel-body{padding:15px}.panel-body:before,.panel-body:after{display:table;content:" "}.panel-body:after{clear:both}.panel-body:before,.panel-body:after{display:table;content:" "}.panel-body:after{clear:both}.panel>.list-group{margin-bottom:0}.panel>.list-group .list-group-item{border-width:1px 0}.panel>.list-group .list-group-item:first-child{border-top-right-radius:0;border-top-left-radius:0}.panel>.list-group .list-group-item:
last-child{border-bottom:0}.panel-heading+.list-group .list-group-item:first-child{border-top-width:0}.panel>.table{margin-bottom:0}.panel>.panel-body+.table{border-top:1px solid #ddd}.panel-heading{padding:10px 15px;border-bottom:1px solid transparent;border-top-right-radius:3px;border-top-left-radius:3px}.panel-title{margin-top:0;margin-bottom:0;font-size:16px}.panel-title>a{color:inherit}.panel-footer{padding:10px 15px;background-color:#f5f5f5;border-top:1px solid #ddd;border-bottom-right-radius:3px;border-bottom-left-radius:3px}.panel-group .panel{margin-bottom:0;overflow:hidden;border-radius:4px}.panel-group .panel+.panel{margin-top:5px}.panel-group .panel-heading{border-bottom:0}.panel-group .panel-heading+.panel-collapse .panel-body{border-top:1px solid #ddd}.panel-group .panel-footer{border-top:0}.panel-group .panel-footer+.panel-collapse .panel-body{border-bottom:1px solid #ddd}.panel-default{border-color:#ddd}.panel-default>.panel-heading{color:#333;background-color:#f5f5f
5;border-color:#ddd}.panel-default>.panel-heading+.panel-collapse .panel-body{border-top-color:#ddd}.panel-default>.panel-footer+.panel-collapse .panel-body{border-bottom-color:#ddd}.panel-primary{border-color:#428bca}.panel-primary>.panel-heading{color:#fff;background-color:#428bca;border-color:#428bca}.panel-primary>.panel-heading+.panel-collapse .panel-body{border-top-color:#428bca}.panel-primary>.panel-footer+.panel-collapse .panel-body{border-bottom-color:#428bca}.panel-success{border-color:#d6e9c6}.panel-success>.panel-heading{color:#468847;background-color:#dff0d8;border-color:#d6e9c6}.panel-success>.panel-heading+.panel-collapse .panel-body{border-top-color:#d6e9c6}.panel-success>.panel-footer+.panel-collapse .panel-body{border-bottom-color:#d6e9c6}.panel-warning{border-color:#fbeed5}.panel-warning>.panel-heading{color:#c09853;background-color:#fcf8e3;border-color:#fbeed5}.panel-warning>.panel-heading+.panel-collapse .panel-body{border-top-color:#fbeed5}.panel-warning>.panel
-footer+.panel-collapse .panel-body{border-bottom-color:#fbeed5}.panel-danger{border-color:#eed3d7}.panel-danger>.panel-heading{color:#b94a48;background-color:#f2dede;border-color:#eed3d7}.panel-danger>.panel-heading+.panel-collapse .panel-body{border-top-color:#eed3d7}.panel-danger>.panel-footer+.panel-collapse .panel-body{border-bottom-color:#eed3d7}.panel-info{border-color:#bce8f1}.panel-info>.panel-heading{color:#3a87ad;background-color:#d9edf7;border-color:#bce8f1}.panel-info>.panel-heading+.panel-collapse .panel-body{border-top-color:#bce8f1}.panel-info>.panel-footer+.panel-collapse .panel-body{border-bottom-color:#bce8f1}.well{min-height:20px;padding:19px;margin-bottom:20px;background-color:#f5f5f5;border:1px solid #e3e3e3;border-radius:4px;-webkit-box-shadow:inset 0 1px 1px rgba(0,0,0,0.05);box-shadow:inset 0 1px 1px rgba(0,0,0,0.05)}.well blockquote{border-color:#ddd;border-color:rgba(0,0,0,0.15)}.well-lg{padding:24px;border-radius:6px}.well-sm{padding:9px;border-radius:3px
}.close{float:right;font-size:21px;font-weight:bold;line-height:1;color:#000;text-shadow:0 1px 0 #fff;opacity:.2;filter:alpha(opacity=20)}.close:hover,.close:focus{color:#000;text-decoration:none;cursor:pointer;opacity:.5;filter:alpha(opacity=50)}button.close{padding:0;cursor:pointer;background:transparent;border:0;-webkit-appearance:none}.modal-open{overflow:hidden}body.modal-open,.modal-open .navbar-fixed-top,.modal-open .navbar-fixed-bottom{margin-right:15px}.modal{position:fixed;top:0;right:0;bottom:0;left:0;z-index:1040;display:none;overflow:auto;overflow-y:scroll}.modal.fade .modal-dialog{-webkit-transform:translate(0,-25%);-ms-transform:translate(0,-25%);transform:translate(0,-25%);-webkit-transition:-webkit-transform .3s ease-out;-moz-transition:-moz-transform .3s ease-out;-o-transition:-o-transform .3s ease-out;transition:transform .3s ease-out}.modal.in .modal-dialog{-webkit-transform:translate(0,0);-ms-transform:translate(0,0);transform:translate(0,0)}.modal-dialog{z-inde
x:1050;width:auto;padding:10px;margin-right:auto;margin-left:auto}.modal-content{position:relative;background-color:#fff;border:1px solid #999;border:1px solid rgba(0,0,0,0.2);border-radius:6px;outline:0;-webkit-box-shadow:0 3px 9px rgba(0,0,0,0.5);box-shadow:0 3px 9px rgba(0,0,0,0.5);background-clip:padding-box}.modal-backdrop{position:fixed;top:0;right:0;bottom:0;left:0;z-index:1030;background-color:#000}.modal-backdrop.fade{opacity:0;filter:alpha(opacity=0)}.modal-backdrop.in{opacity:.5;filter:alpha(opacity=50)}.modal-header{min-height:16.428571429px;padding:15px;border-bottom:1px solid #e5e5e5}.modal-header .close{margin-top:-2px}.modal-title{margin:0;line-height:1.428571429}.modal-body{position:relative;padding:20px}.modal-footer{padding:19px 20px 20px;margin-top:15px;text-align:right;border-top:1px solid #e5e5e5}.modal-footer:before,.modal-footer:after{display:table;content:" "}.modal-footer:after{clear:both}.modal-footer:before,.modal-footer:after{display:table;content:" "}.m
odal-footer:after{clear:both}.modal-footer .btn+.btn{margin-bottom:0;margin-left:5px}.modal-footer .btn-group .btn+.btn{margin-left:-1px}.modal-footer .btn-block+.btn-block{margin-left:0}@media screen and (min-width:768px){.modal-dialog{right:auto;left:50%;width:600px;padding-top:30px;padding-bottom:30px}.modal-content{-webkit-box-shadow:0 5px 15px rgba(0,0,0,0.5);box-shadow:0 5px 15px rgba(0,0,0,0.5)}}.tooltip{position:absolute;z-index:1030;display:block;font-size:12px;line-height:1.4;opacity:0;filter:alpha(opacity=0);visibility:visible}.tooltip.in{opacity:.9;filter:alpha(opacity=90)}.tooltip.top{padding:5px 0;margin-top:-3px}.tooltip.right{padding:0 5px;margin-left:3px}.tooltip.bottom{padding:5px 0;margin-top:3px}.tooltip.left{padding:0 5px;margin-left:-3px}.tooltip-inner{max-width:200px;padding:3px 8px;color:#fff;text-align:center;text-decoration:none;background-color:#000;border-radius:4px}.tooltip-arrow{position:absolute;width:0;height:0;border-color:transparent;border-style:so
lid}.tooltip.top .tooltip-arrow{bottom:0;left:50%;margin-left:-5px;border-top-color:#000;border-width:5px 5px 0}.tooltip.top-left .tooltip-arrow{bottom:0;left:5px;border-top-color:#000;border-width:5px 5px 0}.tooltip.top-right .tooltip-arrow{right:5px;bottom:0;border-top-color:#000;border-width:5px 5px 0}.tooltip.right .tooltip-arrow{top:50%;left:0;margin-top:-5px;border-right-color:#000;border-width:5px 5px 5px 0}.tooltip.left .tooltip-arrow{top:50%;right:0;margin-top:-5px;border-left-color:#000;border-width:5px 0 5px 5px}.tooltip.bottom .tooltip-arrow{top:0;left:50%;margin-left:-5px;border-bottom-color:#000;border-width:0 5px 5px}.tooltip.bottom-left .tooltip-arrow{top:0;left:5px;border-bottom-color:#000;border-width:0 5px 5px}.tooltip.bottom-right .tooltip-arrow{top:0;right:5px;border-bottom-color:#000;border-width:0 5px 5px}.popover{position:absolute;top:0;left:0;z-index:1010;display:none;max-width:276px;padding:1px;text-align:left;white-space:normal;background-color:#fff;border
:1px solid #ccc;border:1px solid rgba(0,0,0,0.2);border-radius:6px;-webkit-box-shadow:0 5px 10px rgba(0,0,0,0.2);box-shadow:0 5px 10px rgba(0,0,0,0.2);background-clip:padding-box}.popover.top{margin-top:-10px}.popover.right{margin-left:10px}.popover.bottom{margin-top:10px}.popover.left{margin-left:-10px}.popover-title{padding:8px 14px;margin:0;font-size:14px;font-weight:normal;line-height:18px;background-color:#f7f7f7;border-bottom:1px solid #ebebeb;border-radius:5px 5px 0 0}.popover-content{padding:9px 14px}.popover .arrow,.popover .arrow:after{position:absolute;display:block;width:0;height:0;border-color:transparent;border-style:solid}.popover .arrow{border-width:11px}.popover .arrow:after{border-width:10px;content:""}.popover.top .arrow{bottom:-11px;left:50%;margin-left:-11px;border-top-color:#999;border-top-color:rgba(0,0,0,0.25);border-bottom-width:0}.popover.top .arrow:after{bottom:1px;margin-left:-10px;border-top-color:#fff;border-bottom-width:0;content:" "}.popover.right .ar
row{top:50%;left:-11px;margin-top:-11px;border-right-color:#999;border-right-color:rgba(0,0,0,0.25);border-left-width:0}.popover.right .arrow:after{bottom:-10px;left:1px;border-right-color:#fff;border-left-width:0;content:" "}.popover.bottom .arrow{top:-11px;left:50%;margin-left:-11px;border-bottom-color:#999;border-bottom-color:rgba(0,0,0,0.25);border-top-width:0}.popover.bottom .arrow:after{top:1px;margin-left:-10px;border-bottom-color:#fff;border-top-width:0;content:" "}.popover.left .arrow{top:50%;right:-11px;margin-top:-11px;border-left-color:#999;border-left-color:rgba(0,0,0,0.25);border-right-width:0}.popover.left .arrow:after{right:1px;bottom:-10px;border-left-color:#fff;border-right-width:0;content:" "}.carousel{position:relative}.carousel-inner{position:relative;width:100%;overflow:hidden}.carousel-inner>.item{position:relative;display:none;-webkit-transition:.6s ease-in-out left;transition:.6s ease-in-out left}.carousel-inner>.item>img,.carousel-inner>.item>a>img{display:
block;height:auto;max-width:100%;line-height:1}.carousel-inner>.active,.carousel-inner>.next,.carousel-inner>.prev{display:block}.carousel-inner>.active{left:0}.carousel-inner>.next,.carousel-inner>.prev{position:absolute;top:0;width:100%}.carousel-inner>.next{left:100%}.carousel-inner>.prev{left:-100%}.carousel-inner>.next.left,.carousel-inner>.prev.right{left:0}.carousel-inner>.active.left{left:-100%}.carousel-inner>.active.right{left:100%}.carousel-control{position:absolute;top:0;bottom:0;left:0;width:15%;font-size:20px;color:#fff;text-align:center;text-shadow:0 1px 2px rgba(0,0,0,0.6);opacity:.5;filter:alpha(opacity=50)}.carousel-control.left{background-image:-webkit-gradient(linear,0 top,100% top,from(rgba(0,0,0,0.5)),to(rgba(0,0,0,0.0001)));background-image:-webkit-linear-gradient(left,color-stop(rgba(0,0,0,0.5) 0),color-stop(rgba(0,0,0,0.0001) 100%));background-image:-moz-linear-gradient(left,rgba(0,0,0,0.5) 0,rgba(0,0,0,0.0001) 100%);background-image:linear-gradient(to right
,rgba(0,0,0,0.5) 0,rgba(0,0,0,0.0001) 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#80000000',endColorstr='#00000000',GradientType=1)}.carousel-control.right{right:0;left:auto;background-image:-webkit-gradient(linear,0 top,100% top,from(rgba(0,0,0,0.0001)),to(rgba(0,0,0,0.5)));background-image:-webkit-linear-gradient(left,color-stop(rgba(0,0,0,0.0001) 0),color-stop(rgba(0,0,0,0.5) 100%));background-image:-moz-linear-gradient(left,rgba(0,0,0,0.0001) 0,rgba(0,0,0,0.5) 100%);background-image:linear-gradient(to right,rgba(0,0,0,0.0001) 0,rgba(0,0,0,0.5) 100%);background-repeat:repeat-x;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#00000000',endColorstr='#80000000',GradientType=1)}.carousel-control:hover,.carousel-control:focus{color:#fff;text-decoration:none;opacity:.9;filter:alpha(opacity=90)}.carousel-control .icon-prev,.carousel-control .icon-next,.carousel-control .glyphicon-chevron-left,.carousel-control .glyp
hicon-chevron-right{position:absolute;top:50%;left:50%;z-index:5;display:inline-block}.carousel-control .icon-prev,.carousel-control .icon-next{width:20px;height:20px;margin-top:-10px;margin-left:-10px;font-family:serif}.carousel-control .icon-prev:before{content:'\2039'}.carousel-control .icon-next:before{content:'\203a'}.carousel-indicators{position:absolute;bottom:10px;left:50%;z-index:15;width:60%;padding-left:0;margin-left:-30%;text-align:center;list-style:none}.carousel-indicators li{display:inline-block;width:10px;height:10px;margin:1px;text-indent:-999px;cursor:pointer;border:1px solid #fff;border-radius:10px}.carousel-indicators .active{width:12px;height:12px;margin:0;background-color:#fff}.carousel-caption{position:absolute;right:15%;bottom:20px;left:15%;z-index:10;padding-top:20px;padding-bottom:20px;color:#fff;text-align:center;text-shadow:0 1px 2px rgba(0,0,0,0.6)}.carousel-caption .btn{text-shadow:none}@media screen and (min-width:768px){.carousel-control .icon-prev,.c
arou
<TRUNCATED>
[10/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java
deleted file mode 100644
index 6c7d22d..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestAuditLogForSentryGenericService.java
+++ /dev/null
@@ -1,296 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import static org.hamcrest.core.Is.is;
-import static org.junit.Assert.assertThat;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.security.PrivilegedExceptionAction;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.log4j.Level;
-import org.apache.log4j.Logger;
-import org.apache.sentry.provider.db.log.appender.AuditLoggerTestAppender;
-import org.apache.sentry.provider.db.log.util.CommandUtil;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.codehaus.jettison.json.JSONObject;
-import org.junit.After;
-import org.junit.BeforeClass;
-import org.junit.Test;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
-
-public class TestAuditLogForSentryGenericService extends SentryServiceIntegrationBase {
-
- private SentryGenericServiceClient client;
- private static final String COMPONENT = "SQOOP";
- private static final org.slf4j.Logger LOGGER = LoggerFactory
- .getLogger(TestAuditLogForSentryGenericService.class);
-
- @BeforeClass
- public static void setup() throws Exception {
- SentryServiceIntegrationBase.setup();
- Logger logger = Logger.getLogger("sentry.generic.authorization.ddl.logger");
- AuditLoggerTestAppender testAppender = new AuditLoggerTestAppender();
- logger.addAppender(testAppender);
- logger.setLevel(Level.INFO);
- }
-
- @Override
- @After
- public void after() {
- try {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Set<TSentryRole> tRoles = client.listAllRoles(ADMIN_USER, COMPONENT);
- for (TSentryRole tRole : tRoles) {
- client.dropRole(ADMIN_USER, tRole.getRoleName(), COMPONENT);
- }
- if (client != null) {
- client.close();
- }
- }
- });
- } catch (Exception e) {
- // log the exception
- LOGGER.warn("Exception happened after test case.", e);
- } finally {
- policyFilePath.delete();
- }
- }
-
- /**
- * use the generic client to connect sentry service
- */
- @Override
- public void connectToSentryService() throws Exception {
- if (kerberos) {
- this.client = clientUgi.doAs(new PrivilegedExceptionAction<SentryGenericServiceClient>() {
- @Override
- public SentryGenericServiceClient run() throws Exception {
- return SentryGenericServiceClientFactory.create(conf);
- }
- });
- } else {
- this.client = SentryGenericServiceClientFactory.create(conf);
- }
- }
-
- @Test
- public void testAuditLogForGenericModel() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r";
- String testGroupName = "g1";
- String action = "all";
- String service = "sentryService";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- // test the audit log for create role, success
- client.createRole(requestorUserName, roleName, COMPONENT);
- Map<String, String> fieldValueMap = new HashMap<String, String>();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // test the audit log for create role, failed
- try {
- client.createRole(requestorUserName, roleName, COMPONENT);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_CREATE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "CREATE ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- // test the audit log for add role to group, success
- client.addRoleToGroups(requestorUserName, roleName, COMPONENT,
- Sets.newHashSet(testGroupName));
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE " + roleName
- + " TO GROUP " + testGroupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // test the audit log for add role to group, failed
- try {
- client.addRoleToGroups(requestorUserName, "invalidRole", COMPONENT,
- Sets.newHashSet(testGroupName));
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_ADD_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "GRANT ROLE invalidRole TO GROUP "
- + testGroupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- // test the audit log for grant privilege, success
- TSentryPrivilege privilege = new TSentryPrivilege(COMPONENT, service, Lists.newArrayList(
- new TAuthorizable("resourceType1", "resourceName1"), new TAuthorizable("resourceType2",
- "resourceName2")), action);
- client.grantPrivilege(requestorUserName, roleName, COMPONENT, privilege);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT,
- "GRANT ALL ON resourceType1 resourceName1 resourceType2 resourceName2 TO ROLE "
- + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // for error audit log
- TSentryPrivilege invalidPrivilege = new TSentryPrivilege(COMPONENT, service,
- Lists.newArrayList(new TAuthorizable("resourceType1", "resourceName1")),
- "invalidAction");
- // test the audit log for grant privilege, failed
- try {
- client.grantPrivilege(requestorUserName, roleName, COMPONENT, invalidPrivilege);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_GRANT_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT,
- "GRANT INVALIDACTION ON resourceType1 resourceName1 TO ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- // test the audit log for revoke privilege, success
- client.revokePrivilege(requestorUserName, roleName, COMPONENT, privilege);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT,
- "REVOKE ALL ON resourceType1 resourceName1 resourceType2 resourceName2 FROM ROLE "
- + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
-
- // test the audit log for revoke privilege, failed
- try {
- client.revokePrivilege(requestorUserName, "invalidRole", COMPONENT, invalidPrivilege);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_REVOKE_PRIVILEGE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT,
- "REVOKE INVALIDACTION ON resourceType1 resourceName1 FROM ROLE invalidRole");
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
-
- // test the audit log for delete role from group, success
- client.deleteRoleToGroups(requestorUserName, roleName, COMPONENT,
- Sets.newHashSet(testGroupName));
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "REVOKE ROLE " + roleName
- + " FROM GROUP " + testGroupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- // test the audit log for delete role from group, failed
- try {
- client.deleteRoleToGroups(requestorUserName, "invalidRole", COMPONENT,
- Sets.newHashSet(testGroupName));
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DELETE_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT,
- "REVOKE ROLE invalidRole FROM GROUP " + testGroupName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- // test the audit log for drop role, success
- client.dropRole(requestorUserName, roleName, COMPONENT);
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.TRUE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- // test the audit log for drop role, failed
- try {
- client.dropRole(requestorUserName, roleName, COMPONENT);
- fail("Exception should have been thrown");
- } catch (Exception e) {
- fieldValueMap.clear();
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION, Constants.OPERATION_DROP_ROLE);
- fieldValueMap.put(Constants.LOG_FIELD_COMPONENT, COMPONENT);
- fieldValueMap.put(Constants.LOG_FIELD_OPERATION_TEXT, "DROP ROLE " + roleName);
- fieldValueMap.put(Constants.LOG_FIELD_ALLOWED, Constants.FALSE);
- fieldValueMap.put(Constants.LOG_FIELD_IP_ADDRESS, null);
- assertAuditLog(fieldValueMap);
- }
- }
- });
- }
-
- private void assertAuditLog(Map<String, String> fieldValueMap) throws Exception {
- assertThat(AuditLoggerTestAppender.getLastLogLevel(), is(Level.INFO));
- JSONObject jsonObject = new JSONObject(AuditLoggerTestAppender.getLastLogEvent());
- if (fieldValueMap != null) {
- for (Map.Entry<String, String> entry : fieldValueMap.entrySet()) {
- String entryKey = entry.getKey();
- if (Constants.LOG_FIELD_IP_ADDRESS.equals(entryKey)) {
- assertTrue(CommandUtil.assertIPInAuditLog(jsonObject.get(entryKey).toString()));
- } else {
- assertTrue(entry.getValue().equalsIgnoreCase(jsonObject.get(entryKey).toString()));
- }
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
deleted file mode 100644
index 11dd5e2..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
+++ /dev/null
@@ -1,353 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import static org.mockito.Matchers.any;
-import static org.mockito.Matchers.anyListOf;
-import static org.mockito.Matchers.anySetOf;
-import static org.mockito.Matchers.anyString;
-
-import java.util.*;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
-import org.apache.sentry.provider.common.GroupMappingService;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryGrantDeniedException;
-import org.apache.sentry.core.common.exception.SentryInvalidInputException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject;
-import org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer;
-import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
-import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.sentry.service.thrift.TSentryResponseStatus;
-import org.junit.Before;
-import org.junit.Test;
-import org.mockito.Mockito;
-
-import com.google.common.collect.Sets;
-
-public class TestSentryGenericPolicyProcessor extends org.junit.Assert {
- private static final String ADMIN_GROUP = "admin_group";
- private static final String ADMIN_USER = "admin_user";
- private static final UUID SERVER_UUID = UUID.randomUUID();
- private static final long SEQ_ID = 10000;
-
- private SentryStoreLayer mockStore = Mockito.mock(SentryStoreLayer.class);
- private SentryGenericPolicyProcessor processor;
-
- @Before
- public void setup() throws Exception {
- Configuration conf = new Configuration();
- conf.set(ServerConfig.ADMIN_GROUPS, ADMIN_GROUP);
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING, MockGroupMapping.class.getName());
- processor = new SentryGenericPolicyProcessor(conf, mockStore);
- }
-
- @Test
- public void testNotAdminOperation() throws Exception {
- String requestUser = "not_" + ADMIN_USER;
- Status validateStatus = Status.ACCESS_DENIED;
- testOperation(requestUser, validateStatus);
- }
-
- private void testOperation(String requestUser, Status validateStatus) throws Exception {
- TCreateSentryRoleRequest createrequest = new TCreateSentryRoleRequest();
- createrequest.setRequestorUserName(requestUser);
- createrequest.setRoleName("r1");
- assertEquals(validateStatus, fromTSentryStatus(processor.create_sentry_role(createrequest).getStatus()));
-
- TDropSentryRoleRequest dropRequest = new TDropSentryRoleRequest();
- dropRequest.setRequestorUserName(requestUser);
- dropRequest.setRoleName("r1");
- assertEquals(validateStatus, fromTSentryStatus(processor.drop_sentry_role(dropRequest).getStatus()));
-
- TAlterSentryRoleAddGroupsRequest addRequest = new TAlterSentryRoleAddGroupsRequest();
- addRequest.setRequestorUserName(requestUser);
- addRequest.setRoleName("r1");
- addRequest.setGroups(Sets.newHashSet("g1"));
- assertEquals(validateStatus, fromTSentryStatus(processor.alter_sentry_role_add_groups(addRequest).getStatus()));
-
- TAlterSentryRoleDeleteGroupsRequest delRequest = new TAlterSentryRoleDeleteGroupsRequest();
- delRequest.setRequestorUserName(requestUser);
- delRequest.setRoleName("r1");
- delRequest.setGroups(Sets.newHashSet("g1"));
- assertEquals(validateStatus, fromTSentryStatus(processor.alter_sentry_role_delete_groups(delRequest).getStatus()));
-
- TDropPrivilegesRequest dropPrivRequest = new TDropPrivilegesRequest();
- dropPrivRequest.setRequestorUserName(requestUser);
- dropPrivRequest.setPrivilege(new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test"));
- assertEquals(validateStatus, fromTSentryStatus(processor.drop_sentry_privilege(dropPrivRequest).getStatus()));
-
- TRenamePrivilegesRequest renameRequest = new TRenamePrivilegesRequest();
- renameRequest.setRequestorUserName(requestUser);
- assertEquals(validateStatus, fromTSentryStatus(processor.rename_sentry_privilege(renameRequest).getStatus()));
- }
-
- private Status fromTSentryStatus(TSentryResponseStatus status) {
- return Status.fromCode(status.getValue());
- }
-
- @Test
- public void testAdminOperation() throws Exception {
- Mockito.when(mockStore.createRole(anyString(), anyString(), anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID));
-
- Mockito.when(mockStore.dropRole(anyString(), anyString(), anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 1));
-
- Mockito.when(mockStore.alterRoleAddGroups(anyString(), anyString(), anySetOf(String.class),anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 2));
-
- Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), anyString(),anySetOf(String.class), anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 3));
-
- Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 4));
-
- Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
- anyListOf(Authorizable.class), anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 5));
- testOperation(ADMIN_USER, Status.OK);
- }
-
- @Test
- public void testGrantAndRevokePrivilege() throws Exception {
- Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), anyString(), any(PrivilegeObject.class), anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 6));
-
- Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), anyString(),any(PrivilegeObject.class), anyString()))
- .thenReturn(new CommitContext(SERVER_UUID, SEQ_ID + 7));
- setup();
-
- TSentryPrivilege tprivilege = new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test");
- tprivilege.setGrantOption(TSentryGrantOption.UNSET);
-
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = new TAlterSentryRoleGrantPrivilegeRequest();
- grantRequest.setRequestorUserName(ADMIN_USER);
- grantRequest.setRoleName("r1");
- grantRequest.setPrivilege(tprivilege);
- assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_grant_privilege(grantRequest).getStatus()));
-
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = new TAlterSentryRoleRevokePrivilegeRequest();
- revokeRequest.setRequestorUserName(ADMIN_USER);
- revokeRequest.setRoleName("r1");
- revokeRequest.setPrivilege(tprivilege);
- assertEquals(Status.OK, fromTSentryStatus(processor.alter_sentry_role_revoke_privilege(revokeRequest).getStatus()));
- }
-
- @Test
- public void testOperationWithException() throws Exception {
- String roleName = anyString();
- Mockito.when(mockStore.createRole(anyString(), roleName, anyString()))
- .thenThrow(new SentryAlreadyExistsException("Role: " + roleName + " already exists"));
-
- roleName = anyString();
- Mockito.when(mockStore.dropRole(anyString(), roleName, anyString()))
- .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
-
- roleName = anyString();
- Mockito.when(mockStore.alterRoleAddGroups(anyString(), roleName, anySetOf(String.class),anyString()))
- .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
-
- roleName = anyString();
- Mockito.when(mockStore.alterRoleDeleteGroups(anyString(), roleName, anySetOf(String.class), anyString()))
- .thenThrow(new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist"));
-
- roleName = anyString();
- Mockito.when(mockStore.alterRoleGrantPrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
- .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
-
- roleName = anyString();
- Mockito.when(mockStore.alterRoleRevokePrivilege(anyString(), roleName, any(PrivilegeObject.class), anyString()))
- .thenThrow(new SentryGrantDeniedException("Role: " + roleName + " is not allowed to do grant"));
-
- Mockito.when(mockStore.dropPrivilege(anyString(), any(PrivilegeObject.class), anyString()))
- .thenThrow(new SentryInvalidInputException("Invalid input privilege object"));
-
- Mockito.when(mockStore.renamePrivilege(anyString(), anyString(), anyListOf(Authorizable.class),
- anyListOf(Authorizable.class), anyString()))
- .thenThrow(new RuntimeException("Unknown error"));
-
- setup();
-
- TCreateSentryRoleRequest createrequest = new TCreateSentryRoleRequest();
- createrequest.setRequestorUserName(ADMIN_USER);
- createrequest.setRoleName("r1");
- assertEquals(Status.ALREADY_EXISTS, fromTSentryStatus(processor.create_sentry_role(createrequest).getStatus()));
-
- TDropSentryRoleRequest dropRequest = new TDropSentryRoleRequest();
- dropRequest.setRequestorUserName(ADMIN_USER);
- dropRequest.setRoleName("r1");
- assertEquals(Status.NO_SUCH_OBJECT, fromTSentryStatus(processor.drop_sentry_role(dropRequest).getStatus()));
-
- TAlterSentryRoleAddGroupsRequest addRequest = new TAlterSentryRoleAddGroupsRequest();
- addRequest.setRequestorUserName(ADMIN_USER);
- addRequest.setRoleName("r1");
- addRequest.setGroups(Sets.newHashSet("g1"));
- assertEquals(Status.NO_SUCH_OBJECT, fromTSentryStatus(processor.alter_sentry_role_add_groups(addRequest).getStatus()));
-
- TAlterSentryRoleDeleteGroupsRequest delRequest = new TAlterSentryRoleDeleteGroupsRequest();
- delRequest.setRequestorUserName(ADMIN_USER);
- delRequest.setRoleName("r1");
- delRequest.setGroups(Sets.newHashSet("g1"));
- assertEquals(Status.NO_SUCH_OBJECT, fromTSentryStatus(processor.alter_sentry_role_delete_groups(delRequest).getStatus()));
-
- TDropPrivilegesRequest dropPrivRequest = new TDropPrivilegesRequest();
- dropPrivRequest.setRequestorUserName(ADMIN_USER);
- dropPrivRequest.setPrivilege(new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test"));
- assertEquals(Status.INVALID_INPUT, fromTSentryStatus(processor.drop_sentry_privilege(dropPrivRequest).getStatus()));
-
- TRenamePrivilegesRequest renameRequest = new TRenamePrivilegesRequest();
- renameRequest.setRequestorUserName(ADMIN_USER);
- assertEquals(Status.RUNTIME_ERROR, fromTSentryStatus(processor.rename_sentry_privilege(renameRequest).getStatus()));
-
- TSentryPrivilege tprivilege = new TSentryPrivilege("test", "test", new ArrayList<TAuthorizable>(), "test");
- tprivilege.setGrantOption(TSentryGrantOption.UNSET);
-
- TAlterSentryRoleGrantPrivilegeRequest grantRequest = new TAlterSentryRoleGrantPrivilegeRequest();
- grantRequest.setRequestorUserName(ADMIN_USER);
- grantRequest.setRoleName("r1");
- grantRequest.setPrivilege(tprivilege);
- assertEquals(Status.ACCESS_DENIED, fromTSentryStatus(processor.alter_sentry_role_grant_privilege(grantRequest).getStatus()));
-
- TAlterSentryRoleRevokePrivilegeRequest revokeRequest = new TAlterSentryRoleRevokePrivilegeRequest();
- revokeRequest.setRequestorUserName(ADMIN_USER);
- revokeRequest.setRoleName("r1");
- revokeRequest.setPrivilege(tprivilege);
- assertEquals(Status.ACCESS_DENIED, fromTSentryStatus(processor.alter_sentry_role_revoke_privilege(revokeRequest).getStatus()));
- }
-
- @Test
- public void testGetRolesAndPrivileges() throws Exception {
- String roleName = "r1";
- String groupName = "g1";
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent("SOLR")
- .setAction(SearchConstants.QUERY)
- .setService("service1")
- .setAuthorizables(Arrays.asList(new Collection("c1"), new Field("f1")))
- .build();
- PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- MSentryGMPrivilege mSentryGMPrivilege = new MSentryGMPrivilege("SOLR", "service1",
- Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, true);
-
- MSentryRole role = new MSentryRole("r1", 290);
- mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
-
- Mockito.when(mockStore.getRolesByGroups(anyString(), anySetOf(String.class)))
- .thenReturn(Sets.newHashSet(roleName));
-
- Mockito.when(mockStore.getPrivilegesByProvider(anyString(), anyString(), anySetOf(String.class),
- anySetOf(String.class), anyListOf(Authorizable.class)))
- .thenReturn(Sets.newHashSet(queryPrivilege, updatePrivilege));
-
- Mockito.when(mockStore.getGroupsByRoles(anyString(), anySetOf(String.class)))
- .thenReturn(Sets.newHashSet(groupName));
-
- Mockito.when(mockStore.getPrivilegesByAuthorizable(anyString(), anyString(), anySetOf(String.class), anyListOf(Authorizable.class)))
- .thenReturn(Sets.newHashSet(mSentryGMPrivilege));
-
- Mockito.when(mockStore.getAllRoleNames())
- .thenReturn(Sets.newHashSet(roleName));
-
- TListSentryPrivilegesRequest request1 = new TListSentryPrivilegesRequest();
- request1.setRoleName(roleName);
- request1.setRequestorUserName(ADMIN_USER);
- TListSentryPrivilegesResponse response1 = processor.list_sentry_privileges_by_role(request1);
- assertEquals(Status.OK, fromTSentryStatus(response1.getStatus()));
- assertEquals(2, response1.getPrivileges().size());
-
- TListSentryRolesRequest request2 = new TListSentryRolesRequest();
- request2.setRequestorUserName(ADMIN_USER);
- request2.setGroupName(groupName);
- TListSentryRolesResponse response2 = processor.list_sentry_roles_by_group(request2);
- assertEquals(Status.OK, fromTSentryStatus(response2.getStatus()));
- assertEquals(1, response2.getRoles().size());
-
- TListSentryPrivilegesForProviderRequest request3 = new TListSentryPrivilegesForProviderRequest();
- request3.setGroups(Sets.newHashSet(groupName));
- request3.setRoleSet(new TSentryActiveRoleSet(true, null));
- TListSentryPrivilegesForProviderResponse response3 = processor.list_sentry_privileges_for_provider(request3);
- assertEquals(Status.OK, fromTSentryStatus(response3.getStatus()));
- assertEquals(2, response3.getPrivileges().size());
-
- // Optional parameters activeRoleSet and requested group name are both provided.
- TListSentryPrivilegesByAuthRequest request4 = new TListSentryPrivilegesByAuthRequest();
- request4.setGroups(Sets.newHashSet(groupName));
- request4.setRoleSet(new TSentryActiveRoleSet(true, null));
- request4.setRequestorUserName(ADMIN_USER);
- Set<String> authorizablesSet = Sets.newHashSet("Collection=c1->Field=f1");
- request4.setAuthorizablesSet(authorizablesSet);
-
- TListSentryPrivilegesByAuthResponse response4 = processor.list_sentry_privileges_by_authorizable(request4);
- assertEquals(Status.OK, fromTSentryStatus(response4.getStatus()));
- assertEquals(1, response4.getPrivilegesMapByAuth().size());
-
- // Optional parameters activeRoleSet and requested group name are both not provided.
- TListSentryPrivilegesByAuthRequest request5 = new TListSentryPrivilegesByAuthRequest();
- request5.setRequestorUserName("not_" + ADMIN_USER);
- authorizablesSet = Sets.newHashSet("Collection=c1->Field=f2");
- request5.setAuthorizablesSet(authorizablesSet);
-
- TListSentryPrivilegesByAuthResponse response5 = processor.list_sentry_privileges_by_authorizable(request5);
- assertEquals(Status.OK, fromTSentryStatus(response5.getStatus()));
- assertEquals(1, response5.getPrivilegesMapByAuth().size());
- }
-
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigCannotCreateNotificationHandler() throws Exception {
- Configuration conf = new Configuration();
- conf.set(PolicyStoreConstants.SENTRY_GENERIC_POLICY_NOTIFICATION,"junk");
- SentryGenericPolicyProcessor.createHandlers(conf);
- }
-
- @Test(expected=SentrySiteConfigurationException.class)
- public void testConfigCannotCreateSentryStore() throws Exception {
- Configuration conf = new Configuration();
- conf.set(PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE,"junk");
- SentryGenericPolicyProcessor.createStore(conf);
- }
-
- public static class MockGroupMapping implements GroupMappingService {
- public MockGroupMapping(Configuration conf, String resource) { //NOPMD
- }
- @Override
- public Set<String> getGroups(String user) {
- if (user.equalsIgnoreCase(ADMIN_USER)) {
- return Sets.newHashSet(ADMIN_GROUP);
- } else {
- return Sets.newHashSet("not" + ADMIN_GROUP);
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
deleted file mode 100644
index b59d172..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
+++ /dev/null
@@ -1,503 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
-import org.junit.Test;
-
-import com.google.common.collect.Lists;
-import com.google.common.collect.Sets;
-
-public class TestSentryGenericServiceIntegration extends SentryGenericServiceIntegrationBase {
-
- @Test
- public void testCreateDropShowRole() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName, SOLR);
-
- client.createRole(requestorUserName, roleName, SOLR);
-
- client.addRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(requestorUserGroupNames));
-
- Set<TSentryRole> roles = client.listUserRoles(requestorUserName,SOLR);
- assertEquals("Incorrect number of roles", 1, roles.size());
- for (TSentryRole role:roles) {
- assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName));
- }
- client.dropRole(requestorUserName, roleName, SOLR);
- }});
- }
-
- @Test
- public void testAddDeleteRoleToGroup() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String testGroupName = "g1";
- String roleName = "admin_r";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- setLocalGroupMapping(requestorUserName, Sets.newHashSet(testGroupName));
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName, SOLR);
-
- client.createRole(requestorUserName, roleName, SOLR);
-
- client.addRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName));
-
- Set<TSentryRole> roles = client.listUserRoles(requestorUserName,SOLR);
- assertEquals("Incorrect number of roles", 1, roles.size());
- for (TSentryRole role:roles) {
- assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName));
- assertTrue(role.getGroups().size() == 1);
- for (String group :role.getGroups()) {
- assertEquals(testGroupName, group);
- }
- }
-
- client.deleteRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(testGroupName));
- roles = client.listUserRoles(requestorUserName,SOLR);
- assertEquals("Incorrect number of roles", 0, roles.size());
-
- client.dropRole(requestorUserName, roleName, SOLR);
- }});
- }
-
- @Test
- public void testGranRevokePrivilege() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- client.dropRoleIfExists(requestorUserName, roleName1, SOLR);
- client.createRole(requestorUserName, roleName1, SOLR);
-
- client.dropRoleIfExists(requestorUserName, roleName2, SOLR);
- client.createRole(requestorUserName, roleName2, SOLR);
-
- TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
-
- TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.UPDATE);
-
- client.grantPrivilege(requestorUserName, roleName1, SOLR, queryPrivilege);
- client.grantPrivilege(requestorUserName, roleName2, SOLR, updatePrivilege);
-
- client.revokePrivilege(requestorUserName, roleName1, SOLR, queryPrivilege);
- client.revokePrivilege(requestorUserName, roleName2, SOLR, updatePrivilege);
- }});
- }
-
- @Test
- public void testMultipleRolesSamePrivilege() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName1 = "admin_r1";
- String roleName2 = "admin_r2";
-
- client.dropRoleIfExists(requestorUserName, roleName1, SOLR);
- client.createRole(requestorUserName, roleName1, SOLR);
-
- client.dropRoleIfExists(requestorUserName, roleName2, SOLR);
- client.createRole(requestorUserName, roleName2, SOLR);
-
- TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
-
- client.grantPrivilege(requestorUserName, roleName1, SOLR, queryPrivilege);
- Set<TSentryPrivilege> listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName1, SOLR, "service1");
- assertTrue("Privilege not assigned to role1 !!", listPrivilegesByRoleName.size() == 1);
-
- client.grantPrivilege(requestorUserName, roleName2, SOLR, queryPrivilege);
- listPrivilegesByRoleName = client.listPrivilegesByRoleName(requestorUserName, roleName2, SOLR, "service1");
- assertTrue("Privilege not assigned to role2 !!", listPrivilegesByRoleName.size() == 1);
- }});
- }
-
- @Test
- public void testShowRoleGrant() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r1";
- String groupName = "group1";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- setLocalGroupMapping(requestorUserName, Sets.newHashSet(groupName));
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName, SOLR);
- client.createRole(requestorUserName, roleName, SOLR);
- client.addRoleToGroups(requestorUserName, roleName, SOLR, Sets.newHashSet(groupName));
-
- Set<TSentryRole> groupRoles = client.listRolesByGroupName(requestorUserName, groupName,SOLR);
- assertTrue(groupRoles.size() == 1);
- for (TSentryRole role:groupRoles) {
- assertTrue(role.getRoleName(), role.getRoleName().equalsIgnoreCase(roleName));
- assertTrue(role.getGroups().size() == 1);
- for (String group :role.getGroups()) {
- assertEquals(groupName, group);
- }
- }
-
- client.dropRole(requestorUserName, roleName, SOLR);
- }});
- }
-
- @Test
- public void testShowGrant() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- String roleName = "admin_r1";
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
-
- client.dropRoleIfExists(requestorUserName, roleName, SOLR);
- client.createRole(requestorUserName, roleName, SOLR);
-
- TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
-
- TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.UPDATE);
-
- client.grantPrivilege(requestorUserName, roleName, SOLR, updatePrivilege);
- client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege);
- Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1");
- assertTrue(privileges.size() == 2);
-
- client.revokePrivilege(requestorUserName, roleName, SOLR, updatePrivilege);
- privileges = client.listPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1");
- assertTrue(privileges.size() == 1);
- }});
- }
-
- @Test
- public void testSameGrantTwice() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r1";
-
- client.createRole(requestorUserName, roleName, SOLR);
-
- TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
-
- client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege);
- assertEquals(1, client.listPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1").size());
- }});
- }
-
- @Test
- public void testGrantRevokeWithGrantOption() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String adminUser = ADMIN_USER;
- Set<String> adminGroup = Sets.newHashSet(ADMIN_GROUP);
- String grantOptionUser = "user1";
- Set<String> grantOptionGroup = Sets.newHashSet("group1");
- String noGrantOptionUser = "user2";
- Set<String> noGrantOptionGroup = Sets.newHashSet("group2");
-
- setLocalGroupMapping(adminUser, adminGroup);
- setLocalGroupMapping(grantOptionUser, grantOptionGroup);
- setLocalGroupMapping(noGrantOptionUser, noGrantOptionGroup);
- writePolicyFile();
-
- String grantRole = "grant_r";
- String noGrantRole = "no_grant_r";
- String testRole = "test_role";
-
- client.createRole(adminUser, grantRole, SOLR);
- client.createRole(adminUser, noGrantRole, SOLR);
- client.createRole(adminUser, testRole, SOLR);
-
- TSentryPrivilege grantPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"))),
- SearchConstants.QUERY);
- grantPrivilege.setGrantOption(TSentryGrantOption.TRUE);
-
- TSentryPrivilege noGrantPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"))),
- SearchConstants.QUERY);
- noGrantPrivilege.setGrantOption(TSentryGrantOption.FALSE);
-
- TSentryPrivilege testPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
- testPrivilege.setGrantOption(TSentryGrantOption.FALSE);
-
- client.grantPrivilege(adminUser, grantRole, SOLR, grantPrivilege);
- client.grantPrivilege(adminUser, noGrantRole, SOLR, noGrantPrivilege);
-
- client.addRoleToGroups(adminUser, grantRole, SOLR, grantOptionGroup);
- client.addRoleToGroups(adminUser, noGrantRole, SOLR, noGrantOptionGroup);
-
- try {
- client.grantPrivilege(grantOptionUser,testRole,SOLR, testPrivilege);
- } catch (SentryUserException e) {
- fail("grantOptionUser failed grant privilege to user");
- }
-
- try {
- client.grantPrivilege(noGrantOptionUser, testRole, SOLR, testPrivilege);
- fail("noGrantOptionUser can't grant privilege to user");
- } catch (SentryUserException e) {
- }
-
- try {
- client.revokePrivilege(grantOptionUser, testRole, SOLR, testPrivilege);
- } catch(SentryUserException e) {
- fail("grantOptionUser failed revoke privilege to user");
- }
-
- try {
- client.revokePrivilege(noGrantOptionUser, testRole, SOLR, testPrivilege);
- fail("noGrantOptionUser can't revoke privilege to user");
- } catch (SentryUserException e) {
- }
- }});
- }
-
- @Test
- public void testGetPrivilegeByHierarchy() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String adminUser = ADMIN_USER;
- Set<String> adminGroup = Sets.newHashSet(ADMIN_GROUP);
- String testRole = "role1";
- Set<String> testGroup = Sets.newHashSet("group1");
- String testUser = "user1";
- setLocalGroupMapping(adminUser, adminGroup);
- setLocalGroupMapping(testUser, testGroup);
- writePolicyFile();
-
-
- client.createRole(adminUser, testRole, SOLR);
- client.addRoleToGroups(adminUser, testRole, SOLR, testGroup);
-
- TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
-
- TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c2"), new Field("f2"))),
- SearchConstants.UPDATE);
-
- client.grantPrivilege(adminUser, testRole, SOLR, queryPrivilege);
- client.grantPrivilege(adminUser, testRole, SOLR, updatePrivilege);
-
- assertEquals(2, client.listPrivilegesByRoleName(testUser, testRole, SOLR, "service1").size());
-
- assertEquals(1, client.listPrivilegesByRoleName(testUser, testRole,
- SOLR, "service1", Arrays.asList(new Collection("c1"))).size());
-
- assertEquals(1, client.listPrivilegesByRoleName(testUser, testRole,
- SOLR, "service1", Arrays.asList(new Collection("c2"))).size());
-
- assertEquals(1, client.listPrivilegesByRoleName(testUser, testRole,
- SOLR, "service1", Arrays.asList(new Collection("c1"), new Field("f1"))).size());
-
- assertEquals(1, client.listPrivilegesByRoleName(testUser, testRole,
- SOLR, "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
-
- //test listPrivilegesForProvider by group(testGroup)
- ActiveRoleSet roleSet = ActiveRoleSet.ALL;
-
- assertEquals(1, client.listPrivilegesForProvider(SOLR, "service1", roleSet,
- testGroup, Arrays.asList(new Collection("c1"))).size());
-
- assertEquals(1, client.listPrivilegesForProvider(SOLR, "service1", roleSet,
- testGroup, Arrays.asList(new Collection("c2"))).size());
-
- assertEquals(1, client.listPrivilegesForProvider(SOLR, "service1", roleSet,
- testGroup, Arrays.asList(new Collection("c1"), new Field("f1"))).size());
-
- assertEquals(1, client.listPrivilegesForProvider(SOLR, "service1", roleSet,
- testGroup, Arrays.asList(new Collection("c2"), new Field("f2"))).size());
- }});
- }
-
- @Test
- public void testGetPrivilegeByAuthorizable() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String adminUser = ADMIN_USER;
- Set<String> adminGroup = Sets.newHashSet(ADMIN_GROUP);
- String testRole = "role1";
- Set<String> testGroup = Sets.newHashSet("group1");
- String testUser = "user1";
- setLocalGroupMapping(adminUser, adminGroup);
- setLocalGroupMapping(testUser, testGroup);
- writePolicyFile();
-
- client.createRole(adminUser, testRole, SOLR);
- client.addRoleToGroups(adminUser, testRole, SOLR, adminGroup);
-
- TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
-
- TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f2"))),
- SearchConstants.UPDATE);
-
- client.grantPrivilege(adminUser, testRole, SOLR, queryPrivilege);
- client.grantPrivilege(adminUser, testRole, SOLR, updatePrivilege);
-
- //test listPrivilegsbyAuthorizable without requested group and active role set.
- assertEquals(1, client.listPrivilegsbyAuthorizable(SOLR, "service1", adminUser,
- Sets.newHashSet(new String("Collection=c1->Field=f1")), null, null).size());
-
- //test listPrivilegsbyAuthorizable with requested group (testGroup)
- Map<String, TSentryPrivilegeMap> privilegeMap = client.listPrivilegsbyAuthorizable(SOLR,
- "service1", adminUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), testGroup, null);
- TSentryPrivilegeMap actualMap = privilegeMap.get(new String("Collection=c1->Field=f1"));
- assertEquals(0, actualMap.getPrivilegeMap().size());
-
- //test listPrivilegsbyAuthorizable with active role set.
- ActiveRoleSet roleSet = ActiveRoleSet.ALL;
- assertEquals(1, client.listPrivilegsbyAuthorizable(SOLR, "service1", adminUser,
- Sets.newHashSet(new String("Collection=c1->Field=f1")), null, roleSet).size());
- privilegeMap = client.listPrivilegsbyAuthorizable(SOLR,
- "service1", adminUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), null, roleSet);
- actualMap = privilegeMap.get(new String("Collection=c1->Field=f1"));
- assertEquals(1, actualMap.getPrivilegeMap().size());
-
- privilegeMap = client.listPrivilegsbyAuthorizable(SOLR,
- "service1", testUser, Sets.newHashSet(new String("Collection=c1->Field=f1")), null, roleSet);
- actualMap = privilegeMap.get(new String("Collection=c1->Field=f1"));
- assertEquals(0, actualMap.getPrivilegeMap().size());
-
- // grant tesRole to testGroup.
- client.addRoleToGroups(adminUser, testRole, SOLR, testGroup);
-
- privilegeMap = client.listPrivilegsbyAuthorizable(SOLR,
- "service1", testUser, Sets.newHashSet(new String("Collection=c1")), null, roleSet);
- actualMap = privilegeMap.get(new String("Collection=c1"));
- assertEquals(1, actualMap.getPrivilegeMap().size());
- assertEquals(2, actualMap.getPrivilegeMap().get(testRole).size());
- }});
- }
-
- @Test
- public void testDropAndRenamePrivilege() throws Exception {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- String roleName = "admin_r1";
-
- client.createRole(requestorUserName, roleName, SOLR);
-
- TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
- client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege);
-
- assertEquals(1, client.listPrivilegesByRoleName(requestorUserName, roleName,
- SOLR, "service1", Arrays.asList(new Collection("c1"), new Field("f1"))).size());
-
- assertEquals(0, client.listPrivilegesByRoleName(requestorUserName, roleName,
- SOLR, "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
-
- client.renamePrivilege(requestorUserName, SOLR, "service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- Arrays.asList(new Collection("c2"), new Field("f2")));
-
- assertEquals(0, client.listPrivilegesByRoleName(requestorUserName, roleName,
- SOLR, "service1", Arrays.asList(new Collection("c1"), new Field("f1"))).size());
-
- assertEquals(1, client.listPrivilegesByRoleName(requestorUserName, roleName,
- SOLR, "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
-
- TSentryPrivilege dropPrivilege = new TSentryPrivilege(SOLR, "service1",
- fromAuthorizable(Arrays.asList(new Collection("c2"), new Field("f2"))),
- SearchConstants.QUERY);
-
- client.dropPrivilege(requestorUserName, SOLR, dropPrivilege);
-
- assertEquals(0, client.listPrivilegesByRoleName(requestorUserName, roleName,
- SOLR, "service1", Arrays.asList(new Collection("c2"), new Field("f2"))).size());
- }});
- }
-
- private List<TAuthorizable> fromAuthorizable(List<? extends Authorizable> authorizables) {
- List<TAuthorizable> tAuthorizables = Lists.newArrayList();
- for (Authorizable authorizable : authorizables) {
- tAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- }
- return tAuthorizables;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java
deleted file mode 100644
index d199d20..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java
+++ /dev/null
@@ -1,261 +0,0 @@
- /**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import com.google.common.io.Files;
-import com.google.common.collect.Sets;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.io.File;
-import java.io.FileOutputStream;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceIntegrationBase;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.core.common.exception.SentryConfigurationException;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-public class TestSentryConfigToolSolr extends SentryGenericServiceIntegrationBase {
- private static String RESOURCES_DIR = "target" + File.separator + "test-classes" + File.separator;
- private static String VALID_POLICY_INI = RESOURCES_DIR + "solr_config_import_tool.ini";
- private static String INVALID_POLICY_INI = RESOURCES_DIR + "solr_invalid.ini";
- private static String CASE_POLICY_INI = RESOURCES_DIR + "solr_case.ini";
- private File confDir;
- private File confPath;
- private String requestorName = "";
- private String service = "service1";
-
- @Before
- public void prepareForTest() throws Exception {
- confDir = Files.createTempDir();
- confPath = new File(confDir, "sentry-site.xml");
- if (confPath.createNewFile()) {
- FileOutputStream to = new FileOutputStream(confPath);
- conf.writeXml(to);
- to.close();
- }
- requestorName = clientUgi.getShortUserName();//System.getProperty("user.name", "");
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorName, requestorUserGroupNames);
- // add ADMIN_USER for the after() in SentryServiceIntegrationBase
- setLocalGroupMapping(ADMIN_USER, requestorUserGroupNames);
- writePolicyFile();
- }
-
- @After
- public void clearTestData() throws Exception {
- FileUtils.deleteQuietly(confDir);
-
- // clear roles and privileges
- Set<TSentryRole> tRoles = client.listAllRoles(requestorName, SOLR);
- for (TSentryRole tRole : tRoles) {
- String role = tRole.getRoleName();
- Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(
- requestorName, role, SOLR, service);
- for (TSentryPrivilege privilege : privileges) {
- client.revokePrivilege(requestorName, role, SOLR, privilege);
- }
- client.dropRole(requestorName, role, SOLR);
- }
- }
-
- @Test
- public void testConvertIni() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String[] args = { "-p", VALID_POLICY_INI, "-conf", confPath.getAbsolutePath(), "-v", "-i"};
- SentryConfigToolSolr sentryTool = new SentryConfigToolSolr();
- sentryTool.executeConfigTool(args);
-
- Map<String, Set<String>> groupMapping = new HashMap<String, Set<String>>();
- groupMapping.put("corporal_role", Sets.newHashSet("corporal", "sergeant", "general", "commander_in_chief"));
- groupMapping.put("sergeant_role", Sets.newHashSet("sergeant", "general", "commander_in_chief"));
- groupMapping.put("general_role", Sets.newHashSet("general", "commander_in_chief"));
- groupMapping.put("commander_in_chief_role", Sets.newHashSet("commander_in_chief"));
-
- Map<String, Set<String>> privilegeMapping = new HashMap<String, Set<String>>();
- privilegeMapping.put("corporal_role",
- Sets.newHashSet("Collection=info->action=query", "Collection=info->action=update"));
- privilegeMapping.put("sergeant_role",
- Sets.newHashSet("Collection=info->action=update"));
- privilegeMapping.put("general_role",
- Sets.newHashSet("Collection=info->action=*"));
- privilegeMapping.put("commander_in_chief_role",
- Sets.newHashSet("Collection=*->action=*"));
-
- // check roles
- Set<TSentryRole> tRoles = client.listAllRoles(requestorName, SOLR);
- assertEquals("Unexpected number of roles", groupMapping.keySet().size(), tRoles.size());
- Set<String> roles = new HashSet<String>();
- for (TSentryRole tRole : tRoles) {
- roles.add(tRole.getRoleName());
- }
-
- for (String expectedRole : groupMapping.keySet()) {
- assertTrue("Didn't find expected role: " + expectedRole, roles.contains(expectedRole));
- }
-
- // check groups
- for (TSentryRole tRole : tRoles) {
- Set<String> expectedGroups = groupMapping.get(tRole.getRoleName());
- assertEquals("Group size doesn't match for role: " + tRole.getRoleName(),
- expectedGroups.size(), tRole.getGroups().size());
- assertTrue("Group does not contain all expected members for role: " + tRole.getRoleName(),
- tRole.getGroups().containsAll(expectedGroups));
- }
-
- // check privileges
- SolrTSentryPrivilegeConverter convert = new SolrTSentryPrivilegeConverter(SOLR, service);
- for (String role : roles) {
- Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(
- requestorName, role, SOLR, service);
- Set<String> expectedPrivileges = privilegeMapping.get(role);
- assertEquals("Privilege set size doesn't match for role: " + role,
- expectedPrivileges.size(), privileges.size());
-
- Set<String> privilegeStrs = new HashSet<String>();
- for (TSentryPrivilege privilege : privileges) {
- privilegeStrs.add(convert.toString(privilege));
- }
-
- for (String expectedPrivilege : expectedPrivileges) {
- assertTrue("Did not find expected privilege: " + expectedPrivilege,
- privilegeStrs.contains(expectedPrivilege));
- }
- }
- }
- });
- }
-
- @Test
- public void testNoPolicyFile() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String[] args = { "-p", INVALID_POLICY_INI + "Foobar", "-conf", confPath.getAbsolutePath(), "-v", "-i"};
- SentryConfigToolSolr sentryTool = new SentryConfigToolSolr();
- try {
- sentryTool.executeConfigTool(args);
- fail("Exception should be thrown for nonexistant ini");
- } catch (SentryConfigurationException e) {
- // expected exception
- }
- }
- });
- }
-
- @Test
- public void testNoValidateNorImport() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String[] args = { "-p", INVALID_POLICY_INI, "-conf", confPath.getAbsolutePath()};
- SentryConfigToolSolr sentryTool = new SentryConfigToolSolr();
- try {
- sentryTool.executeConfigTool(args);
- fail("Exception should be thrown for validating invalid ini");
- } catch (IllegalArgumentException e) {
- // expected exception
- }
- }
- });
- }
-
- @Test
- public void testConvertInvalidIni() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // test: validate an invalid ini
- String[] args = { "-p", INVALID_POLICY_INI, "-conf", confPath.getAbsolutePath(), "-v", "-i"};
- SentryConfigToolSolr sentryTool = new SentryConfigToolSolr();
- try {
- sentryTool.executeConfigTool(args);
- fail("Exception should be thrown for validating invalid ini");
- } catch (SentryConfigurationException e) {
- // expected exception
- }
-
- // test without validating, should not error
- args = new String[] { "-p", INVALID_POLICY_INI, "-conf", confPath.getAbsolutePath(), "-i"};
- sentryTool = new SentryConfigToolSolr();
- sentryTool.executeConfigTool(args);
- }
- });
- }
-
- @Test
- public void testCompatCheck() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // test: validate an invalid ini
- String[] args = { "-p", CASE_POLICY_INI, "-conf", confPath.getAbsolutePath(), "-v", "-i", "-c"};
- SentryConfigToolSolr sentryTool = new SentryConfigToolSolr();
- try {
- sentryTool.executeConfigTool(args);
- fail("Exception should be thrown for validating invalid ini");
- } catch (SentryConfigurationException e) {
- assertEquals("Expected error", 1, e.getConfigErrors().size());
- String error = e.getConfigErrors().get(0);
- assertCasedRoleNamesInMessage(error, "RoLe1", "rOlE1");
- String warning = e.getConfigWarnings().get(0);
- assertCasedRoleNamesInMessage(warning, "ROLE2", "RoLe1", "rOlE1");
- assertEquals("Expected warning", 1, e.getConfigWarnings().size());
- }
-
- // test without compat checking
- args = new String[] { "-p", CASE_POLICY_INI, "-conf", confPath.getAbsolutePath(), "-i", "-v"};
- sentryTool = new SentryConfigToolSolr();
- sentryTool.executeConfigTool(args);
- }
- });
- }
-
- // Test that a valid compat check doesn't throw an exception
- @Test
- public void testCompatCheckValid() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String[] args = { "-p", VALID_POLICY_INI, "-conf", confPath.getAbsolutePath(), "-v", "-i", "-c"};
- SentryConfigToolSolr sentryTool = new SentryConfigToolSolr();
- sentryTool.executeConfigTool(args);
- }
- });
- }
-
- private void assertCasedRoleNamesInMessage(String message, String ... casedRoleNames) {
- for (String casedRoleName : casedRoleNames) {
- assertTrue("Expected cased role name: " + casedRoleName, message.contains(casedRoleName));
- }
- }
-}
[22/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
deleted file mode 100644
index b7ef0e9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ /dev/null
@@ -1,2672 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import static org.apache.sentry.core.common.utils.SentryConstants.AUTHORIZABLE_JOINER;
-import static org.apache.sentry.core.common.utils.SentryConstants.KV_JOINER;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-import java.util.UUID;
-import java.util.concurrent.locks.Condition;
-import java.util.concurrent.locks.Lock;
-import java.util.concurrent.locks.ReentrantLock;
-
-import javax.jdo.FetchGroup;
-import javax.jdo.JDODataStoreException;
-import javax.jdo.JDOHelper;
-import javax.jdo.PersistenceManager;
-import javax.jdo.PersistenceManagerFactory;
-import javax.jdo.Query;
-import javax.jdo.Transaction;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.db.DBModelAuthorizable.AuthorizableType;
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryGrantDeniedException;
-import org.apache.sentry.core.common.exception.SentryInvalidInputException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.provider.db.service.model.MSentryGroup;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.model.MSentryUser;
-import org.apache.sentry.provider.db.service.model.MSentryVersion;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor;
-import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
-import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryMappingData;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilegeMap;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.datanucleus.store.rdbms.exceptions.MissingTableException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.codahale.metrics.Gauge;
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Function;
-import com.google.common.base.Joiner;
-import com.google.common.base.Preconditions;
-import com.google.common.base.Strings;
-import com.google.common.collect.Collections2;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Lists;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-
-/**
- * SentryStore is the data access object for Sentry data. Strings
- * such as role and group names will be normalized to lowercase
- * in addition to starting and ending whitespace.
- */
-public class SentryStore {
- private static final UUID SERVER_UUID = UUID.randomUUID();
- private static final Logger LOGGER = LoggerFactory
- .getLogger(SentryStore.class);
-
- public static final String NULL_COL = "__NULL__";
- public static int INDEX_GROUP_ROLES_MAP = 0;
- public static int INDEX_USER_ROLES_MAP = 1;
- static final String DEFAULT_DATA_DIR = "sentry_policy_db";
-
- private static final Set<String> ALL_ACTIONS = Sets.newHashSet(AccessConstants.ALL,
- AccessConstants.SELECT, AccessConstants.INSERT, AccessConstants.ALTER,
- AccessConstants.CREATE, AccessConstants.DROP, AccessConstants.INDEX,
- AccessConstants.LOCK);
-
- // Now partial revoke just support action with SELECT,INSERT and ALL.
- // e.g. If we REVOKE SELECT from a privilege with action ALL, it will leads to INSERT
- // Otherwise, if we revoke other privilege(e.g. ALTER,DROP...), we will remove it from a role directly.
- private static final Set<String> PARTIAL_REVOKE_ACTIONS = Sets.newHashSet(AccessConstants.ALL,
- AccessConstants.ACTION_ALL.toLowerCase(), AccessConstants.SELECT, AccessConstants.INSERT);
-
- /**
- * Commit order sequence id. This is used by notification handlers
- * to know the order in which events where committed to the database.
- * This instance variable is incremented in incrementGetSequenceId
- * and read in commitUpdateTransaction. Synchronization on this
- * is required to read commitSequenceId.
- */
- private long commitSequenceId;
- private final PersistenceManagerFactory pmf;
- private Configuration conf;
- private PrivCleaner privCleaner = null;
- private Thread privCleanerThread = null;
-
- public SentryStore(Configuration conf) throws SentryNoSuchObjectException,
- SentryAccessDeniedException, SentrySiteConfigurationException, IOException {
- commitSequenceId = 0;
- this.conf = conf;
- Properties prop = new Properties();
- prop.putAll(ServerConfig.SENTRY_STORE_DEFAULTS);
- String jdbcUrl = conf.get(ServerConfig.SENTRY_STORE_JDBC_URL, "").trim();
- Preconditions.checkArgument(!jdbcUrl.isEmpty(), "Required parameter " +
- ServerConfig.SENTRY_STORE_JDBC_URL + " is missed");
- String user = conf.get(ServerConfig.SENTRY_STORE_JDBC_USER, ServerConfig.
- SENTRY_STORE_JDBC_USER_DEFAULT).trim();
- //Password will be read from Credential provider specified using property
- // CREDENTIAL_PROVIDER_PATH("hadoop.security.credential.provider.path" in sentry-site.xml
- // it falls back to reading directly from sentry-site.xml
- char[] passTmp = conf.getPassword(ServerConfig.SENTRY_STORE_JDBC_PASS);
- String pass = null;
- if(passTmp != null) {
- pass = new String(passTmp);
- } else {
- throw new SentrySiteConfigurationException("Error reading " + ServerConfig.SENTRY_STORE_JDBC_PASS);
- }
-
- String driverName = conf.get(ServerConfig.SENTRY_STORE_JDBC_DRIVER,
- ServerConfig.SENTRY_STORE_JDBC_DRIVER_DEFAULT);
- prop.setProperty(ServerConfig.JAVAX_JDO_URL, jdbcUrl);
- prop.setProperty(ServerConfig.JAVAX_JDO_USER, user);
- prop.setProperty(ServerConfig.JAVAX_JDO_PASS, pass);
- prop.setProperty(ServerConfig.JAVAX_JDO_DRIVER_NAME, driverName);
- for (Map.Entry<String, String> entry : conf) {
- String key = entry.getKey();
- if (key.startsWith(ServerConfig.SENTRY_JAVAX_JDO_PROPERTY_PREFIX) ||
- key.startsWith(ServerConfig.SENTRY_DATANUCLEUS_PROPERTY_PREFIX)) {
- key = StringUtils.removeStart(key, ServerConfig.SENTRY_DB_PROPERTY_PREFIX);
- prop.setProperty(key, entry.getValue());
- }
- }
-
-
- boolean checkSchemaVersion = conf.get(
- ServerConfig.SENTRY_VERIFY_SCHEM_VERSION,
- ServerConfig.SENTRY_VERIFY_SCHEM_VERSION_DEFAULT).equalsIgnoreCase(
- "true");
- if (!checkSchemaVersion) {
- prop.setProperty("datanucleus.schema.autoCreateAll", "true");
- prop.setProperty("datanucleus.autoCreateSchema", "true");
- prop.setProperty("datanucleus.fixedDatastore", "false");
- }
-
- // Disallow operations outside of transactions
- prop.setProperty("datanucleus.NontransactionalRead", "false");
- prop.setProperty("datanucleus.NontransactionalWrite", "false");
-
- pmf = JDOHelper.getPersistenceManagerFactory(prop);
- verifySentryStoreSchema(checkSchemaVersion);
-
- // Kick off the thread that cleans orphaned privileges (unless told not to)
- privCleaner = this.new PrivCleaner();
- if (conf.get(ServerConfig.SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL,
- ServerConfig.SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL_DEFAULT)
- .equalsIgnoreCase("true")) {
- privCleanerThread = new Thread(privCleaner);
- privCleanerThread.start();
- }
- }
-
- // ensure that the backend DB schema is set
- public void verifySentryStoreSchema(boolean checkVersion)
- throws SentryNoSuchObjectException, SentryAccessDeniedException {
- if (!checkVersion) {
- setSentryVersion(SentryStoreSchemaInfo.getSentryVersion(),
- "Schema version set implicitly");
- } else {
- String currentVersion = getSentryVersion();
- if (!SentryStoreSchemaInfo.getSentryVersion().equals(currentVersion)) {
- throw new SentryAccessDeniedException(
- "The Sentry store schema version " + currentVersion
- + " is different from distribution version "
- + SentryStoreSchemaInfo.getSentryVersion());
- }
- }
- }
-
- public synchronized void stop() {
- if (privCleanerThread != null) {
- privCleaner.exit();
- try {
- privCleanerThread.join();
- } catch (InterruptedException e) {
- // Ignore...
- }
- }
- if (pmf != null) {
- pmf.close();
- }
- }
-
- /**
- * PersistenceManager object and Transaction object have a one to one
- * correspondence. Each PersistenceManager object is associated with a
- * transaction object and vice versa. Hence we create a persistence manager
- * instance when we create a new transaction. We create a new transaction
- * for every store API since we want that unit of work to behave as a
- * transaction.
- *
- * Note that there's only one instance of PersistenceManagerFactory object
- * for the service.
- *
- * Synchronized because we obtain persistence manager
- */
- public synchronized PersistenceManager openTransaction() {
- PersistenceManager pm = pmf.getPersistenceManager();
- Transaction currentTransaction = pm.currentTransaction();
- currentTransaction.begin();
- return pm;
- }
-
- /**
- * Synchronized due to sequence id generation
- */
- public synchronized CommitContext commitUpdateTransaction(PersistenceManager pm) {
- commitTransaction(pm);
- return new CommitContext(SERVER_UUID, incrementGetSequenceId());
- }
-
- /**
- * Increments commitSequenceId which should not be modified outside
- * this method.
- *
- * @return sequence id
- */
- private synchronized long incrementGetSequenceId() {
- return ++commitSequenceId;
- }
-
- public void commitTransaction(PersistenceManager pm) {
- Transaction currentTransaction = pm.currentTransaction();
- try {
- Preconditions.checkState(currentTransaction.isActive(), "Transaction is not active");
- currentTransaction.commit();
- } finally {
- pm.close();
- }
- }
-
- public void rollbackTransaction(PersistenceManager pm) {
- if (pm == null || pm.isClosed()) {
- return;
- }
- Transaction currentTransaction = pm.currentTransaction();
- if (currentTransaction.isActive()) {
- try {
- currentTransaction.rollback();
- } finally {
- pm.close();
- }
- }
- }
- /**
- Get the MSentry object from roleName
- Note: Should be called inside a transaction
- */
- public MSentryRole getMSentryRole(PersistenceManager pm, String roleName) {
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- return (MSentryRole) query.execute(roleName);
- }
-
- /**
- * Normalize the string values
- */
- private String trimAndLower(String input) {
- return input.trim().toLowerCase();
- }
- /**
- * Create a sentry role and persist it.
- * @param roleName: Name of the role being persisted
- * @returns commit context used for notification handlers
- * @throws SentryAlreadyExistsException
- */
- public CommitContext createSentryRole(String roleName)
- throws SentryAlreadyExistsException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- createSentryRoleCore(pm, roleName);
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private void createSentryRoleCore(PersistenceManager pm, String roleName)
- throws SentryAlreadyExistsException {
- String trimmedRoleName = trimAndLower(roleName);
- MSentryRole mSentryRole = getMSentryRole(pm, trimmedRoleName);
- if (mSentryRole == null) {
- MSentryRole mRole = new MSentryRole(trimmedRoleName, System.currentTimeMillis());
- pm.makePersistent(mRole);
- } else {
- throw new SentryAlreadyExistsException("Role: " + trimmedRoleName);
- }
- }
-
- private <T> Long getCount(Class<T> tClass) {
- PersistenceManager pm = null;
- Long size = Long.valueOf(-1);
- try {
- pm = openTransaction();
- Query query = pm.newQuery();
- query.setClass(tClass);
- query.setResult("count(this)");
- size = (Long)query.execute();
-
- } finally {
- if (pm != null) {
- commitTransaction(pm);
- }
- }
- return size;
- }
- public Gauge<Long> getRoleCountGauge() {
- return new Gauge< Long >() {
- @Override
- public Long getValue() {
- return getCount(MSentryRole.class);
- }
- };
- }
-
- public Gauge<Long> getPrivilegeCountGauge() {
- return new Gauge< Long >() {
- @Override
- public Long getValue() {
- return getCount(MSentryPrivilege.class);
- }
- };
- }
-
- public Gauge<Long> getGroupCountGauge() {
- return new Gauge< Long >() {
- @Override
- public Long getValue() {
- return getCount(MSentryGroup.class);
- }
- };
- }
-
- public Gauge<Long> getUserCountGauge() {
- return new Gauge<Long>() {
- @Override
- public Long getValue() {
- return getCount(MSentryUser.class);
- }
- };
- }
-
- /**
- * Lets the test code know how many privs are in the db, so that we know
- * if they are in fact being cleaned up when not being referenced any more.
- * @return The number of rows in the db priv table.
- */
- @VisibleForTesting
- long countMSentryPrivileges() {
- return getCount(MSentryPrivilege.class);
- }
-
- @VisibleForTesting
- void clearAllTables() {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- pm.newQuery(MSentryRole.class).deletePersistentAll();
- pm.newQuery(MSentryGroup.class).deletePersistentAll();
- pm.newQuery(MSentryUser.class).deletePersistentAll();
- pm.newQuery(MSentryPrivilege.class).deletePersistentAll();
- commitUpdateTransaction(pm);
- rollbackTransaction = false;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- public CommitContext alterSentryRoleGrantPrivilege(String grantorPrincipal,
- String roleName, TSentryPrivilege privilege)
- throws SentryUserException {
- return alterSentryRoleGrantPrivileges(grantorPrincipal,
- roleName, Sets.newHashSet(privilege));
- }
-
- public CommitContext alterSentryRoleGrantPrivileges(String grantorPrincipal,
- String roleName, Set<TSentryPrivilege> privileges)
- throws SentryUserException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- String trimmedRoleName = trimAndLower(roleName);
- try {
- pm = openTransaction();
- for (TSentryPrivilege privilege : privileges) {
- // first do grant check
- grantOptionCheck(pm, grantorPrincipal, privilege);
-
- MSentryPrivilege mPrivilege = alterSentryRoleGrantPrivilegeCore(pm, trimmedRoleName, privilege);
-
- if (mPrivilege != null) {
- convertToTSentryPrivilege(mPrivilege, privilege);
- }
- }
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private MSentryPrivilege alterSentryRoleGrantPrivilegeCore(PersistenceManager pm,
- String roleName, TSentryPrivilege privilege)
- throws SentryNoSuchObjectException, SentryInvalidInputException {
- MSentryPrivilege mPrivilege = null;
- MSentryRole mRole = getMSentryRole(pm, roleName);
- if (mRole == null) {
- throw new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist");
- } else {
-
- if (!isNULL(privilege.getColumnName()) || !isNULL(privilege.getTableName())
- || !isNULL(privilege.getDbName())) {
- // If Grant is for ALL and Either INSERT/SELECT already exists..
- // need to remove it and GRANT ALL..
- if (AccessConstants.ALL.equalsIgnoreCase(privilege.getAction())
- || AccessConstants.ACTION_ALL.equalsIgnoreCase(privilege.getAction())) {
- TSentryPrivilege tNotAll = new TSentryPrivilege(privilege);
- tNotAll.setAction(AccessConstants.SELECT);
- MSentryPrivilege mSelect = getMSentryPrivilege(tNotAll, pm);
- tNotAll.setAction(AccessConstants.INSERT);
- MSentryPrivilege mInsert = getMSentryPrivilege(tNotAll, pm);
- if (mSelect != null && mRole.getPrivileges().contains(mSelect)) {
- mSelect.removeRole(mRole);
- privCleaner.incPrivRemoval();
- pm.makePersistent(mSelect);
- }
- if (mInsert != null && mRole.getPrivileges().contains(mInsert)) {
- mInsert.removeRole(mRole);
- privCleaner.incPrivRemoval();
- pm.makePersistent(mInsert);
- }
- } else {
- // If Grant is for Either INSERT/SELECT and ALL already exists..
- // do nothing..
- TSentryPrivilege tAll = new TSentryPrivilege(privilege);
- tAll.setAction(AccessConstants.ALL);
- MSentryPrivilege mAll1 = getMSentryPrivilege(tAll, pm);
- tAll.setAction(AccessConstants.ACTION_ALL);
- MSentryPrivilege mAll2 = getMSentryPrivilege(tAll, pm);
- if (mAll1 != null && mRole.getPrivileges().contains(mAll1)) {
- return null;
- }
- if (mAll2 != null && mRole.getPrivileges().contains(mAll2)) {
- return null;
- }
- }
- }
-
- mPrivilege = getMSentryPrivilege(privilege, pm);
- if (mPrivilege == null) {
- mPrivilege = convertToMSentryPrivilege(privilege);
- }
- mPrivilege.appendRole(mRole);
- pm.makePersistent(mRole);
- pm.makePersistent(mPrivilege);
- }
- return mPrivilege;
- }
-
- public CommitContext alterSentryRoleRevokePrivilege(String grantorPrincipal,
- String roleName, TSentryPrivilege tPrivilege) throws SentryUserException {
- return alterSentryRoleRevokePrivileges(grantorPrincipal,
- roleName, Sets.newHashSet(tPrivilege));
- }
-
- public CommitContext alterSentryRoleRevokePrivileges(String grantorPrincipal,
- String roleName, Set<TSentryPrivilege> tPrivileges) throws SentryUserException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- String trimmedRoleName = safeTrimLower(roleName);
- try {
- pm = openTransaction();
- for (TSentryPrivilege tPrivilege : tPrivileges) {
- // first do revoke check
- grantOptionCheck(pm, grantorPrincipal, tPrivilege);
-
- alterSentryRoleRevokePrivilegeCore(pm, trimmedRoleName, tPrivilege);
- }
-
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private void alterSentryRoleRevokePrivilegeCore(PersistenceManager pm,
- String roleName, TSentryPrivilege tPrivilege)
- throws SentryNoSuchObjectException, SentryInvalidInputException {
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- MSentryRole mRole = (MSentryRole) query.execute(roleName);
- if (mRole == null) {
- throw new SentryNoSuchObjectException("Role: " + roleName + " doesn't exist");
- } else {
- query = pm.newQuery(MSentryPrivilege.class);
- MSentryPrivilege mPrivilege = getMSentryPrivilege(tPrivilege, pm);
- if (mPrivilege == null) {
- mPrivilege = convertToMSentryPrivilege(tPrivilege);
- } else {
- mPrivilege = (MSentryPrivilege) pm.detachCopy(mPrivilege);
- }
-
- Set<MSentryPrivilege> privilegeGraph = Sets.newHashSet();
- if (mPrivilege.getGrantOption() != null) {
- privilegeGraph.add(mPrivilege);
- } else {
- MSentryPrivilege mTure = new MSentryPrivilege(mPrivilege);
- mTure.setGrantOption(true);
- privilegeGraph.add(mTure);
- MSentryPrivilege mFalse = new MSentryPrivilege(mPrivilege);
- mFalse.setGrantOption(false);
- privilegeGraph.add(mFalse);
- }
- // Get the privilege graph
- populateChildren(pm, Sets.newHashSet(roleName), mPrivilege, privilegeGraph);
- for (MSentryPrivilege childPriv : privilegeGraph) {
- revokePrivilegeFromRole(pm, tPrivilege, mRole, childPriv);
- }
- pm.makePersistent(mRole);
- }
- }
-
- /**
- * Roles can be granted ALL, SELECT, and INSERT on tables. When
- * a role has ALL and SELECT or INSERT are revoked, we need to remove the ALL
- * privilege and add SELECT (INSERT was revoked) or INSERT (SELECT was revoked).
- */
- private void revokePartial(PersistenceManager pm,
- TSentryPrivilege requestedPrivToRevoke, MSentryRole mRole,
- MSentryPrivilege currentPrivilege) throws SentryInvalidInputException {
- MSentryPrivilege persistedPriv = getMSentryPrivilege(convertToTSentryPrivilege(currentPrivilege), pm);
- if (persistedPriv == null) {
- persistedPriv = convertToMSentryPrivilege(convertToTSentryPrivilege(currentPrivilege));
- }
-
- if (requestedPrivToRevoke.getAction().equalsIgnoreCase("ALL") || requestedPrivToRevoke.getAction().equalsIgnoreCase("*")) {
- persistedPriv.removeRole(mRole);
- privCleaner.incPrivRemoval();
- pm.makePersistent(persistedPriv);
- } else if (requestedPrivToRevoke.getAction().equalsIgnoreCase(AccessConstants.SELECT)
- && !currentPrivilege.getAction().equalsIgnoreCase(AccessConstants.INSERT)) {
- revokeRolePartial(pm, mRole, currentPrivilege, persistedPriv, AccessConstants.INSERT);
- } else if (requestedPrivToRevoke.getAction().equalsIgnoreCase(AccessConstants.INSERT)
- && !currentPrivilege.getAction().equalsIgnoreCase(AccessConstants.SELECT)) {
- revokeRolePartial(pm, mRole, currentPrivilege, persistedPriv, AccessConstants.SELECT);
- }
- }
-
- private void revokeRolePartial(PersistenceManager pm, MSentryRole mRole,
- MSentryPrivilege currentPrivilege, MSentryPrivilege persistedPriv, String addAction)
- throws SentryInvalidInputException {
- // If table / URI, remove ALL
- persistedPriv.removeRole(mRole);
- privCleaner.incPrivRemoval();
- pm.makePersistent(persistedPriv);
-
- currentPrivilege.setAction(AccessConstants.ALL);
- persistedPriv = getMSentryPrivilege(convertToTSentryPrivilege(currentPrivilege), pm);
- if (persistedPriv != null && mRole.getPrivileges().contains(persistedPriv)) {
- persistedPriv.removeRole(mRole);
- privCleaner.incPrivRemoval();
- pm.makePersistent(persistedPriv);
-
- currentPrivilege.setAction(addAction);
- persistedPriv = getMSentryPrivilege(convertToTSentryPrivilege(currentPrivilege), pm);
- if (persistedPriv == null) {
- persistedPriv = convertToMSentryPrivilege(convertToTSentryPrivilege(currentPrivilege));
- mRole.appendPrivilege(persistedPriv);
- }
- persistedPriv.appendRole(mRole);
- pm.makePersistent(persistedPriv);
- }
- }
-
- /**
- * Revoke privilege from role
- */
- private void revokePrivilegeFromRole(PersistenceManager pm, TSentryPrivilege tPrivilege,
- MSentryRole mRole, MSentryPrivilege mPrivilege) throws SentryInvalidInputException {
- if (PARTIAL_REVOKE_ACTIONS.contains(mPrivilege.getAction())) {
- // if this privilege is in {ALL,SELECT,INSERT}
- // we will do partial revoke
- revokePartial(pm, tPrivilege, mRole, mPrivilege);
- } else {
- // if this privilege is not ALL, SELECT nor INSERT,
- // we will revoke it from role directly
- MSentryPrivilege persistedPriv = getMSentryPrivilege(convertToTSentryPrivilege(mPrivilege), pm);
- if (persistedPriv != null) {
- mPrivilege.removeRole(mRole);
- privCleaner.incPrivRemoval();
- pm.makePersistent(mPrivilege);
- }
- }
- }
-
- /**
- * Explore Privilege graph and collect child privileges.
- * The responsibility to commit/rollback the transaction should be handled by the caller.
- */
- private void populateChildren(PersistenceManager pm, Set<String> roleNames, MSentryPrivilege priv,
- Set<MSentryPrivilege> children) throws SentryInvalidInputException {
- Preconditions.checkNotNull(pm);
- if (!isNULL(priv.getServerName()) || !isNULL(priv.getDbName())
- || !isNULL(priv.getTableName())) {
- // Get all TableLevel Privs
- Set<MSentryPrivilege> childPrivs = getChildPrivileges(pm, roleNames, priv);
- for (MSentryPrivilege childPriv : childPrivs) {
- // Only recurse for table level privs..
- if (!isNULL(childPriv.getDbName()) && !isNULL(childPriv.getTableName())
- && !isNULL(childPriv.getColumnName())) {
- populateChildren(pm, roleNames, childPriv, children);
- }
- // The method getChildPrivileges() didn't do filter on "action",
- // if the action is not "All", it should judge the action of children privilege.
- // For example: a user has a privilege \u201cAll on Col1\u201d,
- // if the operation is \u201cREVOKE INSERT on table\u201d
- // the privilege should be the child of table level privilege.
- // but the privilege may still have other meaning, likes "SELECT on Col1".
- // and the privileges like "SELECT on Col1" should not be revoke.
- if (!priv.isActionALL()) {
- if (childPriv.isActionALL()) {
- // If the child privilege is All, we should convert it to the same
- // privilege with parent
- childPriv.setAction(priv.getAction());
- }
- // Only include privilege that imply the parent privilege.
- if (!priv.implies(childPriv)) {
- continue;
- }
- }
- children.add(childPriv);
- }
- }
- }
-
- private Set<MSentryPrivilege> getChildPrivileges(PersistenceManager pm, Set<String> roleNames,
- MSentryPrivilege parent) throws SentryInvalidInputException {
- // Column and URI do not have children
- if (!isNULL(parent.getColumnName()) || !isNULL(parent.getURI())) {
- return new HashSet<MSentryPrivilege>();
- }
-
- Query query = pm.newQuery(MSentryPrivilege.class);
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (String rName : roleNames) {
- rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\"");
- }
- StringBuilder filters = new StringBuilder("roles.contains(role) "
- + "&& (" + Joiner.on(" || ").join(rolesFiler) + ")");
- filters.append(" && serverName == \"" + parent.getServerName() + "\"");
- if (!isNULL(parent.getDbName())) {
- filters.append(" && dbName == \"" + parent.getDbName() + "\"");
- if (!isNULL(parent.getTableName())) {
- filters.append(" && tableName == \"" + parent.getTableName() + "\"");
- filters.append(" && columnName != \"__NULL__\"");
- } else {
- filters.append(" && tableName != \"__NULL__\"");
- }
- } else {
- filters.append(" && (dbName != \"__NULL__\" || URI != \"__NULL__\")");
- }
-
- query.setFilter(filters.toString());
- query.setResult("privilegeScope, serverName, dbName, tableName, columnName," +
- " URI, action, grantOption");
- Set<MSentryPrivilege> privileges = new HashSet<MSentryPrivilege>();
- for (Object[] privObj : (List<Object[]>) query.execute()) {
- MSentryPrivilege priv = new MSentryPrivilege();
- priv.setPrivilegeScope((String) privObj[0]);
- priv.setServerName((String) privObj[1]);
- priv.setDbName((String) privObj[2]);
- priv.setTableName((String) privObj[3]);
- priv.setColumnName((String) privObj[4]);
- priv.setURI((String) privObj[5]);
- priv.setAction((String) privObj[6]);
- priv.setGrantOption((Boolean) privObj[7]);
- privileges.add(priv);
- }
- return privileges;
- }
-
- private List<MSentryPrivilege> getMSentryPrivileges(TSentryPrivilege tPriv, PersistenceManager pm) {
- Query query = pm.newQuery(MSentryPrivilege.class);
- StringBuilder filters = new StringBuilder("this.serverName == \""
- + toNULLCol(safeTrimLower(tPriv.getServerName())) + "\" ");
- if (!isNULL(tPriv.getDbName())) {
- filters.append("&& this.dbName == \"" + toNULLCol(safeTrimLower(tPriv.getDbName())) + "\" ");
- if (!isNULL(tPriv.getTableName())) {
- filters.append("&& this.tableName == \"" + toNULLCol(safeTrimLower(tPriv.getTableName())) + "\" ");
- if (!isNULL(tPriv.getColumnName())) {
- filters.append("&& this.columnName == \"" + toNULLCol(safeTrimLower(tPriv.getColumnName())) + "\" ");
- }
- }
- }
- // if db is null, uri is not null
- else if (!isNULL(tPriv.getURI())){
- filters.append("&& this.URI == \"" + toNULLCol(safeTrim(tPriv.getURI())) + "\" ");
- }
- filters.append("&& this.action == \"" + toNULLCol(safeTrimLower(tPriv.getAction())) + "\"");
-
- query.setFilter(filters.toString());
- return (List<MSentryPrivilege>) query.execute();
- }
-
- private MSentryPrivilege getMSentryPrivilege(TSentryPrivilege tPriv, PersistenceManager pm) {
- Query query = pm.newQuery(MSentryPrivilege.class);
- query.setFilter("this.serverName == \"" + toNULLCol(safeTrimLower(tPriv.getServerName())) + "\" "
- + "&& this.dbName == \"" + toNULLCol(safeTrimLower(tPriv.getDbName())) + "\" "
- + "&& this.tableName == \"" + toNULLCol(safeTrimLower(tPriv.getTableName())) + "\" "
- + "&& this.columnName == \"" + toNULLCol(safeTrimLower(tPriv.getColumnName())) + "\" "
- + "&& this.URI == \"" + toNULLCol(safeTrim(tPriv.getURI())) + "\" "
- + "&& this.grantOption == grantOption "
- + "&& this.action == \"" + toNULLCol(safeTrimLower(tPriv.getAction())) + "\"");
- query.declareParameters("Boolean grantOption");
- query.setUnique(true);
- Boolean grantOption = null;
- if (tPriv.getGrantOption().equals(TSentryGrantOption.TRUE)) {
- grantOption = true;
- } else if (tPriv.getGrantOption().equals(TSentryGrantOption.FALSE)) {
- grantOption = false;
- }
- Object obj = query.execute(grantOption);
- if (obj != null) {
- return (MSentryPrivilege) obj;
- }
- return null;
- }
-
- public CommitContext dropSentryRole(String roleName)
- throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- dropSentryRoleCore(pm, roleName);
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private void dropSentryRoleCore(PersistenceManager pm, String roleName)
- throws SentryNoSuchObjectException {
- String lRoleName = trimAndLower(roleName);
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- MSentryRole sentryRole = (MSentryRole) query.execute(lRoleName);
- if (sentryRole == null) {
- throw new SentryNoSuchObjectException("Role: " + lRoleName + " doesn't exist");
- } else {
- pm.retrieve(sentryRole);
- int numPrivs = sentryRole.getPrivileges().size();
- sentryRole.removePrivileges();
- // with SENTRY-398 generic model
- sentryRole.removeGMPrivileges();
- privCleaner.incPrivRemoval(numPrivs);
- pm.deletePersistent(sentryRole);
- }
- }
-
- public CommitContext alterSentryRoleAddGroups(String grantorPrincipal, String roleName,
- Set<TSentryGroup> groupNames)
- throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- alterSentryRoleAddGroupsCore(pm, roleName, groupNames);
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private void alterSentryRoleAddGroupsCore(PersistenceManager pm, String roleName,
- Set<TSentryGroup> groupNames) throws SentryNoSuchObjectException {
- String lRoleName = trimAndLower(roleName);
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- MSentryRole role = (MSentryRole) query.execute(lRoleName);
- if (role == null) {
- throw new SentryNoSuchObjectException("Role: " + lRoleName + " doesn't exist");
- } else {
- query = pm.newQuery(MSentryGroup.class);
- query.setFilter("this.groupName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- List<MSentryGroup> groups = Lists.newArrayList();
- for (TSentryGroup tGroup : groupNames) {
- String groupName = tGroup.getGroupName().trim();
- MSentryGroup group = (MSentryGroup) query.execute(groupName);
- if (group == null) {
- group = new MSentryGroup(groupName, System.currentTimeMillis(), Sets.newHashSet(role));
- }
- group.appendRole(role);
- groups.add(group);
- }
- pm.makePersistentAll(groups);
- }
- }
-
- public CommitContext alterSentryRoleAddUsers(String roleName,
- Set<String> userNames) throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- alterSentryRoleAddUsersCore(pm, roleName, userNames);
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private void alterSentryRoleAddUsersCore(PersistenceManager pm, String roleName,
- Set<String> userNames) throws SentryNoSuchObjectException {
- String trimmedRoleName = trimAndLower(roleName);
- MSentryRole role = getMSentryRole(pm, trimmedRoleName);
- if (role == null) {
- throw new SentryNoSuchObjectException("Role: " + trimmedRoleName);
- } else {
- Query query = pm.newQuery(MSentryUser.class);
- query.setFilter("this.userName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- List<MSentryUser> users = Lists.newArrayList();
- for (String userName : userNames) {
- userName = userName.trim();
- MSentryUser user = (MSentryUser) query.execute(userName);
- if (user == null) {
- user = new MSentryUser(userName, System.currentTimeMillis(), Sets.newHashSet(role));
- }
- user.appendRole(role);
- users.add(user);
- }
- pm.makePersistentAll(users);
- }
- }
-
- public CommitContext alterSentryRoleDeleteUsers(String roleName, Set<String> userNames)
- throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- String trimmedRoleName = trimAndLower(roleName);
- try {
- pm = openTransaction();
- MSentryRole role = getMSentryRole(pm, trimmedRoleName);
- if (role == null) {
- throw new SentryNoSuchObjectException("Role: " + trimmedRoleName);
- } else {
- Query query = pm.newQuery(MSentryUser.class);
- query.setFilter("this.userName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- List<MSentryUser> users = Lists.newArrayList();
- for (String userName : userNames) {
- userName = userName.trim();
- MSentryUser user = (MSentryUser) query.execute(userName);
- if (user != null) {
- user.removeRole(role);
- users.add(user);
- }
- }
- pm.makePersistentAll(users);
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- }
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- public CommitContext alterSentryRoleDeleteGroups(String roleName,
- Set<TSentryGroup> groupNames)
- throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- String trimmedRoleName = trimAndLower(roleName);
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- MSentryRole role = (MSentryRole) query.execute(trimmedRoleName);
- if (role == null) {
- throw new SentryNoSuchObjectException("Role: " + trimmedRoleName + " doesn't exist");
- } else {
- query = pm.newQuery(MSentryGroup.class);
- query.setFilter("this.groupName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- List<MSentryGroup> groups = Lists.newArrayList();
- for (TSentryGroup tGroup : groupNames) {
- String groupName = tGroup.getGroupName().trim();
- MSentryGroup group = (MSentryGroup) query.execute(groupName);
- if (group != null) {
- group.removeRole(role);
- groups.add(group);
- }
- }
- pm.makePersistentAll(groups);
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- }
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- @VisibleForTesting
- MSentryRole getMSentryRoleByName(String roleName)
- throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- String trimmedRoleName = trimAndLower(roleName);
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- MSentryRole sentryRole = (MSentryRole) query.execute(trimmedRoleName);
- if (sentryRole == null) {
- throw new SentryNoSuchObjectException("Role: " + trimmedRoleName + " doesn't exist");
- } else {
- pm.retrieve(sentryRole);
- }
- rollbackTransaction = false;
- commitTransaction(pm);
- return sentryRole;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private boolean hasAnyServerPrivileges(Set<String> roleNames, String serverName) {
- if (roleNames == null || roleNames.isEmpty()) {
- return false;
- }
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryPrivilege.class);
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (String rName : roleNames) {
- rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\"");
- }
- StringBuilder filters = new StringBuilder("roles.contains(role) "
- + "&& (" + Joiner.on(" || ").join(rolesFiler) + ") ");
- filters.append("&& serverName == \"" + trimAndLower(serverName) + "\"");
- query.setFilter(filters.toString());
- query.setResult("count(this)");
-
- Long numPrivs = (Long) query.execute();
- rollbackTransaction = false;
- commitTransaction(pm);
- return numPrivs > 0;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- List<MSentryPrivilege> getMSentryPrivileges(Set<String> roleNames, TSentryAuthorizable authHierarchy) {
- if (roleNames == null || roleNames.isEmpty()) {
- return new ArrayList<MSentryPrivilege>();
- }
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryPrivilege.class);
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (String rName : roleNames) {
- rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\"");
- }
- StringBuilder filters = new StringBuilder("roles.contains(role) "
- + "&& (" + Joiner.on(" || ").join(rolesFiler) + ") ");
- if (authHierarchy != null && authHierarchy.getServer() != null) {
- filters.append("&& serverName == \"" + authHierarchy.getServer().toLowerCase() + "\"");
- if (authHierarchy.getDb() != null) {
- filters.append(" && ((dbName == \"" + authHierarchy.getDb().toLowerCase() + "\") || (dbName == \"__NULL__\")) && (URI == \"__NULL__\")");
- if (authHierarchy.getTable() != null
- && !AccessConstants.ALL.equalsIgnoreCase(authHierarchy.getTable())) {
- if (!AccessConstants.SOME.equalsIgnoreCase(authHierarchy.getTable())) {
- filters.append(" && ((tableName == \"" + authHierarchy.getTable().toLowerCase() + "\") || (tableName == \"__NULL__\")) && (URI == \"__NULL__\")");
- }
- if (authHierarchy.getColumn() != null
- && !AccessConstants.ALL.equalsIgnoreCase(authHierarchy.getColumn())
- && !AccessConstants.SOME.equalsIgnoreCase(authHierarchy.getColumn())) {
- filters.append(" && ((columnName == \"" + authHierarchy.getColumn().toLowerCase() + "\") || (columnName == \"__NULL__\")) && (URI == \"__NULL__\")");
- }
- }
- }
- if (authHierarchy.getUri() != null) {
- filters.append(" && ((URI != \"__NULL__\") && (\"" + authHierarchy.getUri() + "\".startsWith(URI)) || (URI == \"__NULL__\")) && (dbName == \"__NULL__\")");
- }
- }
- query.setFilter(filters.toString());
- List<MSentryPrivilege> privileges = (List<MSentryPrivilege>) query.execute();
- rollbackTransaction = false;
- commitTransaction(pm);
- return privileges;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- List<MSentryPrivilege> getMSentryPrivilegesByAuth(Set<String> roleNames, TSentryAuthorizable authHierarchy) {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryPrivilege.class);
- StringBuilder filters = new StringBuilder();
- if (roleNames == null || roleNames.isEmpty()) {
- filters.append(" !roles.isEmpty() ");
- } else {
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (String rName : roleNames) {
- rolesFiler.add("role.roleName == \"" + trimAndLower(rName) + "\"");
- }
- filters.append("roles.contains(role) "
- + "&& (" + Joiner.on(" || ").join(rolesFiler) + ") ");
- }
- if (authHierarchy.getServer() != null) {
- filters.append("&& serverName == \"" +
- authHierarchy.getServer().toLowerCase() + "\"");
- if (authHierarchy.getDb() != null) {
- filters.append(" && (dbName == \"" +
- authHierarchy.getDb().toLowerCase() + "\") && (URI == \"__NULL__\")");
- if (authHierarchy.getTable() != null) {
- filters.append(" && (tableName == \"" +
- authHierarchy.getTable().toLowerCase() + "\")");
- } else {
- filters.append(" && (tableName == \"__NULL__\")");
- }
- } else if (authHierarchy.getUri() != null) {
- filters.append(" && (URI != \"__NULL__\") && (\"" + authHierarchy.getUri() +
- "\".startsWith(URI)) && (dbName == \"__NULL__\")");
- } else {
- filters.append(" && (dbName == \"__NULL__\") && (URI == \"__NULL__\")");
- }
- } else {
- // if no server, then return empty resultset
- return new ArrayList<MSentryPrivilege>();
- }
- FetchGroup grp = pm.getFetchGroup(MSentryPrivilege.class, "fetchRole");
- grp.addMember("roles");
- pm.getFetchPlan().addGroup("fetchRole");
- query.setFilter(filters.toString());
- List<MSentryPrivilege> privileges = (List<MSentryPrivilege>) query.execute();
- rollbackTransaction = false;
- commitTransaction(pm);
- return privileges;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- public TSentryPrivilegeMap listSentryPrivilegesByAuthorizable(Set<String> groups,
- TSentryActiveRoleSet activeRoles,
- TSentryAuthorizable authHierarchy, boolean isAdmin)
- throws SentryInvalidInputException {
- Map<String, Set<TSentryPrivilege>> resultPrivilegeMap = Maps.newTreeMap();
- Set<String> roles = getRolesToQuery(groups, null, new TSentryActiveRoleSet(true, null));
-
- if (activeRoles != null && !activeRoles.isAll()) {
- // need to check/convert to lowercase here since this is from user input
- for (String aRole : activeRoles.getRoles()) {
- roles.add(aRole.toLowerCase());
- }
- }
-
- // An empty 'roles' is a treated as a wildcard (in case of admin role)..
- // so if not admin, don't return anything if 'roles' is empty..
- if (isAdmin || !roles.isEmpty()) {
- List<MSentryPrivilege> mSentryPrivileges = getMSentryPrivilegesByAuth(roles,
- authHierarchy);
- for (MSentryPrivilege priv : mSentryPrivileges) {
- for (MSentryRole role : priv.getRoles()) {
- TSentryPrivilege tPriv = convertToTSentryPrivilege(priv);
- if (resultPrivilegeMap.containsKey(role.getRoleName())) {
- resultPrivilegeMap.get(role.getRoleName()).add(tPriv);
- } else {
- Set<TSentryPrivilege> tPrivSet = Sets.newTreeSet();
- tPrivSet.add(tPriv);
- resultPrivilegeMap.put(role.getRoleName(), tPrivSet);
- }
- }
- }
- }
- return new TSentryPrivilegeMap(resultPrivilegeMap);
- }
-
- private Set<MSentryPrivilege> getMSentryPrivilegesByRoleName(String roleName)
- throws SentryNoSuchObjectException {
- MSentryRole mSentryRole = getMSentryRoleByName(roleName);
- return mSentryRole.getPrivileges();
- }
-
- /**
- * Gets sentry privilege objects for a given roleName from the persistence layer
- * @param roleName : roleName to look up
- * @return : Set of thrift sentry privilege objects
- * @throws SentryNoSuchObjectException
- */
-
- public Set<TSentryPrivilege> getAllTSentryPrivilegesByRoleName(String roleName)
- throws SentryNoSuchObjectException {
- return convertToTSentryPrivileges(getMSentryPrivilegesByRoleName(roleName));
- }
-
-
- /**
- * Gets sentry privilege objects for criteria from the persistence layer
- * @param roleNames : roleNames to look up (required)
- * @param authHierarchy : filter push down based on auth hierarchy (optional)
- * @return : Set of thrift sentry privilege objects
- * @throws SentryNoSuchObjectException
- */
-
- public Set<TSentryPrivilege> getTSentryPrivileges(Set<String> roleNames, TSentryAuthorizable authHierarchy) throws SentryInvalidInputException {
- if (authHierarchy.getServer() == null) {
- throw new SentryInvalidInputException("serverName cannot be null !!");
- }
- if (authHierarchy.getTable() != null && authHierarchy.getDb() == null) {
- throw new SentryInvalidInputException("dbName cannot be null when tableName is present !!");
- }
- if (authHierarchy.getColumn() != null && authHierarchy.getTable() == null) {
- throw new SentryInvalidInputException("tableName cannot be null when columnName is present !!");
- }
- if (authHierarchy.getUri() == null && authHierarchy.getDb() == null) {
- throw new SentryInvalidInputException("One of uri or dbName must not be null !!");
- }
- return convertToTSentryPrivileges(getMSentryPrivileges(roleNames, authHierarchy));
- }
-
-
- private Set<MSentryRole> getMSentryRolesByGroupName(String groupName)
- throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- Set<MSentryRole> roles;
- pm = openTransaction();
-
- //If no group name was specified, return all roles
- if (groupName == null) {
- Query query = pm.newQuery(MSentryRole.class);
- roles = new HashSet<MSentryRole>((List<MSentryRole>)query.execute());
- } else {
- Query query = pm.newQuery(MSentryGroup.class);
- MSentryGroup sentryGroup;
- String trimmedGroupName = groupName.trim();
- query.setFilter("this.groupName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- sentryGroup = (MSentryGroup) query.execute(trimmedGroupName);
- if (sentryGroup == null) {
- throw new SentryNoSuchObjectException("Group: " + trimmedGroupName + " doesn't exist");
- } else {
- pm.retrieve(sentryGroup);
- }
- roles = sentryGroup.getRoles();
- }
- for ( MSentryRole role: roles) {
- pm.retrieve(role);
- }
- commitTransaction(pm);
- rollbackTransaction = false;
- return roles;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- /**
- * Gets sentry role objects for a given groupName from the persistence layer
- * @param groupName : groupName to look up ( if null returns all roles for all groups)
- * @return : Set of thrift sentry role objects
- * @throws SentryNoSuchObjectException
- */
- public Set<TSentryRole> getTSentryRolesByGroupName(Set<String> groupNames,
- boolean checkAllGroups) throws SentryNoSuchObjectException {
- Set<MSentryRole> roleSet = Sets.newHashSet();
- for (String groupName : groupNames) {
- try {
- roleSet.addAll(getMSentryRolesByGroupName(groupName));
- } catch (SentryNoSuchObjectException e) {
- // if we are checking for all the given groups, then continue searching
- if (!checkAllGroups) {
- throw e;
- }
- }
- }
- return convertToTSentryRoles(roleSet);
- }
-
- public Set<String> getRoleNamesForGroups(Set<String> groups) {
- if (groups == null || groups.isEmpty()) {
- return ImmutableSet.of();
- }
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Set<String> result = getRoleNamesForGroupsCore(pm, groups);
- rollbackTransaction = false;
- commitTransaction(pm);
- return result;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private Set<String> getRoleNamesForGroupsCore(PersistenceManager pm, Set<String> groups) {
- return convertToRoleNameSet(getRolesForGroups(pm, groups));
- }
-
- public Set<String> getRoleNamesForUsers(Set<String> users) {
- if (users == null || users.isEmpty()) {
- return ImmutableSet.of();
- }
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Set<String> result = getRoleNamesForUsersCore(pm,users);
- rollbackTransaction = false;
- commitTransaction(pm);
- return result;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private Set<String> getRoleNamesForUsersCore(PersistenceManager pm, Set<String> users) {
- return convertToRoleNameSet(getRolesForUsers(pm, users));
- }
-
- public Set<TSentryRole> getTSentryRolesByUserNames(Set<String> users) {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Set<MSentryRole> mSentryRoles = getRolesForUsers(pm, users);
- // Since {@link MSentryRole#getGroups()} is lazy-loading, the converting should be call
- // before transaction committed.
- Set<TSentryRole> result = convertToTSentryRoles(mSentryRoles);
- rollbackTransaction = false;
- commitTransaction(pm);
- return result;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- public Set<MSentryRole> getRolesForGroups(PersistenceManager pm, Set<String> groups) {
- Set<MSentryRole> result = Sets.newHashSet();
- if (groups != null) {
- Query query = pm.newQuery(MSentryGroup.class);
- query.setFilter("this.groupName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- for (String group : groups) {
- MSentryGroup sentryGroup = (MSentryGroup) query.execute(group.trim());
- if (sentryGroup != null) {
- result.addAll(sentryGroup.getRoles());
- }
- }
- }
- return result;
- }
-
- public Set<MSentryRole> getRolesForUsers(PersistenceManager pm, Set<String> users) {
- Set<MSentryRole> result = Sets.newHashSet();
- if (users != null) {
- Query query = pm.newQuery(MSentryUser.class);
- query.setFilter("this.userName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- for (String user : users) {
- MSentryUser sentryUser = (MSentryUser) query.execute(user.trim());
- if (sentryUser != null) {
- result.addAll(sentryUser.getRoles());
- }
- }
- }
- return result;
- }
-
- public Set<String> listAllSentryPrivilegesForProvider(Set<String> groups, Set<String> users,
- TSentryActiveRoleSet roleSet) throws SentryInvalidInputException {
- return listSentryPrivilegesForProvider(groups, users, roleSet, null);
- }
-
-
- public Set<String> listSentryPrivilegesForProvider(Set<String> groups, Set<String> users,
- TSentryActiveRoleSet roleSet, TSentryAuthorizable authHierarchy) throws SentryInvalidInputException {
- Set<String> result = Sets.newHashSet();
- Set<String> rolesToQuery = getRolesToQuery(groups, users, roleSet);
- List<MSentryPrivilege> mSentryPrivileges = getMSentryPrivileges(rolesToQuery, authHierarchy);
- for (MSentryPrivilege priv : mSentryPrivileges) {
- result.add(toAuthorizable(priv));
- }
-
- return result;
- }
-
- public boolean hasAnyServerPrivileges(Set<String> groups, Set<String> users,
- TSentryActiveRoleSet roleSet, String server) {
- Set<String> rolesToQuery = getRolesToQuery(groups, users, roleSet);
- return hasAnyServerPrivileges(rolesToQuery, server);
- }
-
- private Set<String> getRolesToQuery(Set<String> groups, Set<String> users,
- TSentryActiveRoleSet roleSet) {
- Set<String> activeRoleNames = toTrimedLower(roleSet.getRoles());
-
- Set<String> roleNames = Sets.newHashSet();
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- roleNames.addAll(toTrimedLower(getRoleNamesForGroupsCore(pm, groups)));
- roleNames.addAll(toTrimedLower(getRoleNamesForUsersCore(pm, users)));
- rollbackTransaction = false;
- commitTransaction(pm);
- return roleSet.isAll() ? roleNames : Sets.intersection(activeRoleNames,
- roleNames);
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- @VisibleForTesting
- static String toAuthorizable(MSentryPrivilege privilege) {
- List<String> authorizable = new ArrayList<String>(4);
- authorizable.add(KV_JOINER.join(AuthorizableType.Server.name().toLowerCase(),
- privilege.getServerName()));
- if (isNULL(privilege.getURI())) {
- if (!isNULL(privilege.getDbName())) {
- authorizable.add(KV_JOINER.join(AuthorizableType.Db.name().toLowerCase(),
- privilege.getDbName()));
- if (!isNULL(privilege.getTableName())) {
- authorizable.add(KV_JOINER.join(AuthorizableType.Table.name().toLowerCase(),
- privilege.getTableName()));
- if (!isNULL(privilege.getColumnName())) {
- authorizable.add(KV_JOINER.join(AuthorizableType.Column.name().toLowerCase(),
- privilege.getColumnName()));
- }
- }
- }
- } else {
- authorizable.add(KV_JOINER.join(AuthorizableType.URI.name().toLowerCase(),
- privilege.getURI()));
- }
- if (!isNULL(privilege.getAction())
- && !privilege.getAction().equalsIgnoreCase(AccessConstants.ALL)) {
- authorizable
- .add(KV_JOINER.join(SentryConstants.PRIVILEGE_NAME.toLowerCase(),
- privilege.getAction()));
- }
- return AUTHORIZABLE_JOINER.join(authorizable);
- }
-
- @VisibleForTesting
- static Set<String> toTrimedLower(Set<String> s) {
- if (null == s) {
- return new HashSet<String>();
- }
- Set<String> result = Sets.newHashSet();
- for (String v : s) {
- result.add(v.trim().toLowerCase());
- }
- return result;
- }
-
-
- /**
- * Converts model object(s) to thrift object(s).
- * Additionally does normalization
- * such as trimming whitespace and setting appropriate case. Also sets the create
- * time.
- */
-
- private Set<TSentryPrivilege> convertToTSentryPrivileges(Collection<MSentryPrivilege> mSentryPrivileges) {
- Set<TSentryPrivilege> privileges = new HashSet<TSentryPrivilege>();
- for(MSentryPrivilege mSentryPrivilege:mSentryPrivileges) {
- privileges.add(convertToTSentryPrivilege(mSentryPrivilege));
- }
- return privileges;
- }
-
- private Set<TSentryRole> convertToTSentryRoles(Set<MSentryRole> mSentryRoles) {
- Set<TSentryRole> roles = new HashSet<TSentryRole>();
- for(MSentryRole mSentryRole:mSentryRoles) {
- roles.add(convertToTSentryRole(mSentryRole));
- }
- return roles;
- }
-
- private Set<String> convertToRoleNameSet(Set<MSentryRole> mSentryRoles) {
- Set<String> roleNameSet = Sets.newHashSet();
- for (MSentryRole role : mSentryRoles) {
- roleNameSet.add(role.getRoleName());
- }
- return roleNameSet;
- }
-
- private TSentryRole convertToTSentryRole(MSentryRole mSentryRole) {
- TSentryRole role = new TSentryRole();
- role.setRoleName(mSentryRole.getRoleName());
- role.setGrantorPrincipal("--");
- Set<TSentryGroup> sentryGroups = new HashSet<TSentryGroup>();
- for(MSentryGroup mSentryGroup:mSentryRole.getGroups()) {
- TSentryGroup group = convertToTSentryGroup(mSentryGroup);
- sentryGroups.add(group);
- }
-
- role.setGroups(sentryGroups);
- return role;
- }
-
- private TSentryGroup convertToTSentryGroup(MSentryGroup mSentryGroup) {
- TSentryGroup group = new TSentryGroup();
- group.setGroupName(mSentryGroup.getGroupName());
- return group;
- }
-
- protected TSentryPrivilege convertToTSentryPrivilege(MSentryPrivilege mSentryPrivilege) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- convertToTSentryPrivilege(mSentryPrivilege, privilege);
- return privilege;
- }
-
- private void convertToTSentryPrivilege(MSentryPrivilege mSentryPrivilege,
- TSentryPrivilege privilege) {
- privilege.setCreateTime(mSentryPrivilege.getCreateTime());
- privilege.setAction(fromNULLCol(mSentryPrivilege.getAction()));
- privilege.setPrivilegeScope(mSentryPrivilege.getPrivilegeScope());
- privilege.setServerName(fromNULLCol(mSentryPrivilege.getServerName()));
- privilege.setDbName(fromNULLCol(mSentryPrivilege.getDbName()));
- privilege.setTableName(fromNULLCol(mSentryPrivilege.getTableName()));
- privilege.setColumnName(fromNULLCol(mSentryPrivilege.getColumnName()));
- privilege.setURI(fromNULLCol(mSentryPrivilege.getURI()));
- if (mSentryPrivilege.getGrantOption() != null) {
- privilege.setGrantOption(TSentryGrantOption.valueOf(mSentryPrivilege.getGrantOption().toString().toUpperCase()));
- } else {
- privilege.setGrantOption(TSentryGrantOption.UNSET);
- }
- }
-
- /**
- * Converts thrift object to model object. Additionally does normalization
- * such as trimming whitespace and setting appropriate case.
- * @throws SentryInvalidInputException
- */
- private MSentryPrivilege convertToMSentryPrivilege(TSentryPrivilege privilege)
- throws SentryInvalidInputException {
- MSentryPrivilege mSentryPrivilege = new MSentryPrivilege();
- mSentryPrivilege.setServerName(toNULLCol(safeTrimLower(privilege.getServerName())));
- mSentryPrivilege.setDbName(toNULLCol(safeTrimLower(privilege.getDbName())));
- mSentryPrivilege.setTableName(toNULLCol(safeTrimLower(privilege.getTableName())));
- mSentryPrivilege.setColumnName(toNULLCol(safeTrimLower(privilege.getColumnName())));
- mSentryPrivilege.setPrivilegeScope(safeTrim(privilege.getPrivilegeScope()));
- mSentryPrivilege.setAction(toNULLCol(safeTrimLower(privilege.getAction())));
- mSentryPrivilege.setCreateTime(System.currentTimeMillis());
- mSentryPrivilege.setURI(toNULLCol(safeTrim(privilege.getURI())));
- if ( !privilege.getGrantOption().equals(TSentryGrantOption.UNSET) ) {
- mSentryPrivilege.setGrantOption(Boolean.valueOf(privilege.getGrantOption().toString()));
- } else {
- mSentryPrivilege.setGrantOption(null);
- }
- return mSentryPrivilege;
- }
- private static String safeTrim(String s) {
- if (s == null) {
- return null;
- }
- return s.trim();
- }
- private static String safeTrimLower(String s) {
- if (s == null) {
- return null;
- }
- return s.trim().toLowerCase();
- }
-
- public String getSentryVersion() throws SentryNoSuchObjectException,
- SentryAccessDeniedException {
- MSentryVersion mVersion = getMSentryVersion();
- return mVersion.getSchemaVersion();
- }
-
- public void setSentryVersion(String newVersion, String verComment)
- throws SentryNoSuchObjectException, SentryAccessDeniedException {
- MSentryVersion mVersion;
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
-
- try {
- mVersion = getMSentryVersion();
- if (newVersion.equals(mVersion.getSchemaVersion())) {
- // specified version already in there
- return;
- }
- } catch (SentryNoSuchObjectException e) {
- // if the version doesn't exist, then create it
- mVersion = new MSentryVersion();
- }
- mVersion.setSchemaVersion(newVersion);
- mVersion.setVersionComment(verComment);
- try {
- pm = openTransaction();
- pm.makePersistent(mVersion);
- rollbackTransaction = false;
- commitTransaction(pm);
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- @SuppressWarnings("unchecked")
- private MSentryVersion getMSentryVersion()
- throws SentryNoSuchObjectException, SentryAccessDeniedException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryVersion.class);
- List<MSentryVersion> mSentryVersions = (List<MSentryVersion>) query
- .execute();
- pm.retrieveAll(mSentryVersions);
- rollbackTransaction = false;
- commitTransaction(pm);
- if (mSentryVersions.isEmpty()) {
- throw new SentryNoSuchObjectException("No matching version found");
- }
- if (mSentryVersions.size() > 1) {
- throw new SentryAccessDeniedException(
- "Metastore contains multiple versions");
- }
- return mSentryVersions.get(0);
- } catch (JDODataStoreException e) {
- if (e.getCause() instanceof MissingTableException) {
- throw new SentryAccessDeniedException("Version table not found. "
- + "The sentry store is not set or corrupt ");
- } else {
- throw e;
- }
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- /**
- * Drop given privilege from all roles
- */
- public void dropPrivilege(TSentryAuthorizable tAuthorizable)
- throws SentryNoSuchObjectException, SentryInvalidInputException {
- PersistenceManager pm = null;
- boolean rollbackTransaction = true;
-
- TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
- try {
- pm = openTransaction();
-
- if (isMultiActionsSupported(tPrivilege)) {
- for (String privilegeAction : ALL_ACTIONS) {
- tPrivilege.setAction(privilegeAction);
- dropPrivilegeForAllRoles(pm, new TSentryPrivilege(tPrivilege));
- }
- } else {
- dropPrivilegeForAllRoles(pm, new TSentryPrivilege(tPrivilege));
- }
- rollbackTransaction = false;
- commitTransaction(pm);
- } catch (JDODataStoreException e) {
- throw new SentryInvalidInputException("Failed to get privileges: "
- + e.getMessage());
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- /**
- * Rename given privilege from all roles drop the old privilege and create the new one
- * @param tAuthorizable
- * @param newTAuthorizable
- * @throws SentryNoSuchObjectException
- * @throws SentryInvalidInputException
- */
- public void renamePrivilege(TSentryAuthorizable tAuthorizable,
- TSentryAuthorizable newTAuthorizable)
- throws SentryNoSuchObjectException, SentryInvalidInputException {
- PersistenceManager pm = null;
- boolean rollbackTransaction = true;
-
- TSentryPrivilege tPrivilege = toSentryPrivilege(tAuthorizable);
- TSentryPrivilege newPrivilege = toSentryPrivilege(newTAuthorizable);
-
- try {
- pm = openTransaction();
- // In case of tables or DBs, check all actions
- if (isMultiActionsSupported(tPrivilege)) {
- for (String privilegeAction : ALL_ACTIONS) {
- tPrivilege.setAction(privilegeAction);
- newPrivilege.setAction(privilegeAction);
- renamePrivilegeForAllRoles(pm, tPrivilege, newPrivilege);
- }
- } else {
- renamePrivilegeForAllRoles(pm, tPrivilege, newPrivilege);
- }
- rollbackTransaction = false;
- commitTransaction(pm);
- } catch (JDODataStoreException e) {
- throw new SentryInvalidInputException("Failed to get privileges: "
- + e.getMessage());
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- // Currently INSERT/SELECT/ALL are supported for Table and DB level privileges
- private boolean isMultiActionsSupported(TSentryPrivilege tPrivilege) {
- return tPrivilege.getDbName() != null;
-
- }
- // wrapper for dropOrRename
- private void renamePrivilegeForAllRoles(PersistenceManager pm,
- TSentryPrivilege tPrivilege,
- TSentryPrivilege newPrivilege) throws SentryNoSuchObjectException,
- SentryInvalidInputException {
- dropOrRenamePrivilegeForAllRoles(pm, tPrivilege, newPrivilege);
- }
-
- /**
- * Drop given privilege from all roles
- * @param tPrivilege
- * @throws SentryNoSuchObjectException
- * @throws SentryInvalidInputException
- */
- private void dropPrivilegeForAllRoles(PersistenceManager pm,
- TSentryPrivilege tPrivilege)
- throws SentryNoSuchObjectException, SentryInvalidInputException {
- dropOrRenamePrivilegeForAllRoles(pm, tPrivilege, null);
- }
-
- /**
- * Drop given privilege from all roles Create the new privilege if asked
- * @param tPrivilege
- * @param pm
- * @throws SentryNoSuchObjectException
- * @throws SentryInvalidInputException
- */
- private void dropOrRenamePrivilegeForAllRoles(PersistenceManager pm,
- TSentryPrivilege tPrivilege,
- TSentryPrivilege newTPrivilege) throws SentryNoSuchObjectException,
- SentryInvalidInputException {
- HashSet<MSentryRole> roleSet = Sets.newHashSet();
-
- List<MSentryPrivilege> mPrivileges = getMSentryPrivileges(tPrivilege, pm);
- if (mPrivileges != null && !mPrivileges.isEmpty()) {
- for (MSentryPrivilege mPrivilege : mPrivileges) {
- roleSet.addAll(ImmutableSet.copyOf(mPrivilege.getRoles()));
- }
- }
-
- MSentryPrivilege parent = getMSentryPrivilege(tPrivilege, pm);
- for (MSentryRole role : roleSet) {
- // 1. get privilege and child privileges
- Set<MSentryPrivilege> privilegeGraph = Sets.newHashSet();
- if (parent != null) {
- privilegeGraph.add(parent);
- populateChildren(pm, Sets.newHashSet(role.getRoleName()), parent, privilegeGraph);
- } else {
- populateChildren(pm, Sets.newHashSet(role.getRoleName()), convertToMSentryPrivilege(tPrivilege),
- privilegeGraph);
- }
- // 2. revoke privilege and child privileges
- alterSentryRoleRevokePrivilegeCore(pm, role.getRoleName(), tPrivilege);
- // 3. add new privilege and child privileges with new tableName
- if (newTPrivilege != null) {
- for (MSentryPrivilege m : privilegeGraph) {
- TSentryPrivilege t = convertToTSentryPrivilege(m);
- if (newTPrivilege.getPrivilegeScope().equals(PrivilegeScope.DATABASE.name())) {
- t.setDbName(newTPrivilege.getDbName());
- } else if (newTPrivilege.getPrivilegeScope().equals(PrivilegeScope.TABLE.name())) {
- t.setTableName(newTPrivilege.getTableName());
- }
- alterSentryRoleGrantPrivilegeCore(pm, role.getRoleName(), t);
- }
- }
- }
- }
-
- private TSentryPrivilege toSentryPrivilege(TSentryAuthorizable tAuthorizable)
- throws SentryInvalidInputException {
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
- tSentryPrivilege.setDbName(fromNULLCol(tAuthorizable.getDb()));
- tSentryPrivilege.setServerName(fromNULLCol(tAuthorizable.getServer()));
- tSentryPrivilege.setTableName(fromNULLCol(tAuthorizable.getTable()));
- tSentryPrivilege.setColumnName(fromNULLCol(tAuthorizable.getColumn()));
- tSentryPrivilege.setURI(fromNULLCol(tAuthorizable.getUri()));
- PrivilegeScope scope;
- if (!isNULL(tSentryPrivilege.getColumnName())) {
- scope = PrivilegeScope.COLUMN;
- } else if (!isNULL(tSentryPrivilege.getTableName())) {
- scope = PrivilegeScope.TABLE;
- } else if (!isNULL(tSentryPrivilege.getDbName())) {
- scope = PrivilegeScope.DATABASE;
- } else if (!isNULL(tSentryPrivilege.getURI())) {
- scope = PrivilegeScope.URI;
- } else {
- scope = PrivilegeScope.SERVER;
- }
- tSentryPrivilege.setPrivilegeScope(scope.name());
- tSentryPrivilege.setAction(AccessConstants.ALL);
- return tSentryPrivilege;
- }
-
- public static String toNULLCol(String s) {
- return Strings.isNullOrEmpty(s) ? NULL_COL : s;
- }
-
- public static String fromNULLCol(String s) {
- return isNULL(s) ? "" : s;
- }
-
- public static boolean isNULL(String s) {
- return Strings.isNullOrEmpty(s) || s.equals(NULL_COL);
- }
-
- /**
- * Grant option check
- * @param pm
- * @param privilege
- * @throws SentryUserException
- */
- private void grantOptionCheck(PersistenceManager pm, String grantorPrincipal, TSentryPrivilege privilege)
- throws SentryUserException {
- MSentryPrivilege mPrivilege = convertToMSentryPrivilege(privilege);
- if (grantorPrincipal == null) {
- throw new SentryInvalidInputException("grantorPrincipal should not be null");
- }
-
- Set<String> groups = SentryPolicyStoreProcessor.getGroupsFromUserName(conf, grantorPrincipal);
-
- // if grantor is in adminGroup, don't need to do check
- Set<String> admins = getAdminGroups();
- boolean isAdminGroup = false;
- if (groups != null && admins != null && !admins.isEmpty()) {
- for (String g : groups) {
- if (admins.contains(g)) {
- isAdminGroup = true;
- break;
- }
- }
- }
-
- if (!isAdminGroup) {
- boolean hasGrant = false;
- // get all privileges for group and user
- Set<MSentryRole> roles = getRolesForGroups(pm, groups);
- roles.addAll(getRolesForUsers(pm, Sets.newHashSet(grantorPrincipal)));
- if (roles != null && !roles.isEmpty()) {
- for (MSentryRole role : roles) {
- Set<MSentryPrivilege> privilegeSet = role.getPrivileges();
- if (privilegeSet != null && !privilegeSet.isEmpty()) {
- // if role has a privilege p with grant option
- // and mPrivilege is a child privilege of p
- for (MSentryPrivilege p : privilegeSet) {
- if (p.getGrantOption() && p.implies(mPrivilege)) {
- hasGrant = true;
- break;
- }
- }
- }
- }
- }
-
- if (!hasGrant) {
- throw new SentryGrantDeniedException(grantorPrincipal
- + " has no grant!");
- }
- }
- }
-
- // get adminGroups from conf
- private Set<String> getAdminGroups() {
- return Sets.newHashSet(conf.getStrings(
- ServerConfig.ADMIN_GROUPS, new String[]{}));
- }
-
- /**
- * This returns a Mapping of AuthZObj(db/table) -> (Role -> permission)
- */
- public Map<String, HashMap<String, String>> retrieveFullPrivilegeImage() {
- Map<String, HashMap<String, String>> retVal = new HashMap<String, HashMap<String,String>>();
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryPrivilege.class);
- String filters = "(serverName != \"__NULL__\") "
- + "&& (dbName != \"__NULL__\") " + "&& (URI == \"__NULL__\")";
- query.setFilter(filters.toString());
- query
- .setOrdering("serverName ascending, dbName ascending, tableName ascending");
- List<MSentryPrivilege> privileges = (List<MSentryPrivilege>) query
- .execute();
- rollbackTransaction = false;
- for (MSentryPrivilege mPriv : privileges) {
- String authzObj = mPriv.getDbName();
- if (!isNULL(mPriv.getTableName())) {
- authzObj = authzObj + "." + mPriv.getTableName();
- }
- HashMap<String, String> pUpdate = retVal.get(authzObj);
- if (pUpdate == null) {
- pUpdate = new HashMap<String, String>();
- retVal.put(authzObj, pUpdate);
- }
- for (MSentryRole mRole : mPriv.getRoles()) {
- String existingPriv = pUpdate.get(mRole.getRoleName());
- if (existingPriv == null) {
- pUpdate.put(mRole.getRoleName(), mPriv.getAction().toUpperCase());
- } else {
- pUpdate.put(mRole.getRoleName(), existingPriv + ","
- + mPriv.getAction().toUpperCase());
- }
- }
- }
- commitTransaction(pm);
- return retVal;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- /**
- * This returns a Mapping of Role -> [Groups]
- */
- public Map<String, LinkedList<String>> retrieveFullRoleImage() {
- Map<String, LinkedList<String>> retVal = new HashMap<String, LinkedList<String>>();
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryGroup.class);
- List<MSentryGroup> groups = (List<MSentryGroup>) query.execute();
- for (MSentryGroup mGroup : groups) {
- for (MSentryRole role : mGroup.getRoles()) {
- LinkedList<String> rUpdate = retVal.get(role.getRoleName());
- if (rUpdate == null) {
- rUpdate = new LinkedList<String>();
- retVal.put(role.getRoleName(), rUpdate);
- }
- rUpdate.add(mGroup.getGroupName());
- }
- }
- commitTransaction(pm);
- return retVal;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- /**
- * This thread exists to clean up "orphaned" privilege rows in the database.
- * These rows aren't removed automatically due to the fact that there is
- * a many-to-many mapping between the roles and privileges, and the
- * detection and removal of orphaned privileges is a wee bit involved.
- * This thread hangs out until notified by the parent (the outer class)
- * and then runs a custom SQL statement that detects and removes orphans.
- */
- private class PrivCleaner implements Runnable {
- // Kick off priv orphan removal after this many notifies
- private static final int NOTIFY_THRESHOLD = 50;
-
- // How many times we've been notified; reset to zero after orphan removal
- private int currentNotifies = 0;
-
- // Internal state for threads
- private boolean exitRequired = false;
-
- // This lock and condition are needed to implement a way to drop the
- // lock inside a while loop, and not hold the lock across the orphan
- // removal.
- private final Lock lock = new ReentrantLock();
- private final Condition cond = lock.newCondition();
-
- /**
- * Waits in a loop, running the orphan removal function when notified.
- * Will exit after exitRequired is set to true by exit(). We are careful
- * to not hold our lock while removing orphans; that operation might
- * take a long time. There's also the matter of lock ordering. Other
- * threads start a transaction first, and then grab our lock; this thread
- * grabs the lock and then starts a transaction. Handling this correctly
- * requires explicit locking/unlocking through the loop.
- */
- public void run() {
- while (true) {
- lock.lock();
- try {
- // Check here in case this was set during removeOrphanedPrivileges()
- if (exitRequired) {
- return;
- }
- while (currentNotifies <= NOTIFY_THRESHOLD) {
- try {
- cond.await();
- } catch (InterruptedException e) {
- // Interrupted
- }
- // Check here in case this was set while waiting
- if (exitRequired) {
- return;
- }
- }
- currentNotifies = 0;
- } finally {
- lock.unlock();
- }
- try {
- removeOrphanedPrivileges();
- } catch (Exception e) {
- LOGGER.warn("Privilege cleaning thread encountered an error: " +
- e.getMessage());
- }
- }
- }
-
- /**
- * This is called when a privilege is removed from a role. This may
- * or may not mean that the privilege needs to be removed from the
- * database; there may be more references to it from other roles.
- * As a result, we'll lazily run the orphan cleaner every
- * NOTIFY_THRESHOLD times this routine is called.
- * @param numDeletions The number of potentially orphaned privileges
- */
- public void incPrivRemoval(int numDeletions) {
- if (privCleanerThread != null) {
- try {
- lock.lock();
- currentNotifies += numDeletions;
- if (currentNotifies > NOTIFY_THRESHOLD) {
- cond.signal();
- }
- } finally {
- lock.unlock();
- }
- }
- }
-
- /**
- * Simple form of incPrivRemoval when only one privilege is deleted.
- */
- public void incPrivRemoval() {
- incPrivRemoval(1);
- }
-
- /**
- * Tell this thread to exit. Safe to call multiple times, as it just
- * notifies the run() loop to finish up.
- */
- public void exit() {
- if (privCleanerThread != null) {
- lock.lock();
- try {
- exitRequired = true;
- cond.signal();
- } finally {
- lock.unlock();
- }
- }
- }
-
- /**
- * Run a SQL query to detect orphaned privileges, and then delete
- * each one. This is complicated by the fact that datanucleus does
- * not seem to play well with the mix between a direct SQL query
- * and operations on the database. The solution that seems to work
- * is to split the operation into two transactions: the first is
- * just a read for privileges that look like they're orphans, the
- * second transaction will go and get each of those privilege objects,
- * verify that there are no roles attached, and then delete them.
- */
- private void removeOrphanedPrivileges() {
- final String privDB = "SENTRY_DB_PRIVILEGE";
- final String privId = "DB_PRIVILEGE_ID";
- final String mapDB = "SENTRY_ROLE_DB_PRIVILEGE_MAP";
- final String privFilter =
- "select " + privId +
- " from " + privDB + " p" +
- " where not exists (" +
- " select 1 from " + mapDB + " d" +
- " where p." + privId + " != d." + privId +
- " )";
- boolean rollback = true;
- int orphansRemoved = 0;
- ArrayList<Object> idList = new ArrayList<Object>();
- PersistenceManager pm = pmf.getPersistenceManager();
-
- // Transaction 1: Perform a SQL query to get things that look like orphans
- try {
- Transaction transaction = pm.currentTransaction();
- transaction.begin();
- transaction.setRollbackOnly(); // Makes the tx read-only
- Query query = pm.newQuery("javax.jdo.query.SQL", privFilter);
- query.setClass(MSentryPrivilege.class);
- List<MSentryPrivilege> results = (List<MSentryPrivilege>) query.execute();
- for (MSentryPrivilege orphan : results) {
- idList.add(pm.getObjectId(orphan));
- }
- transaction.rollback();
- rollback = false;
- } finally {
- if (rollback && pm.currentTransaction().isActive()) {
- pm.currentTransaction().rollback();
- } else {
- LOGGER.debug("Found {} potential orphans", idList.size());
- }
- }
-
- if (idList.isEmpty()) {
- pm.close();
- return;
- }
-
- Preconditions.checkState(!rollback);
-
- // Transaction 2: For each potential orphan, verify it's really an
- // orphan and delete it if so
- rollback = true;
- try {
- Transaction transaction = pm.currentTransaction();
- transaction.begin();
- pm.refreshAll(); // Try to ensure we really have correct objects
- for (Object id : idList) {
- MSentryPrivilege priv = (MSentryPrivilege) pm.getObjectById(id);
- if (priv.getRoles().isEmpty()) {
- pm.deletePersistent(priv);
- orphansRemoved++;
- }
- }
- transaction.commit();
- pm.close();
- rollback = false;
- } finally {
- if (rollback) {
- rollbackTransaction(pm);
- } else {
- LOGGER.debug("Cleaned up {} orphaned privileges", orphansRemoved);
- }
- }
- }
- }
-
- // get mapping datas for [group,role], [user,role] with the specific roles
- public List<Map<String, Set<String>>> getGroupUserRoleMapList(Set<String> roleNames) {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryRole.class);
-
- List<String> rolesFiler = new LinkedList<String>();
- if (roleNames != null) {
- for (String rName : roleNames) {
- rolesFiler.add("(roleName == \"" + rName.trim().toLowerCase() + "\")");
- }
- }
- if (rolesFiler.size() > 0) {
- query.setFilter(Joiner.on(" || ").join(rolesFiler));
- }
-
- List<MSentryRole> mSentryRoles = (List<MSentryRole>) query.execute();
- Map<String, Set<String>> groupRolesMap = getGroupRolesMap(mSentryRoles);
- Map<String, Set<String>> userRolesMap = getUserRolesMap(mSentryRoles);
- List<Map<String, Set<String>>> mapsList = new ArrayList<>();
- mapsList.add(INDEX_GROUP_ROLES_MAP, groupRolesMap);
- mapsList.add(INDEX_USER_ROLES_MAP, userRolesMap);
- commitTransaction(pm);
- rollbackTransaction = false;
- return mapsList;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- private Map<String, Set<String>> getGroupRolesMap(List<MSentryRole> mSentryRoles) {
- Map<String, Set<String>> groupRolesMap = Maps.newHashMap();
- if (mSentryRoles == null) {
- return groupRolesMap;
- }
- // change the List<MSentryRole> -> Map<groupName, Set<roleName>>
- for (MSentryRole mSentryRole : mSentryRoles) {
- Set<MSentryGroup> groups = mSentryRole.getGroups();
- for (MSentryGroup group : groups) {
- String groupName = group.getGroupName();
- Set<String> rNames = groupRolesMap.get(groupName);
- if (rNames == null) {
- rNames = new HashSet<String>();
- }
- rNames.add(mSentryRole.getRoleName());
- groupRolesMap.put(groupName, rNames);
- }
- }
- return groupRolesMap;
- }
-
- private Map<String, Set<String>> getUserRolesMap(List<MSentryRole> mSentryRoles) {
- Map<String, Set<String>> userRolesMap = Maps.newHashMap();
- if (mSentryRoles == null) {
- return userRolesMap;
- }
- // change the List<MSentryRole> -> Map<userName, Set<roleName>>
- for (MSentryRole mSentryRole : mSentryRoles) {
- Set<MSentryUser> users = mSentryRole.getUsers();
- for (MSentryUser user : users) {
- String userName = user.getUserName();
- Set<String> rNames = userRolesMap.get(userName);
- if (rNames == null) {
- rNames = new HashSet<String>();
- }
- rNames.add(mSentryRole.getRoleName());
- userRolesMap.put(userName, rNames);
- }
- }
- return userRolesMap;
- }
-
- // get all mapping data for [role,privilege]
- public Map<String, Set<TSentryPrivilege>> getRoleNameTPrivilegesMap() throws Exception {
- return getRoleNameTPrivilegesMap(null, null);
- }
-
- // get mapping data for [role,privilege] with the specific auth object
- public Map<String, Set<TSentryPrivilege>> getRoleNameTPrivilegesMap(String dbName,
- String tableName) throws Exception {
- boolean rollbackTransaction = true;
- PersistenceManage
<TRUNCATED>
[28/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryMappingData.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryMappingData.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryMappingData.java
deleted file mode 100644
index 2c091cb..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryMappingData.java
+++ /dev/null
@@ -1,898 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryMappingData implements org.apache.thrift.TBase<TSentryMappingData, TSentryMappingData._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryMappingData> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryMappingData");
-
- private static final org.apache.thrift.protocol.TField GROUP_ROLES_MAP_FIELD_DESC = new org.apache.thrift.protocol.TField("groupRolesMap", org.apache.thrift.protocol.TType.MAP, (short)1);
- private static final org.apache.thrift.protocol.TField ROLE_PRIVILEGES_MAP_FIELD_DESC = new org.apache.thrift.protocol.TField("rolePrivilegesMap", org.apache.thrift.protocol.TType.MAP, (short)2);
- private static final org.apache.thrift.protocol.TField USER_ROLES_MAP_FIELD_DESC = new org.apache.thrift.protocol.TField("userRolesMap", org.apache.thrift.protocol.TType.MAP, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryMappingDataStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryMappingDataTupleSchemeFactory());
- }
-
- private Map<String,Set<String>> groupRolesMap; // optional
- private Map<String,Set<TSentryPrivilege>> rolePrivilegesMap; // optional
- private Map<String,Set<String>> userRolesMap; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- GROUP_ROLES_MAP((short)1, "groupRolesMap"),
- ROLE_PRIVILEGES_MAP((short)2, "rolePrivilegesMap"),
- USER_ROLES_MAP((short)3, "userRolesMap");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // GROUP_ROLES_MAP
- return GROUP_ROLES_MAP;
- case 2: // ROLE_PRIVILEGES_MAP
- return ROLE_PRIVILEGES_MAP;
- case 3: // USER_ROLES_MAP
- return USER_ROLES_MAP;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.GROUP_ROLES_MAP,_Fields.ROLE_PRIVILEGES_MAP,_Fields.USER_ROLES_MAP};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.GROUP_ROLES_MAP, new org.apache.thrift.meta_data.FieldMetaData("groupRolesMap", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING),
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)))));
- tmpMap.put(_Fields.ROLE_PRIVILEGES_MAP, new org.apache.thrift.meta_data.FieldMetaData("rolePrivilegesMap", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING),
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)))));
- tmpMap.put(_Fields.USER_ROLES_MAP, new org.apache.thrift.meta_data.FieldMetaData("userRolesMap", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING),
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryMappingData.class, metaDataMap);
- }
-
- public TSentryMappingData() {
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryMappingData(TSentryMappingData other) {
- if (other.isSetGroupRolesMap()) {
- Map<String,Set<String>> __this__groupRolesMap = new HashMap<String,Set<String>>(other.groupRolesMap.size());
- for (Map.Entry<String, Set<String>> other_element : other.groupRolesMap.entrySet()) {
-
- String other_element_key = other_element.getKey();
- Set<String> other_element_value = other_element.getValue();
-
- String __this__groupRolesMap_copy_key = other_element_key;
-
- Set<String> __this__groupRolesMap_copy_value = new HashSet<String>(other_element_value);
-
- __this__groupRolesMap.put(__this__groupRolesMap_copy_key, __this__groupRolesMap_copy_value);
- }
- this.groupRolesMap = __this__groupRolesMap;
- }
- if (other.isSetRolePrivilegesMap()) {
- Map<String,Set<TSentryPrivilege>> __this__rolePrivilegesMap = new HashMap<String,Set<TSentryPrivilege>>(other.rolePrivilegesMap.size());
- for (Map.Entry<String, Set<TSentryPrivilege>> other_element : other.rolePrivilegesMap.entrySet()) {
-
- String other_element_key = other_element.getKey();
- Set<TSentryPrivilege> other_element_value = other_element.getValue();
-
- String __this__rolePrivilegesMap_copy_key = other_element_key;
-
- Set<TSentryPrivilege> __this__rolePrivilegesMap_copy_value = new HashSet<TSentryPrivilege>(other_element_value.size());
- for (TSentryPrivilege other_element_value_element : other_element_value) {
- __this__rolePrivilegesMap_copy_value.add(new TSentryPrivilege(other_element_value_element));
- }
-
- __this__rolePrivilegesMap.put(__this__rolePrivilegesMap_copy_key, __this__rolePrivilegesMap_copy_value);
- }
- this.rolePrivilegesMap = __this__rolePrivilegesMap;
- }
- if (other.isSetUserRolesMap()) {
- Map<String,Set<String>> __this__userRolesMap = new HashMap<String,Set<String>>(other.userRolesMap.size());
- for (Map.Entry<String, Set<String>> other_element : other.userRolesMap.entrySet()) {
-
- String other_element_key = other_element.getKey();
- Set<String> other_element_value = other_element.getValue();
-
- String __this__userRolesMap_copy_key = other_element_key;
-
- Set<String> __this__userRolesMap_copy_value = new HashSet<String>(other_element_value);
-
- __this__userRolesMap.put(__this__userRolesMap_copy_key, __this__userRolesMap_copy_value);
- }
- this.userRolesMap = __this__userRolesMap;
- }
- }
-
- public TSentryMappingData deepCopy() {
- return new TSentryMappingData(this);
- }
-
- @Override
- public void clear() {
- this.groupRolesMap = null;
- this.rolePrivilegesMap = null;
- this.userRolesMap = null;
- }
-
- public int getGroupRolesMapSize() {
- return (this.groupRolesMap == null) ? 0 : this.groupRolesMap.size();
- }
-
- public void putToGroupRolesMap(String key, Set<String> val) {
- if (this.groupRolesMap == null) {
- this.groupRolesMap = new HashMap<String,Set<String>>();
- }
- this.groupRolesMap.put(key, val);
- }
-
- public Map<String,Set<String>> getGroupRolesMap() {
- return this.groupRolesMap;
- }
-
- public void setGroupRolesMap(Map<String,Set<String>> groupRolesMap) {
- this.groupRolesMap = groupRolesMap;
- }
-
- public void unsetGroupRolesMap() {
- this.groupRolesMap = null;
- }
-
- /** Returns true if field groupRolesMap is set (has been assigned a value) and false otherwise */
- public boolean isSetGroupRolesMap() {
- return this.groupRolesMap != null;
- }
-
- public void setGroupRolesMapIsSet(boolean value) {
- if (!value) {
- this.groupRolesMap = null;
- }
- }
-
- public int getRolePrivilegesMapSize() {
- return (this.rolePrivilegesMap == null) ? 0 : this.rolePrivilegesMap.size();
- }
-
- public void putToRolePrivilegesMap(String key, Set<TSentryPrivilege> val) {
- if (this.rolePrivilegesMap == null) {
- this.rolePrivilegesMap = new HashMap<String,Set<TSentryPrivilege>>();
- }
- this.rolePrivilegesMap.put(key, val);
- }
-
- public Map<String,Set<TSentryPrivilege>> getRolePrivilegesMap() {
- return this.rolePrivilegesMap;
- }
-
- public void setRolePrivilegesMap(Map<String,Set<TSentryPrivilege>> rolePrivilegesMap) {
- this.rolePrivilegesMap = rolePrivilegesMap;
- }
-
- public void unsetRolePrivilegesMap() {
- this.rolePrivilegesMap = null;
- }
-
- /** Returns true if field rolePrivilegesMap is set (has been assigned a value) and false otherwise */
- public boolean isSetRolePrivilegesMap() {
- return this.rolePrivilegesMap != null;
- }
-
- public void setRolePrivilegesMapIsSet(boolean value) {
- if (!value) {
- this.rolePrivilegesMap = null;
- }
- }
-
- public int getUserRolesMapSize() {
- return (this.userRolesMap == null) ? 0 : this.userRolesMap.size();
- }
-
- public void putToUserRolesMap(String key, Set<String> val) {
- if (this.userRolesMap == null) {
- this.userRolesMap = new HashMap<String,Set<String>>();
- }
- this.userRolesMap.put(key, val);
- }
-
- public Map<String,Set<String>> getUserRolesMap() {
- return this.userRolesMap;
- }
-
- public void setUserRolesMap(Map<String,Set<String>> userRolesMap) {
- this.userRolesMap = userRolesMap;
- }
-
- public void unsetUserRolesMap() {
- this.userRolesMap = null;
- }
-
- /** Returns true if field userRolesMap is set (has been assigned a value) and false otherwise */
- public boolean isSetUserRolesMap() {
- return this.userRolesMap != null;
- }
-
- public void setUserRolesMapIsSet(boolean value) {
- if (!value) {
- this.userRolesMap = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case GROUP_ROLES_MAP:
- if (value == null) {
- unsetGroupRolesMap();
- } else {
- setGroupRolesMap((Map<String,Set<String>>)value);
- }
- break;
-
- case ROLE_PRIVILEGES_MAP:
- if (value == null) {
- unsetRolePrivilegesMap();
- } else {
- setRolePrivilegesMap((Map<String,Set<TSentryPrivilege>>)value);
- }
- break;
-
- case USER_ROLES_MAP:
- if (value == null) {
- unsetUserRolesMap();
- } else {
- setUserRolesMap((Map<String,Set<String>>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case GROUP_ROLES_MAP:
- return getGroupRolesMap();
-
- case ROLE_PRIVILEGES_MAP:
- return getRolePrivilegesMap();
-
- case USER_ROLES_MAP:
- return getUserRolesMap();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case GROUP_ROLES_MAP:
- return isSetGroupRolesMap();
- case ROLE_PRIVILEGES_MAP:
- return isSetRolePrivilegesMap();
- case USER_ROLES_MAP:
- return isSetUserRolesMap();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryMappingData)
- return this.equals((TSentryMappingData)that);
- return false;
- }
-
- public boolean equals(TSentryMappingData that) {
- if (that == null)
- return false;
-
- boolean this_present_groupRolesMap = true && this.isSetGroupRolesMap();
- boolean that_present_groupRolesMap = true && that.isSetGroupRolesMap();
- if (this_present_groupRolesMap || that_present_groupRolesMap) {
- if (!(this_present_groupRolesMap && that_present_groupRolesMap))
- return false;
- if (!this.groupRolesMap.equals(that.groupRolesMap))
- return false;
- }
-
- boolean this_present_rolePrivilegesMap = true && this.isSetRolePrivilegesMap();
- boolean that_present_rolePrivilegesMap = true && that.isSetRolePrivilegesMap();
- if (this_present_rolePrivilegesMap || that_present_rolePrivilegesMap) {
- if (!(this_present_rolePrivilegesMap && that_present_rolePrivilegesMap))
- return false;
- if (!this.rolePrivilegesMap.equals(that.rolePrivilegesMap))
- return false;
- }
-
- boolean this_present_userRolesMap = true && this.isSetUserRolesMap();
- boolean that_present_userRolesMap = true && that.isSetUserRolesMap();
- if (this_present_userRolesMap || that_present_userRolesMap) {
- if (!(this_present_userRolesMap && that_present_userRolesMap))
- return false;
- if (!this.userRolesMap.equals(that.userRolesMap))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_groupRolesMap = true && (isSetGroupRolesMap());
- list.add(present_groupRolesMap);
- if (present_groupRolesMap)
- list.add(groupRolesMap);
-
- boolean present_rolePrivilegesMap = true && (isSetRolePrivilegesMap());
- list.add(present_rolePrivilegesMap);
- if (present_rolePrivilegesMap)
- list.add(rolePrivilegesMap);
-
- boolean present_userRolesMap = true && (isSetUserRolesMap());
- list.add(present_userRolesMap);
- if (present_userRolesMap)
- list.add(userRolesMap);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryMappingData other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetGroupRolesMap()).compareTo(other.isSetGroupRolesMap());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroupRolesMap()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groupRolesMap, other.groupRolesMap);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRolePrivilegesMap()).compareTo(other.isSetRolePrivilegesMap());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRolePrivilegesMap()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.rolePrivilegesMap, other.rolePrivilegesMap);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetUserRolesMap()).compareTo(other.isSetUserRolesMap());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetUserRolesMap()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.userRolesMap, other.userRolesMap);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryMappingData(");
- boolean first = true;
-
- if (isSetGroupRolesMap()) {
- sb.append("groupRolesMap:");
- if (this.groupRolesMap == null) {
- sb.append("null");
- } else {
- sb.append(this.groupRolesMap);
- }
- first = false;
- }
- if (isSetRolePrivilegesMap()) {
- if (!first) sb.append(", ");
- sb.append("rolePrivilegesMap:");
- if (this.rolePrivilegesMap == null) {
- sb.append("null");
- } else {
- sb.append(this.rolePrivilegesMap);
- }
- first = false;
- }
- if (isSetUserRolesMap()) {
- if (!first) sb.append(", ");
- sb.append("userRolesMap:");
- if (this.userRolesMap == null) {
- sb.append("null");
- } else {
- sb.append(this.userRolesMap);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryMappingDataStandardSchemeFactory implements SchemeFactory {
- public TSentryMappingDataStandardScheme getScheme() {
- return new TSentryMappingDataStandardScheme();
- }
- }
-
- private static class TSentryMappingDataStandardScheme extends StandardScheme<TSentryMappingData> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryMappingData struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // GROUP_ROLES_MAP
- if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
- {
- org.apache.thrift.protocol.TMap _map156 = iprot.readMapBegin();
- struct.groupRolesMap = new HashMap<String,Set<String>>(2*_map156.size);
- String _key157;
- Set<String> _val158;
- for (int _i159 = 0; _i159 < _map156.size; ++_i159)
- {
- _key157 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set160 = iprot.readSetBegin();
- _val158 = new HashSet<String>(2*_set160.size);
- String _elem161;
- for (int _i162 = 0; _i162 < _set160.size; ++_i162)
- {
- _elem161 = iprot.readString();
- _val158.add(_elem161);
- }
- iprot.readSetEnd();
- }
- struct.groupRolesMap.put(_key157, _val158);
- }
- iprot.readMapEnd();
- }
- struct.setGroupRolesMapIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // ROLE_PRIVILEGES_MAP
- if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
- {
- org.apache.thrift.protocol.TMap _map163 = iprot.readMapBegin();
- struct.rolePrivilegesMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map163.size);
- String _key164;
- Set<TSentryPrivilege> _val165;
- for (int _i166 = 0; _i166 < _map163.size; ++_i166)
- {
- _key164 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set167 = iprot.readSetBegin();
- _val165 = new HashSet<TSentryPrivilege>(2*_set167.size);
- TSentryPrivilege _elem168;
- for (int _i169 = 0; _i169 < _set167.size; ++_i169)
- {
- _elem168 = new TSentryPrivilege();
- _elem168.read(iprot);
- _val165.add(_elem168);
- }
- iprot.readSetEnd();
- }
- struct.rolePrivilegesMap.put(_key164, _val165);
- }
- iprot.readMapEnd();
- }
- struct.setRolePrivilegesMapIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // USER_ROLES_MAP
- if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
- {
- org.apache.thrift.protocol.TMap _map170 = iprot.readMapBegin();
- struct.userRolesMap = new HashMap<String,Set<String>>(2*_map170.size);
- String _key171;
- Set<String> _val172;
- for (int _i173 = 0; _i173 < _map170.size; ++_i173)
- {
- _key171 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set174 = iprot.readSetBegin();
- _val172 = new HashSet<String>(2*_set174.size);
- String _elem175;
- for (int _i176 = 0; _i176 < _set174.size; ++_i176)
- {
- _elem175 = iprot.readString();
- _val172.add(_elem175);
- }
- iprot.readSetEnd();
- }
- struct.userRolesMap.put(_key171, _val172);
- }
- iprot.readMapEnd();
- }
- struct.setUserRolesMapIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryMappingData struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.groupRolesMap != null) {
- if (struct.isSetGroupRolesMap()) {
- oprot.writeFieldBegin(GROUP_ROLES_MAP_FIELD_DESC);
- {
- oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, struct.groupRolesMap.size()));
- for (Map.Entry<String, Set<String>> _iter177 : struct.groupRolesMap.entrySet())
- {
- oprot.writeString(_iter177.getKey());
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, _iter177.getValue().size()));
- for (String _iter178 : _iter177.getValue())
- {
- oprot.writeString(_iter178);
- }
- oprot.writeSetEnd();
- }
- }
- oprot.writeMapEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- if (struct.rolePrivilegesMap != null) {
- if (struct.isSetRolePrivilegesMap()) {
- oprot.writeFieldBegin(ROLE_PRIVILEGES_MAP_FIELD_DESC);
- {
- oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, struct.rolePrivilegesMap.size()));
- for (Map.Entry<String, Set<TSentryPrivilege>> _iter179 : struct.rolePrivilegesMap.entrySet())
- {
- oprot.writeString(_iter179.getKey());
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, _iter179.getValue().size()));
- for (TSentryPrivilege _iter180 : _iter179.getValue())
- {
- _iter180.write(oprot);
- }
- oprot.writeSetEnd();
- }
- }
- oprot.writeMapEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- if (struct.userRolesMap != null) {
- if (struct.isSetUserRolesMap()) {
- oprot.writeFieldBegin(USER_ROLES_MAP_FIELD_DESC);
- {
- oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, struct.userRolesMap.size()));
- for (Map.Entry<String, Set<String>> _iter181 : struct.userRolesMap.entrySet())
- {
- oprot.writeString(_iter181.getKey());
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, _iter181.getValue().size()));
- for (String _iter182 : _iter181.getValue())
- {
- oprot.writeString(_iter182);
- }
- oprot.writeSetEnd();
- }
- }
- oprot.writeMapEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryMappingDataTupleSchemeFactory implements SchemeFactory {
- public TSentryMappingDataTupleScheme getScheme() {
- return new TSentryMappingDataTupleScheme();
- }
- }
-
- private static class TSentryMappingDataTupleScheme extends TupleScheme<TSentryMappingData> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryMappingData struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- BitSet optionals = new BitSet();
- if (struct.isSetGroupRolesMap()) {
- optionals.set(0);
- }
- if (struct.isSetRolePrivilegesMap()) {
- optionals.set(1);
- }
- if (struct.isSetUserRolesMap()) {
- optionals.set(2);
- }
- oprot.writeBitSet(optionals, 3);
- if (struct.isSetGroupRolesMap()) {
- {
- oprot.writeI32(struct.groupRolesMap.size());
- for (Map.Entry<String, Set<String>> _iter183 : struct.groupRolesMap.entrySet())
- {
- oprot.writeString(_iter183.getKey());
- {
- oprot.writeI32(_iter183.getValue().size());
- for (String _iter184 : _iter183.getValue())
- {
- oprot.writeString(_iter184);
- }
- }
- }
- }
- }
- if (struct.isSetRolePrivilegesMap()) {
- {
- oprot.writeI32(struct.rolePrivilegesMap.size());
- for (Map.Entry<String, Set<TSentryPrivilege>> _iter185 : struct.rolePrivilegesMap.entrySet())
- {
- oprot.writeString(_iter185.getKey());
- {
- oprot.writeI32(_iter185.getValue().size());
- for (TSentryPrivilege _iter186 : _iter185.getValue())
- {
- _iter186.write(oprot);
- }
- }
- }
- }
- }
- if (struct.isSetUserRolesMap()) {
- {
- oprot.writeI32(struct.userRolesMap.size());
- for (Map.Entry<String, Set<String>> _iter187 : struct.userRolesMap.entrySet())
- {
- oprot.writeString(_iter187.getKey());
- {
- oprot.writeI32(_iter187.getValue().size());
- for (String _iter188 : _iter187.getValue())
- {
- oprot.writeString(_iter188);
- }
- }
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryMappingData struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- BitSet incoming = iprot.readBitSet(3);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TMap _map189 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, iprot.readI32());
- struct.groupRolesMap = new HashMap<String,Set<String>>(2*_map189.size);
- String _key190;
- Set<String> _val191;
- for (int _i192 = 0; _i192 < _map189.size; ++_i192)
- {
- _key190 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set193 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- _val191 = new HashSet<String>(2*_set193.size);
- String _elem194;
- for (int _i195 = 0; _i195 < _set193.size; ++_i195)
- {
- _elem194 = iprot.readString();
- _val191.add(_elem194);
- }
- }
- struct.groupRolesMap.put(_key190, _val191);
- }
- }
- struct.setGroupRolesMapIsSet(true);
- }
- if (incoming.get(1)) {
- {
- org.apache.thrift.protocol.TMap _map196 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, iprot.readI32());
- struct.rolePrivilegesMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map196.size);
- String _key197;
- Set<TSentryPrivilege> _val198;
- for (int _i199 = 0; _i199 < _map196.size; ++_i199)
- {
- _key197 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set200 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- _val198 = new HashSet<TSentryPrivilege>(2*_set200.size);
- TSentryPrivilege _elem201;
- for (int _i202 = 0; _i202 < _set200.size; ++_i202)
- {
- _elem201 = new TSentryPrivilege();
- _elem201.read(iprot);
- _val198.add(_elem201);
- }
- }
- struct.rolePrivilegesMap.put(_key197, _val198);
- }
- }
- struct.setRolePrivilegesMapIsSet(true);
- }
- if (incoming.get(2)) {
- {
- org.apache.thrift.protocol.TMap _map203 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, iprot.readI32());
- struct.userRolesMap = new HashMap<String,Set<String>>(2*_map203.size);
- String _key204;
- Set<String> _val205;
- for (int _i206 = 0; _i206 < _map203.size; ++_i206)
- {
- _key204 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set207 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- _val205 = new HashSet<String>(2*_set207.size);
- String _elem208;
- for (int _i209 = 0; _i209 < _set207.size; ++_i209)
- {
- _elem208 = iprot.readString();
- _val205.add(_elem208);
- }
- }
- struct.userRolesMap.put(_key204, _val205);
- }
- }
- struct.setUserRolesMapIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilege.java
deleted file mode 100644
index 15b339f..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilege.java
+++ /dev/null
@@ -1,1258 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryPrivilege implements org.apache.thrift.TBase<TSentryPrivilege, TSentryPrivilege._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryPrivilege> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryPrivilege");
-
- private static final org.apache.thrift.protocol.TField PRIVILEGE_SCOPE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegeScope", org.apache.thrift.protocol.TType.STRING, (short)1);
- private static final org.apache.thrift.protocol.TField SERVER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("serverName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField DB_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("dbName", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField TABLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("tableName", org.apache.thrift.protocol.TType.STRING, (short)5);
- private static final org.apache.thrift.protocol.TField URI_FIELD_DESC = new org.apache.thrift.protocol.TField("URI", org.apache.thrift.protocol.TType.STRING, (short)6);
- private static final org.apache.thrift.protocol.TField ACTION_FIELD_DESC = new org.apache.thrift.protocol.TField("action", org.apache.thrift.protocol.TType.STRING, (short)7);
- private static final org.apache.thrift.protocol.TField CREATE_TIME_FIELD_DESC = new org.apache.thrift.protocol.TField("createTime", org.apache.thrift.protocol.TType.I64, (short)8);
- private static final org.apache.thrift.protocol.TField GRANT_OPTION_FIELD_DESC = new org.apache.thrift.protocol.TField("grantOption", org.apache.thrift.protocol.TType.I32, (short)9);
- private static final org.apache.thrift.protocol.TField COLUMN_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("columnName", org.apache.thrift.protocol.TType.STRING, (short)10);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryPrivilegeStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryPrivilegeTupleSchemeFactory());
- }
-
- private String privilegeScope; // required
- private String serverName; // required
- private String dbName; // optional
- private String tableName; // optional
- private String URI; // optional
- private String action; // required
- private long createTime; // optional
- private TSentryGrantOption grantOption; // optional
- private String columnName; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PRIVILEGE_SCOPE((short)1, "privilegeScope"),
- SERVER_NAME((short)3, "serverName"),
- DB_NAME((short)4, "dbName"),
- TABLE_NAME((short)5, "tableName"),
- URI((short)6, "URI"),
- ACTION((short)7, "action"),
- CREATE_TIME((short)8, "createTime"),
- /**
- *
- * @see TSentryGrantOption
- */
- GRANT_OPTION((short)9, "grantOption"),
- COLUMN_NAME((short)10, "columnName");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PRIVILEGE_SCOPE
- return PRIVILEGE_SCOPE;
- case 3: // SERVER_NAME
- return SERVER_NAME;
- case 4: // DB_NAME
- return DB_NAME;
- case 5: // TABLE_NAME
- return TABLE_NAME;
- case 6: // URI
- return URI;
- case 7: // ACTION
- return ACTION;
- case 8: // CREATE_TIME
- return CREATE_TIME;
- case 9: // GRANT_OPTION
- return GRANT_OPTION;
- case 10: // COLUMN_NAME
- return COLUMN_NAME;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __CREATETIME_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.DB_NAME,_Fields.TABLE_NAME,_Fields.URI,_Fields.CREATE_TIME,_Fields.GRANT_OPTION,_Fields.COLUMN_NAME};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PRIVILEGE_SCOPE, new org.apache.thrift.meta_data.FieldMetaData("privilegeScope", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.SERVER_NAME, new org.apache.thrift.meta_data.FieldMetaData("serverName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.DB_NAME, new org.apache.thrift.meta_data.FieldMetaData("dbName", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.TABLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("tableName", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.URI, new org.apache.thrift.meta_data.FieldMetaData("URI", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ACTION, new org.apache.thrift.meta_data.FieldMetaData("action", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.CREATE_TIME, new org.apache.thrift.meta_data.FieldMetaData("createTime", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
- tmpMap.put(_Fields.GRANT_OPTION, new org.apache.thrift.meta_data.FieldMetaData("grantOption", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.EnumMetaData(org.apache.thrift.protocol.TType.ENUM, TSentryGrantOption.class)));
- tmpMap.put(_Fields.COLUMN_NAME, new org.apache.thrift.meta_data.FieldMetaData("columnName", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryPrivilege.class, metaDataMap);
- }
-
- public TSentryPrivilege() {
- this.dbName = "";
-
- this.tableName = "";
-
- this.URI = "";
-
- this.action = "";
-
- this.grantOption = org.apache.sentry.provider.db.service.thrift.TSentryGrantOption.FALSE;
-
- this.columnName = "";
-
- }
-
- public TSentryPrivilege(
- String privilegeScope,
- String serverName,
- String action)
- {
- this();
- this.privilegeScope = privilegeScope;
- this.serverName = serverName;
- this.action = action;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryPrivilege(TSentryPrivilege other) {
- __isset_bitfield = other.__isset_bitfield;
- if (other.isSetPrivilegeScope()) {
- this.privilegeScope = other.privilegeScope;
- }
- if (other.isSetServerName()) {
- this.serverName = other.serverName;
- }
- if (other.isSetDbName()) {
- this.dbName = other.dbName;
- }
- if (other.isSetTableName()) {
- this.tableName = other.tableName;
- }
- if (other.isSetURI()) {
- this.URI = other.URI;
- }
- if (other.isSetAction()) {
- this.action = other.action;
- }
- this.createTime = other.createTime;
- if (other.isSetGrantOption()) {
- this.grantOption = other.grantOption;
- }
- if (other.isSetColumnName()) {
- this.columnName = other.columnName;
- }
- }
-
- public TSentryPrivilege deepCopy() {
- return new TSentryPrivilege(this);
- }
-
- @Override
- public void clear() {
- this.privilegeScope = null;
- this.serverName = null;
- this.dbName = "";
-
- this.tableName = "";
-
- this.URI = "";
-
- this.action = "";
-
- setCreateTimeIsSet(false);
- this.createTime = 0;
- this.grantOption = org.apache.sentry.provider.db.service.thrift.TSentryGrantOption.FALSE;
-
- this.columnName = "";
-
- }
-
- public String getPrivilegeScope() {
- return this.privilegeScope;
- }
-
- public void setPrivilegeScope(String privilegeScope) {
- this.privilegeScope = privilegeScope;
- }
-
- public void unsetPrivilegeScope() {
- this.privilegeScope = null;
- }
-
- /** Returns true if field privilegeScope is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilegeScope() {
- return this.privilegeScope != null;
- }
-
- public void setPrivilegeScopeIsSet(boolean value) {
- if (!value) {
- this.privilegeScope = null;
- }
- }
-
- public String getServerName() {
- return this.serverName;
- }
-
- public void setServerName(String serverName) {
- this.serverName = serverName;
- }
-
- public void unsetServerName() {
- this.serverName = null;
- }
-
- /** Returns true if field serverName is set (has been assigned a value) and false otherwise */
- public boolean isSetServerName() {
- return this.serverName != null;
- }
-
- public void setServerNameIsSet(boolean value) {
- if (!value) {
- this.serverName = null;
- }
- }
-
- public String getDbName() {
- return this.dbName;
- }
-
- public void setDbName(String dbName) {
- this.dbName = dbName;
- }
-
- public void unsetDbName() {
- this.dbName = null;
- }
-
- /** Returns true if field dbName is set (has been assigned a value) and false otherwise */
- public boolean isSetDbName() {
- return this.dbName != null;
- }
-
- public void setDbNameIsSet(boolean value) {
- if (!value) {
- this.dbName = null;
- }
- }
-
- public String getTableName() {
- return this.tableName;
- }
-
- public void setTableName(String tableName) {
- this.tableName = tableName;
- }
-
- public void unsetTableName() {
- this.tableName = null;
- }
-
- /** Returns true if field tableName is set (has been assigned a value) and false otherwise */
- public boolean isSetTableName() {
- return this.tableName != null;
- }
-
- public void setTableNameIsSet(boolean value) {
- if (!value) {
- this.tableName = null;
- }
- }
-
- public String getURI() {
- return this.URI;
- }
-
- public void setURI(String URI) {
- this.URI = URI;
- }
-
- public void unsetURI() {
- this.URI = null;
- }
-
- /** Returns true if field URI is set (has been assigned a value) and false otherwise */
- public boolean isSetURI() {
- return this.URI != null;
- }
-
- public void setURIIsSet(boolean value) {
- if (!value) {
- this.URI = null;
- }
- }
-
- public String getAction() {
- return this.action;
- }
-
- public void setAction(String action) {
- this.action = action;
- }
-
- public void unsetAction() {
- this.action = null;
- }
-
- /** Returns true if field action is set (has been assigned a value) and false otherwise */
- public boolean isSetAction() {
- return this.action != null;
- }
-
- public void setActionIsSet(boolean value) {
- if (!value) {
- this.action = null;
- }
- }
-
- public long getCreateTime() {
- return this.createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- setCreateTimeIsSet(true);
- }
-
- public void unsetCreateTime() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __CREATETIME_ISSET_ID);
- }
-
- /** Returns true if field createTime is set (has been assigned a value) and false otherwise */
- public boolean isSetCreateTime() {
- return EncodingUtils.testBit(__isset_bitfield, __CREATETIME_ISSET_ID);
- }
-
- public void setCreateTimeIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __CREATETIME_ISSET_ID, value);
- }
-
- /**
- *
- * @see TSentryGrantOption
- */
- public TSentryGrantOption getGrantOption() {
- return this.grantOption;
- }
-
- /**
- *
- * @see TSentryGrantOption
- */
- public void setGrantOption(TSentryGrantOption grantOption) {
- this.grantOption = grantOption;
- }
-
- public void unsetGrantOption() {
- this.grantOption = null;
- }
-
- /** Returns true if field grantOption is set (has been assigned a value) and false otherwise */
- public boolean isSetGrantOption() {
- return this.grantOption != null;
- }
-
- public void setGrantOptionIsSet(boolean value) {
- if (!value) {
- this.grantOption = null;
- }
- }
-
- public String getColumnName() {
- return this.columnName;
- }
-
- public void setColumnName(String columnName) {
- this.columnName = columnName;
- }
-
- public void unsetColumnName() {
- this.columnName = null;
- }
-
- /** Returns true if field columnName is set (has been assigned a value) and false otherwise */
- public boolean isSetColumnName() {
- return this.columnName != null;
- }
-
- public void setColumnNameIsSet(boolean value) {
- if (!value) {
- this.columnName = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PRIVILEGE_SCOPE:
- if (value == null) {
- unsetPrivilegeScope();
- } else {
- setPrivilegeScope((String)value);
- }
- break;
-
- case SERVER_NAME:
- if (value == null) {
- unsetServerName();
- } else {
- setServerName((String)value);
- }
- break;
-
- case DB_NAME:
- if (value == null) {
- unsetDbName();
- } else {
- setDbName((String)value);
- }
- break;
-
- case TABLE_NAME:
- if (value == null) {
- unsetTableName();
- } else {
- setTableName((String)value);
- }
- break;
-
- case URI:
- if (value == null) {
- unsetURI();
- } else {
- setURI((String)value);
- }
- break;
-
- case ACTION:
- if (value == null) {
- unsetAction();
- } else {
- setAction((String)value);
- }
- break;
-
- case CREATE_TIME:
- if (value == null) {
- unsetCreateTime();
- } else {
- setCreateTime((Long)value);
- }
- break;
-
- case GRANT_OPTION:
- if (value == null) {
- unsetGrantOption();
- } else {
- setGrantOption((TSentryGrantOption)value);
- }
- break;
-
- case COLUMN_NAME:
- if (value == null) {
- unsetColumnName();
- } else {
- setColumnName((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PRIVILEGE_SCOPE:
- return getPrivilegeScope();
-
- case SERVER_NAME:
- return getServerName();
-
- case DB_NAME:
- return getDbName();
-
- case TABLE_NAME:
- return getTableName();
-
- case URI:
- return getURI();
-
- case ACTION:
- return getAction();
-
- case CREATE_TIME:
- return getCreateTime();
-
- case GRANT_OPTION:
- return getGrantOption();
-
- case COLUMN_NAME:
- return getColumnName();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PRIVILEGE_SCOPE:
- return isSetPrivilegeScope();
- case SERVER_NAME:
- return isSetServerName();
- case DB_NAME:
- return isSetDbName();
- case TABLE_NAME:
- return isSetTableName();
- case URI:
- return isSetURI();
- case ACTION:
- return isSetAction();
- case CREATE_TIME:
- return isSetCreateTime();
- case GRANT_OPTION:
- return isSetGrantOption();
- case COLUMN_NAME:
- return isSetColumnName();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryPrivilege)
- return this.equals((TSentryPrivilege)that);
- return false;
- }
-
- public boolean equals(TSentryPrivilege that) {
- if (that == null)
- return false;
-
- boolean this_present_privilegeScope = true && this.isSetPrivilegeScope();
- boolean that_present_privilegeScope = true && that.isSetPrivilegeScope();
- if (this_present_privilegeScope || that_present_privilegeScope) {
- if (!(this_present_privilegeScope && that_present_privilegeScope))
- return false;
- if (!this.privilegeScope.equals(that.privilegeScope))
- return false;
- }
-
- boolean this_present_serverName = true && this.isSetServerName();
- boolean that_present_serverName = true && that.isSetServerName();
- if (this_present_serverName || that_present_serverName) {
- if (!(this_present_serverName && that_present_serverName))
- return false;
- if (!this.serverName.equals(that.serverName))
- return false;
- }
-
- boolean this_present_dbName = true && this.isSetDbName();
- boolean that_present_dbName = true && that.isSetDbName();
- if (this_present_dbName || that_present_dbName) {
- if (!(this_present_dbName && that_present_dbName))
- return false;
- if (!this.dbName.equals(that.dbName))
- return false;
- }
-
- boolean this_present_tableName = true && this.isSetTableName();
- boolean that_present_tableName = true && that.isSetTableName();
- if (this_present_tableName || that_present_tableName) {
- if (!(this_present_tableName && that_present_tableName))
- return false;
- if (!this.tableName.equals(that.tableName))
- return false;
- }
-
- boolean this_present_URI = true && this.isSetURI();
- boolean that_present_URI = true && that.isSetURI();
- if (this_present_URI || that_present_URI) {
- if (!(this_present_URI && that_present_URI))
- return false;
- if (!this.URI.equals(that.URI))
- return false;
- }
-
- boolean this_present_action = true && this.isSetAction();
- boolean that_present_action = true && that.isSetAction();
- if (this_present_action || that_present_action) {
- if (!(this_present_action && that_present_action))
- return false;
- if (!this.action.equals(that.action))
- return false;
- }
-
- boolean this_present_createTime = true && this.isSetCreateTime();
- boolean that_present_createTime = true && that.isSetCreateTime();
- if (this_present_createTime || that_present_createTime) {
- if (!(this_present_createTime && that_present_createTime))
- return false;
- if (this.createTime != that.createTime)
- return false;
- }
-
- boolean this_present_grantOption = true && this.isSetGrantOption();
- boolean that_present_grantOption = true && that.isSetGrantOption();
- if (this_present_grantOption || that_present_grantOption) {
- if (!(this_present_grantOption && that_present_grantOption))
- return false;
- if (!this.grantOption.equals(that.grantOption))
- return false;
- }
-
- boolean this_present_columnName = true && this.isSetColumnName();
- boolean that_present_columnName = true && that.isSetColumnName();
- if (this_present_columnName || that_present_columnName) {
- if (!(this_present_columnName && that_present_columnName))
- return false;
- if (!this.columnName.equals(that.columnName))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_privilegeScope = true && (isSetPrivilegeScope());
- list.add(present_privilegeScope);
- if (present_privilegeScope)
- list.add(privilegeScope);
-
- boolean present_serverName = true && (isSetServerName());
- list.add(present_serverName);
- if (present_serverName)
- list.add(serverName);
-
- boolean present_dbName = true && (isSetDbName());
- list.add(present_dbName);
- if (present_dbName)
- list.add(dbName);
-
- boolean present_tableName = true && (isSetTableName());
- list.add(present_tableName);
- if (present_tableName)
- list.add(tableName);
-
- boolean present_URI = true && (isSetURI());
- list.add(present_URI);
- if (present_URI)
- list.add(URI);
-
- boolean present_action = true && (isSetAction());
- list.add(present_action);
- if (present_action)
- list.add(action);
-
- boolean present_createTime = true && (isSetCreateTime());
- list.add(present_createTime);
- if (present_createTime)
- list.add(createTime);
-
- boolean present_grantOption = true && (isSetGrantOption());
- list.add(present_grantOption);
- if (present_grantOption)
- list.add(grantOption.getValue());
-
- boolean present_columnName = true && (isSetColumnName());
- list.add(present_columnName);
- if (present_columnName)
- list.add(columnName);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryPrivilege other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetPrivilegeScope()).compareTo(other.isSetPrivilegeScope());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilegeScope()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegeScope, other.privilegeScope);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetServerName()).compareTo(other.isSetServerName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetServerName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.serverName, other.serverName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetDbName()).compareTo(other.isSetDbName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetDbName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.dbName, other.dbName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetTableName()).compareTo(other.isSetTableName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetTableName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.tableName, other.tableName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetURI()).compareTo(other.isSetURI());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetURI()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.URI, other.URI);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAction()).compareTo(other.isSetAction());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAction()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.action, other.action);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetCreateTime()).compareTo(other.isSetCreateTime());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetCreateTime()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.createTime, other.createTime);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGrantOption()).compareTo(other.isSetGrantOption());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGrantOption()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantOption, other.grantOption);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetColumnName()).compareTo(other.isSetColumnName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetColumnName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.columnName, other.columnName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryPrivilege(");
- boolean first = true;
-
- sb.append("privilegeScope:");
- if (this.privilegeScope == null) {
- sb.append("null");
- } else {
- sb.append(this.privilegeScope);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("serverName:");
- if (this.serverName == null) {
- sb.append("null");
- } else {
- sb.append(this.serverName);
- }
- first = false;
- if (isSetDbName()) {
- if (!first) sb.append(", ");
- sb.append("dbName:");
- if (this.dbName == null) {
- sb.append("null");
- } else {
- sb.append(this.dbName);
- }
- first = false;
- }
- if (isSetTableName()) {
- if (!first) sb.append(", ");
- sb.append("tableName:");
- if (this.tableName == null) {
- sb.append("null");
- } else {
- sb.append(this.tableName);
- }
- first = false;
- }
- if (isSetURI()) {
- if (!first) sb.append(", ");
- sb.append("URI:");
- if (this.URI == null) {
- sb.append("null");
- } else {
- sb.append(this.URI);
- }
- first = false;
- }
- if (!first) sb.append(", ");
- sb.append("action:");
- if (this.action == null) {
- sb.append("null");
- } else {
- sb.append(this.action);
- }
- first = false;
- if (isSetCreateTime()) {
- if (!first) sb.append(", ");
- sb.append("createTime:");
- sb.append(this.createTime);
- first = false;
- }
- if (isSetGrantOption()) {
- if (!first) sb.append(", ");
- sb.append("grantOption:");
- if (this.grantOption == null) {
- sb.append("null");
- } else {
- sb.append(this.grantOption);
- }
- first = false;
- }
- if (isSetColumnName()) {
- if (!first) sb.append(", ");
- sb.append("columnName:");
- if (this.columnName == null) {
- sb.append("null");
- } else {
- sb.append(this.columnName);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetPrivilegeScope()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilegeScope' is unset! Struct:" + toString());
- }
-
- if (!isSetServerName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'serverName' is unset! Struct:" + toString());
- }
-
- if (!isSetAction()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'action' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryPrivilegeStandardSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeStandardScheme getScheme() {
- return new TSentryPrivilegeStandardScheme();
- }
- }
-
- private static class TSentryPrivilegeStandardScheme extends StandardScheme<TSentryPrivilege> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PRIVILEGE_SCOPE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.privilegeScope = iprot.readString();
- struct.setPrivilegeScopeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // SERVER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.serverName = iprot.readString();
- struct.setServerNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // DB_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.dbName = iprot.readString();
- struct.setDbNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // TABLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.tableName = iprot.readString();
- struct.setTableNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // URI
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.URI = iprot.readString();
- struct.setURIIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 7: // ACTION
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.action = iprot.readString();
- struct.setActionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 8: // CREATE_TIME
- if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
- struct.createTime = iprot.readI64();
- struct.setCreateTimeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 9: // GRANT_OPTION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.grantOption = org.apache.sentry.provider.db.service.thrift.TSentryGrantOption.findByValue(iprot.readI32());
- struct.setGrantOptionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 10: // COLUMN_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.columnName = iprot.readString();
- struct.setColumnNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.privilegeScope != null) {
- oprot.writeFieldBegin(PRIVILEGE_SCOPE_FIELD_DESC);
- oprot.writeString(struct.privilegeScope);
- oprot.writeFieldEnd();
- }
- if (struct.serverName != null) {
- oprot.writeFieldBegin(SERVER_NAME_FIELD_DESC);
- oprot.writeString(struct.serverName);
- oprot.writeFieldEnd();
- }
- if (struct.dbName != null) {
- if (struct.isSetDbName()) {
- oprot.writeFieldBegin(DB_NAME_FIELD_DESC);
- oprot.writeString(struct.dbName);
- oprot.writeFieldEnd();
- }
- }
- if (struct.tableName != null) {
- if (struct.isSetTableName()) {
- oprot.writeFieldBegin(TABLE_NAME_FIELD_DESC);
- oprot.writeString(struct.tableName);
- oprot.writeFieldEnd();
- }
- }
- if (struct.URI != null) {
- if (struct.isSetURI()) {
- oprot.writeFieldBegin(URI_FIELD_DESC);
- oprot.writeString(struct.URI);
- oprot.writeFieldEnd();
- }
- }
- if (struct.action != null) {
- oprot.writeFieldBegin(ACTION_FIELD_DESC);
- oprot.writeString(struct.action);
- oprot.writeFieldEnd();
- }
- if (struct.isSetCreateTime()) {
- oprot.writeFieldBegin(CREATE_TIME_FIELD_DESC);
- oprot.writeI64(struct.createTime);
- oprot.writeFieldEnd();
- }
- if (struct.grantOption != null) {
- if (struct.isSetGrantOption()) {
- oprot.writeFieldBegin(GRANT_OPTION_FIELD_DESC);
- oprot.writeI32(struct.grantOption.getValue());
- oprot.writeFieldEnd();
- }
- }
- if (struct.columnName != null) {
- if (struct.isSetColumnName()) {
- oprot.writeFieldBegin(COLUMN_NAME_FIELD_DESC);
- oprot.writeString(struct.columnName);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryPrivilegeTupleSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeTupleScheme getScheme() {
- return new TSentryPrivilegeTupleScheme();
- }
- }
-
- private static class TSentryPrivilegeTupleScheme extends TupleScheme<TSentryPrivilege> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeString(struct.privilegeScope);
- oprot.writeString(struct.serverName);
- oprot.writeString(struct.action);
- BitSet optionals = new BitSet();
- if (struct.isSetDbName()) {
- optionals.set(0);
- }
- if (struct.isSetTableName()) {
- optionals.set(1);
- }
- if (struct.isSetURI()) {
- optionals.set(2);
- }
- if (struct.isSetCreateTime()) {
- optionals.set(3);
- }
- if (struct.isSetGrantOption()) {
- optionals.set(4);
- }
- if (struct.isSetColumnName()) {
- optionals.set(5);
- }
- oprot.writeBitSet(optionals, 6);
- if (struct.isSetDbName()) {
- oprot.writeString(struct.dbName);
- }
- if (struct.isSetTableName()) {
- oprot.writeString(struct.tableName);
- }
- if (struct.isSetURI()) {
- oprot.writeString(struct.URI);
- }
- if (struct.isSetCreateTime()) {
- oprot.writeI64(struct.createTime);
- }
- if (struct.isSetGrantOption()) {
- oprot.writeI32(struct.grantOption.getValue());
- }
- if (struct.isSetColumnName()) {
- oprot.writeString(struct.columnName);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.privilegeScope = iprot.readString();
- struct.setPrivilegeScopeIsSet(true);
- struct.serverName = iprot.readString();
- struct.setServerNameIsSet(true);
- struct.action = iprot.readString();
- struct.setActionIsSet(true);
- BitSet incoming = iprot.readBitSet(6);
- if (incoming.get(0)) {
- struct.dbName = iprot.readString();
- struct.setDbNameIsSet(true);
- }
- if (incoming.get(1)) {
- struct.tableName = iprot.readString();
- struct.setTableNameIsSet(true);
- }
- if (incoming.get(2)) {
- struct.URI = iprot.readString();
- struct.setURIIsSet(true);
- }
- if (incoming.get(3)) {
- struct.createTime = iprot.readI64();
- struct.setCreateTimeIsSet(true);
- }
- if (incoming.get(4)) {
- struct.grantOption = org.apache.sentry.provider.db.service.thrift.TSentryGrantOption.findByValue(iprot.readI32());
- struct.setGrantOptionIsSet(true);
- }
- if (incoming.get(5)) {
- struct.columnName = iprot.readString();
- struct.setColumnNameIsSet(true);
- }
- }
- }
-
-}
-
[04/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceImportExport.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceImportExport.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceImportExport.java
deleted file mode 100644
index 930b473..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceImportExport.java
+++ /dev/null
@@ -1,751 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-
-public class TestSentryServiceImportExport extends SentryServiceIntegrationBase {
-
- // define the privileges
- public static String PRIVILIEGE1 = "server=server1";
- public static String PRIVILIEGE2 = "server=server1->action=select->grantoption=false";
- public static String PRIVILIEGE3 = "server=server1->db=db2->action=insert->grantoption=true";
- public static String PRIVILIEGE4 = "server=server1->db=db1->table=tbl1->action=insert";
- public static String PRIVILIEGE5 = "server=server1->db=db1->table=tbl2->column=col1->action=insert";
- public static String PRIVILIEGE6 = "server=server1->db=db1->table=tbl3->column=col1->action=*->grantoption=true";
- public static String PRIVILIEGE7 = "server=server1->db=db1->table=tbl4->column=col1->action=all->grantoption=true";
- public static String PRIVILIEGE8 = "server=server1->uri=hdfs://testserver:9999/path2->action=insert";
- public static String PRIVILIEGE9 = "server=server1->db=db2->table=tbl1->action=insert";
-
- @BeforeClass
- public static void setup() throws Exception {
- kerberos = false;
- setupConf();
- startSentryService();
- }
-
- @Before
- public void preparePolicyFile() throws Exception {
- super.before();
- String requestorUserName = ADMIN_USER;
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
- writePolicyFile();
- }
-
- // Befor import, database is empty.
- // The following information is imported:
- // group1=role1,role2,role3
- // group2=role1,role2,role3
- // group3=role1,role2,role3
- // role1=privilege1,privilege2,privilege3,privilege4,privilege5,privilege6,privilege7,privilege8
- // role2=privilege1,privilege2,privilege3,privilege4,privilege5,privilege6,privilege7,privilege8
- // role3=privilege1,privilege2,privilege3,privilege4,privilege5,privilege6,privilege7,privilege8
- // Both import API importPolicy and export API exportPoicy are tested.
- @Test
- public void testImportExportPolicy1() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap = Maps.newHashMap();
- Set<String> roles = Sets.newHashSet("role1", "role2", "role3");
- groupRolesMap.put("group1", roles);
- groupRolesMap.put("group2", roles);
- groupRolesMap.put("group3", roles);
- Map<String, Set<String>> rolePrivilegesMap = Maps.newHashMap();
- for (String roleName : roles) {
- rolePrivilegesMap.put(roleName, Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3,
- PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- }
- policyFileMappingData.put(PolicyFileConstants.GROUPS, groupRolesMap);
- policyFileMappingData.put(PolicyFileConstants.ROLES, rolePrivilegesMap);
- client.importPolicy(policyFileMappingData, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData,
- policyFileMappingData);
- }
- });
- }
-
- // call import twice, and there has no duplicate data:
- // The data for 1st import:
- // group1=role1
- // role1=privilege1,privilege2,privilege3,privilege4
- // The data for 2nd import:
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege5,privilege6,privilege7,privilege8
- // role3=privilege5,privilege6,privilege7,privilege8
- // Both import API importPolicy and export API exportPoicy are tested.
- @Test
- public void testImportExportPolicy2() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData1 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap1 = Maps.newHashMap();
- groupRolesMap1.put("group1", Sets.newHashSet("role1"));
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- rolePrivilegesMap1.put("role1",
- Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4));
- policyFileMappingData1.put(PolicyFileConstants.GROUPS, groupRolesMap1);
- policyFileMappingData1.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- client.importPolicy(policyFileMappingData1, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> policyFileMappingData2 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap2 = Maps.newHashMap();
- groupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- groupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- Map<String, Set<String>> rolePrivilegesMap2 = Maps.newHashMap();
- rolePrivilegesMap2.put("role2",
- Sets.newHashSet(PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- rolePrivilegesMap2.put("role3",
- Sets.newHashSet(PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- policyFileMappingData2.put(PolicyFileConstants.GROUPS, groupRolesMap2);
- policyFileMappingData2.put(PolicyFileConstants.ROLES, rolePrivilegesMap2);
- client.importPolicy(policyFileMappingData2, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> exceptedMappingData = Maps.newHashMap();
- // for exceptedMappingData, combine policyFileMappingData1 and policyFileMappingData2
- exceptedMappingData.put(PolicyFileConstants.GROUPS,
- policyFileMappingData1.get(PolicyFileConstants.GROUPS));
- exceptedMappingData.get(PolicyFileConstants.GROUPS).putAll(
- policyFileMappingData2.get(PolicyFileConstants.GROUPS));
- exceptedMappingData.put(PolicyFileConstants.ROLES,
- policyFileMappingData1.get(PolicyFileConstants.ROLES));
- exceptedMappingData.get(PolicyFileConstants.ROLES).putAll(
- policyFileMappingData2.get(PolicyFileConstants.ROLES));
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData, exceptedMappingData);
- }
- });
- }
-
- // Call import twice, and there has overlapping groups
- // The data for 1st import:
- // group1=role1, role2
- // group2=role1, role2
- // group3=role1, role2
- // role1=privilege1,privilege2,privilege3,privilege4,privilege5
- // role2=privilege1,privilege2,privilege3,privilege4,privilege5
- // The data for 2nd import:
- // group1=role2,role3
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege4,privilege5,privilege6,privilege7,privilege8
- // role3=privilege4,privilege5,privilege6,privilege7,privilege8
- // Both import API importPolicy and export API exportPoicy are tested.
- @Test
- public void testImportExportPolicy3() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData1 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap1 = Maps.newHashMap();
- groupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- groupRolesMap1.put("group2", Sets.newHashSet("role1", "role2"));
- groupRolesMap1.put("group3", Sets.newHashSet("role1", "role2"));
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- rolePrivilegesMap1.put("role1",
- Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE5));
- rolePrivilegesMap1.put("role2",
- Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE5));
- policyFileMappingData1.put(PolicyFileConstants.GROUPS, groupRolesMap1);
- policyFileMappingData1.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- client.importPolicy(policyFileMappingData1, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> policyFileMappingData2 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap2 = Maps.newHashMap();
- groupRolesMap2.put("group1", Sets.newHashSet("role2", "role3"));
- groupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- groupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- Map<String, Set<String>> rolePrivilegesMap2 = Maps.newHashMap();
- rolePrivilegesMap2.put("role2",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- rolePrivilegesMap2.put("role3",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- policyFileMappingData2.put(PolicyFileConstants.GROUPS, groupRolesMap2);
- policyFileMappingData2.put(PolicyFileConstants.ROLES, rolePrivilegesMap2);
- client.importPolicy(policyFileMappingData2, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> exceptedMappingData = Maps.newHashMap();
- Map<String, Set<String>> exceptedRolesMap = Maps.newHashMap();
- exceptedRolesMap.put("group1", Sets.newHashSet("role1", "role2", "role3"));
- exceptedRolesMap.put("group2", Sets.newHashSet("role1", "role2", "role3"));
- exceptedRolesMap.put("group3", Sets.newHashSet("role1", "role2", "role3"));
- Map<String, Set<String>> exceptedPrivilegesMap = Maps.newHashMap();
- exceptedPrivilegesMap.put("role1",
- Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE5));
- exceptedPrivilegesMap.put("role2", Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3,
- PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- exceptedPrivilegesMap.put("role3",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- exceptedMappingData.put(PolicyFileConstants.GROUPS, exceptedRolesMap);
- exceptedMappingData.put(PolicyFileConstants.ROLES, exceptedPrivilegesMap);
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData, exceptedMappingData);
- }
- });
- }
-
- // Only mapping data for [group,role] is imported:
- // group1=role1,role2
- @Test
- public void testImportExportPolicy4() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap = Maps.newHashMap();
- Set<String> roles = Sets.newHashSet("role1", "role2");
- groupRolesMap.put("group1", roles);
- Map<String, Set<String>> rolePrivilegesMap = Maps.newHashMap();
- policyFileMappingData.put(PolicyFileConstants.GROUPS, groupRolesMap);
- policyFileMappingData.put(PolicyFileConstants.ROLES, rolePrivilegesMap);
- client.importPolicy(policyFileMappingData, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData,
- policyFileMappingData);
- }
- });
- }
-
- // call import twice, and there has no duplicate data, the import will be with the overwrite mode:
- // The data for 1st import:
- // group1=role1
- // role1=privilege1
- // The data for 2nd import:
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege2
- // role3=privilege2
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getPrivilegesList are tested.
- @Test
- public void testImportExportPolicy5() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData1 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap1 = Maps.newHashMap();
- groupRolesMap1.put("group1", Sets.newHashSet("role1"));
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- rolePrivilegesMap1.put("role1", Sets.newHashSet(PRIVILIEGE1));
- policyFileMappingData1.put(PolicyFileConstants.GROUPS, groupRolesMap1);
- policyFileMappingData1.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- client.importPolicy(policyFileMappingData1, ADMIN_USER, true);
-
- Map<String, Map<String, Set<String>>> policyFileMappingData2 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap2 = Maps.newHashMap();
- groupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- groupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- Map<String, Set<String>> rolePrivilegesMap2 = Maps.newHashMap();
- rolePrivilegesMap2.put("role2", Sets.newHashSet(PRIVILIEGE2));
- rolePrivilegesMap2.put("role3", Sets.newHashSet(PRIVILIEGE2));
- policyFileMappingData2.put(PolicyFileConstants.GROUPS, groupRolesMap2);
- policyFileMappingData2.put(PolicyFileConstants.ROLES, rolePrivilegesMap2);
- client.importPolicy(policyFileMappingData2, ADMIN_USER, true);
-
- Map<String, Map<String, Set<String>>> exceptedMappingData = Maps.newHashMap();
- Map<String, Set<String>> exceptedRolesMap = Maps.newHashMap();
- exceptedRolesMap.put("group1", Sets.newHashSet("role1"));
- exceptedRolesMap.put("group2", Sets.newHashSet("role2", "role3"));
- exceptedRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- Map<String, Set<String>> exceptedPrivilegesMap = Maps.newHashMap();
- exceptedPrivilegesMap.put("role1", Sets.newHashSet(PRIVILIEGE1));
- exceptedPrivilegesMap.put("role2", Sets.newHashSet(PRIVILIEGE2));
- exceptedPrivilegesMap.put("role3", Sets.newHashSet(PRIVILIEGE2));
- exceptedMappingData.put(PolicyFileConstants.GROUPS, exceptedRolesMap);
- exceptedMappingData.put(PolicyFileConstants.ROLES, exceptedPrivilegesMap);
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData, exceptedMappingData);
- }
- });
- }
-
- // call import twice, and there has data overlap, the import will be with the overwrite mode:
- // The data for 1st import:
- // group1=role1, role2
- // group2=role1, role2
- // group3=role1, role2
- // role1=privilege1,privilege2,privilege3,privilege4,privilege5
- // role2=privilege1,privilege2,privilege3,privilege4,privilege5
- // The data for 2nd import:
- // group1=role2,role3
- // group2=role2,role3
- // group3=role2,role3
- // role2=privilege4,privilege5,privilege6,privilege7,privilege8
- // role3=privilege4,privilege5,privilege6,privilege7,privilege8
- // Both import API importSentryMetaData and export APIs getRolesMap, getGroupsMap,
- // getPrivilegesList are tested.
- @Test
- public void testImportExportPolicy6() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData1 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap1 = Maps.newHashMap();
- groupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- groupRolesMap1.put("group2", Sets.newHashSet("role1", "role2"));
- groupRolesMap1.put("group3", Sets.newHashSet("role1", "role2"));
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- rolePrivilegesMap1.put("role1",
- Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE5));
- rolePrivilegesMap1.put("role2",
- Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE5));
- policyFileMappingData1.put(PolicyFileConstants.GROUPS, groupRolesMap1);
- policyFileMappingData1.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- client.importPolicy(policyFileMappingData1, ADMIN_USER, true);
-
- Map<String, Map<String, Set<String>>> policyFileMappingData2 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap2 = Maps.newHashMap();
- groupRolesMap2.put("group1", Sets.newHashSet("role2", "role3"));
- groupRolesMap2.put("group2", Sets.newHashSet("role2", "role3"));
- groupRolesMap2.put("group3", Sets.newHashSet("role2", "role3"));
- Map<String, Set<String>> rolePrivilegesMap2 = Maps.newHashMap();
- rolePrivilegesMap2.put("role2",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- rolePrivilegesMap2.put("role3",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- policyFileMappingData2.put(PolicyFileConstants.GROUPS, groupRolesMap2);
- policyFileMappingData2.put(PolicyFileConstants.ROLES, rolePrivilegesMap2);
- client.importPolicy(policyFileMappingData2, ADMIN_USER, true);
-
- Map<String, Map<String, Set<String>>> exceptedMappingData = Maps.newHashMap();
- Map<String, Set<String>> exceptedRolesMap = Maps.newHashMap();
- exceptedRolesMap.put("group1", Sets.newHashSet("role1", "role2", "role3"));
- exceptedRolesMap.put("group2", Sets.newHashSet("role1", "role2", "role3"));
- exceptedRolesMap.put("group3", Sets.newHashSet("role1", "role2", "role3"));
- Map<String, Set<String>> exceptedPrivilegesMap = Maps.newHashMap();
- exceptedPrivilegesMap.put("role1",
- Sets.newHashSet(PRIVILIEGE1, PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE5));
- exceptedPrivilegesMap.put("role2",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- exceptedPrivilegesMap.put("role3",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- exceptedMappingData.put(PolicyFileConstants.GROUPS, exceptedRolesMap);
- exceptedMappingData.put(PolicyFileConstants.ROLES, exceptedPrivilegesMap);
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData, exceptedMappingData);
- }
- });
- }
-
- // test the import privileges with the action: All, *, select, insert
- // All and * should replace the select and insert
- // The data for import:
- // group1=role1, role2
- // role1=testPrivilege1,testPrivilege2,testPrivilege3,testPrivilege4
- // role2=testPrivilege5, testPrivilege6,testPrivilege7,testPrivilege8
- @Test
- public void testImportExportPolicy7() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String testPrivilege1 = "server=server1->db=db1->table=tbl1->action=select->grantoption=true";
- String testPrivilege2 = "server=server1->db=db1->table=tbl1->action=insert->grantoption=false";
- String testPrivilege3 = "server=server1->db=db1->table=tbl1->action=all->grantoption=true";
- String testPrivilege4 = "server=server1->db=db1->table=tbl1->action=insert->grantoption=true";
- String testPrivilege5 = "server=server1->db=db1->table=tbl2->action=select->grantoption=true";
- String testPrivilege6 = "server=server1->db=db1->table=tbl2->action=insert->grantoption=false";
- String testPrivilege7 = "server=server1->db=db1->table=tbl2->action=*->grantoption=true";
- String testPrivilege8 = "server=server1->db=db1->table=tbl2->action=insert->grantoption=true";
-
- Map<String, Map<String, Set<String>>> policyFileMappingData1 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap1 = Maps.newHashMap();
- groupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- rolePrivilegesMap1.put("role1",
- Sets.newHashSet(testPrivilege1, testPrivilege2, testPrivilege3, testPrivilege4));
- rolePrivilegesMap1.put("role2",
- Sets.newHashSet(testPrivilege5, testPrivilege6, testPrivilege7, testPrivilege8));
- policyFileMappingData1.put(PolicyFileConstants.GROUPS, groupRolesMap1);
- policyFileMappingData1.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- client.importPolicy(policyFileMappingData1, ADMIN_USER, true);
-
- Map<String, Map<String, Set<String>>> exceptedMappingData = Maps.newHashMap();
- Map<String, Set<String>> exceptedRolesMap = Maps.newHashMap();
- exceptedRolesMap.put("group1", Sets.newHashSet("role1", "role2"));
- Map<String, Set<String>> exceptedPrivilegesMap = Maps.newHashMap();
- exceptedPrivilegesMap.put("role1", Sets.newHashSet(testPrivilege2, testPrivilege3));
- exceptedPrivilegesMap.put("role2", Sets.newHashSet(testPrivilege6, testPrivilege7));
- exceptedMappingData.put(PolicyFileConstants.GROUPS, exceptedRolesMap);
- exceptedMappingData.put(PolicyFileConstants.ROLES, exceptedPrivilegesMap);
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData, exceptedMappingData);
- }
- });
- }
-
- // Call import twice, and there has overlapping actions, all and * should replace the select and
- // insert
- // The data for 1st import:
- // group1=role1, role2
- // role1=privilege1(with select action),privilege2(with insert action)
- // role2=privilege4(with select action),privilege5(with insert action)
- // The data for 2nd import:
- // group1=role1, role2
- // role1=privilege3(with all action)
- // role2=privilege6(with * action)
- @Test
- public void testImportExportPolicy8() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String testPrivilege1 = "server=server1->db=db1->table=tbl1->action=select->grantoption=true";
- String testPrivilege2 = "server=server1->db=db1->table=tbl1->action=insert->grantoption=true";
- String testPrivilege3 = "server=server1->db=db1->table=tbl1->action=all->grantoption=true";
- String testPrivilege4 = "server=server1->db=db1->table=tbl2->action=select->grantoption=true";
- String testPrivilege5 = "server=server1->db=db1->table=tbl2->action=insert->grantoption=true";
- String testPrivilege6 = "server=server1->db=db1->table=tbl2->action=*->grantoption=true";
-
- Map<String, Map<String, Set<String>>> policyFileMappingData1 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap1 = Maps.newHashMap();
- groupRolesMap1.put("group1", Sets.newHashSet("role1", "role2"));
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- rolePrivilegesMap1.put("role1", Sets.newHashSet(testPrivilege1, testPrivilege2));
- rolePrivilegesMap1.put("role2", Sets.newHashSet(testPrivilege4, testPrivilege5));
- policyFileMappingData1.put(PolicyFileConstants.GROUPS, groupRolesMap1);
- policyFileMappingData1.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- client.importPolicy(policyFileMappingData1, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> policyFileMappingData2 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap2 = Maps.newHashMap();
- groupRolesMap2.put("group1", Sets.newHashSet("role1", "role2"));
- Map<String, Set<String>> rolePrivilegesMap2 = Maps.newHashMap();
- rolePrivilegesMap2.put("role1", Sets.newHashSet(testPrivilege3));
- rolePrivilegesMap2.put("role2", Sets.newHashSet(testPrivilege6));
- policyFileMappingData2.put(PolicyFileConstants.GROUPS, groupRolesMap2);
- policyFileMappingData2.put(PolicyFileConstants.ROLES, rolePrivilegesMap2);
- client.importPolicy(policyFileMappingData2, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> exceptedMappingData = policyFileMappingData2;
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- // all and * should replace the select and insert
- validateSentryMappingData(sentryMappingData, exceptedMappingData);
- }
- });
- }
-
- // test the user not in the admin group can't do the import/export
- @Test
- public void testImportExportPolicy9() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData1 = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap1 = Maps.newHashMap();
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- policyFileMappingData1.put(PolicyFileConstants.GROUPS, groupRolesMap1);
- policyFileMappingData1.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- try {
- client.importPolicy(policyFileMappingData1, "no-admin-user", false);
- fail("non-admin can't do the import.");
- } catch (Exception e) {
- // excepted exception
- }
-
- try {
- client.exportPolicy("no-admin-user", null);
- fail("non-admin can't do the export.");
- } catch (Exception e) {
- // excepted exception
- }
- }
- });
- }
-
- // The following data is imported:
- // group1=role1
- // group2=role1,role2
- // group3=role2,role3
- // group4=role1,role2,role3
- // role1=privilege3,privilege4,privilege9
- // role2=privilege3,privilege4,privilege5,privilege6,privilege7
- // role3=privilege4,privilege5,privilege6,privilege7,privilege8
- // Export APIs getRoleNameTPrivilegesMap, getGroupNameRoleNamesMap are tested.
- @Test
- public void testExportPolicyWithSpecificObject() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // import the test data
- Map<String, Map<String, Set<String>>> policyFileMappingData = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap = Maps.newHashMap();
- groupRolesMap.put("group1", Sets.newHashSet("role1"));
- groupRolesMap.put("group2", Sets.newHashSet("role1", "role2"));
- groupRolesMap.put("group3", Sets.newHashSet("role2", "role3"));
- groupRolesMap.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- Map<String, Set<String>> rolePrivilegesMap1 = Maps.newHashMap();
- rolePrivilegesMap1.put("role1",
- Sets.newHashSet(PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE9));
- rolePrivilegesMap1.put("role2",
- Sets.newHashSet(PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE5,
- PRIVILIEGE6, PRIVILIEGE7));
- rolePrivilegesMap1.put("role3",
- Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE5, PRIVILIEGE6,
- PRIVILIEGE7, PRIVILIEGE8));
- policyFileMappingData.put(PolicyFileConstants.GROUPS, groupRolesMap);
- policyFileMappingData.put(PolicyFileConstants.ROLES, rolePrivilegesMap1);
- client.importPolicy(policyFileMappingData, ADMIN_USER, true);
-
- // verify the rolePrivilegesMap and groupRolesMap with null objectPath
- Map<String, Map<String, Set<String>>> expectedMappingData = Maps.newHashMap();
- Map<String, Set<String>> expectedGroupRoles = Maps.newHashMap();
- expectedGroupRoles.put("group1", Sets.newHashSet("role1"));
- expectedGroupRoles.put("group2", Sets.newHashSet("role1", "role2"));
- expectedGroupRoles.put("group3", Sets.newHashSet("role2", "role3"));
- expectedGroupRoles.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- Map<String, Set<String>> expectedRolePrivileges = Maps.newHashMap();
- expectedRolePrivileges.put("role1", Sets.newHashSet(
- PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE9));
- expectedRolePrivileges.put("role2", Sets.newHashSet(PRIVILIEGE3, PRIVILIEGE4,
- PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7));
- expectedRolePrivileges.put("role3", Sets.newHashSet(PRIVILIEGE4,
- PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- expectedMappingData.put(PolicyFileConstants.GROUPS, expectedGroupRoles);
- expectedMappingData.put(PolicyFileConstants.ROLES, expectedRolePrivileges);
-
- Map<String, Map<String, Set<String>>> sentryMappingData = client.exportPolicy(ADMIN_USER, null);
- validateSentryMappingData(sentryMappingData, expectedMappingData);
-
- // verify the rolePrivilegesMap and groupRolesMap with empty objectPath
- expectedMappingData = Maps.newHashMap();
- expectedGroupRoles = Maps.newHashMap();
- expectedGroupRoles.put("group1", Sets.newHashSet("role1"));
- expectedGroupRoles.put("group2", Sets.newHashSet("role1", "role2"));
- expectedGroupRoles.put("group3", Sets.newHashSet("role2", "role3"));
- expectedGroupRoles.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- expectedRolePrivileges = Maps.newHashMap();
- expectedRolePrivileges.put("role1", Sets.newHashSet(
- PRIVILIEGE3, PRIVILIEGE4, PRIVILIEGE9));
- expectedRolePrivileges.put("role2", Sets.newHashSet(PRIVILIEGE3, PRIVILIEGE4,
- PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7));
- expectedRolePrivileges.put("role3", Sets.newHashSet(PRIVILIEGE4,
- PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7, PRIVILIEGE8));
- expectedMappingData.put(PolicyFileConstants.GROUPS, expectedGroupRoles);
- expectedMappingData.put(PolicyFileConstants.ROLES, expectedRolePrivileges);
-
- sentryMappingData = client.exportPolicy(ADMIN_USER, "");
- validateSentryMappingData(sentryMappingData, expectedMappingData);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db1
- expectedMappingData = Maps.newHashMap();
- expectedGroupRoles = Maps.newHashMap();
- expectedGroupRoles.put("group1", Sets.newHashSet("role1"));
- expectedGroupRoles.put("group2", Sets.newHashSet("role1", "role2"));
- expectedGroupRoles.put("group3", Sets.newHashSet("role2", "role3"));
- expectedGroupRoles.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- expectedRolePrivileges = Maps.newHashMap();
- expectedRolePrivileges.put("role1", Sets.newHashSet(PRIVILIEGE4));
- expectedRolePrivileges.put("role2", Sets.newHashSet(PRIVILIEGE4,
- PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7));
- expectedRolePrivileges.put("role3", Sets.newHashSet(PRIVILIEGE4,
- PRIVILIEGE5, PRIVILIEGE6, PRIVILIEGE7));
- expectedMappingData.put(PolicyFileConstants.GROUPS, expectedGroupRoles);
- expectedMappingData.put(PolicyFileConstants.ROLES, expectedRolePrivileges);
-
- sentryMappingData = client.exportPolicy(ADMIN_USER, "db=db1");
- validateSentryMappingData(sentryMappingData, expectedMappingData);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db2
- expectedMappingData = Maps.newHashMap();
- expectedGroupRoles = Maps.newHashMap();
- expectedGroupRoles.put("group1", Sets.newHashSet("role1"));
- expectedGroupRoles.put("group2", Sets.newHashSet("role1", "role2"));
- expectedGroupRoles.put("group3", Sets.newHashSet("role2"));
- expectedGroupRoles.put("group4", Sets.newHashSet("role1", "role2"));
- expectedRolePrivileges = Maps.newHashMap();
- expectedRolePrivileges.put("role1", Sets.newHashSet(PRIVILIEGE3, PRIVILIEGE9));
- expectedRolePrivileges.put("role2", Sets.newHashSet(PRIVILIEGE3));
- expectedMappingData.put(PolicyFileConstants.GROUPS, expectedGroupRoles);
- expectedMappingData.put(PolicyFileConstants.ROLES, expectedRolePrivileges);
-
- sentryMappingData = client.exportPolicy(ADMIN_USER, "db=db2");
- validateSentryMappingData(sentryMappingData, expectedMappingData);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db1->table=tbl1
- expectedMappingData = Maps.newHashMap();
- expectedGroupRoles = Maps.newHashMap();
- expectedGroupRoles.put("group1", Sets.newHashSet("role1"));
- expectedGroupRoles.put("group2", Sets.newHashSet("role1", "role2"));
- expectedGroupRoles.put("group3", Sets.newHashSet("role2", "role3"));
- expectedGroupRoles.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- expectedRolePrivileges = Maps.newHashMap();
- expectedRolePrivileges.put("role1", Sets.newHashSet(PRIVILIEGE4));
- expectedRolePrivileges.put("role2", Sets.newHashSet(PRIVILIEGE4));
- expectedRolePrivileges.put("role3", Sets.newHashSet(PRIVILIEGE4));
- expectedMappingData.put(PolicyFileConstants.GROUPS, expectedGroupRoles);
- expectedMappingData.put(PolicyFileConstants.ROLES, expectedRolePrivileges);
-
- sentryMappingData = client.exportPolicy(ADMIN_USER, "db=db1->table=tbl1");
- validateSentryMappingData(sentryMappingData, expectedMappingData);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db1->table=tbl2
- expectedMappingData = Maps.newHashMap();
- expectedGroupRoles = Maps.newHashMap();
- expectedGroupRoles.put("group2", Sets.newHashSet("role2"));
- expectedGroupRoles.put("group3", Sets.newHashSet("role2", "role3"));
- expectedGroupRoles.put("group4", Sets.newHashSet("role2", "role3"));
- expectedRolePrivileges = Maps.newHashMap();
- expectedRolePrivileges.put("role2", Sets.newHashSet(PRIVILIEGE5));
- expectedRolePrivileges.put("role3", Sets.newHashSet(PRIVILIEGE5));
- expectedMappingData.put(PolicyFileConstants.GROUPS, expectedGroupRoles);
- expectedMappingData.put(PolicyFileConstants.ROLES, expectedRolePrivileges);
-
- sentryMappingData = client.exportPolicy(ADMIN_USER, "db=db1->table=tbl2");
- validateSentryMappingData(sentryMappingData, expectedMappingData);
-
- // verify the rolePrivilegesMap and groupRolesMap for db=db1->table=tbl1
- expectedMappingData = Maps.newHashMap();
- expectedGroupRoles = Maps.newHashMap();
- expectedGroupRoles.put("group1", Sets.newHashSet("role1"));
- expectedGroupRoles.put("group2", Sets.newHashSet("role1", "role2"));
- expectedGroupRoles.put("group3", Sets.newHashSet("role2", "role3"));
- expectedGroupRoles.put("group4", Sets.newHashSet("role1", "role2", "role3"));
- expectedRolePrivileges = Maps.newHashMap();
- expectedRolePrivileges.put("role1", Sets.newHashSet(PRIVILIEGE4, PRIVILIEGE9));
- expectedRolePrivileges.put("role2", Sets.newHashSet(PRIVILIEGE4));
- expectedRolePrivileges.put("role3", Sets.newHashSet(PRIVILIEGE4));
- expectedMappingData.put(PolicyFileConstants.GROUPS, expectedGroupRoles);
- expectedMappingData.put(PolicyFileConstants.ROLES, expectedRolePrivileges);
-
- sentryMappingData = client.exportPolicy(ADMIN_USER, "table=tbl1");
- validateSentryMappingData(sentryMappingData, expectedMappingData);
-
- // verify the invalid exportObject string
- try {
- client.exportPolicy(ADMIN_USER, "invalidString");
- fail("RuntimeException should be thrown.");
- } catch (RuntimeException sue) {
- // excepted exception
- }
- }
- });
- }
-
- // Befor import, database is empty.
- // The following information is imported:
- // group1=role1,role2,role3
- // group2=role1,role2,role3
- // user1=role1,role2,role3
- // user2=role1,role2,role3
- // role1=privilege1,privilege2,privilege3,privilege4
- // role2=privilege1,privilege2,privilege3,privilege4
- // role3=privilege1,privilege2,privilege3,privilege4
- @Test
- public void testImportExportPolicyWithUser() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- Map<String, Map<String, Set<String>>> policyFileMappingData = Maps.newHashMap();
- Map<String, Set<String>> groupRolesMap = Maps.newHashMap();
- Map<String, Set<String>> userRolesMap = Maps.newHashMap();
- Set<String> roles = Sets.newHashSet("role1", "role2", "role3");
- groupRolesMap.put("group1", roles);
- groupRolesMap.put("group2", roles);
- userRolesMap.put("user1", roles);
- userRolesMap.put("user2", roles);
- Map<String, Set<String>> rolePrivilegesMap = Maps.newHashMap();
- for (String roleName : roles) {
- rolePrivilegesMap.put(roleName, Sets.newHashSet(PRIVILIEGE1,
- PRIVILIEGE2, PRIVILIEGE3, PRIVILIEGE4));
- }
- policyFileMappingData.put(PolicyFileConstants.USER_ROLES, userRolesMap);
- policyFileMappingData.put(PolicyFileConstants.GROUPS, groupRolesMap);
- policyFileMappingData.put(PolicyFileConstants.ROLES, rolePrivilegesMap);
- client.importPolicy(policyFileMappingData, ADMIN_USER, false);
-
- Map<String, Map<String, Set<String>>> sentryMappingData =
- client.exportPolicy(ADMIN_USER, null);
- // validate the [user, role] mapping
- validateRolesMap(sentryMappingData.get(PolicyFileConstants.USER_ROLES),
- policyFileMappingData.get(PolicyFileConstants.USER_ROLES));
- validateSentryMappingData(sentryMappingData,
- policyFileMappingData);
- }
- });
- }
-
- // verify the mapping data
- public void validateSentryMappingData(
- Map<String, Map<String, Set<String>>> actualMappingData,
- Map<String, Map<String, Set<String>>> expectedMappingData) {
- validateRolesMap(actualMappingData.get(PolicyFileConstants.GROUPS),
- expectedMappingData.get(PolicyFileConstants.GROUPS));
- validateRolePrivilegesMap(actualMappingData.get(PolicyFileConstants.ROLES),
- expectedMappingData.get(PolicyFileConstants.ROLES));
- }
-
- // verify the mapping data for [group,role] and [user,role]
- private void validateRolesMap(Map<String, Set<String>> actualMap,
- Map<String, Set<String>> expectedMap) {
- assertEquals(expectedMap.keySet().size(), actualMap.keySet().size());
- for (String name : actualMap.keySet()) {
- Set<String> actualRoles = actualMap.get(name);
- Set<String> expectedRoles = expectedMap.get(name);
- assertEquals(actualRoles.size(), expectedRoles.size());
- assertTrue(actualRoles.equals(expectedRoles));
- }
- }
-
- // verify the mapping data for [role,privilege]
- private void validateRolePrivilegesMap(Map<String, Set<String>> actualMap,
- Map<String, Set<String>> expectedMap) {
- assertEquals(expectedMap.keySet().size(), actualMap.keySet().size());
- for (String roleName : actualMap.keySet()) {
- Set<String> actualPrivileges = actualMap.get(roleName);
- Set<String> exceptedPrivileges = expectedMap.get(roleName);
- assertEquals(exceptedPrivileges.size(), actualPrivileges.size());
- for (String actualPrivilege : actualPrivileges) {
- boolean isFound = exceptedPrivileges.contains(actualPrivilege);
- if (!isFound) {
- String withOptionPrivilege = SentryConstants.AUTHORIZABLE_JOINER.join(actualPrivilege,
- SentryConstants.KV_JOINER.join(PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME,
- "false"));
- isFound = exceptedPrivileges.contains(withOptionPrivilege);
- }
- assertTrue(isFound);
- }
- }
- }
-}
[18/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java
deleted file mode 100644
index d75e24b..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java
+++ /dev/null
@@ -1,595 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools;
-
-import java.io.BufferedReader;
-import java.io.BufferedWriter;
-import java.io.File;
-import java.io.FileReader;
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintStream;
-import java.net.MalformedURLException;
-import java.sql.Connection;
-import java.sql.DriverManager;
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Statement;
-import java.util.ArrayList;
-import java.util.IllegalFormatException;
-import java.util.List;
-
-import org.apache.commons.cli.CommandLine;
-import org.apache.commons.cli.CommandLineParser;
-import org.apache.commons.cli.GnuParser;
-import org.apache.commons.cli.HelpFormatter;
-import org.apache.commons.cli.Option;
-import org.apache.commons.cli.OptionBuilder;
-import org.apache.commons.cli.OptionGroup;
-import org.apache.commons.cli.Options;
-import org.apache.commons.cli.ParseException;
-import org.apache.commons.io.output.NullOutputStream;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hive.beeline.BeeLine;
-import org.apache.sentry.Command;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.apache.sentry.provider.db.service.persistent.SentryStoreSchemaInfo;
-import org.apache.sentry.provider.db.tools.SentrySchemaHelper.NestedScriptParser;
-import org.apache.sentry.service.thrift.SentryService;
-import org.apache.sentry.service.thrift.ServiceConstants;
-
-public class SentrySchemaTool {
- private static final String SENTRY_SCRIP_DIR = File.separatorChar + "scripts"
- + File.separatorChar + "sentrystore" + File.separatorChar + "upgrade";
- private String userName = null;
- private String passWord = null;
- private String connectionURL = null;
- private String driver = null;
- private boolean dryRun = false;
- private String dbOpts = null;
- private boolean verbose = false;
- private final Configuration sentryConf;
- private final String dbType;
- private final SentryStoreSchemaInfo sentryStoreSchemaInfo;
-
- public SentrySchemaTool(Configuration sentryConf, String dbType)
- throws SentryUserException, IOException {
- this(System.getenv("SENTRY_HOME") + SENTRY_SCRIP_DIR, sentryConf, dbType);
- }
-
- public SentrySchemaTool(String sentryScripPath, Configuration sentryConf,
- String dbType) throws SentryUserException, IOException {
- if (sentryScripPath == null || sentryScripPath.isEmpty()) {
- throw new SentryUserException("No Sentry script dir provided");
- }
- this.sentryConf = sentryConf;
- this.dbType = dbType;
- this.sentryStoreSchemaInfo = new SentryStoreSchemaInfo(sentryScripPath,
- dbType);
- userName = sentryConf.get(ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_USER,
- ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_USER_DEFAULT);
- //Password will be read from Credential provider specified using property
- // CREDENTIAL_PROVIDER_PATH("hadoop.security.credential.provider.path" in sentry-site.xml
- // it falls back to reading directly from sentry-site.xml
- char[] passTmp = sentryConf.getPassword(ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_PASS);
- if(passTmp != null) {
- passWord = new String(passTmp);
- } else {
- throw new SentrySiteConfigurationException("Error reading " + ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_PASS);
- }
-
- try {
- connectionURL = getValidConfVar(ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_URL);
- if(dbType.equalsIgnoreCase(SentrySchemaHelper.DB_DERBY)) {
- driver = sentryConf.get(ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_DRIVER,
- ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_DRIVER_DEFAULT);
- } else {
- driver = getValidConfVar(ServiceConstants.ServerConfig.SENTRY_STORE_JDBC_DRIVER);
- }
- // load required JDBC driver
- Class.forName(driver);
- } catch (IOException e) {
- throw new SentryUserException("Missing property: " + e.getMessage());
- } catch (ClassNotFoundException e) {
- throw new SentryUserException("Failed to load driver", e);
- }
- }
-
- public Configuration getConfiguration() {
- return sentryConf;
- }
-
- public void setUserName(String userName) {
- this.userName = userName;
- }
-
- public void setPassWord(String passWord) {
- this.passWord = passWord;
- }
-
- public void setDryRun(boolean dryRun) {
- this.dryRun = dryRun;
- }
-
- public void setVerbose(boolean verbose) {
- this.verbose = verbose;
- }
-
- public String getDbOpts() {
- return dbOpts;
- }
-
- public void setDbOpts(String dbOpts) {
- this.dbOpts = dbOpts;
- }
-
- private static void printAndExit(Options cmdLineOptions) {
- HelpFormatter formatter = new HelpFormatter();
- formatter.printHelp("schemaTool", cmdLineOptions);
- System.exit(1);
- }
-
- /***
- * Print Hive version and schema version
- * @throws SentryUserException
- */
- public void showInfo() throws SentryUserException {
- Connection sentryStoreConn = getConnectionToMetastore(true);
- System.out.println("Sentry distribution version:\t "
- + SentryStoreSchemaInfo.getSentryVersion());
- System.out.println("SentryStore schema version:\t "
- + getMetaStoreSchemaVersion(sentryStoreConn));
- }
-
- // read schema version from sentry store
- private String getMetaStoreSchemaVersion(Connection sentryStoreConn)
- throws SentryUserException {
- String versionQuery;
- if (SentrySchemaHelper.getDbCommandParser(dbType).needsQuotedIdentifier()) {
- versionQuery = "select t.\"SCHEMA_VERSION\" from \"SENTRY_VERSION\" t";
- } else {
- versionQuery = "select t.SCHEMA_VERSION from SENTRY_VERSION t";
- }
- try (Statement stmt = sentryStoreConn.createStatement();
- ResultSet res = stmt.executeQuery(versionQuery)) {
- if (!res.next()) {
- throw new SentryUserException("Didn't find version data in sentry store");
- }
- String currentSchemaVersion = res.getString(1);
- sentryStoreConn.close();
- return currentSchemaVersion;
- } catch (SQLException e) {
- throw new SentryUserException("Failed to get schema version.", e);
- }
- }
-
- // test the connection sentry store using the config property
- private void testConnectionToMetastore() throws SentryUserException {
- try (Connection conn = getConnectionToMetastore(true)) {
- conn.close();
- } catch (SQLException e) {
- throw new SentryUserException("Failed to close sentry store connection", e);
- }
- }
-
- /***
- * get JDBC connection to sentry store db
- *
- * @param printInfo print connection parameters
- * @return
- * @throws SentryUserException
- */
- private Connection getConnectionToMetastore(boolean printInfo)
- throws SentryUserException {
- if (printInfo) {
- System.out.println("Sentry store connection URL:\t " + connectionURL);
- System.out.println("Sentry store Connection Driver :\t " + driver);
- System.out.println("Sentry store connection User:\t " + userName);
- }
- if (userName == null || userName.isEmpty()) {
- throw new SentryUserException("UserName empty ");
- }
- try {
- // Connect using the JDBC URL and user/pass from conf
- return DriverManager.getConnection(connectionURL, userName, passWord);
- } catch (SQLException e) {
- throw new SentryUserException("Failed to make connection to Sentry store.", e);
- }
- }
-
- /**
- * check if the current schema version in sentry store matches the Hive version
- * @throws SentryUserException
- */
- public void verifySchemaVersion() throws SentryUserException {
- // don't check version if its a dry run
- if (dryRun) {
- return;
- }
- String newSchemaVersion =
- getMetaStoreSchemaVersion(getConnectionToMetastore(false));
- // verify that the new version is added to schema
- if (!sentryStoreSchemaInfo.getSentrySchemaVersion().equalsIgnoreCase(
- newSchemaVersion)) {
- throw new SentryUserException("Found unexpected schema version "
- + newSchemaVersion);
- }
- }
-
- /**
- * Perform sentry store schema upgrade. extract the current schema version from sentry store
- * @throws SentryUserException
- */
- public void doUpgrade() throws SentryUserException {
- String fromVersion = getMetaStoreSchemaVersion(getConnectionToMetastore(false));
- if (fromVersion == null || fromVersion.isEmpty()) {
- throw new SentryUserException(
- "Schema version not stored in the sentry store. "
- +
- "Metastore schema is too old or corrupt. Try specifying the version manually");
- }
- doUpgrade(fromVersion);
- }
-
- /**
- * Perform sentry store schema upgrade
- *
- * @param fromSchemaVer
- * Existing version of the sentry store. If null, then read from the sentry store
- * @throws SentryUserException
- */
- public void doUpgrade(String fromSchemaVer) throws SentryUserException {
- if (sentryStoreSchemaInfo.getSentrySchemaVersion().equals(fromSchemaVer)) {
- System.out.println("No schema upgrade required from version " + fromSchemaVer);
- return;
- }
- // Find the list of scripts to execute for this upgrade
- List<String> upgradeScripts =
- sentryStoreSchemaInfo.getUpgradeScripts(fromSchemaVer);
- testConnectionToMetastore();
- System.out.println("Starting upgrade sentry store schema from version " +
- fromSchemaVer + " to "
- + sentryStoreSchemaInfo.getSentrySchemaVersion());
- String scriptDir = sentryStoreSchemaInfo.getSentryStoreScriptDir();
- try {
- for (String scriptFile : upgradeScripts) {
- System.out.println("Upgrade script " + scriptFile);
- if (!dryRun) {
- runBeeLine(scriptDir, scriptFile);
- System.out.println("Completed " + scriptFile);
- }
- }
- } catch (IOException eIO) {
- throw new SentryUserException(
- "Upgrade FAILED! Metastore state would be inconsistent !!", eIO);
- }
-
- // Revalidated the new version after upgrade
- verifySchemaVersion();
- }
-
- /**
- * Initialize the sentry store schema to current version
- *
- * @throws SentryUserException
- */
- public void doInit() throws SentryUserException {
- doInit(sentryStoreSchemaInfo.getSentrySchemaVersion());
-
- // Revalidated the new version after upgrade
- verifySchemaVersion();
- }
-
- /**
- * Initialize the sentry store schema
- *
- * @param toVersion
- * If null then current hive version is used
- * @throws SentryUserException
- */
- public void doInit(String toVersion) throws SentryUserException {
- testConnectionToMetastore();
- System.out.println("Starting sentry store schema initialization to " + toVersion);
-
- String initScriptDir = sentryStoreSchemaInfo.getSentryStoreScriptDir();
- String initScriptFile = sentryStoreSchemaInfo.generateInitFileName(toVersion);
-
- try {
- System.out.println("Initialization script " + initScriptFile);
- if (!dryRun) {
- runBeeLine(initScriptDir, initScriptFile);
- System.out.println("Initialization script completed");
- }
- } catch (IOException e) {
- throw new SentryUserException("Schema initialization FAILED!"
- + " Metastore state would be inconsistent !!", e);
- }
- }
-
- // Flatten the nested upgrade script into a buffer
- public static String buildCommand(NestedScriptParser dbCommandParser,
- String scriptDir, String scriptFile) throws IllegalFormatException, IOException {
-
- BufferedReader bfReader =
- new BufferedReader(new FileReader(scriptDir + File.separatorChar + scriptFile));
- String currLine;
- StringBuilder sb = new StringBuilder();
- String currentCommand = null;
- while ((currLine = bfReader.readLine()) != null) {
- currLine = currLine.trim();
- if (currLine.isEmpty()) {
- continue; // skip empty lines
- }
-
- if (currentCommand == null) {
- currentCommand = currLine;
- } else {
- currentCommand = currentCommand + " " + currLine;
- }
- if (dbCommandParser.isPartialCommand(currLine)) {
- // if its a partial line, continue collecting the pieces
- continue;
- }
-
- // if this is a valid executable command then add it to the buffer
- if (!dbCommandParser.isNonExecCommand(currentCommand)) {
- currentCommand = dbCommandParser.cleanseCommand(currentCommand);
-
- if (dbCommandParser.isNestedScript(currentCommand)) {
- // if this is a nested sql script then flatten it
- String currScript = dbCommandParser.getScriptName(currentCommand);
- sb.append(buildCommand(dbCommandParser, scriptDir, currScript));
- } else {
- // Now we have a complete statement, process it
- // write the line to buffer
- sb.append(currentCommand);
- sb.append(System.getProperty("line.separator"));
- }
- }
- currentCommand = null;
- }
- bfReader.close();
- return sb.toString();
- }
-
- // run beeline on the given sentry store scrip, flatten the nested scripts into single file
- private void runBeeLine(String scriptDir, String scriptFile) throws IOException {
- NestedScriptParser dbCommandParser =
- SentrySchemaHelper.getDbCommandParser(dbType);
- dbCommandParser.setDbOpts(getDbOpts());
- // expand the nested script
- String sqlCommands = buildCommand(dbCommandParser, scriptDir, scriptFile);
- File tmpFile = File.createTempFile("schematool", ".sql");
- tmpFile.deleteOnExit();
-
- // write out the buffer into a file. Add beeline commands for autocommit and close
- try (FileWriter fstream = new FileWriter(tmpFile.getPath());
- BufferedWriter out = new BufferedWriter(fstream)) {
-
- out.write("!set Silent " + verbose + System.getProperty("line.separator"));
- out.write("!autocommit on" + System.getProperty("line.separator"));
- out.write("!set Isolation TRANSACTION_READ_COMMITTED"
- + System.getProperty("line.separator"));
- out.write("!set AllowMultiLineCommand false"
- + System.getProperty("line.separator"));
- out.write(sqlCommands);
- out.write("!closeall" + System.getProperty("line.separator"));
- out.close();
- }
- runBeeLine(tmpFile.getPath());
- }
-
- // Generate the beeline args per hive conf and execute the given script
- public void runBeeLine(String sqlScriptFile) throws IOException {
- List<String> argList = new ArrayList<String>();
- argList.add("-u");
- argList.add(connectionURL);
- argList.add("-d");
- argList
- .add(driver);
- argList.add("-n");
- argList.add(userName);
- argList.add("-p");
- argList.add(passWord);
- argList.add("-f");
- argList.add(sqlScriptFile);
-
- BeeLine beeLine = new BeeLine();
- if (!verbose) {
- beeLine.setOutputStream(new PrintStream(new NullOutputStream()));
- // beeLine.getOpts().setSilent(true);
- }
- // beeLine.getOpts().setAllowMultiLineCommand(false);
- // beeLine.getOpts().setIsolation("TRANSACTION_READ_COMMITTED");
- int status = beeLine.begin(argList.toArray(new String[0]), null);
- if (status != 0) {
- throw new IOException("Schema script failed, errorcode " + status);
- }
- }
-
- private String getValidConfVar(String confVar) throws IOException {
- String confVarKey = confVar;
- String confVarValue = sentryConf.get(confVarKey);
- if (confVarValue == null || confVarValue.isEmpty()) {
- throw new IOException("Empty " + confVar);
- }
- return confVarValue;
- }
-
- // Create the required command line options
- @SuppressWarnings("static-access")
- private static void initOptions(Options cmdLineOptions) {
- Option help = new Option("help", "print this message");
- Option upgradeOpt = new Option("upgradeSchema", "Schema upgrade");
- Option upgradeFromOpt = OptionBuilder.withArgName("upgradeFrom").hasArg().
- withDescription("Schema upgrade from a version").
- create("upgradeSchemaFrom");
- Option initOpt = new Option("initSchema", "Schema initialization");
- Option initToOpt = OptionBuilder.withArgName("initTo").hasArg().
- withDescription("Schema initialization to a version").
- create("initSchemaTo");
- Option infoOpt = new Option("info", "Show config and schema details");
-
- OptionGroup optGroup = new OptionGroup();
- optGroup.addOption(upgradeOpt).addOption(initOpt).
- addOption(help).addOption(upgradeFromOpt).
- addOption(initToOpt).addOption(infoOpt);
- optGroup.setRequired(true);
-
- Option userNameOpt = OptionBuilder.withArgName("user")
- .hasArg()
- .withDescription("Override config file user name")
- .create("userName");
- Option passwdOpt = OptionBuilder.withArgName("password")
- .hasArg()
- .withDescription("Override config file password")
- .create("passWord");
- Option dbTypeOpt = OptionBuilder.withArgName("databaseType")
- .hasArg().withDescription("Metastore database type [" +
- SentrySchemaHelper.DB_DERBY + "," +
- SentrySchemaHelper.DB_MYSQL + "," +
- SentrySchemaHelper.DB_ORACLE + "," +
- SentrySchemaHelper.DB_POSTGRACE + "," +
- SentrySchemaHelper.DB_DB2 + "]")
- .create("dbType");
- Option dbOpts = OptionBuilder.withArgName("databaseOpts")
- .hasArgs().withDescription("Backend DB specific options")
- .create("dbOpts");
-
- Option dryRunOpt = new Option("dryRun", "list SQL scripts (no execute)");
- Option verboseOpt = new Option("verbose", "only print SQL statements");
-
- Option configOpt = OptionBuilder.withArgName("confName").hasArgs()
- .withDescription("Sentry Service configuration file").isRequired(true)
- .create(ServiceConstants.ServiceArgs.CONFIG_FILE_LONG);
-
- cmdLineOptions.addOption(help);
- cmdLineOptions.addOption(dryRunOpt);
- cmdLineOptions.addOption(userNameOpt);
- cmdLineOptions.addOption(passwdOpt);
- cmdLineOptions.addOption(dbTypeOpt);
- cmdLineOptions.addOption(verboseOpt);
- cmdLineOptions.addOption(dbOpts);
- cmdLineOptions.addOption(configOpt);
- cmdLineOptions.addOptionGroup(optGroup);
- }
-
- public static class CommandImpl implements Command {
- @Override
- public void run(String[] args) throws Exception {
- CommandLineParser parser = new GnuParser();
- CommandLine line = null;
- String dbType = null;
- String schemaVer = null;
- Options cmdLineOptions = new Options();
- String configFileName = null;
-
- // Argument handling
- initOptions(cmdLineOptions);
- try {
- line = parser.parse(cmdLineOptions, args);
- } catch (ParseException e) {
- System.err.println("SentrySchemaTool:Parsing failed. Reason: "
- + e.getLocalizedMessage());
- printAndExit(cmdLineOptions);
- }
-
- if (line.hasOption("help")) {
- HelpFormatter formatter = new HelpFormatter();
- formatter.printHelp("schemaTool", cmdLineOptions);
- return;
- }
-
- if (line.hasOption("dbType")) {
- dbType = line.getOptionValue("dbType");
- if (!dbType.equalsIgnoreCase(SentrySchemaHelper.DB_DERBY)
- && !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_MYSQL)
- && !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_POSTGRACE)
- && !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_ORACLE)
- && !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_DB2)) {
- System.err.println("Unsupported dbType " + dbType);
- printAndExit(cmdLineOptions);
- }
- } else {
- System.err.println("no dbType supplied");
- printAndExit(cmdLineOptions);
- }
- if (line.hasOption(ServiceConstants.ServiceArgs.CONFIG_FILE_LONG)) {
- configFileName = line
- .getOptionValue(ServiceConstants.ServiceArgs.CONFIG_FILE_LONG);
- } else {
- System.err.println("no config file specified");
- printAndExit(cmdLineOptions);
- }
- try {
- SentrySchemaTool schemaTool = new SentrySchemaTool(
- SentryService.loadConfig(configFileName), dbType);
-
- if (line.hasOption("userName")) {
- schemaTool.setUserName(line.getOptionValue("userName"));
- }
- if (line.hasOption("passWord")) {
- schemaTool.setPassWord(line.getOptionValue("passWord"));
- }
- if (line.hasOption("dryRun")) {
- schemaTool.setDryRun(true);
- }
- if (line.hasOption("verbose")) {
- schemaTool.setVerbose(true);
- }
- if (line.hasOption("dbOpts")) {
- schemaTool.setDbOpts(line.getOptionValue("dbOpts"));
- }
-
- if (line.hasOption("info")) {
- schemaTool.showInfo();
- } else if (line.hasOption("upgradeSchema")) {
- schemaTool.doUpgrade();
- } else if (line.hasOption("upgradeSchemaFrom")) {
- schemaVer = line.getOptionValue("upgradeSchemaFrom");
- schemaTool.doUpgrade(schemaVer);
- } else if (line.hasOption("initSchema")) {
- schemaTool.doInit();
- } else if (line.hasOption("initSchemaTo")) {
- schemaVer = line.getOptionValue("initSchemaTo");
- schemaTool.doInit(schemaVer);
- } else {
- System.err.println("no valid option supplied");
- printAndExit(cmdLineOptions);
- }
- } catch (SentryUserException e) {
- System.err.println(e);
- if (line.hasOption("verbose")) {
- e.printStackTrace();
- }
- System.err.println("*** Sentry schemaTool failed ***");
- System.exit(1);
- } catch (MalformedURLException e) {
- System.err.println(e);
- if (line.hasOption("verbose")) {
- e.printStackTrace();
- }
- System.err.println("*** Sentry schemaTool failed ***");
- System.exit(1);
- }
- System.out.println("Sentry schemaTool completed");
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellCommon.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellCommon.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellCommon.java
deleted file mode 100644
index 6ddc1de..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellCommon.java
+++ /dev/null
@@ -1,247 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.tools;
-
-import com.google.common.annotations.VisibleForTesting;
-
-import org.apache.commons.cli.CommandLine;
-import org.apache.commons.cli.GnuParser;
-import org.apache.commons.cli.HelpFormatter;
-import org.apache.commons.cli.Option;
-import org.apache.commons.cli.OptionGroup;
-import org.apache.commons.cli.Options;
-import org.apache.commons.cli.ParseException;
-import org.apache.commons.cli.Parser;
-import org.apache.commons.lang.StringUtils;
-
-/**
- * SentryShellCommon provides the function for parsing the argument.
- * For hive model and generic model, child class should be implemented as a sentry admin tool.
- */
-abstract public class SentryShellCommon {
-
- protected String roleName;
- protected String groupName;
- protected String privilegeStr;
- protected String confPath;
- // flag for the command
- protected boolean isCreateRole = false;
- protected boolean isDropRole = false;
- protected boolean isAddRoleGroup = false;
- protected boolean isDeleteRoleGroup = false;
- protected boolean isGrantPrivilegeRole = false;
- protected boolean isRevokePrivilegeRole = false;
- protected boolean isListRole = false;
- protected boolean isListPrivilege = false;
- protected boolean isPrintHelp = false;
- // flag for the parameter check
- protected boolean roleNameRequired = false;
- protected boolean groupNameRequired = false;
- protected boolean privilegeStrRequired = false;
-
- public final static String OPTION_DESC_HELP = "Shell usage";
- public final static String OPTION_DESC_CONF = "sentry-site file path";
- public final static String OPTION_DESC_ROLE_NAME = "Role name";
- public final static String OPTION_DESC_GROUP_NAME = "Group name";
- public final static String OPTION_DESC_PRIVILEGE = "Privilege string";
- public final static String PREFIX_MESSAGE_MISSING_OPTION = "Missing required option: ";
-
- public final static String GROUP_SPLIT_CHAR = ",";
-
- /**
- * parse arguments
- *
- * <pre>
- * -conf,--sentry_conf <filepath> sentry config file path
- * -cr,--create_role -r <rolename> create role
- * -dr,--drop_role -r <rolename> drop role
- * -arg,--add_role_group -r <rolename> -g <groupname> add role to group
- * -drg,--delete_role_group -r <rolename> -g <groupname> delete role from group
- * -gpr,--grant_privilege_role -r <rolename> -p <privilege> grant privilege to role
- * -rpr,--revoke_privilege_role -r <rolename> -p <privilege> revoke privilege from role
- * -lr,--list_role -g <groupname> list roles for group
- * -lp,--list_privilege -r <rolename> list privilege for role
- * -t,--type <typeame> the shell for hive model or generic model
- * </pre>
- *
- * @param args
- */
- protected boolean parseArgs(String[] args) {
- Options simpleShellOptions = new Options();
-
- Option crOpt = new Option("cr", "create_role", false, "Create role");
- crOpt.setRequired(false);
-
- Option drOpt = new Option("dr", "drop_role", false, "Drop role");
- drOpt.setRequired(false);
-
- Option argOpt = new Option("arg", "add_role_group", false, "Add role to group");
- argOpt.setRequired(false);
-
- Option drgOpt = new Option("drg", "delete_role_group", false, "Delete role from group");
- drgOpt.setRequired(false);
-
- Option gprOpt = new Option("gpr", "grant_privilege_role", false, "Grant privilege to role");
- gprOpt.setRequired(false);
-
- Option rprOpt = new Option("rpr", "revoke_privilege_role", false, "Revoke privilege from role");
- rprOpt.setRequired(false);
-
- Option lrOpt = new Option("lr", "list_role", false, "List role");
- lrOpt.setRequired(false);
-
- Option lpOpt = new Option("lp", "list_privilege", false, "List privilege");
- lpOpt.setRequired(false);
-
- // required args group
- OptionGroup simpleShellOptGroup = new OptionGroup();
- simpleShellOptGroup.addOption(crOpt);
- simpleShellOptGroup.addOption(drOpt);
- simpleShellOptGroup.addOption(argOpt);
- simpleShellOptGroup.addOption(drgOpt);
- simpleShellOptGroup.addOption(gprOpt);
- simpleShellOptGroup.addOption(rprOpt);
- simpleShellOptGroup.addOption(lrOpt);
- simpleShellOptGroup.addOption(lpOpt);
- simpleShellOptGroup.setRequired(true);
- simpleShellOptions.addOptionGroup(simpleShellOptGroup);
-
- // optional args
- Option pOpt = new Option("p", "privilege", true, OPTION_DESC_PRIVILEGE);
- pOpt.setRequired(false);
- simpleShellOptions.addOption(pOpt);
-
- Option gOpt = new Option("g", "groupname", true, OPTION_DESC_GROUP_NAME);
- gOpt.setRequired(false);
- simpleShellOptions.addOption(gOpt);
-
- Option rOpt = new Option("r", "rolename", true, OPTION_DESC_ROLE_NAME);
- rOpt.setRequired(false);
- simpleShellOptions.addOption(rOpt);
-
- // this argument should be parsed in the bin/sentryShell
- Option tOpt = new Option("t", "type", true, "[hive|solr|sqoop|.....]");
- tOpt.setRequired(false);
- simpleShellOptions.addOption(tOpt);
-
- // file path of sentry-site
- Option sentrySitePathOpt = new Option("conf", "sentry_conf", true, OPTION_DESC_CONF);
- sentrySitePathOpt.setRequired(true);
- simpleShellOptions.addOption(sentrySitePathOpt);
-
- // help option
- Option helpOpt = new Option("h", "help", false, OPTION_DESC_HELP);
- helpOpt.setRequired(false);
- simpleShellOptions.addOption(helpOpt);
-
- // this Options is parsed first for help option
- Options helpOptions = new Options();
- helpOptions.addOption(helpOpt);
-
- try {
- Parser parser = new GnuParser();
-
- // parse help option first
- CommandLine cmd = parser.parse(helpOptions, args, true);
- for (Option opt : cmd.getOptions()) {
- if (opt.getOpt().equals("h")) {
- // get the help option, print the usage and exit
- usage(simpleShellOptions);
- return false;
- }
- }
-
- // without help option
- cmd = parser.parse(simpleShellOptions, args);
-
- for (Option opt : cmd.getOptions()) {
- if (opt.getOpt().equals("p")) {
- privilegeStr = opt.getValue();
- } else if (opt.getOpt().equals("g")) {
- groupName = opt.getValue();
- } else if (opt.getOpt().equals("r")) {
- roleName = opt.getValue();
- } else if (opt.getOpt().equals("cr")) {
- isCreateRole = true;
- roleNameRequired = true;
- } else if (opt.getOpt().equals("dr")) {
- isDropRole = true;
- roleNameRequired = true;
- } else if (opt.getOpt().equals("arg")) {
- isAddRoleGroup = true;
- roleNameRequired = true;
- groupNameRequired = true;
- } else if (opt.getOpt().equals("drg")) {
- isDeleteRoleGroup = true;
- roleNameRequired = true;
- groupNameRequired = true;
- } else if (opt.getOpt().equals("gpr")) {
- isGrantPrivilegeRole = true;
- roleNameRequired = true;
- privilegeStrRequired = true;
- } else if (opt.getOpt().equals("rpr")) {
- isRevokePrivilegeRole = true;
- roleNameRequired = true;
- privilegeStrRequired = true;
- } else if (opt.getOpt().equals("lr")) {
- isListRole = true;
- } else if (opt.getOpt().equals("lp")) {
- isListPrivilege = true;
- roleNameRequired = true;
- } else if (opt.getOpt().equals("conf")) {
- confPath = opt.getValue();
- }
- }
- checkRequiredParameter(roleNameRequired, roleName, OPTION_DESC_ROLE_NAME);
- checkRequiredParameter(groupNameRequired, groupName, OPTION_DESC_GROUP_NAME);
- checkRequiredParameter(privilegeStrRequired, privilegeStr, OPTION_DESC_PRIVILEGE);
- } catch (ParseException pe) {
- System.out.println(pe.getMessage());
- usage(simpleShellOptions);
- return false;
- }
- return true;
- }
-
- private void checkRequiredParameter(boolean isRequired, String paramValue, String paramName) throws ParseException {
- if (isRequired && StringUtils.isEmpty(paramValue)) {
- throw new ParseException(PREFIX_MESSAGE_MISSING_OPTION + paramName);
- }
- }
-
- // print usage
- private void usage(Options sentryOptions) {
- HelpFormatter formatter = new HelpFormatter();
- formatter.printHelp("sentryShell", sentryOptions);
- }
-
- // hive model and generic model should implement this method
- public abstract void run() throws Exception;
-
- @VisibleForTesting
- public boolean executeShell(String[] args) throws Exception {
- boolean result = true;
- if (parseArgs(args)) {
- run();
- } else {
- result = false;
- }
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellHive.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellHive.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellHive.java
deleted file mode 100644
index dc7f829..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentryShellHive.java
+++ /dev/null
@@ -1,98 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.tools;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.fs.Path;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.tools.command.hive.*;
-import org.apache.sentry.service.thrift.SentryServiceClientFactory;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * SentryShellHive is an admin tool, and responsible for the management of repository.
- * The following function are supported:
- * create role, drop role, add group to role, delete group from role, grant privilege to role,
- * revoke privilege from role, list roles for group, list privilege for role.
- */
-public class SentryShellHive extends SentryShellCommon {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryShellHive.class);
-
- public void run() throws Exception {
- Command command = null;
- SentryPolicyServiceClient client = SentryServiceClientFactory.create(getSentryConf());
- UserGroupInformation ugi = UserGroupInformation.getLoginUser();
- String requestorName = ugi.getShortUserName();
-
- if (isCreateRole) {
- command = new CreateRoleCmd(roleName);
- } else if (isDropRole) {
- command = new DropRoleCmd(roleName);
- } else if (isAddRoleGroup) {
- command = new GrantRoleToGroupsCmd(roleName, groupName);
- } else if (isDeleteRoleGroup) {
- command = new RevokeRoleFromGroupsCmd(roleName, groupName);
- } else if (isGrantPrivilegeRole) {
- command = new GrantPrivilegeToRoleCmd(roleName, privilegeStr);
- } else if (isRevokePrivilegeRole) {
- command = new RevokePrivilegeFromRoleCmd(roleName, privilegeStr);
- } else if (isListRole) {
- command = new ListRolesCmd(groupName);
- } else if (isListPrivilege) {
- command = new ListPrivilegesCmd(roleName);
- }
-
- // check the requestor name
- if (StringUtils.isEmpty(requestorName)) {
- // The exception message will be recoreded in log file.
- throw new Exception("The requestor name is empty.");
- }
-
- if (command != null) {
- command.execute(client, requestorName);
- }
- }
-
- private Configuration getSentryConf() {
- Configuration conf = new Configuration();
- conf.addResource(new Path(confPath));
- return conf;
- }
-
- public static void main(String[] args) throws Exception {
- SentryShellHive sentryShell = new SentryShellHive();
- try {
- sentryShell.executeShell(args);
- } catch (Exception e) {
- LOGGER.error(e.getMessage(), e);
- Throwable current = e;
- // find the first printable message;
- while (current != null && current.getMessage() == null) {
- current = current.getCause();
- }
- System.out.println("The operation failed." +
- (current.getMessage() == null ? "" : " Message: " + current.getMessage()));
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java
deleted file mode 100644
index 79aed49..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-
-/**
- * The interface for all admin commands, eg, CreateRoleCmd.
- */
-public interface Command {
- void execute(SentryPolicyServiceClient client, String requestorName) throws Exception;
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java
deleted file mode 100644
index 51ee9ef..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java
+++ /dev/null
@@ -1,119 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.sentry.core.common.utils.KeyValue;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.service.thrift.ServiceConstants;
-
-public final class CommandUtil {
-
- public static final String SPLIT_CHAR = ",";
-
- private CommandUtil() {
- // Make constructor private to avoid instantiation
- }
-
- // parse the privilege in String and get the TSentryPrivilege as result
- public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) throws Exception {
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
- for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
- KeyValue tempKV = new KeyValue(authorizable);
- String key = tempKV.getKey();
- String value = tempKV.getValue();
-
- if (PolicyFileConstants.PRIVILEGE_SERVER_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setServerName(value);
- } else if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setDbName(value);
- } else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setTableName(value);
- } else if (PolicyFileConstants.PRIVILEGE_COLUMN_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setColumnName(value);
- } else if (PolicyFileConstants.PRIVILEGE_URI_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setURI(value);
- tSentryPrivilege.setAction(AccessConstants.ALL);
- } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setAction(value);
- } else if (PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME.equalsIgnoreCase(key)) {
- TSentryGrantOption grantOption = "true".equalsIgnoreCase(value) ? TSentryGrantOption.TRUE
- : TSentryGrantOption.FALSE;
- tSentryPrivilege.setGrantOption(grantOption);
- }
- }
- tSentryPrivilege.setPrivilegeScope(getPrivilegeScope(tSentryPrivilege));
- validatePrivilegeHierarchy(tSentryPrivilege);
- return tSentryPrivilege;
- }
-
- // for the different hierarchy for hive:
- // 1: server->url
- // 2: server->database->table->column
- // if both of them are found in the privilege string, the privilege scope will be set as
- // PrivilegeScope.URI
- private static String getPrivilegeScope(TSentryPrivilege tSentryPrivilege) {
- ServiceConstants.PrivilegeScope privilegeScope = ServiceConstants.PrivilegeScope.SERVER;
- if (!StringUtils.isEmpty(tSentryPrivilege.getURI())) {
- privilegeScope = ServiceConstants.PrivilegeScope.URI;
- } else if (!StringUtils.isEmpty(tSentryPrivilege.getColumnName())) {
- privilegeScope = ServiceConstants.PrivilegeScope.COLUMN;
- } else if (!StringUtils.isEmpty(tSentryPrivilege.getTableName())) {
- privilegeScope = ServiceConstants.PrivilegeScope.TABLE;
- } else if (!StringUtils.isEmpty(tSentryPrivilege.getDbName())) {
- privilegeScope = ServiceConstants.PrivilegeScope.DATABASE;
- }
- return privilegeScope.toString();
- }
-
- // check the privilege value for the specific privilege scope
- // eg, for the table scope, server and database can't be empty
- private static void validatePrivilegeHierarchy(TSentryPrivilege tSentryPrivilege) throws Exception {
- String serverName = tSentryPrivilege.getServerName();
- String dbName = tSentryPrivilege.getDbName();
- String tableName = tSentryPrivilege.getTableName();
- String columnName = tSentryPrivilege.getColumnName();
- String uri = tSentryPrivilege.getURI();
- if (ServiceConstants.PrivilegeScope.SERVER.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
- if (StringUtils.isEmpty(serverName)) {
- throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
- }
- } else if (ServiceConstants.PrivilegeScope.URI.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
- if (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(uri)) {
- throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
- }
- } else if (ServiceConstants.PrivilegeScope.DATABASE.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
- if (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)) {
- throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
- }
- } else if (ServiceConstants.PrivilegeScope.TABLE.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
- if (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)
- || StringUtils.isEmpty(tableName)) {
- throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
- }
- } else if (ServiceConstants.PrivilegeScope.COLUMN.toString().equals(tSentryPrivilege.getPrivilegeScope())
- && (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)
- || StringUtils.isEmpty(tableName) || StringUtils.isEmpty(columnName))) {
- throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CreateRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CreateRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CreateRoleCmd.java
deleted file mode 100644
index 5a4834a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CreateRoleCmd.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-
-/**
- * The class for admin command to create role.
- */
-public class CreateRoleCmd implements Command {
-
- private String roleName;
-
- public CreateRoleCmd(String roleName) {
- this.roleName = roleName;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- client.createRole(requestorName, roleName);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/DropRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/DropRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/DropRoleCmd.java
deleted file mode 100644
index facec0e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/DropRoleCmd.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-
-/**
- * The class for admin command to drop role.
- */
-public class DropRoleCmd implements Command {
-
- private String roleName;
-
- public DropRoleCmd(String roleName) {
- this.roleName = roleName;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- client.dropRole(requestorName, roleName);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantPrivilegeToRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantPrivilegeToRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantPrivilegeToRoleCmd.java
deleted file mode 100644
index e3d06a9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantPrivilegeToRoleCmd.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-
-/**
- * The class for admin command to grant privilege to role.
- */
-public class GrantPrivilegeToRoleCmd implements Command {
-
- private String roleName;
- private String privilegeStr;
-
- public GrantPrivilegeToRoleCmd(String roleName, String privilegeStr) {
- this.roleName = roleName;
- this.privilegeStr = privilegeStr;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- TSentryPrivilege tSentryPrivilege = CommandUtil.convertToTSentryPrivilege(privilegeStr);
- client.grantPrivilege(requestorName, roleName, tSentryPrivilege);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantRoleToGroupsCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantRoleToGroupsCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantRoleToGroupsCmd.java
deleted file mode 100644
index 07a3de4..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/GrantRoleToGroupsCmd.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import com.google.common.collect.Sets;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.tools.SentryShellCommon;
-
-import java.util.Set;
-
-/**
- * The class for admin command to grant role to group.
- */
-public class GrantRoleToGroupsCmd implements Command {
-
- private String roleName;
- private String groupNamesStr;
-
- public GrantRoleToGroupsCmd(String roleName, String groupNamesStr) {
- this.roleName = roleName;
- this.groupNamesStr = groupNamesStr;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- Set<String> groups = Sets.newHashSet(groupNamesStr.split(SentryShellCommon.GROUP_SPLIT_CHAR));
- client.grantRoleToGroups(requestorName, roleName, groups);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListPrivilegesCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListPrivilegesCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListPrivilegesCmd.java
deleted file mode 100644
index 5f3e9fb..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListPrivilegesCmd.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import com.google.common.collect.Lists;
-import org.apache.commons.lang.StringUtils;
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-
-import java.util.List;
-import java.util.Set;
-
-/**
- * The class for admin command to list privileges.
- */
-public class ListPrivilegesCmd implements Command {
-
- private String roleName;
-
- public ListPrivilegesCmd(String roleName) {
- this.roleName = roleName;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- Set<TSentryPrivilege> privileges = client
- .listAllPrivilegesByRoleName(requestorName, roleName);
- if (privileges != null) {
- for (TSentryPrivilege privilege : privileges) {
- String privilegeStr = convertToPrivilegeStr(privilege);
- System.out.println(privilegeStr);
- }
- }
- }
-
- // convert TSentryPrivilege to privilege in string
- private String convertToPrivilegeStr(TSentryPrivilege tSentryPrivilege) {
- List<String> privileges = Lists.newArrayList();
- if (tSentryPrivilege != null) {
- String serverName = tSentryPrivilege.getServerName();
- String dbName = tSentryPrivilege.getDbName();
- String tableName = tSentryPrivilege.getTableName();
- String columnName = tSentryPrivilege.getColumnName();
- String uri = tSentryPrivilege.getURI();
- String action = tSentryPrivilege.getAction();
- String grantOption = (tSentryPrivilege.getGrantOption() == TSentryGrantOption.TRUE ? "true"
- : "false");
- if (!StringUtils.isEmpty(serverName)) {
- privileges.add(SentryConstants.KV_JOINER.join(PolicyFileConstants.PRIVILEGE_SERVER_NAME,
- serverName));
- if (!StringUtils.isEmpty(uri)) {
- privileges.add(SentryConstants.KV_JOINER.join(PolicyFileConstants.PRIVILEGE_URI_NAME,
- uri));
- } else if (!StringUtils.isEmpty(dbName)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_DATABASE_NAME, dbName));
- if (!StringUtils.isEmpty(tableName)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_TABLE_NAME, tableName));
- if (!StringUtils.isEmpty(columnName)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_COLUMN_NAME, columnName));
- }
- }
- }
- if (!StringUtils.isEmpty(action)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_ACTION_NAME, action));
- }
- }
- // only append the grant option to privilege string if it's true
- if ("true".equals(grantOption)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME, grantOption));
- }
- }
- return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListRolesCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListRolesCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListRolesCmd.java
deleted file mode 100644
index 283f2c0..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/ListRolesCmd.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-
-import java.util.Set;
-
-/**
- * The class for admin command to list roles.
- */
-public class ListRolesCmd implements Command {
-
- private String groupName;
-
- public ListRolesCmd(String groupName) {
- this.groupName = groupName;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- Set<TSentryRole> roles;
- if (StringUtils.isEmpty(groupName)) {
- roles = client.listRoles(requestorName);
- } else {
- roles = client.listRolesByGroupName(requestorName, groupName);
- }
- if (roles != null) {
- for (TSentryRole role : roles) {
- System.out.println(role.getRoleName());
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java
deleted file mode 100644
index fe6aca5..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokePrivilegeFromRoleCmd.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-
-/**
- * The class for admin command to revoke privileges from role.
- */
-public class RevokePrivilegeFromRoleCmd implements Command {
-
- private String roleName;
- private String privilegeStr;
-
- public RevokePrivilegeFromRoleCmd(String roleName, String privilegeStr) {
- this.roleName = roleName;
- this.privilegeStr = privilegeStr;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- TSentryPrivilege tSentryPrivilege = CommandUtil.convertToTSentryPrivilege(privilegeStr);
- client.revokePrivilege(requestorName, roleName, tSentryPrivilege);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokeRoleFromGroupsCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokeRoleFromGroupsCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokeRoleFromGroupsCmd.java
deleted file mode 100644
index 86773ca..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/RevokeRoleFromGroupsCmd.java
+++ /dev/null
@@ -1,43 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.tools.command.hive;
-
-import com.google.common.collect.Sets;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-
-import java.util.Set;
-
-/**
- * The class for admin command to revoke role from group.
- */
-public class RevokeRoleFromGroupsCmd implements Command {
-
- private String roleName;
- private String groupNamesStr;
-
- public RevokeRoleFromGroupsCmd(String roleName, String groupNamesStr) {
- this.roleName = roleName;
- this.groupNamesStr = groupNamesStr;
- }
-
- @Override
- public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception {
- Set<String> groups = Sets.newHashSet(groupNamesStr.split(CommandUtil.SPLIT_CHAR));
- client.revokeRoleFromGroups(requestorName, roleName, groups);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/GSSCallback.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/GSSCallback.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/GSSCallback.java
deleted file mode 100644
index b668b95..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/GSSCallback.java
+++ /dev/null
@@ -1,110 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.util.Arrays;
-import java.util.List;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.sasl.AuthorizeCallback;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.SaslRpcServer;
-import org.apache.sentry.core.common.exception.ConnectionDeniedException;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-
-public class GSSCallback extends SaslRpcServer.SaslGssCallbackHandler {
-
- private final Configuration conf;
- public GSSCallback(Configuration conf) {
- super();
- this.conf = conf;
- }
-
- boolean comparePrincipals(String principal1, String principal2) {
- String[] principalParts1 = SaslRpcServer.splitKerberosName(principal1);
- String[] principalParts2 = SaslRpcServer.splitKerberosName(principal2);
- if (principalParts1.length == 0 || principalParts2.length == 0) {
- return false;
- }
- if (principalParts1.length == principalParts2.length) {
- for (int i=0; i < principalParts1.length; i++) {
- if (!principalParts1[i].equals(principalParts2[i])) {
- return false;
- }
- }
- return true;
- } else {
- return false;
- }
- }
-
- boolean allowConnect(String principal) {
- String allowedPrincipals = conf.get(ServerConfig.ALLOW_CONNECT);
- if (allowedPrincipals == null) {
- return false;
- }
- String principalShortName = getShortName(principal);
- List<String> items = Arrays.asList(allowedPrincipals.split("\\s*,\\s*"));
- for (String item : items) {
- if (comparePrincipals(item, principalShortName)) {
- return true;
- }
- }
- return false;
- }
-
- private String getShortName(String principal) {
- String parts[] = SaslRpcServer.splitKerberosName(principal);
- return parts[0];
- }
-
- @Override
- public void handle(Callback[] callbacks)
- throws UnsupportedCallbackException, ConnectionDeniedException {
- AuthorizeCallback ac = null;
- for (Callback callback : callbacks) {
- if (callback instanceof AuthorizeCallback) {
- ac = (AuthorizeCallback) callback;
- } else {
- throw new UnsupportedCallbackException(callback,
- "Unrecognized SASL GSSAPI Callback");
- }
- }
- if (ac != null) {
- String authid = ac.getAuthenticationID();
- String authzid = ac.getAuthorizationID();
-
- if (allowConnect(authid)) {
- if (authid.equals(authzid)) {
- ac.setAuthorized(true);
- } else {
- ac.setAuthorized(false);
- }
- if (ac.isAuthorized()) {
- ac.setAuthorizedID(authzid);
- }
- } else {
- throw new ConnectionDeniedException(ac,
- "Connection to sentry service denied due to lack of client credentials",
- authid);
- }
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java
deleted file mode 100644
index d97a07e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.io.IOException;
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.net.InetSocketAddress;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.curator.x.discovery.ServiceInstance;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.service.persistent.HAContext;
-import org.apache.sentry.provider.db.service.persistent.ServiceManager;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Preconditions;
-
-public class HAClientInvocationHandler extends SentryClientInvocationHandler {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(HAClientInvocationHandler.class);
-
- private final Configuration conf;
- private ServiceManager manager;
- private ServiceInstance<Void> currentServiceInstance;
- private SentryPolicyServiceClient client = null;
-
- private static final String THRIFT_EXCEPTION_MESSAGE = "Thrift exception occured ";
- public static final String SENTRY_HA_ERROR_MESSAGE = "No Sentry server available. Please ensure that at least one Sentry server is online";
-
- public HAClientInvocationHandler(Configuration conf) throws Exception {
- this.conf = conf;
- checkClientConf();
- }
-
- @Override
- public Object invokeImpl(Object proxy, Method method, Object[] args) throws
- SentryUserException {
- Object result = null;
- try {
- if (!method.isAccessible()) {
- method.setAccessible(true);
- }
- // The client is initialized in the first call instead of constructor.
- // This way we can propagate the connection exception to caller cleanly
- if (client == null) {
- renewSentryClient();
- }
- result = method.invoke(client, args);
- } catch (IllegalAccessException e) {
- throw new SentryUserException(e.getMessage(), e.getCause());
- } catch (InvocationTargetException e) {
- if (e.getTargetException() instanceof SentryUserException) {
- throw (SentryUserException)e.getTargetException();
- } else {
- LOGGER.warn(THRIFT_EXCEPTION_MESSAGE + ": Error in connect current" +
- " service, will retry other service.", e);
- if (client != null) {
- client.close();
- client = null;
- }
- }
- } catch (IOException e1) {
- throw new SentryUserException("Error connecting to sentry service "
- + e1.getMessage(), e1);
- }
- return result;
- }
-
- // Retrieve the new connection endpoint from ZK and connect to new server
- private void renewSentryClient() throws IOException {
- try {
- manager = new ServiceManager(HAContext.getHAContext(conf));
- } catch (Exception e1) {
- throw new IOException("Failed to extract Sentry node info from zookeeper", e1);
- }
-
- try {
- while (true) {
- currentServiceInstance = manager.getServiceInstance();
- if (currentServiceInstance == null) {
- throw new IOException(SENTRY_HA_ERROR_MESSAGE);
- }
- InetSocketAddress serverAddress =
- ServiceManager.convertServiceInstance(currentServiceInstance);
- conf.set(ServiceConstants.ClientConfig.SERVER_RPC_ADDRESS, serverAddress.getHostName());
- conf.setInt(ServiceConstants.ClientConfig.SERVER_RPC_PORT, serverAddress.getPort());
- try {
- client = new SentryPolicyServiceClientDefaultImpl(conf);
- LOGGER.info("Sentry Client using server " + serverAddress.getHostName() +
- ":" + serverAddress.getPort());
- break;
- } catch (IOException e) {
- manager.reportError(currentServiceInstance);
- LOGGER.info("Transport exception while opening transport:", e, e.getMessage());
- }
- }
- } finally {
- manager.close();
- }
- }
-
- private void checkClientConf() {
- if (conf.getBoolean(ServerConfig.SENTRY_HA_ZOOKEEPER_SECURITY,
- ServerConfig.SENTRY_HA_ZOOKEEPER_SECURITY_DEFAULT)) {
- String serverPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL),
- ServerConfig.PRINCIPAL + " is required");
- Preconditions.checkArgument(serverPrincipal.contains(SecurityUtil.HOSTNAME_PATTERN),
- ServerConfig.PRINCIPAL + " : " + serverPrincipal + " should contain " + SecurityUtil.HOSTNAME_PATTERN);
- }
- }
-
- @Override
- public void close() {
- if (client != null) {
- client.close();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java
deleted file mode 100644
index a79ce5f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/JaasConfiguration.java
+++ /dev/null
@@ -1,133 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.auth.login.AppConfigurationEntry;
-import javax.security.auth.login.Configuration;
-
-/**
- * Creates a programmatic version of a jaas.conf file. This can be used instead of writing a jaas.conf file and setting
- * the system property, "java.security.auth.login.config", to point to that file. It is meant to be used for connecting to
- * ZooKeeper.
- * <p>
- * example usage:
- * JaasConfiguration.addEntry("Client", principal, keytabFile);
- * javax.security.auth.login.Configuration.setConfiguration(JaasConfiguration.getInstance());
- */
-public final class JaasConfiguration extends Configuration {
- private static Map<String, AppConfigurationEntry> entries = new HashMap<String, AppConfigurationEntry>();
- private static JaasConfiguration me = null;
- private static final String krb5LoginModuleName;
-
- static {
- if (System.getProperty("java.vendor").contains("IBM")) {
- krb5LoginModuleName = "com.ibm.security.auth.module.Krb5LoginModule";
- }
- else {
- krb5LoginModuleName = "com.sun.security.auth.module.Krb5LoginModule";
- }
- }
-
- private JaasConfiguration() {
- // don't need to do anything here but we want to make it private
- }
-
- /**
- * Return the singleton. You'd typically use it only to do this:
- * <p>
- * javax.security.auth.login.Configuration.setConfiguration(JaasConfiguration.getInstance());
- *
- * @return
- */
- public static Configuration getInstance() {
- if (me == null) {
- me = new JaasConfiguration();
- }
- return me;
- }
-
- /**
- * Add an entry to the jaas configuration with the passed in name, principal, and keytab. The other necessary options will be
- * set for you.
- *
- * @param name The name of the entry (e.g. "Client")
- * @param principal The principal of the user
- * @param keytab The location of the keytab
- */
- public static void addEntryForKeytab(String name, String principal, String keytab) {
- Map<String, String> options = new HashMap<String, String>();
- options.put("keyTab", keytab);
- options.put("principal", principal);
- options.put("useKeyTab", "true");
- options.put("storeKey", "true");
- options.put("useTicketCache", "false");
- AppConfigurationEntry entry = new AppConfigurationEntry(krb5LoginModuleName,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
- entries.put(name, entry);
- }
-
- /**
- * Add an entry to the jaas configuration with the passed in name. The other
- * necessary options will be set for you.
- *
- * @param name The name of the entry (e.g. "Client")
- */
- public static void addEntryForTicketCache(String sectionName) {
- Map<String, String> options = new HashMap<String, String>();
- options.put("useKeyTab", "false");
- options.put("storeKey", "false");
- options.put("useTicketCache", "true");
- AppConfigurationEntry entry = new AppConfigurationEntry(krb5LoginModuleName,
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options);
- entries.put(sectionName, entry);
- }
-
- /**
- * Removes the specified entry.
- *
- * @param name The name of the entry to remove
- */
- public static void removeEntry(String name) {
- entries.remove(name);
- }
-
- /**
- * Clears all entries.
- */
- public static void clearEntries() {
- entries.clear();
- }
-
- /**
- * Returns the entries map.
- *
- * @return the entries map
- */
- public static Map<String, AppConfigurationEntry> getEntries() {
- return entries;
- }
-
- @Override
- public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
- return new AppConfigurationEntry[]{entries.get(name)};
- }
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/KerberosConfiguration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/KerberosConfiguration.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/KerberosConfiguration.java
deleted file mode 100644
index 41e4fe4..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/KerberosConfiguration.java
+++ /dev/null
@@ -1,107 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.io.File;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.auth.login.AppConfigurationEntry;
-
-public class KerberosConfiguration extends javax.security.auth.login.Configuration {
- private String principal;
- private String keytab;
- private boolean isInitiator;
- private static final boolean IBM_JAVA = System.getProperty("java.vendor").contains("IBM");
-
- private KerberosConfiguration(String principal, File keytab,
- boolean client) {
- this.principal = principal;
- this.keytab = keytab.getAbsolutePath();
- this.isInitiator = client;
- }
-
- public static javax.security.auth.login.Configuration createClientConfig(String principal,
- File keytab) {
- return new KerberosConfiguration(principal, keytab, true);
- }
-
- public static javax.security.auth.login.Configuration createServerConfig(String principal,
- File keytab) {
- return new KerberosConfiguration(principal, keytab, false);
- }
-
- private static String getKrb5LoginModuleName() {
- return (IBM_JAVA ? "com.ibm.security.auth.module.Krb5LoginModule"
- : "com.sun.security.auth.module.Krb5LoginModule");
- }
-
- @Override
- public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
- Map<String, String> options = new HashMap<String, String>();
-
- if (IBM_JAVA) {
- // IBM JAVA's UseKeytab covers both keyTab and useKeyTab options
- options.put("useKeytab",keytab.startsWith("file://") ? keytab : "file://" + keytab);
-
- options.put("principal", principal);
- options.put("refreshKrb5Config", "true");
-
- // Both "initiator" and "acceptor"
- options.put("credsType", "both");
- } else {
- options.put("keyTab", keytab);
- options.put("principal", principal);
- options.put("useKeyTab", "true");
- options.put("storeKey", "true");
- options.put("doNotPrompt", "true");
- options.put("useTicketCache", "true");
- options.put("renewTGT", "true");
- options.put("refreshKrb5Config", "true");
- options.put("isInitiator", Boolean.toString(isInitiator));
- }
-
- String ticketCache = System.getenv("KRB5CCNAME");
- if (IBM_JAVA) {
- // If cache is specified via env variable, it takes priority
- if (ticketCache != null) {
- // IBM JAVA only respects system property so copy ticket cache to system property
- // The first value searched when "useDefaultCcache" is true.
- System.setProperty("KRB5CCNAME", ticketCache);
- } else {
- ticketCache = System.getProperty("KRB5CCNAME");
- }
-
- if (ticketCache != null) {
- options.put("useDefaultCcache", "true");
- options.put("renewTGT", "true");
- }
- } else {
- if (ticketCache != null) {
- options.put("ticketCache", ticketCache);
- }
- }
- options.put("debug", "true");
-
- return new AppConfigurationEntry[]{
- new AppConfigurationEntry(getKrb5LoginModuleName(),
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
- options)};
- }
-}
-
[07/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
deleted file mode 100644
index bc7fe12..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ /dev/null
@@ -1,2090 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import java.io.File;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.alias.CredentialProvider;
-import org.apache.hadoop.security.alias.CredentialProviderFactory;
-import org.apache.hadoop.security.alias.UserProvider;
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryGrantDeniedException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
-import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.Before;
-import org.junit.BeforeClass;
-import org.junit.Ignore;
-import org.junit.Test;
-
-import com.google.common.collect.Iterables;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-import com.google.common.io.Files;
-
-public class TestSentryStore extends org.junit.Assert {
-
- private static File dataDir;
- private static SentryStore sentryStore;
- private static String[] adminGroups = { "adminGroup1" };
- private static PolicyFile policyFile;
- private static File policyFilePath;
- final long NUM_PRIVS = 60; // > SentryStore.PrivCleaner.NOTIFY_THRESHOLD
- private static Configuration conf = null;
- private static char[] passwd = new char[] { '1', '2', '3'};
-
- @BeforeClass
- public static void setup() throws Exception {
- conf = new Configuration(false);
- final String ourUrl = UserProvider.SCHEME_NAME + ":///";
- conf.set(CredentialProviderFactory.CREDENTIAL_PROVIDER_PATH, ourUrl);
- CredentialProvider provider = CredentialProviderFactory.getProviders(conf).get(0);
- provider.createCredentialEntry(ServerConfig.
- SENTRY_STORE_JDBC_PASS, passwd);
- provider.flush();
-
- dataDir = new File(Files.createTempDir(), "sentry_policy_db");
- conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
- "jdbc:derby:;databaseName=" + dataDir.getPath() + ";create=true");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
- conf.setStrings(ServerConfig.ADMIN_GROUPS, adminGroups);
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING,
- ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING);
- policyFilePath = new File(dataDir, "local_policy_file.ini");
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
- policyFilePath.getPath());
- sentryStore = new SentryStore(conf);
- }
-
- @Before
- public void before() throws Exception {
- policyFile = new PolicyFile();
- String adminUser = "g1";
- addGroupsToUser(adminUser, adminGroups);
- writePolicyFile();
- }
-
- @After
- public void after() {
- sentryStore.clearAllTables();
- }
-
- @AfterClass
- public static void teardown() {
- if (sentryStore != null) {
- sentryStore.stop();
- }
- if (dataDir != null) {
- FileUtils.deleteQuietly(dataDir);
- }
- }
-
- @Test
- public void testCredentialProvider() throws Exception {
- assertArrayEquals(passwd, conf.getPassword(ServerConfig.
- SENTRY_STORE_JDBC_PASS));
- }
-
- @Test
- public void testCaseInsensitiveRole() throws Exception {
- String roleName = "newRole";
- String grantor = "g1";
- Set<TSentryGroup> groups = Sets.newHashSet();
- TSentryGroup group = new TSentryGroup();
- group.setGroupName("test-groups-g1");
- groups.add(group);
-
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("TABLE");
- privilege.setServerName("server1");
- privilege.setDbName("default");
- privilege.setTableName("table1");
- privilege.setAction(AccessConstants.ALL);
- privilege.setCreateTime(System.currentTimeMillis());
-
- Set<String> users = Sets.newHashSet("user1");
-
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- assertEquals(seqId + 1, sentryStore.alterSentryRoleAddGroups(grantor, roleName, groups).getSequenceId());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleDeleteGroups(roleName, groups).getSequenceId());
- assertEquals(seqId + 3, sentryStore.alterSentryRoleAddUsers(roleName, users).getSequenceId());
- assertEquals(seqId + 4, sentryStore.alterSentryRoleDeleteUsers(roleName, users).getSequenceId());
- assertEquals(seqId + 5, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- assertEquals(seqId + 6, sentryStore
- .alterSentryRoleRevokePrivilege(grantor, roleName, privilege).getSequenceId());
- }
-
- @Test
- public void testURI() throws Exception {
- String roleName = "test-dup-role";
- String grantor = "g1";
- String uri = "file:///var/folders/dt/9zm44z9s6bjfxbrm4v36lzdc0000gp/T/1401860678102-0/data/kv1.dat";
- sentryStore.createSentryRole(roleName);
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("URI", "server1", "ALL");
- tSentryPrivilege.setURI(uri);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege);
-
- TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
- tSentryAuthorizable.setUri(uri);
- tSentryAuthorizable.setServer("server1");
-
- Set<TSentryPrivilege> privileges =
- sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable);
-
- assertTrue(privileges.size() == 1);
-
- Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>();
- tSentryGroups.add(new TSentryGroup("group1"));
- sentryStore.alterSentryRoleAddGroups(grantor, roleName, tSentryGroups);
- sentryStore.alterSentryRoleAddUsers(roleName, Sets.newHashSet("user1"));
-
- TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(true, new HashSet<String>(Arrays.asList(roleName)));
-
- // list privilege for group only
- Set<String> privs = sentryStore.listSentryPrivilegesForProvider(
- new HashSet<String>(Arrays.asList("group1")), Sets.newHashSet(""), thriftRoleSet,
- tSentryAuthorizable);
-
- assertTrue(privs.size()==1);
- assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all"));
-
- // list privilege for user only
- privs = sentryStore.listSentryPrivilegesForProvider(new HashSet<String>(Arrays.asList("")),
- Sets.newHashSet("user1"), thriftRoleSet, tSentryAuthorizable);
- assertTrue(privs.size() == 1);
- assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all"));
-
- // list privilege for both user and group
- privs = sentryStore.listSentryPrivilegesForProvider(
- new HashSet<String>(Arrays.asList("group1")), Sets.newHashSet("user1"), thriftRoleSet,
- tSentryAuthorizable);
- assertTrue(privs.size() == 1);
- assertTrue(privs.contains("server=server1->uri=" + uri + "->action=all"));
- }
-
- @Test
- public void testCreateDuplicateRole() throws Exception {
- String roleName = "test-dup-role";
- sentryStore.createSentryRole(roleName);
- try {
- sentryStore.createSentryRole(roleName);
- fail("Expected SentryAlreadyExistsException");
- } catch(SentryAlreadyExistsException e) {
- // expected
- }
- }
-
- @Test
- public void testCaseSensitiveScope() throws Exception {
- String roleName = "role1";
- String grantor = "g1";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- TSentryPrivilege sentryPrivilege = new TSentryPrivilege("Database", "server1", "all");
- sentryPrivilege.setDbName("db1");
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, sentryPrivilege).getSequenceId());
- }
-
- @Test
- public void testCreateDropRole() throws Exception {
- String roleName = "test-drop-role";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- assertEquals(seqId + 1, sentryStore.dropSentryRole(roleName).getSequenceId());
- }
-
- @Test
- public void testAddDeleteGroupsNonExistantRole()
- throws Exception {
- String roleName = "non-existant-role";
- String grantor = "g1";
- Set<TSentryGroup> groups = Sets.newHashSet();
- Set<String> users = Sets.newHashSet(grantor);
- try {
- sentryStore.alterSentryRoleAddGroups(grantor, roleName, groups);
- fail("Expected SentryNoSuchObjectException exception");
- } catch (SentryNoSuchObjectException e) {
- // excepted exception
- }
- try {
- sentryStore.alterSentryRoleAddUsers(roleName, users);
- fail("Expected SentryNoSuchObjectException exception");
- } catch (SentryNoSuchObjectException e) {
- // excepted exception
- }
- }
-
- @Test
- public void testAddDeleteGroups() throws Exception {
- String roleName = "test-groups";
- String grantor = "g1";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- Set<TSentryGroup> groups = Sets.newHashSet();
- TSentryGroup group = new TSentryGroup();
- group.setGroupName("test-groups-g1");
- groups.add(group);
- group = new TSentryGroup();
- group.setGroupName("test-groups-g2");
- groups.add(group);
- assertEquals(seqId + 1, sentryStore.alterSentryRoleAddGroups(grantor,
- roleName, groups).getSequenceId());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleDeleteGroups(roleName, groups)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- assertEquals(Collections.emptySet(), role.getGroups());
- }
-
- @Test
- public void testAddDeleteUsers() throws Exception {
- String roleName = "test-users";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- Set<String> users = Sets.newHashSet("test-user-u1", "test-user-u2");
- assertEquals(seqId + 1, sentryStore.alterSentryRoleAddUsers(roleName, users).getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- assertEquals(2, role.getUsers().size());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleDeleteUsers(roleName, users).getSequenceId());
- role = sentryStore.getMSentryRoleByName(roleName);
- assertEquals(0, role.getUsers().size());
- }
-
- @Test
- public void testGetTSentryRolesForUser() throws Exception {
- // Test the method GetTSentryRolesForUser according to the following test data:
- // user1->group1
- // user2->group1
- // user3->group1, group2
- // user4->group2, group3
- // group1->r1
- // group2->r2
- // group3->r2
- // user2->r3
- // user4->r3
- String roleName1 = "r1";
- String roleName2 = "r2";
- String roleName3 = "r3";
- String user1 = "u1";
- String user2 = "u2";
- String user3 = "u3";
- String user4 = "u4";
- String group1 = "group1";
- String group2 = "group2";
- String group3 = "group3";
- Map<String, Set<String>> userToGroups = Maps.newHashMap();
- userToGroups.put(user1, Sets.newHashSet(group1));
- userToGroups.put(user2, Sets.newHashSet(group1));
- userToGroups.put(user3, Sets.newHashSet(group1, group2));
- userToGroups.put(user4, Sets.newHashSet(group2, group3));
-
- sentryStore.createSentryRole(roleName1);
- sentryStore.createSentryRole(roleName2);
- sentryStore.createSentryRole(roleName3);
- sentryStore.alterSentryRoleAddUsers(roleName1, Sets.newHashSet(user1));
- sentryStore.alterSentryRoleAddUsers(roleName2, Sets.newHashSet(user2));
- sentryStore.alterSentryRoleAddUsers(roleName2, Sets.newHashSet(user3));
- sentryStore.alterSentryRoleAddUsers(roleName3, Sets.newHashSet(user2, user4));
-
- Set<TSentryRole> roles = sentryStore.getTSentryRolesByUserNames(Sets.newHashSet(user1));
- assertEquals(1, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName1.equals(role.getRoleName()));
- }
-
- roles = sentryStore.getTSentryRolesByUserNames(Sets.newHashSet(user2));
- assertEquals(2, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName2.equals(role.getRoleName()) || roleName3.equals(role.getRoleName()));
- }
-
- roles = sentryStore.getTSentryRolesByUserNames(Sets.newHashSet(user3));
- assertEquals(1, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName2.equals(role.getRoleName()));
- }
-
- roles = sentryStore.getTSentryRolesByUserNames(Sets.newHashSet(user4));
- assertEquals(1, roles.size());
- for (TSentryRole role : roles) {
- assertTrue(roleName3.equals(role.getRoleName()));
- }
- }
-
- @Test
- public void testGrantRevokePrivilege() throws Exception {
- String roleName = "test-privilege";
- String grantor = "g1";
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("TABLE");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setAction(AccessConstants.ALL);
- privilege.setCreateTime(System.currentTimeMillis());
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
- privilege.setAction(AccessConstants.SELECT);
- assertEquals(seqId + 2, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege)
- .getSequenceId());
- // after having ALL and revoking SELECT, we should have INSERT
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
- MSentryPrivilege mPrivilege = Iterables.get(privileges, 0);
- assertEquals(server, mPrivilege.getServerName());
- assertEquals(db, mPrivilege.getDbName());
- assertEquals(table, mPrivilege.getTableName());
- assertEquals(AccessConstants.INSERT, mPrivilege.getAction());
- assertFalse(mPrivilege.getGrantOption());
- }
-
- private void verifyOrphanCleanup() throws Exception {
- boolean success = false;
- int iterations = 30;
- while (!success && iterations > 0) {
- Thread.sleep(1000);
- long numDBPrivs = sentryStore.countMSentryPrivileges();
- if (numDBPrivs < NUM_PRIVS) {
- assertEquals(0, numDBPrivs);
- success = true;
- }
- iterations--;
- }
- assertTrue("Failed to cleanup orphaned privileges", success);
- }
-
- /**
- * Create several privileges in the database, then delete the role that
- * created them. This makes them all orphans. Wait a bit to ensure the
- * cleanup thread runs, and expect them all to be gone from the database.
- * @throws Exception
- */
- @Ignore("Disabled with SENTRY-545 following SENTRY-140 problems")
- @Test
- public void testPrivilegeCleanup() throws Exception {
- final String roleName = "test-priv-cleanup";
- final String grantor = "g1";
- final String server = "server";
- final String dBase = "db";
- final String table = "table-";
-
- sentryStore.createSentryRole(roleName);
-
- // Create NUM_PRIVS unique privilege objects in the database
- for (int i = 0; i < NUM_PRIVS; i++) {
- TSentryPrivilege priv = new TSentryPrivilege();
- priv.setPrivilegeScope("TABLE");
- priv.setServerName(server);
- priv.setAction(AccessConstants.ALL);
- priv.setCreateTime(System.currentTimeMillis());
- priv.setTableName(table + i);
- priv.setDbName(dBase);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, priv);
- }
-
- // Make sure we really have the expected number of privs in the database
- assertEquals(sentryStore.countMSentryPrivileges(), NUM_PRIVS);
-
- // Now to make a bunch of orphans, we just remove the role that
- // created them.
- sentryStore.dropSentryRole(roleName);
-
- // Now wait and see if the orphans get cleaned up
- verifyOrphanCleanup();
- }
-
- /**
- * Much like testPrivilegeCleanup, make a lot of privileges and make sure
- * they get cleaned up. The difference here is that the privileges are
- * created by granting ALL and then removing SELECT - thus leaving INSERT.
- * This test exists because the revocation plays havoc with the orphan
- * cleanup thread.
- * @throws Exception
- */
- @Ignore("Disabled with SENTRY-545 following SENTRY-140 problems")
- @Test
- public void testPrivilegeCleanup2() throws Exception {
- final String roleName = "test-priv-cleanup";
- final String grantor = "g1";
- final String server = "server";
- final String dBase = "db";
- final String table = "table-";
-
- sentryStore.createSentryRole(roleName);
-
- // Create NUM_PRIVS unique privilege objects in the database once more,
- // this time granting ALL and revoking SELECT to make INSERT.
- for (int i=0 ; i < NUM_PRIVS; i++) {
- TSentryPrivilege priv = new TSentryPrivilege();
- priv.setPrivilegeScope("DATABASE");
- priv.setServerName(server);
- priv.setAction(AccessConstants.ALL);
- priv.setCreateTime(System.currentTimeMillis());
- priv.setTableName(table + i);
- priv.setDbName(dBase);
- priv.setGrantOption(TSentryGrantOption.TRUE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, priv);
-
- priv.setAction(AccessConstants.SELECT);
- priv.setGrantOption(TSentryGrantOption.UNSET);
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, priv);
- // after having ALL and revoking SELECT, we should have INSERT
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), i+1, privileges.size());
- MSentryPrivilege mPrivilege = Iterables.get(privileges, 0);
- assertEquals(AccessConstants.INSERT, mPrivilege.getAction());
- }
-
- // Drop the role and clean up as before
- sentryStore.dropSentryRole(roleName);
- verifyOrphanCleanup();
- }
-
- @Test
- public void testGrantRevokeMultiPrivileges() throws Exception {
- String roleName = "test-privilege";
- String grantor = "g1";
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- String[] columns = {"c1","c2","c3","c4"};
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- Set<TSentryPrivilege> tPrivileges = Sets.newHashSet();
- for (String column : columns) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("Column");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setColumnName(column);
- privilege.setAction(AccessConstants.SELECT);
- privilege.setCreateTime(System.currentTimeMillis());
- tPrivileges.add(privilege);
- }
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivileges(grantor, roleName, tPrivileges)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 4, privileges.size());
-
- tPrivileges = Sets.newHashSet();
- for (int i = 0; i < 2; i++) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("Column");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setColumnName(columns[i]);
- privilege.setAction(AccessConstants.SELECT);
- privilege.setCreateTime(System.currentTimeMillis());
- tPrivileges.add(privilege);
- }
- assertEquals(seqId + 2, sentryStore.alterSentryRoleRevokePrivileges(grantor, roleName, tPrivileges)
- .getSequenceId());
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
-
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("Table");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setAction(AccessConstants.SELECT);
- privilege.setCreateTime(System.currentTimeMillis());
- assertEquals(seqId + 3, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege)
- .getSequenceId());
- // After revoking table scope, we will have 0 privileges
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 0, privileges.size());
- }
-
- /**
- * Regression test for SENTRY-74 and SENTRY-552
- */
- @Test
- public void testGrantRevokePrivilegeWithColumn() throws Exception {
- String roleName = "test-col-privilege";
- String grantor = "g1";
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- String column1 = "c1";
- String column2 = "c2";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("COLUMN");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setColumnName(column1);
- privilege.setAction(AccessConstants.ALL);
- privilege.setCreateTime(System.currentTimeMillis());
-
- // Grant ALL on c1 and c2
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- privilege.setColumnName(column2);
- assertEquals(seqId + 2, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
-
- // Revoke SELECT on c2
- privilege.setAction(AccessConstants.SELECT);
- assertEquals(seqId + 3, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege)
- .getSequenceId());
-
- // At this point c1 has ALL privileges and c2 should have INSERT after revoking SELECT
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
- for (MSentryPrivilege mPrivilege: privileges) {
- assertEquals(server, mPrivilege.getServerName());
- assertEquals(db, mPrivilege.getDbName());
- assertEquals(table, mPrivilege.getTableName());
- assertFalse(mPrivilege.getGrantOption());
- if (mPrivilege.getColumnName().equals(column1)) {
- assertEquals(AccessConstants.ALL, mPrivilege.getAction());
- } else if (mPrivilege.getColumnName().equals(column2)) {
- assertEquals(AccessConstants.INSERT, mPrivilege.getAction());
- } else {
- fail("Unexpected column name: " + mPrivilege.getColumnName());
- }
- }
-
- // after revoking INSERT table level privilege will remove privileges from column2
- // and downgrade column1 to SELECT privileges.
- privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("TABLE");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setAction(AccessConstants.INSERT);
- privilege.setCreateTime(System.currentTimeMillis());
- assertEquals(seqId + 4, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege)
- .getSequenceId());
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
- assertEquals(column1, Iterables.get(privileges, 0).getColumnName());
- assertEquals(AccessConstants.SELECT, Iterables.get(privileges, 0).getAction());
-
- // Revoke ALL from the table should now remove all the column privileges.
- privilege.setAction(AccessConstants.ALL);
- privilege.setCreateTime(System.currentTimeMillis());
- assertEquals(seqId + 5, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege)
- .getSequenceId());
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 0, privileges.size());
- }
-
- /**
- * Regression test for SENTRY-552
- */
- @Test
- public void testGrantRevokeTablePrivilegeDowngradeByDb() throws Exception {
- String roleName = "test-table-db-downgrade-privilege";
- String grantor = "g1";
- String server = "server1";
- String db = "db1";
- String table1 = "tbl1";
- String table2 = "tbl2";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- TSentryPrivilege privilegeTable1 = new TSentryPrivilege();
- privilegeTable1.setPrivilegeScope("TABLE");
- privilegeTable1.setServerName(server);
- privilegeTable1.setDbName(db);
- privilegeTable1.setTableName(table1);
- privilegeTable1.setAction(AccessConstants.ALL);
- privilegeTable1.setCreateTime(System.currentTimeMillis());
- TSentryPrivilege privilegeTable2 = privilegeTable1.deepCopy();
- privilegeTable2.setTableName(table2);
-
- // Grant ALL on table1 and table2
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilegeTable1)
- .getSequenceId());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilegeTable2)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
-
- // Revoke SELECT on table2
- privilegeTable2.setAction(AccessConstants.SELECT);
- assertEquals(seqId + 3, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilegeTable2)
- .getSequenceId());
- // after having ALL and revoking SELECT, we should have INSERT
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
-
- // At this point table1 has ALL privileges and table2 should have INSERT after revoking SELECT
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
- for (MSentryPrivilege mPrivilege: privileges) {
- assertEquals(server, mPrivilege.getServerName());
- assertEquals(db, mPrivilege.getDbName());
- assertFalse(mPrivilege.getGrantOption());
- if (mPrivilege.getTableName().equals(table1)) {
- assertEquals(AccessConstants.ALL, mPrivilege.getAction());
- } else if (mPrivilege.getTableName().equals(table2)) {
- assertEquals(AccessConstants.INSERT, mPrivilege.getAction());
- } else {
- fail("Unexpected table name: " + mPrivilege.getTableName());
- }
- }
-
- // Revoke INSERT on Database
- privilegeTable2.setAction(AccessConstants.INSERT);
- privilegeTable2.setPrivilegeScope("DATABASE");
- privilegeTable2.unsetTableName();
- assertEquals(seqId + 4, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilegeTable2)
- .getSequenceId());
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
-
- // after revoking INSERT database level privilege will remove privileges from table2
- // and downgrade table1 to SELECT privileges.
- assertEquals(privileges.toString(), 1, privileges.size());
- MSentryPrivilege mPrivilege = Iterables.get(privileges, 0);
- assertEquals(server, mPrivilege.getServerName());
- assertEquals(db, mPrivilege.getDbName());
- assertEquals(table1, mPrivilege.getTableName());
- assertEquals(AccessConstants.SELECT, mPrivilege.getAction());
- assertFalse(mPrivilege.getGrantOption());
- }
-
- /**
- * Regression test for SENTRY-552
- */
- @Test
- public void testGrantRevokeColumnPrivilegeDowngradeByDb() throws Exception {
- String roleName = "test-column-db-downgrade-privilege";
- String grantor = "g1";
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- String column1 = "c1";
- String column2 = "c2";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- TSentryPrivilege privilegeCol1 = new TSentryPrivilege();
- privilegeCol1.setPrivilegeScope("COLUMN");
- privilegeCol1.setServerName(server);
- privilegeCol1.setDbName(db);
- privilegeCol1.setTableName(table);
- privilegeCol1.setColumnName(column1);
- privilegeCol1.setAction(AccessConstants.ALL);
- privilegeCol1.setCreateTime(System.currentTimeMillis());
- TSentryPrivilege privilegeCol2 = privilegeCol1.deepCopy();
- privilegeCol2.setColumnName(column2);
-
- // Grant ALL on column1 and column2
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilegeCol1)
- .getSequenceId());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilegeCol2)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
-
- // Revoke SELECT on column2
- privilegeCol2.setAction(AccessConstants.SELECT);
- assertEquals(seqId + 3, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilegeCol2)
- .getSequenceId());
- // after having ALL and revoking SELECT, we should have INSERT
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
-
- // At this point column1 has ALL privileges and column2 should have INSERT after revoking SELECT
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 2, privileges.size());
- for (MSentryPrivilege mPrivilege: privileges) {
- assertEquals(server, mPrivilege.getServerName());
- assertEquals(db, mPrivilege.getDbName());
- assertEquals(table, mPrivilege.getTableName());
- assertFalse(mPrivilege.getGrantOption());
- if (mPrivilege.getColumnName().equals(column1)) {
- assertEquals(AccessConstants.ALL, mPrivilege.getAction());
- } else if (mPrivilege.getColumnName().equals(column2)) {
- assertEquals(AccessConstants.INSERT, mPrivilege.getAction());
- } else {
- fail("Unexpected column name: " + mPrivilege.getColumnName());
- }
- }
-
- // Revoke INSERT on Database
- privilegeCol2.setAction(AccessConstants.INSERT);
- privilegeCol2.setPrivilegeScope("DATABASE");
- privilegeCol2.unsetTableName();
- privilegeCol2.unsetColumnName();
- assertEquals(seqId + 4, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilegeCol2)
- .getSequenceId());
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
-
- // after revoking INSERT database level privilege will remove privileges from column2
- // and downgrade column1 to SELECT privileges.
- assertEquals(privileges.toString(), 1, privileges.size());
- MSentryPrivilege mPrivilege = Iterables.get(privileges, 0);
- assertEquals(server, mPrivilege.getServerName());
- assertEquals(db, mPrivilege.getDbName());
- assertEquals(table, mPrivilege.getTableName());
- assertEquals(column1, mPrivilege.getColumnName());
- assertEquals(AccessConstants.SELECT, mPrivilege.getAction());
- assertFalse(mPrivilege.getGrantOption());
- }
-
- @Test
- public void testGrantRevokePrivilegeWithGrantOption() throws Exception {
- String roleName = "test-grantOption-table";
- String grantor = "g1";
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- TSentryGrantOption grantOption = TSentryGrantOption.TRUE;
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
-
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("TABLE");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setAction(AccessConstants.ALL);
- privilege.setCreateTime(System.currentTimeMillis());
- privilege.setGrantOption(grantOption);
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
- assertEquals(Boolean.valueOf(privilege.getGrantOption().toString()), Iterables.get(privileges, 0).getGrantOption());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege)
- .getSequenceId());
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(0, privileges.size());
-
- roleName = "test-grantOption-db";
- sentryStore.createSentryRole(roleName);
- privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("DATABASE");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setAction(AccessConstants.ALL);
- privilege.setGrantOption(TSentryGrantOption.TRUE);
- privilege.setCreateTime(System.currentTimeMillis());
- privilege.setGrantOption(grantOption);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege);
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
-
- privilege.setAction(AccessConstants.SELECT);
- privilege.setGrantOption(TSentryGrantOption.UNSET);
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege);
- // after having ALL and revoking SELECT, we should have INSERT
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
- MSentryPrivilege mPrivilege = Iterables.get(privileges, 0);
- assertEquals(server, mPrivilege.getServerName());
- assertEquals(db, mPrivilege.getDbName());
- assertEquals(AccessConstants.INSERT, mPrivilege.getAction());
- }
-
- @Test
- public void testGrantCheckWithGroupAndUser() throws Exception {
- // 1. set local group mapping and group-role, user-role mapping
- // user0_0->group0
- // user0_1->group0
- // user1_0->group1
- // user1_1->group1
- // group0->roleG0
- // group1->roleG1
- // user0_0->roleU00
- // user0_1->roleU01
- // user1_0->roleU10
- // user1_1->roleU11
- String grantor = "g1";
- String[][] users = { { "user0_0", "user0_1" }, { "user1_0", "user1_1" } };
- String[] groups = { "group0", "group1" };
- String[] rolesForGroup = { "roleG0", "roleG1" };
- String[] rolesForUser = { "roleU0", "roleU1", "roleU2", "roleU3" };
- for (int i = 0; i < groups.length; i++) {
- for (int j = 0; j < users[i].length; j++) {
- addGroupsToUser(users[i][j], groups[i]);
- sentryStore.createSentryRole(rolesForUser[i * 2 + j]);
- sentryStore.alterSentryRoleAddUsers(rolesForUser[i * 2 + j], Sets.newHashSet(users[i][j]));
- }
- sentryStore.createSentryRole(rolesForGroup[i]);
- Set<TSentryGroup> tGroups = Sets.newHashSet();
- TSentryGroup tGroup = new TSentryGroup(groups[i]);
- tGroups.add(tGroup);
- sentryStore.alterSentryRoleAddGroups(grantor, rolesForGroup[i], tGroups);
- }
- writePolicyFile();
-
- // 2. g1 grant all on database db1 to roleG0, roleU0 without grant option
- String server = "server1";
- String db = "db1";
- grantor = "g1";
- TSentryPrivilege privilege1 = new TSentryPrivilege();
- privilege1.setPrivilegeScope("DATABASE");
- privilege1.setServerName(server);
- privilege1.setDbName(db);
- privilege1.setAction(AccessConstants.ALL);
- privilege1.setCreateTime(System.currentTimeMillis());
- privilege1.setGrantOption(TSentryGrantOption.FALSE);
- // user0_0 has the privilege without grant option
- sentryStore.alterSentryRoleGrantPrivilege(grantor, "roleG0", privilege1);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, "roleU0", privilege1);
- try {
- sentryStore.alterSentryRoleGrantPrivilege("user0_0", "roleG1", privilege1);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
- try {
- sentryStore.alterSentryRoleRevokePrivilege("user0_0", "roleG1", privilege1);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
-
- // 3. g1 grant all on database db1 to roleG0 with grant option
- TSentryPrivilege privilege2 = new TSentryPrivilege();
- privilege2.setPrivilegeScope("DATABASE");
- privilege2.setServerName(server);
- privilege2.setDbName(db);
- privilege2.setAction(AccessConstants.ALL);
- privilege2.setCreateTime(System.currentTimeMillis());
- privilege2.setGrantOption(TSentryGrantOption.TRUE);
- // user0_0, user0_1 can grant the same privilege to other roles
- sentryStore.alterSentryRoleGrantPrivilege(grantor, "roleG0", privilege2);
- sentryStore.alterSentryRoleGrantPrivilege("user0_0", "roleG1", privilege2);
- validatePrivilegeByRoleName("roleG1", privilege2);
- sentryStore.alterSentryRoleRevokePrivilege("user0_0", "roleG1", privilege2);
- validateEmptyPrivilegeByRoleName("roleG1");
- sentryStore.alterSentryRoleGrantPrivilege("user0_1", "roleG1", privilege2);
- validatePrivilegeByRoleName("roleG1", privilege2);
- sentryStore.alterSentryRoleRevokePrivilege("user0_1", "roleG1", privilege2);
- validateEmptyPrivilegeByRoleName("roleG1");
- // clear privilege for roleG0
- sentryStore.alterSentryRoleRevokePrivilege(grantor, "roleG0", privilege2);
-
- // 4. g1 grant all on database db1 to roleU0 with grant option
- sentryStore.alterSentryRoleGrantPrivilege(grantor, "roleU0", privilege2);
- sentryStore.alterSentryRoleGrantPrivilege("user0_0", "roleG1", privilege2);
- validatePrivilegeByRoleName("roleG1", privilege2);
- sentryStore.alterSentryRoleRevokePrivilege("user0_0", "roleG1", privilege2);
- validateEmptyPrivilegeByRoleName("roleG1");
- try {
- sentryStore.alterSentryRoleGrantPrivilege("user0_1", "roleG1", privilege2);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
- try {
- sentryStore.alterSentryRoleRevokePrivilege("user0_1", "roleG1", privilege2);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
- // clear privilege for roleG0
- sentryStore.alterSentryRoleRevokePrivilege(grantor, "roleU0", privilege2);
-
- // 5. g1 grant all on database db1 to roleU2, roleG0 with grant option
- sentryStore.alterSentryRoleGrantPrivilege(grantor, "roleU2", privilege2);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, "roleG0", privilege2);
- sentryStore.alterSentryRoleGrantPrivilege("user0_0", "roleG1", privilege2);
- validatePrivilegeByRoleName("roleG1", privilege2);
- sentryStore.alterSentryRoleRevokePrivilege("user0_0", "roleG1", privilege2);
- validateEmptyPrivilegeByRoleName("roleG1");
- sentryStore.alterSentryRoleGrantPrivilege("user0_1", "roleG1", privilege2);
- validatePrivilegeByRoleName("roleG1", privilege2);
- sentryStore.alterSentryRoleRevokePrivilege("user0_1", "roleG1", privilege2);
- validateEmptyPrivilegeByRoleName("roleG1");
-
- sentryStore.alterSentryRoleGrantPrivilege("user1_0", "roleG1", privilege2);
- validatePrivilegeByRoleName("roleG1", privilege2);
- sentryStore.alterSentryRoleRevokePrivilege("user1_0", "roleG1", privilege2);
- validateEmptyPrivilegeByRoleName("roleG1");
- try {
- sentryStore.alterSentryRoleGrantPrivilege("user1_1", "roleG1", privilege2);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
- try {
- sentryStore.alterSentryRoleRevokePrivilege("user1_1", "roleG1", privilege2);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
- // clear privilege for roleG0
- sentryStore.alterSentryRoleRevokePrivilege(grantor, "roleG0", privilege2);
- sentryStore.alterSentryRoleRevokePrivilege(grantor, "roleU2", privilege2);
- }
-
- private void validatePrivilegeByRoleName(String roleName, TSentryPrivilege exceptedTPrivelege)
- throws Exception {
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
- MSentryPrivilege mPrivilege = Iterables.get(privileges, 0);
- assertEquals(exceptedTPrivelege.getServerName(), mPrivilege.getServerName());
- assertEquals(exceptedTPrivelege.getDbName(), mPrivilege.getDbName());
- assertEquals(AccessConstants.ALL, mPrivilege.getAction());
- }
-
- private void validateEmptyPrivilegeByRoleName(String roleName) throws Exception {
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 0, privileges.size());
- }
-
- @Test
- public void testGrantCheckWithGrantOption() throws Exception {
- // 1. set local group mapping
- // user0->group0->role0
- // user1->group1->role1
- // user2->group2->role2
- // user3->group3->role3
- // user4->group4->role4
- String grantor = "g1";
- String[] users = {"user0","user1","user2","user3","user4"};
- String[] groups = { "group0", "group1", "group2", "group3", "group4" };
- String[] roles = {"role0","role1","role2","role3","role4"};
- for (int i = 0; i < users.length; i++) {
- addGroupsToUser(users[i], groups[i]);
- sentryStore.createSentryRole(roles[i]);
- Set<TSentryGroup> tGroups = Sets.newHashSet();
- TSentryGroup tGroup = new TSentryGroup(groups[i]);
- tGroups.add(tGroup);
- sentryStore.alterSentryRoleAddGroups(grantor, roles[i], tGroups);
- }
- writePolicyFile();
-
- // 2. g1 grant all on database db1 to role0 with grant option
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- String roleName = roles[0];
- grantor = "g1";
- TSentryPrivilege privilege1 = new TSentryPrivilege();
- privilege1.setPrivilegeScope("DATABASE");
- privilege1.setServerName(server);
- privilege1.setDbName(db);
- privilege1.setAction(AccessConstants.ALL);
- privilege1.setCreateTime(System.currentTimeMillis());
- privilege1.setGrantOption(TSentryGrantOption.TRUE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege1);
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
-
- // 3. user0 grant select on database db1 to role1, with grant option
- roleName = roles[1];
- grantor = users[0];
- TSentryPrivilege privilege2 = new TSentryPrivilege();
- privilege2.setPrivilegeScope("DATABASE");
- privilege2.setServerName(server);
- privilege2.setDbName(db);
- privilege2.setAction(AccessConstants.SELECT);
- privilege2.setCreateTime(System.currentTimeMillis());
- privilege2.setGrantOption(TSentryGrantOption.TRUE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege2);
-
- // 4. user0 grant all on table tb1 to role2, no grant option
- roleName = roles[2];
- grantor = users[0];
- TSentryPrivilege privilege3 = new TSentryPrivilege();
- privilege3.setPrivilegeScope("TABLE");
- privilege3.setServerName(server);
- privilege3.setDbName(db);
- privilege3.setTableName(table);
- privilege3.setAction(AccessConstants.ALL);
- privilege3.setCreateTime(System.currentTimeMillis());
- privilege3.setGrantOption(TSentryGrantOption.FALSE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege3);
-
- // 5. user1 has role1, no insert privilege,
- // grant insert to role3, will throw no grant exception
- roleName = roles[3];
- grantor = users[1];
- TSentryPrivilege privilege4 = new TSentryPrivilege();
- privilege4.setPrivilegeScope("DATABASE");
- privilege4.setServerName(server);
- privilege4.setDbName(db);
- privilege4.setAction(AccessConstants.INSERT);
- privilege4.setCreateTime(System.currentTimeMillis());
- privilege4.setGrantOption(TSentryGrantOption.FALSE);
- try {
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege4);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
-
- // 6. user2 has role2, no grant option,
- // grant insert to role4, will throw no grant exception
- roleName = roles[4];
- grantor = users[2];
- TSentryPrivilege privilege5 = new TSentryPrivilege();
- privilege5.setPrivilegeScope("TABLE");
- privilege5.setServerName(server);
- privilege5.setDbName(db);
- privilege5.setTableName(table);
- privilege5.setAction(AccessConstants.INSERT);
- privilege5.setCreateTime(System.currentTimeMillis());
- privilege5.setGrantOption(TSentryGrantOption.FALSE);
- try {
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege5);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
- }
-
- @Test
- public void testRevokeCheckWithGrantOption() throws Exception {
- // 1. set local group mapping
- // user0->group0->role0
- // user1->group1->role1
- // user2->group2->role2
- String grantor = "g1";
- String[] users = {"user0","user1","user2"};
- String[] roles = {"role0","role1","role2"};
- String[] groups = {"group0","group1","group2"};
- for (int i = 0; i < users.length; i++) {
- addGroupsToUser(users[i], groups[i]);
- sentryStore.createSentryRole(roles[i]);
- Set<TSentryGroup> tGroups = Sets.newHashSet();
- TSentryGroup tGroup = new TSentryGroup(groups[i]);
- tGroups.add(tGroup);
- sentryStore.alterSentryRoleAddGroups(grantor, roles[i], tGroups);
- sentryStore.alterSentryRoleAddUsers(roles[i], Sets.newHashSet(users[i]));
- }
- writePolicyFile();
-
- // 2. g1 grant select on database db1 to role0, with grant option
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- String roleName = roles[0];
- grantor = "g1";
- TSentryPrivilege privilege1 = new TSentryPrivilege();
- privilege1.setPrivilegeScope("DATABASE");
- privilege1.setServerName(server);
- privilege1.setDbName(db);
- privilege1.setAction(AccessConstants.SELECT);
- privilege1.setCreateTime(System.currentTimeMillis());
- privilege1.setGrantOption(TSentryGrantOption.TRUE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege1);
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
-
- // 3. g1 grant all on table tb1 to role1, no grant option
- roleName = roles[1];
- grantor = "g1";
- TSentryPrivilege privilege2 = new TSentryPrivilege();
- privilege2.setPrivilegeScope("TABLE");
- privilege2.setServerName(server);
- privilege2.setDbName(db);
- privilege2.setTableName(table);
- privilege2.setAction(AccessConstants.ALL);
- privilege2.setCreateTime(System.currentTimeMillis());
- privilege2.setGrantOption(TSentryGrantOption.FALSE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege2);
-
- // 4. g1 grant select on table tb1 to role2, no grant option
- roleName = roles[2];
- grantor = "g1";
- TSentryPrivilege privilege3 = new TSentryPrivilege();
- privilege3.setPrivilegeScope("TABLE");
- privilege3.setServerName(server);
- privilege3.setDbName(db);
- privilege3.setTableName(table);
- privilege3.setAction(AccessConstants.SELECT);
- privilege3.setCreateTime(System.currentTimeMillis());
- privilege3.setGrantOption(TSentryGrantOption.FALSE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege3);
-
- // 5. user1 has role1, no grant option,
- // revoke from role2 will throw no grant exception
- roleName = roles[2];
- grantor = users[1];
- try {
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege3);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
-
- // 6. user0 has role0, only have select,
- // revoke all from role1 will throw no grant exception
- roleName = roles[1];
- grantor = users[0];
- try {
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege2);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
-
- // 7. user0 has role0, has select and grant option,
- // revoke select from role2
- roleName = roles[2];
- grantor = users[0];
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege3);
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(0, privileges.size());
- }
-
- @Test
- public void testRevokeAllGrantOption() throws Exception {
- // 1. set local group mapping
- // user0->group0->role0
- String grantor = "g1";
- String[] users = {"user0"};
- String[] roles = {"role0"};
- String[] groups = {"group0"};
- for (int i = 0; i < users.length; i++) {
- addGroupsToUser(users[i], groups[i]);
- sentryStore.createSentryRole(roles[i]);
- Set<TSentryGroup> tGroups = Sets.newHashSet();
- TSentryGroup tGroup = new TSentryGroup(groups[i]);
- tGroups.add(tGroup);
- sentryStore.alterSentryRoleAddGroups(grantor, roles[i], tGroups);
- }
- writePolicyFile();
-
- // 2. g1 grant select on table tb1 to role0, with grant option
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- String roleName = roles[0];
- grantor = "g1";
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("TABLE");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setAction(AccessConstants.SELECT);
- privilege.setCreateTime(System.currentTimeMillis());
- privilege.setGrantOption(TSentryGrantOption.TRUE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege);
-
- // 3. g1 grant select on table tb1 to role0, no grant option
- roleName = roles[0];
- grantor = "g1";
- privilege.setGrantOption(TSentryGrantOption.FALSE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege);
-
- // 4. g1 revoke all privilege from role0
- roleName = roles[0];
- grantor = "g1";
- privilege.setGrantOption(TSentryGrantOption.UNSET);
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege);
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 0, privileges.size());
- }
-
- @Test
- public void testGrantCheckWithColumn() throws Exception {
- // 1. set local group mapping
- // user0->group0->role0
- // user1->group1->role1
- String grantor = "g1";
- String[] users = {"user0","user1"};
- String[] roles = {"role0","role1"};
- String[] groups = {"group0","group1"};
- for (int i = 0; i < users.length; i++) {
- addGroupsToUser(users[i], groups[i]);
- sentryStore.createSentryRole(roles[i]);
- Set<TSentryGroup> tGroups = Sets.newHashSet();
- TSentryGroup tGroup = new TSentryGroup(groups[i]);
- tGroups.add(tGroup);
- sentryStore.alterSentryRoleAddGroups(grantor, roles[i], tGroups);
- }
- writePolicyFile();
-
- // 2. g1 grant select on table tb1 to role0, with grant option
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- String roleName = roles[0];
- grantor = "g1";
- TSentryPrivilege privilege1 = new TSentryPrivilege();
- privilege1.setPrivilegeScope("TABLE");
- privilege1.setServerName(server);
- privilege1.setDbName(db);
- privilege1.setTableName(table);
- privilege1.setAction(AccessConstants.SELECT);
- privilege1.setCreateTime(System.currentTimeMillis());
- privilege1.setGrantOption(TSentryGrantOption.TRUE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege1);
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
-
- // 3. user0 grant select on column tb1.c1 to role1, with grant option
- roleName = roles[1];
- grantor = users[0];
- String column = "c1";
- TSentryPrivilege privilege2 = new TSentryPrivilege();
- privilege2.setPrivilegeScope("COLUMN");
- privilege2.setServerName(server);
- privilege2.setDbName(db);
- privilege2.setTableName(table);
- privilege2.setColumnName(column);
- privilege2.setAction(AccessConstants.SELECT);
- privilege2.setCreateTime(System.currentTimeMillis());
- privilege2.setGrantOption(TSentryGrantOption.TRUE);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege2);
-
- // 4. user1 revoke table level privilege from user0, will throw grant denied exception
- roleName = roles[0];
- grantor = users[1];
- try {
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege1);
- fail("Expected SentryGrantDeniedException exception");
- } catch (SentryGrantDeniedException e) {
- // excepted exception
- }
-
- // 5. user0 revoke column level privilege from user1
- roleName = roles[1];
- grantor = users[0];
- sentryStore.alterSentryRoleRevokePrivilege(grantor, roleName, privilege2);
- role = sentryStore.getMSentryRoleByName(roleName);
- privileges = role.getPrivileges();
- assertEquals(0, privileges.size());
- }
-
- @Test
- public void testGrantDuplicatePrivilege() throws Exception {
- String roleName = "test-privilege";
- String grantor = "g1";
- String server = "server1";
- String db = "db1";
- String table = "tbl1";
- long seqId = sentryStore.createSentryRole(roleName).getSequenceId();
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("TABLE");
- privilege.setServerName(server);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setAction(AccessConstants.ALL);
- privilege.setCreateTime(System.currentTimeMillis());
- assertEquals(seqId + 1, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- privilege.setServerName("Server1");
- privilege.setDbName("DB1");
- privilege.setTableName("TBL1");
- assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, privilege)
- .getSequenceId());
- MSentryRole role = sentryStore.getMSentryRoleByName(roleName);
- Set<MSentryPrivilege> privileges = role.getPrivileges();
- assertEquals(privileges.toString(), 1, privileges.size());
- }
-
- @Test
- public void testListSentryPrivilegesForProvider() throws Exception {
- String roleName1 = "list-privs-r1", roleName2 = "list-privs-r2";
- String groupName1 = "list-privs-g1", groupName2 = "list-privs-g2";
- String userName1 = "list-privs-u1", userName2 = "list-privs-u2";
- String userWithoutRole = "user-no-privs";
- Set<String> noRoleUsers = Sets.newHashSet(userWithoutRole);
- String grantor = "g1";
- long seqId = sentryStore.createSentryRole(roleName1).getSequenceId();
- assertEquals(seqId + 1, sentryStore.createSentryRole(roleName2).getSequenceId());
- TSentryPrivilege privilege1 = new TSentryPrivilege();
- privilege1.setPrivilegeScope("TABLE");
- privilege1.setServerName("server1");
- privilege1.setDbName("db1");
- privilege1.setTableName("tbl1");
- privilege1.setAction("SELECT");
- privilege1.setCreateTime(System.currentTimeMillis());
- assertEquals(seqId + 2, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege1)
- .getSequenceId());
- assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege1)
- .getSequenceId());
- TSentryPrivilege privilege2 = new TSentryPrivilege();
- privilege2.setPrivilegeScope("SERVER");
- privilege2.setServerName("server1");
- privilege2.setCreateTime(System.currentTimeMillis());
- assertEquals(seqId + 4, sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege2)
- .getSequenceId());
- Set<TSentryGroup> groups = Sets.newHashSet();
- Set<String> users = Sets.newHashSet();
- TSentryGroup group = new TSentryGroup();
- group.setGroupName(groupName1);
- groups.add(group);
- users.add(userName1);
- assertEquals(seqId + 5, sentryStore.alterSentryRoleAddGroups(grantor,
- roleName1, groups).getSequenceId());
- assertEquals(seqId + 6, sentryStore.alterSentryRoleAddUsers(roleName1, users).getSequenceId());
- groups.clear();
- users.clear();
- group = new TSentryGroup();
- group.setGroupName(groupName2);
- groups.add(group);
- users.add(userName2);
- // group 2 and user2 has both roles 1 and 2
- assertEquals(seqId + 7, sentryStore.alterSentryRoleAddGroups(grantor, roleName1, groups)
- .getSequenceId());
- assertEquals(seqId + 8, sentryStore.alterSentryRoleAddGroups(grantor, roleName2, groups)
- .getSequenceId());
- assertEquals(seqId + 9, sentryStore.alterSentryRoleAddUsers(roleName1, users).getSequenceId());
- assertEquals(seqId + 10, sentryStore.alterSentryRoleAddUsers(roleName2, users).getSequenceId());
- // group1 all roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(Sets
- .newHashSet(groupName1), noRoleUsers, new TSentryActiveRoleSet(true,
- new HashSet<String>()))));
- // user1 all roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(Sets
- .newHashSet(""), Sets.newHashSet(userName1), new TSentryActiveRoleSet(true,
- new HashSet<String>()))));
- // group1 and user1 all roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(Sets
- .newHashSet(groupName1), Sets.newHashSet(userName1), new TSentryActiveRoleSet(true,
- new HashSet<String>()))));
- // one active role
- assertEquals(
- Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(
- Sets.newHashSet(groupName1), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet(roleName1)))));
- // unknown active role
- assertEquals(
- Sets.newHashSet(),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(
- Sets.newHashSet(groupName1), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet("not a role")))));
- // no active roles
- assertEquals(Sets.newHashSet(), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName1), noRoleUsers,
- new TSentryActiveRoleSet(false, new HashSet<String>()))));
-
- // group2 all roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select",
- "server=server1"), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName2), Sets.newHashSet(""),
- new TSentryActiveRoleSet(true, new HashSet<String>()))));
- // user2 all roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select",
- "server=server1"), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(""), Sets.newHashSet(userName2),
- new TSentryActiveRoleSet(true, new HashSet<String>()))));
- // user2 and group2 all roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select",
- "server=server1"), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName2),
- Sets.newHashSet(userName2), new TSentryActiveRoleSet(true, new HashSet<String>()))));
-
- // one active role
- assertEquals(
- Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(
- Sets.newHashSet(groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet(roleName1)))));
- assertEquals(
- Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select", "server=server1"),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(
- Sets.newHashSet(groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet(roleName2)))));
- // unknown active role
- assertEquals(
- Sets.newHashSet(),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(
- Sets.newHashSet(groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet("not a role")))));
- // no active roles
- assertEquals(Sets.newHashSet(), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, new HashSet<String>()))));
-
- // both groups, all active roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select",
- "server=server1"), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName1, groupName2), noRoleUsers,
- new TSentryActiveRoleSet(true, new HashSet<String>()))));
- // both users and groups, all active roles
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select",
- "server=server1"), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName1, groupName2), Sets
- .newHashSet(userName1, userName2),
- new TSentryActiveRoleSet(true, new HashSet<String>()))));
- // one active role
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
- SentryStore.toTrimedLower(sentryStore.listAllSentryPrivilegesForProvider(Sets.newHashSet(
- groupName1, groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet(roleName1)))));
- assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select",
- "server=server1"), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName1, groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet(roleName2)))));
- // unknown active role
- assertEquals(Sets.newHashSet(), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName1, groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, Sets.newHashSet("not a role")))));
- // no active roles
- assertEquals(Sets.newHashSet(), SentryStore.toTrimedLower(sentryStore
- .listAllSentryPrivilegesForProvider(Sets.newHashSet(groupName1, groupName2), noRoleUsers,
- new TSentryActiveRoleSet(false, new HashSet<String>()))));
- }
-
- @Test
- public void testListRole() throws Exception {
- String roleName1 = "role1", roleName2 = "role2", roleName3 = "role3";
- String group1 = "group1", group2 = "group2";
- String grantor = "g1";
-
- sentryStore.createSentryRole(roleName1);
- sentryStore.createSentryRole(roleName2);
- sentryStore.createSentryRole(roleName3);
-
- sentryStore.alterSentryRoleAddGroups(grantor, roleName1, Sets.newHashSet(new TSentryGroup(group1)));
- sentryStore.alterSentryRoleAddGroups(grantor, roleName2, Sets.newHashSet(new TSentryGroup(group2)));
- sentryStore.alterSentryRoleAddGroups(grantor, roleName3,
- Sets.newHashSet(new TSentryGroup(group1), new TSentryGroup(group2)));
-
- assertEquals(2, sentryStore.getTSentryRolesByGroupName(Sets.newHashSet(group1), false).size());
- assertEquals(2, sentryStore.getTSentryRolesByGroupName(Sets.newHashSet(group2), false).size());
- assertEquals(3, sentryStore.getTSentryRolesByGroupName(Sets.newHashSet(group1,group2), false).size());
- assertEquals(0,
- sentryStore.getTSentryRolesByGroupName(Sets.newHashSet("foo"), true)
- .size());
- }
-
- /**
- * Assign multiple table and SERVER privileges to roles
- * drop privilege for the object verify that it's removed correctl
- * @throws Exception
- */
- @Test
- public void testDropDbObject() throws Exception {
- String roleName1 = "list-privs-r1", roleName2 = "list-privs-r2", roleName3 = "list-privs-r3";
- String grantor = "g1";
- sentryStore.createSentryRole(roleName1);
- sentryStore.createSentryRole(roleName2);
- sentryStore.createSentryRole(roleName3);
-
- TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
- privilege_tbl1.setPrivilegeScope("TABLE");
- privilege_tbl1.setServerName("server1");
- privilege_tbl1.setDbName("db1");
- privilege_tbl1.setTableName("tbl1");
- privilege_tbl1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege1 = new TSentryPrivilege(privilege_tbl1);
- privilege1.setAction("SELECT");
-
- TSentryPrivilege privilege2_1 = new TSentryPrivilege(privilege_tbl1);
- privilege2_1.setAction("INSERT");
- TSentryPrivilege privilege3_1 = new TSentryPrivilege(privilege_tbl1);
- privilege3_1.setAction("*");
-
- TSentryPrivilege privilege_server = new TSentryPrivilege();
- privilege_server.setPrivilegeScope("SERVER");
- privilege_server.setServerName("server1");
- privilege_server.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl2 = new TSentryPrivilege();
- privilege_tbl2.setPrivilegeScope("TABLE");
- privilege_tbl2.setServerName("server1");
- privilege_tbl2.setDbName("db1");
- privilege_tbl2.setTableName("tbl2");
- privilege_tbl2.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege2_3 = new TSentryPrivilege(privilege_tbl2);
- privilege2_3.setAction("SELECT");
-
- TSentryPrivilege privilege3_2 = new TSentryPrivilege(privilege_tbl2);
- privilege3_2.setAction("INSERT");
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege1);
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege2_1);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege_server);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege2_3);
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName3, privilege3_1);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName3, privilege3_2);
-
- sentryStore.dropPrivilege(toTSentryAuthorizable(privilege_tbl1));
- assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName1)
- .size());
- assertEquals(2, sentryStore.getAllTSentryPrivilegesByRoleName(roleName2)
- .size());
- assertEquals(1, sentryStore.getAllTSentryPrivilegesByRoleName(roleName3)
- .size());
-
- sentryStore.dropPrivilege(toTSentryAuthorizable(privilege_tbl2));
- assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName1)
- .size());
- assertEquals(1, sentryStore.getAllTSentryPrivilegesByRoleName(roleName2)
- .size());
- assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName3)
- .size());
- }
-
- /**
- * Regression test for SENTRY-547 and SENTRY-548
- * Use case:
- * GRANT INSERT on TABLE tbl1 to ROLE role1
- * GRANT SELECT on TABLE tbl1 to ROLE role1
- * GRANT ALTER on TABLE tbl1 to ROLE role1
- * GRANT DROP on TABLE tbl1 to ROLE role1
- * DROP TABLE tbl1
- *
- * After drop tbl1, role1 should have 0 privileges
- */
- @Test
- public void testDropTableWithMultiAction() throws Exception {
- String roleName1 = "role1";
- String grantor = "g1";
- sentryStore.createSentryRole(roleName1);
-
- TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
- privilege_tbl1.setPrivilegeScope("TABLE");
- privilege_tbl1.setServerName("server1");
- privilege_tbl1.setDbName("db1");
- privilege_tbl1.setTableName("tbl1");
- privilege_tbl1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_insert = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_insert.setAction(AccessConstants.INSERT);
-
- TSentryPrivilege privilege_tbl1_select = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_select.setAction(AccessConstants.SELECT);
-
- TSentryPrivilege privilege_tbl1_alter = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_alter.setAction(AccessConstants.ALTER);
-
- TSentryPrivilege privilege_tbl1_drop = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_drop.setAction(AccessConstants.DROP);
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_insert);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_select);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_alter);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_drop);
-
- assertEquals(4, sentryStore.getAllTSentryPrivilegesByRoleName(roleName1).size());
-
- // after drop privilege_tbl1, role1 should have 0 privileges
- sentryStore.dropPrivilege(toTSentryAuthorizable(privilege_tbl1));
- assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName1).size());
- }
-
- @Test
- public void testDropTableWithColumn() throws Exception {
- String roleName1 = "role1", roleName2 = "role2";
- String grantor = "g1";
- String table1 = "tbl1";
-
- sentryStore.createSentryRole(roleName1);
- sentryStore.createSentryRole(roleName2);
-
- TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
- privilege_tbl1.setPrivilegeScope("TABLE");
- privilege_tbl1.setServerName("server1");
- privilege_tbl1.setDbName("db1");
- privilege_tbl1.setTableName(table1);
- privilege_tbl1.setAction(AccessConstants.SELECT);
- privilege_tbl1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_c1 = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_c1.setPrivilegeScope("COLUMN");
- privilege_tbl1_c1.setColumnName("c1");
- privilege_tbl1_c1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_c2 = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_c2.setPrivilegeScope("COLUMN");
- privilege_tbl1_c2.setColumnName("c2");
- privilege_tbl1_c2.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_c3 = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_c3.setPrivilegeScope("COLUMN");
- privilege_tbl1_c3.setColumnName("c3");
- privilege_tbl1_c3.setCreateTime(System.currentTimeMillis());
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_c1);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_c2);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege_tbl1_c3);
-
- Set<TSentryPrivilege> privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName1);
- assertEquals(2, privilegeSet.size());
- privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName2);
- assertEquals(1, privilegeSet.size());
-
- TSentryAuthorizable tableAuthorizable = toTSentryAuthorizable(privilege_tbl1);
- sentryStore.dropPrivilege(tableAuthorizable);
-
- privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName1);
- assertEquals(0, privilegeSet.size());
- privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName2);
- assertEquals(0, privilegeSet.size());
- }
-
- @Test
- public void testDropOverlappedPrivileges() throws Exception {
- String roleName1 = "list-privs-r1";
- String grantor = "g1";
- sentryStore.createSentryRole(roleName1);
-
- TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
- privilege_tbl1.setPrivilegeScope("TABLE");
- privilege_tbl1.setServerName("server1");
- privilege_tbl1.setDbName("db1");
- privilege_tbl1.setTableName("tbl1");
- privilege_tbl1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_insert = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_insert.setAction("INSERT");
-
- TSentryPrivilege privilege_tbl1_all = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_all.setAction("*");
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_insert);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_all);
-
- sentryStore.dropPrivilege(toTSentryAuthorizable(privilege_tbl1));
- assertEquals(0, sentryStore.getAllTSentryPrivilegesByRoleName(roleName1)
- .size());
- }
-
- private TSentryAuthorizable toTSentryAuthorizable(
- TSentryPrivilege tSentryPrivilege) {
- TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
- tSentryAuthorizable.setServer(tSentryPrivilege.getServerName());
- tSentryAuthorizable.setDb(tSentryPrivilege.getDbName());
- tSentryAuthorizable.setTable(tSentryPrivilege.getTableName());
- tSentryAuthorizable.setUri(tSentryPrivilege.getURI());
- return tSentryAuthorizable;
- }
-
- /***
- * Create roles and assign privileges for same table rename the privileges for
- * the table and verify the new privileges
- * @throws Exception
- */
- @Test
- public void testRenameTable() throws Exception {
- String roleName1 = "role1", roleName2 = "role2", roleName3 = "role3";
- String grantor = "g1";
- String table1 = "tbl1", table2 = "tbl2";
-
- sentryStore.createSentryRole(roleName1);
- sentryStore.createSentryRole(roleName2);
- sentryStore.createSentryRole(roleName3);
-
- TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
- privilege_tbl1.setPrivilegeScope("TABLE");
- privilege_tbl1.setServerName("server1");
- privilege_tbl1.setDbName("db1");
- privilege_tbl1.setTableName(table1);
- privilege_tbl1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_insert = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_insert.setAction(AccessConstants.INSERT);
-
- TSentryPrivilege privilege_tbl1_select = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_select.setAction(AccessConstants.SELECT);
-
- TSentryPrivilege privilege_tbl1_all = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_all.setAction(AccessConstants.ALL);
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_insert);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege_tbl1_select);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName3, privilege_tbl1_all);
-
- TSentryAuthorizable oldTable = toTSentryAuthorizable(privilege_tbl1);
- TSentryAuthorizable newTable = toTSentryAuthorizable(privilege_tbl1);
- newTable.setTable(table2);
- sentryStore.renamePrivilege(oldTable, newTable);
-
- for (String roleName : Sets.newHashSet(roleName1, roleName2, roleName3)) {
- Set<TSentryPrivilege> privilegeSet = sentryStore
- .getAllTSentryPrivilegesByRoleName(roleName);
- assertEquals(1, privilegeSet.size());
- for (TSentryPrivilege privilege : privilegeSet) {
- assertTrue(table2.equalsIgnoreCase(privilege.getTableName()));
- }
- }
- }
-
- /**
- * Regression test for SENTRY-550
- * Use case:
- * GRANT INSERT on TABLE tbl1 to ROLE role1
- * GRANT SELECT on TABLE tbl1 to ROLE role1
- * GRANT ALTER on TABLE tbl1 to ROLE role1
- * GRANT DROP on TABLE tbl1 to ROLE role1
- * RENAME TABLE tbl1 to tbl2
- *
- * After rename tbl1 to tbl2, table name of all role1's privileges should be "tbl2"
- */
- @Test
- public void testRenameTableWithMultiAction() throws Exception {
- String roleName1 = "role1";
- String grantor = "g1";
- String table1 = "tbl1", table2 = "tbl2";
- sentryStore.createSentryRole(roleName1);
-
- TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
- privilege_tbl1.setPrivilegeScope("TABLE");
- privilege_tbl1.setServerName("server1");
- privilege_tbl1.setDbName("db1");
- privilege_tbl1.setTableName(table1);
- privilege_tbl1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_insert = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_insert.setAction(AccessConstants.INSERT);
-
- TSentryPrivilege privilege_tbl1_select = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_select.setAction(AccessConstants.SELECT);
-
- TSentryPrivilege privilege_tbl1_alter = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_alter.setAction(AccessConstants.ALTER);
-
- TSentryPrivilege privilege_tbl1_drop = new TSentryPrivilege(
- privilege_tbl1);
- privilege_tbl1_drop.setAction(AccessConstants.DROP);
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_insert);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_select);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_alter);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_drop);
-
- TSentryAuthorizable oldTable = toTSentryAuthorizable(privilege_tbl1);
- TSentryAuthorizable newTable = toTSentryAuthorizable(privilege_tbl1);
- newTable.setTable(table2);
- sentryStore.renamePrivilege(oldTable, newTable);
-
- // after rename tbl1 to tbl2, all table name of role's privilege will be tbl2
- Set<TSentryPrivilege> privilegeSet = sentryStore
- .getAllTSentryPrivilegesByRoleName(roleName1);
- assertEquals(4, privilegeSet.size());
- for (TSentryPrivilege privilege : privilegeSet) {
- assertTrue(table2.equalsIgnoreCase(privilege.getTableName()));
- }
- }
-
- @Test
- public void testSentryRoleSize() throws Exception {
- for( long i = 0; i< 5; i++ ) {
- assertEquals((Long)i, sentryStore.getRoleCountGauge().getValue());
- sentryStore.createSentryRole("role" + i);
- }
- }
- @Test
- public void testSentryPrivilegeSize() throws Exception {
- String role1 = "role1";
- String role2 = "role2";
-
- sentryStore.createSentryRole(role1);
- sentryStore.createSentryRole(role2);
-
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("TABLE");
- privilege.setServerName("server1");
- privilege.setDbName("db1");
- privilege.setTableName("tb1");
- privilege.setCreateTime(System.currentTimeMillis());
-
- String grantor = "g1";
-
- assertEquals(Long.valueOf(0), sentryStore.getPrivilegeCountGauge().getValue());
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, role1, privilege);
- assertEquals(Long.valueOf(1), sentryStore.getPrivilegeCountGauge().getValue());
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, role2, privilege);
- assertEquals(Long.valueOf(1), sentryStore.getPrivilegeCountGauge().getValue());
-
- privilege.setTableName("tb2");
- sentryStore.alterSentryRoleGrantPrivilege(grantor, role2, privilege);
- assertEquals(Long.valueOf(2), sentryStore.getPrivilegeCountGauge().getValue());
- }
-
- @Test
- public void testSentryGroupsSize() throws Exception {
- String role1 = "role1";
- String role2 = "role2";
-
- sentryStore.createSentryRole(role1);
- sentryStore.createSentryRole(role2);
-
- Set<TSentryGroup> groups = Sets.newHashSet();
- TSentryGroup group = new TSentryGroup();
- group.setGroupName("group1");
- groups.add(group);
-
- String grantor = "g1";
-
- sentryStore.alterSentryRoleAddGroups(grantor, role1, groups);
- assertEquals(Long.valueOf(1), sentryStore.getGroupCountGauge().getValue());
-
- sentryStore.alterSentryRoleAddGroups(grantor, role2, groups);
- assertEquals(Long.valueOf(1), sentryStore.getGroupCountGauge().getValue());
-
- groups.add(new TSentryGroup("group2"));
- sentryStore.alterSentryRoleAddGroups(grantor, role2, groups);
- assertEquals(Long.valueOf(2), sentryStore.getGroupCountGauge().getValue());
-
- }
-
- @Test
- public void testSentryUsersSize() throws Exception {
- String role1 = "role1";
- String role2 = "role2";
-
- sentryStore.createSentryRole(role1);
- sentryStore.createSentryRole(role2);
-
- Set<String> users = Sets.newHashSet("user1");
-
- sentryStore.alterSentryRoleAddUsers(role1, users);
- assertEquals(Long.valueOf(1), sentryStore.getUserCountGauge().getValue());
-
- sentryStore.alterSentryRoleAddUsers(role2, users);
- assertEquals(Long.valueOf(1), sentryStore.getUserCountGauge().getValue());
-
- users.add("user2");
- sentryStore.alterSentryRoleAddUsers(role2, users);
- assertEquals(Long.valueOf(2), sentryStore.getUserCountGauge().getValue());
-
- }
-
- @Test
- public void testRenameTableWithColumn() throws Exception {
- String roleName1 = "role1", roleName2 = "role2";
- String grantor = "g1";
- String table1 = "tbl1", table2 = "tbl2";
-
- sentryStore.createSentryRole(roleName1);
- sentryStore.createSentryRole(roleName2);
-
- TSentryPrivilege privilege_tbl1 = new TSentryPrivilege();
- privilege_tbl1.setPrivilegeScope("TABLE");
- privilege_tbl1.setServerName("server1");
- privilege_tbl1.setDbName("db1");
- privilege_tbl1.setTableName(table1);
- privilege_tbl1.setAction(AccessConstants.SELECT);
- privilege_tbl1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_c1 = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_c1.setPrivilegeScope("COLUMN");
- privilege_tbl1_c1.setColumnName("c1");
- privilege_tbl1_c1.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_c2 = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_c2.setPrivilegeScope("COLUMN");
- privilege_tbl1_c2.setColumnName("c2");
- privilege_tbl1_c2.setCreateTime(System.currentTimeMillis());
-
- TSentryPrivilege privilege_tbl1_c3 = new TSentryPrivilege(privilege_tbl1);
- privilege_tbl1_c3.setPrivilegeScope("COLUMN");
- privilege_tbl1_c3.setColumnName("c3");
- privilege_tbl1_c3.setCreateTime(System.currentTimeMillis());
-
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_c1);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName1, privilege_tbl1_c2);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName2, privilege_tbl1_c3);
-
- Set<TSentryPrivilege> privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName1);
- assertEquals(2, privilegeSet.size());
- privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName2);
- assertEquals(1, privilegeSet.size());
-
- TSentryAuthorizable oldTable = toTSentryAuthorizable(privilege_tbl1);
- TSentryAuthorizable newTable = toTSentryAuthorizable(privilege_tbl1);
- newTable.setTable(table2);
- sentryStore.renamePrivilege(oldTable, newTable);
-
- privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName1);
- assertEquals(2, privilegeSet.size());
- for (TSentryPrivilege privilege : privilegeSet) {
- assertTrue(table2.equalsIgnoreCase(privilege.getTableName()));
- }
- privilegeSet = sentryStore.getAllTSentryPrivilegesByRoleName(roleName2);
- assertEquals(1, privilegeSet.size());
- }
-
- @Test
- public void testSentryTablePrivilegeSome() throws Exception {
- String roleName = "test-table-privilege-some";
- String grantor = "g1";
- String dbName = "db1";
- String table = "tb1";
- sentryStore.createSentryRole(roleName);
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege("TABLE", "server1", "ALL");
- tSentryPrivilege.setDbName(dbName);
- tSentryPrivilege.setTableName(table);
- sentryStore.alterSentryRoleGrantPrivilege(grantor, roleName, tSentryPrivilege);
-
- TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
- tSentryAuthorizable.setDb(dbName);
- tSentryAuthorizable.setTable(AccessConstants.SOME);
- tSentryAuthorizable.setServer("server1");
-
- Set<TSentryPrivilege> privileges =
- sentryStore.getTSentryPrivileges(new HashSet<String>(Arrays.asList(roleName)), tSentryAuthorizable);
-
- assertTrue(privileges.size() == 1);
-
- Set<TSentryGroup> tSentryGroups = new HashSet<TSentryGroup>();
- tSentryGroups.add(new TSentryGroup("g
<TRUNCATED>
[27/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java
deleted file mode 100644
index 9991f3b..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java
+++ /dev/null
@@ -1,490 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryPrivilegeMap implements org.apache.thrift.TBase<TSentryPrivilegeMap, TSentryPrivilegeMap._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryPrivilegeMap> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryPrivilegeMap");
-
- private static final org.apache.thrift.protocol.TField PRIVILEGE_MAP_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegeMap", org.apache.thrift.protocol.TType.MAP, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryPrivilegeMapStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryPrivilegeMapTupleSchemeFactory());
- }
-
- private Map<String,Set<TSentryPrivilege>> privilegeMap; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PRIVILEGE_MAP((short)1, "privilegeMap");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PRIVILEGE_MAP
- return PRIVILEGE_MAP;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PRIVILEGE_MAP, new org.apache.thrift.meta_data.FieldMetaData("privilegeMap", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING),
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryPrivilegeMap.class, metaDataMap);
- }
-
- public TSentryPrivilegeMap() {
- }
-
- public TSentryPrivilegeMap(
- Map<String,Set<TSentryPrivilege>> privilegeMap)
- {
- this();
- this.privilegeMap = privilegeMap;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryPrivilegeMap(TSentryPrivilegeMap other) {
- if (other.isSetPrivilegeMap()) {
- Map<String,Set<TSentryPrivilege>> __this__privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(other.privilegeMap.size());
- for (Map.Entry<String, Set<TSentryPrivilege>> other_element : other.privilegeMap.entrySet()) {
-
- String other_element_key = other_element.getKey();
- Set<TSentryPrivilege> other_element_value = other_element.getValue();
-
- String __this__privilegeMap_copy_key = other_element_key;
-
- Set<TSentryPrivilege> __this__privilegeMap_copy_value = new HashSet<TSentryPrivilege>(other_element_value.size());
- for (TSentryPrivilege other_element_value_element : other_element_value) {
- __this__privilegeMap_copy_value.add(new TSentryPrivilege(other_element_value_element));
- }
-
- __this__privilegeMap.put(__this__privilegeMap_copy_key, __this__privilegeMap_copy_value);
- }
- this.privilegeMap = __this__privilegeMap;
- }
- }
-
- public TSentryPrivilegeMap deepCopy() {
- return new TSentryPrivilegeMap(this);
- }
-
- @Override
- public void clear() {
- this.privilegeMap = null;
- }
-
- public int getPrivilegeMapSize() {
- return (this.privilegeMap == null) ? 0 : this.privilegeMap.size();
- }
-
- public void putToPrivilegeMap(String key, Set<TSentryPrivilege> val) {
- if (this.privilegeMap == null) {
- this.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>();
- }
- this.privilegeMap.put(key, val);
- }
-
- public Map<String,Set<TSentryPrivilege>> getPrivilegeMap() {
- return this.privilegeMap;
- }
-
- public void setPrivilegeMap(Map<String,Set<TSentryPrivilege>> privilegeMap) {
- this.privilegeMap = privilegeMap;
- }
-
- public void unsetPrivilegeMap() {
- this.privilegeMap = null;
- }
-
- /** Returns true if field privilegeMap is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilegeMap() {
- return this.privilegeMap != null;
- }
-
- public void setPrivilegeMapIsSet(boolean value) {
- if (!value) {
- this.privilegeMap = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PRIVILEGE_MAP:
- if (value == null) {
- unsetPrivilegeMap();
- } else {
- setPrivilegeMap((Map<String,Set<TSentryPrivilege>>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PRIVILEGE_MAP:
- return getPrivilegeMap();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PRIVILEGE_MAP:
- return isSetPrivilegeMap();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryPrivilegeMap)
- return this.equals((TSentryPrivilegeMap)that);
- return false;
- }
-
- public boolean equals(TSentryPrivilegeMap that) {
- if (that == null)
- return false;
-
- boolean this_present_privilegeMap = true && this.isSetPrivilegeMap();
- boolean that_present_privilegeMap = true && that.isSetPrivilegeMap();
- if (this_present_privilegeMap || that_present_privilegeMap) {
- if (!(this_present_privilegeMap && that_present_privilegeMap))
- return false;
- if (!this.privilegeMap.equals(that.privilegeMap))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_privilegeMap = true && (isSetPrivilegeMap());
- list.add(present_privilegeMap);
- if (present_privilegeMap)
- list.add(privilegeMap);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryPrivilegeMap other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetPrivilegeMap()).compareTo(other.isSetPrivilegeMap());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilegeMap()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegeMap, other.privilegeMap);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryPrivilegeMap(");
- boolean first = true;
-
- sb.append("privilegeMap:");
- if (this.privilegeMap == null) {
- sb.append("null");
- } else {
- sb.append(this.privilegeMap);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetPrivilegeMap()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilegeMap' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryPrivilegeMapStandardSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeMapStandardScheme getScheme() {
- return new TSentryPrivilegeMapStandardScheme();
- }
- }
-
- private static class TSentryPrivilegeMapStandardScheme extends StandardScheme<TSentryPrivilegeMap> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PRIVILEGE_MAP
- if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
- {
- org.apache.thrift.protocol.TMap _map112 = iprot.readMapBegin();
- struct.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map112.size);
- String _key113;
- Set<TSentryPrivilege> _val114;
- for (int _i115 = 0; _i115 < _map112.size; ++_i115)
- {
- _key113 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set116 = iprot.readSetBegin();
- _val114 = new HashSet<TSentryPrivilege>(2*_set116.size);
- TSentryPrivilege _elem117;
- for (int _i118 = 0; _i118 < _set116.size; ++_i118)
- {
- _elem117 = new TSentryPrivilege();
- _elem117.read(iprot);
- _val114.add(_elem117);
- }
- iprot.readSetEnd();
- }
- struct.privilegeMap.put(_key113, _val114);
- }
- iprot.readMapEnd();
- }
- struct.setPrivilegeMapIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.privilegeMap != null) {
- oprot.writeFieldBegin(PRIVILEGE_MAP_FIELD_DESC);
- {
- oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, struct.privilegeMap.size()));
- for (Map.Entry<String, Set<TSentryPrivilege>> _iter119 : struct.privilegeMap.entrySet())
- {
- oprot.writeString(_iter119.getKey());
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, _iter119.getValue().size()));
- for (TSentryPrivilege _iter120 : _iter119.getValue())
- {
- _iter120.write(oprot);
- }
- oprot.writeSetEnd();
- }
- }
- oprot.writeMapEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryPrivilegeMapTupleSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeMapTupleScheme getScheme() {
- return new TSentryPrivilegeMapTupleScheme();
- }
- }
-
- private static class TSentryPrivilegeMapTupleScheme extends TupleScheme<TSentryPrivilegeMap> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- {
- oprot.writeI32(struct.privilegeMap.size());
- for (Map.Entry<String, Set<TSentryPrivilege>> _iter121 : struct.privilegeMap.entrySet())
- {
- oprot.writeString(_iter121.getKey());
- {
- oprot.writeI32(_iter121.getValue().size());
- for (TSentryPrivilege _iter122 : _iter121.getValue())
- {
- _iter122.write(oprot);
- }
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- {
- org.apache.thrift.protocol.TMap _map123 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, iprot.readI32());
- struct.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map123.size);
- String _key124;
- Set<TSentryPrivilege> _val125;
- for (int _i126 = 0; _i126 < _map123.size; ++_i126)
- {
- _key124 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set127 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- _val125 = new HashSet<TSentryPrivilege>(2*_set127.size);
- TSentryPrivilege _elem128;
- for (int _i129 = 0; _i129 < _set127.size; ++_i129)
- {
- _elem128 = new TSentryPrivilege();
- _elem128.read(iprot);
- _val125.add(_elem128);
- }
- }
- struct.privilegeMap.put(_key124, _val125);
- }
- }
- struct.setPrivilegeMapIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java
deleted file mode 100644
index e60ac24..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java
+++ /dev/null
@@ -1,645 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentryRole._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryRole> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryRole");
-
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)1);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)2);
- private static final org.apache.thrift.protocol.TField GRANTOR_PRINCIPAL_FIELD_DESC = new org.apache.thrift.protocol.TField("grantorPrincipal", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryRoleStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryRoleTupleSchemeFactory());
- }
-
- private String roleName; // required
- private Set<TSentryGroup> groups; // required
- private String grantorPrincipal; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- ROLE_NAME((short)1, "roleName"),
- GROUPS((short)2, "groups"),
- GRANTOR_PRINCIPAL((short)3, "grantorPrincipal");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // ROLE_NAME
- return ROLE_NAME;
- case 2: // GROUPS
- return GROUPS;
- case 3: // GRANTOR_PRINCIPAL
- return GRANTOR_PRINCIPAL;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryGroup.class))));
- tmpMap.put(_Fields.GRANTOR_PRINCIPAL, new org.apache.thrift.meta_data.FieldMetaData("grantorPrincipal", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryRole.class, metaDataMap);
- }
-
- public TSentryRole() {
- }
-
- public TSentryRole(
- String roleName,
- Set<TSentryGroup> groups,
- String grantorPrincipal)
- {
- this();
- this.roleName = roleName;
- this.groups = groups;
- this.grantorPrincipal = grantorPrincipal;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryRole(TSentryRole other) {
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetGroups()) {
- Set<TSentryGroup> __this__groups = new HashSet<TSentryGroup>(other.groups.size());
- for (TSentryGroup other_element : other.groups) {
- __this__groups.add(new TSentryGroup(other_element));
- }
- this.groups = __this__groups;
- }
- if (other.isSetGrantorPrincipal()) {
- this.grantorPrincipal = other.grantorPrincipal;
- }
- }
-
- public TSentryRole deepCopy() {
- return new TSentryRole(this);
- }
-
- @Override
- public void clear() {
- this.roleName = null;
- this.groups = null;
- this.grantorPrincipal = null;
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<TSentryGroup> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(TSentryGroup elem) {
- if (this.groups == null) {
- this.groups = new HashSet<TSentryGroup>();
- }
- this.groups.add(elem);
- }
-
- public Set<TSentryGroup> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<TSentryGroup> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public String getGrantorPrincipal() {
- return this.grantorPrincipal;
- }
-
- public void setGrantorPrincipal(String grantorPrincipal) {
- this.grantorPrincipal = grantorPrincipal;
- }
-
- public void unsetGrantorPrincipal() {
- this.grantorPrincipal = null;
- }
-
- /** Returns true if field grantorPrincipal is set (has been assigned a value) and false otherwise */
- public boolean isSetGrantorPrincipal() {
- return this.grantorPrincipal != null;
- }
-
- public void setGrantorPrincipalIsSet(boolean value) {
- if (!value) {
- this.grantorPrincipal = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<TSentryGroup>)value);
- }
- break;
-
- case GRANTOR_PRINCIPAL:
- if (value == null) {
- unsetGrantorPrincipal();
- } else {
- setGrantorPrincipal((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case ROLE_NAME:
- return getRoleName();
-
- case GROUPS:
- return getGroups();
-
- case GRANTOR_PRINCIPAL:
- return getGrantorPrincipal();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case ROLE_NAME:
- return isSetRoleName();
- case GROUPS:
- return isSetGroups();
- case GRANTOR_PRINCIPAL:
- return isSetGrantorPrincipal();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryRole)
- return this.equals((TSentryRole)that);
- return false;
- }
-
- public boolean equals(TSentryRole that) {
- if (that == null)
- return false;
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- boolean this_present_grantorPrincipal = true && this.isSetGrantorPrincipal();
- boolean that_present_grantorPrincipal = true && that.isSetGrantorPrincipal();
- if (this_present_grantorPrincipal || that_present_grantorPrincipal) {
- if (!(this_present_grantorPrincipal && that_present_grantorPrincipal))
- return false;
- if (!this.grantorPrincipal.equals(that.grantorPrincipal))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- boolean present_grantorPrincipal = true && (isSetGrantorPrincipal());
- list.add(present_grantorPrincipal);
- if (present_grantorPrincipal)
- list.add(grantorPrincipal);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryRole other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGrantorPrincipal()).compareTo(other.isSetGrantorPrincipal());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGrantorPrincipal()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantorPrincipal, other.grantorPrincipal);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryRole(");
- boolean first = true;
-
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("grantorPrincipal:");
- if (this.grantorPrincipal == null) {
- sb.append("null");
- } else {
- sb.append(this.grantorPrincipal);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- if (!isSetGrantorPrincipal()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'grantorPrincipal' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryRoleStandardSchemeFactory implements SchemeFactory {
- public TSentryRoleStandardScheme getScheme() {
- return new TSentryRoleStandardScheme();
- }
- }
-
- private static class TSentryRoleStandardScheme extends StandardScheme<TSentryRole> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryRole struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set56 = iprot.readSetBegin();
- struct.groups = new HashSet<TSentryGroup>(2*_set56.size);
- TSentryGroup _elem57;
- for (int _i58 = 0; _i58 < _set56.size; ++_i58)
- {
- _elem57 = new TSentryGroup();
- _elem57.read(iprot);
- struct.groups.add(_elem57);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // GRANTOR_PRINCIPAL
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.grantorPrincipal = iprot.readString();
- struct.setGrantorPrincipalIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryRole struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.groups.size()));
- for (TSentryGroup _iter59 : struct.groups)
- {
- _iter59.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- if (struct.grantorPrincipal != null) {
- oprot.writeFieldBegin(GRANTOR_PRINCIPAL_FIELD_DESC);
- oprot.writeString(struct.grantorPrincipal);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryRoleTupleSchemeFactory implements SchemeFactory {
- public TSentryRoleTupleScheme getScheme() {
- return new TSentryRoleTupleScheme();
- }
- }
-
- private static class TSentryRoleTupleScheme extends TupleScheme<TSentryRole> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryRole struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeString(struct.roleName);
- {
- oprot.writeI32(struct.groups.size());
- for (TSentryGroup _iter60 : struct.groups)
- {
- _iter60.write(oprot);
- }
- }
- oprot.writeString(struct.grantorPrincipal);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryRole struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set61 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.groups = new HashSet<TSentryGroup>(2*_set61.size);
- TSentryGroup _elem62;
- for (int _i63 = 0; _i63 < _set61.size; ++_i63)
- {
- _elem62 = new TSentryGroup();
- _elem62.read(iprot);
- struct.groups.add(_elem62);
- }
- }
- struct.setGroupsIsSet(true);
- struct.grantorPrincipal = iprot.readString();
- struct.setGrantorPrincipalIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java
deleted file mode 100644
index d9a9f86..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java
+++ /dev/null
@@ -1,598 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryResponseStatus implements org.apache.thrift.TBase<TSentryResponseStatus, TSentryResponseStatus._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryResponseStatus> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryResponseStatus");
-
- private static final org.apache.thrift.protocol.TField VALUE_FIELD_DESC = new org.apache.thrift.protocol.TField("value", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField MESSAGE_FIELD_DESC = new org.apache.thrift.protocol.TField("message", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField STACK_FIELD_DESC = new org.apache.thrift.protocol.TField("stack", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryResponseStatusStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryResponseStatusTupleSchemeFactory());
- }
-
- private int value; // required
- private String message; // required
- private String stack; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- VALUE((short)1, "value"),
- MESSAGE((short)2, "message"),
- STACK((short)3, "stack");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // VALUE
- return VALUE;
- case 2: // MESSAGE
- return MESSAGE;
- case 3: // STACK
- return STACK;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __VALUE_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.STACK};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.VALUE, new org.apache.thrift.meta_data.FieldMetaData("value", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.MESSAGE, new org.apache.thrift.meta_data.FieldMetaData("message", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.STACK, new org.apache.thrift.meta_data.FieldMetaData("stack", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryResponseStatus.class, metaDataMap);
- }
-
- public TSentryResponseStatus() {
- }
-
- public TSentryResponseStatus(
- int value,
- String message)
- {
- this();
- this.value = value;
- setValueIsSet(true);
- this.message = message;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryResponseStatus(TSentryResponseStatus other) {
- __isset_bitfield = other.__isset_bitfield;
- this.value = other.value;
- if (other.isSetMessage()) {
- this.message = other.message;
- }
- if (other.isSetStack()) {
- this.stack = other.stack;
- }
- }
-
- public TSentryResponseStatus deepCopy() {
- return new TSentryResponseStatus(this);
- }
-
- @Override
- public void clear() {
- setValueIsSet(false);
- this.value = 0;
- this.message = null;
- this.stack = null;
- }
-
- public int getValue() {
- return this.value;
- }
-
- public void setValue(int value) {
- this.value = value;
- setValueIsSet(true);
- }
-
- public void unsetValue() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __VALUE_ISSET_ID);
- }
-
- /** Returns true if field value is set (has been assigned a value) and false otherwise */
- public boolean isSetValue() {
- return EncodingUtils.testBit(__isset_bitfield, __VALUE_ISSET_ID);
- }
-
- public void setValueIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __VALUE_ISSET_ID, value);
- }
-
- public String getMessage() {
- return this.message;
- }
-
- public void setMessage(String message) {
- this.message = message;
- }
-
- public void unsetMessage() {
- this.message = null;
- }
-
- /** Returns true if field message is set (has been assigned a value) and false otherwise */
- public boolean isSetMessage() {
- return this.message != null;
- }
-
- public void setMessageIsSet(boolean value) {
- if (!value) {
- this.message = null;
- }
- }
-
- public String getStack() {
- return this.stack;
- }
-
- public void setStack(String stack) {
- this.stack = stack;
- }
-
- public void unsetStack() {
- this.stack = null;
- }
-
- /** Returns true if field stack is set (has been assigned a value) and false otherwise */
- public boolean isSetStack() {
- return this.stack != null;
- }
-
- public void setStackIsSet(boolean value) {
- if (!value) {
- this.stack = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case VALUE:
- if (value == null) {
- unsetValue();
- } else {
- setValue((Integer)value);
- }
- break;
-
- case MESSAGE:
- if (value == null) {
- unsetMessage();
- } else {
- setMessage((String)value);
- }
- break;
-
- case STACK:
- if (value == null) {
- unsetStack();
- } else {
- setStack((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case VALUE:
- return getValue();
-
- case MESSAGE:
- return getMessage();
-
- case STACK:
- return getStack();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case VALUE:
- return isSetValue();
- case MESSAGE:
- return isSetMessage();
- case STACK:
- return isSetStack();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryResponseStatus)
- return this.equals((TSentryResponseStatus)that);
- return false;
- }
-
- public boolean equals(TSentryResponseStatus that) {
- if (that == null)
- return false;
-
- boolean this_present_value = true;
- boolean that_present_value = true;
- if (this_present_value || that_present_value) {
- if (!(this_present_value && that_present_value))
- return false;
- if (this.value != that.value)
- return false;
- }
-
- boolean this_present_message = true && this.isSetMessage();
- boolean that_present_message = true && that.isSetMessage();
- if (this_present_message || that_present_message) {
- if (!(this_present_message && that_present_message))
- return false;
- if (!this.message.equals(that.message))
- return false;
- }
-
- boolean this_present_stack = true && this.isSetStack();
- boolean that_present_stack = true && that.isSetStack();
- if (this_present_stack || that_present_stack) {
- if (!(this_present_stack && that_present_stack))
- return false;
- if (!this.stack.equals(that.stack))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_value = true;
- list.add(present_value);
- if (present_value)
- list.add(value);
-
- boolean present_message = true && (isSetMessage());
- list.add(present_message);
- if (present_message)
- list.add(message);
-
- boolean present_stack = true && (isSetStack());
- list.add(present_stack);
- if (present_stack)
- list.add(stack);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryResponseStatus other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetValue()).compareTo(other.isSetValue());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetValue()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.value, other.value);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetMessage()).compareTo(other.isSetMessage());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetMessage()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.message, other.message);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetStack()).compareTo(other.isSetStack());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStack()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.stack, other.stack);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryResponseStatus(");
- boolean first = true;
-
- sb.append("value:");
- sb.append(this.value);
- first = false;
- if (!first) sb.append(", ");
- sb.append("message:");
- if (this.message == null) {
- sb.append("null");
- } else {
- sb.append(this.message);
- }
- first = false;
- if (isSetStack()) {
- if (!first) sb.append(", ");
- sb.append("stack:");
- if (this.stack == null) {
- sb.append("null");
- } else {
- sb.append(this.stack);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetValue()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'value' is unset! Struct:" + toString());
- }
-
- if (!isSetMessage()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'message' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryResponseStatusStandardSchemeFactory implements SchemeFactory {
- public TSentryResponseStatusStandardScheme getScheme() {
- return new TSentryResponseStatusStandardScheme();
- }
- }
-
- private static class TSentryResponseStatusStandardScheme extends StandardScheme<TSentryResponseStatus> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // VALUE
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.value = iprot.readI32();
- struct.setValueIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // MESSAGE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.message = iprot.readString();
- struct.setMessageIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // STACK
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.stack = iprot.readString();
- struct.setStackIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(VALUE_FIELD_DESC);
- oprot.writeI32(struct.value);
- oprot.writeFieldEnd();
- if (struct.message != null) {
- oprot.writeFieldBegin(MESSAGE_FIELD_DESC);
- oprot.writeString(struct.message);
- oprot.writeFieldEnd();
- }
- if (struct.stack != null) {
- if (struct.isSetStack()) {
- oprot.writeFieldBegin(STACK_FIELD_DESC);
- oprot.writeString(struct.stack);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryResponseStatusTupleSchemeFactory implements SchemeFactory {
- public TSentryResponseStatusTupleScheme getScheme() {
- return new TSentryResponseStatusTupleScheme();
- }
- }
-
- private static class TSentryResponseStatusTupleScheme extends TupleScheme<TSentryResponseStatus> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.value);
- oprot.writeString(struct.message);
- BitSet optionals = new BitSet();
- if (struct.isSetStack()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetStack()) {
- oprot.writeString(struct.stack);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.value = iprot.readI32();
- struct.setValueIsSet(true);
- struct.message = iprot.readString();
- struct.setMessageIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- struct.stack = iprot.readString();
- struct.setStackIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java
deleted file mode 100644
index eb63bc3..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-public class sentry_common_serviceConstants {
-
- public static final int TSENTRY_SERVICE_V1 = 1;
-
- public static final int TSENTRY_SERVICE_V2 = 2;
-
- public static final int TSENTRY_STATUS_OK = 0;
-
- public static final int TSENTRY_STATUS_ALREADY_EXISTS = 1;
-
- public static final int TSENTRY_STATUS_NO_SUCH_OBJECT = 2;
-
- public static final int TSENTRY_STATUS_RUNTIME_ERROR = 3;
-
- public static final int TSENTRY_STATUS_INVALID_INPUT = 4;
-
- public static final int TSENTRY_STATUS_ACCESS_DENIED = 5;
-
- public static final int TSENTRY_STATUS_THRIFT_VERSION_MISMATCH = 6;
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
deleted file mode 100644
index 2ff715f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.service.persistent.SentryStore;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropPrivilegesRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TRenamePrivilegesRequest;
-
-public interface SentryPolicyStorePlugin {
-
- @SuppressWarnings("serial")
- class SentryPluginException extends SentryUserException {
- public SentryPluginException(String msg) {
- super(msg);
- }
- public SentryPluginException(String msg, Throwable t) {
- super(msg, t);
- }
- }
-
- void initialize(Configuration conf, SentryStore sentryStore) throws SentryPluginException;
-
- void onAlterSentryRoleAddGroups(TAlterSentryRoleAddGroupsRequest tRequest) throws SentryPluginException;
-
- void onAlterSentryRoleDeleteGroups(TAlterSentryRoleDeleteGroupsRequest tRequest) throws SentryPluginException;
-
- void onAlterSentryRoleGrantPrivilege(TAlterSentryRoleGrantPrivilegeRequest tRequest) throws SentryPluginException;
-
- void onAlterSentryRoleRevokePrivilege(TAlterSentryRoleRevokePrivilegeRequest tRequest) throws SentryPluginException;
-
- void onDropSentryRole(TDropSentryRoleRequest tRequest) throws SentryPluginException;
-
- void onRenameSentryPrivilege(TRenamePrivilegesRequest request) throws SentryPluginException;
-
- void onDropSentryPrivilege(TDropPrivilegesRequest request) throws SentryPluginException;
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
deleted file mode 100644
index e960dcd..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
+++ /dev/null
@@ -1,542 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Set;
-
-import javax.jdo.PersistenceManager;
-import javax.jdo.Query;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryGrantDeniedException;
-import org.apache.sentry.core.common.exception.SentryInvalidInputException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryGroup;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.apache.sentry.provider.db.service.persistent.SentryStore;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Joiner;
-import com.google.common.base.Preconditions;
-import com.google.common.base.Strings;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Sets;
-
-/**
- * The DelegateSentryStore will supports the generic authorizable model. It stores the authorizables
- * into separated column. Take the authorizables:[DATABASE=db1,TABLE=tb1,COLUMN=cl1] for example,
- * The DATABASE,db1,TABLE,tb1,COLUMN and cl1 will be stored into the six columns(resourceName0=db1,resourceType0=DATABASE,
- * resourceName1=tb1,resourceType1=TABLE,
- * resourceName2=cl1,resourceType2=COLUMN ) of generic privilege table
- */
-public class DelegateSentryStore implements SentryStoreLayer {
- private SentryStore delegate;
- private Configuration conf;
- private Set<String> adminGroups;
- private PrivilegeOperatePersistence privilegeOperator;
-
- public DelegateSentryStore(Configuration conf) throws SentryNoSuchObjectException,
- SentryAccessDeniedException, SentrySiteConfigurationException, IOException {
- this.privilegeOperator = new PrivilegeOperatePersistence(conf);
- // The generic model doesn't turn on the thread that cleans hive privileges
- conf.set(ServerConfig.SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL,"false");
- this.conf = conf;
- //delegated old sentryStore
- this.delegate = new SentryStore(conf);
- adminGroups = ImmutableSet.copyOf(toTrimmed(Sets.newHashSet(conf.getStrings(
- ServerConfig.ADMIN_GROUPS, new String[]{}))));
- }
-
- private PersistenceManager openTransaction() {
- return delegate.openTransaction();
- }
-
- private CommitContext commitUpdateTransaction(PersistenceManager pm) {
- return delegate.commitUpdateTransaction(pm);
- }
-
- private void rollbackTransaction(PersistenceManager pm) {
- delegate.rollbackTransaction(pm);
- }
-
- private void commitTransaction(PersistenceManager pm) {
- delegate.commitTransaction(pm);
- }
-
- private MSentryRole getRole(String roleName, PersistenceManager pm) {
- return delegate.getMSentryRole(pm, roleName);
- }
-
- @Override
- public CommitContext createRole(String component, String role,
- String requestor) throws SentryAlreadyExistsException {
- return delegate.createSentryRole(role);
- }
-
- /**
- * The role is global in the generic model, such as the role may be has more than one component
- * privileges, so delete role will remove all privileges related to it.
- */
- @Override
- public CommitContext dropRole(String component, String role, String requestor)
- throws SentryNoSuchObjectException {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- String trimmedRole = toTrimmedLower(role);
- try {
- pm = openTransaction();
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- MSentryRole sentryRole = (MSentryRole) query.execute(trimmedRole);
- if (sentryRole == null) {
- throw new SentryNoSuchObjectException("Role: " + trimmedRole + " doesn't exist");
- } else {
- pm.retrieve(sentryRole);
- sentryRole.removeGMPrivileges();
- sentryRole.removePrivileges();
- pm.deletePersistent(sentryRole);
- }
- CommitContext commit = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commit;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- @Override
- public Set<String> getAllRoleNames() {
- return delegate.getAllRoleNames();
- }
-
- @Override
- public CommitContext alterRoleAddGroups(String component, String role,
- Set<String> groups, String requestor) throws SentryNoSuchObjectException {
- return delegate.alterSentryRoleAddGroups(requestor, role, toTSentryGroups(groups));
- }
-
- @Override
- public CommitContext alterRoleDeleteGroups(String component, String role,
- Set<String> groups, String requestor) throws SentryNoSuchObjectException {
- //called to old sentryStore
- return delegate.alterSentryRoleDeleteGroups(role, toTSentryGroups(groups));
- }
-
- @Override
- public CommitContext alterRoleGrantPrivilege(String component, String role,
- PrivilegeObject privilege, String grantorPrincipal)
- throws SentryUserException {
- String trimmedRole = toTrimmedLower(role);
- PersistenceManager pm = null;
- boolean rollbackTransaction = true;
- try{
- pm = openTransaction();
- MSentryRole mRole = getRole(trimmedRole, pm);
- if (mRole == null) {
- throw new SentryNoSuchObjectException("Role: " + trimmedRole + " doesn't exist");
- }
- /**
- * check with grant option
- */
- grantOptionCheck(privilege, grantorPrincipal, pm);
-
- privilegeOperator.grantPrivilege(privilege, mRole, pm);
-
- CommitContext commitContext = delegate.commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commitContext;
-
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- @Override
- public CommitContext alterRoleRevokePrivilege(String component,
- String role, PrivilegeObject privilege, String grantorPrincipal)
- throws SentryUserException {
- String trimmedRole = toTrimmedLower(role);
- PersistenceManager pm = null;
- boolean rollbackTransaction = true;
- try{
- pm = openTransaction();
- MSentryRole mRole = getRole(trimmedRole, pm);
- if (mRole == null) {
- throw new SentryNoSuchObjectException("Role: " + trimmedRole + " doesn't exist");
- }
- /**
- * check with grant option
- */
- grantOptionCheck(privilege, grantorPrincipal, pm);
-
- privilegeOperator.revokePrivilege(privilege, mRole, pm);
-
- CommitContext commitContext = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commitContext;
-
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- @Override
- public CommitContext renamePrivilege(String component, String service,
- List<? extends Authorizable> oldAuthorizables,
- List<? extends Authorizable> newAuthorizables, String requestor)
- throws SentryUserException {
- Preconditions.checkNotNull(component);
- Preconditions.checkNotNull(service);
- Preconditions.checkNotNull(oldAuthorizables);
- Preconditions.checkNotNull(newAuthorizables);
-
- if (oldAuthorizables.size() != newAuthorizables.size()) {
- throw new SentryAccessDeniedException(
- "rename privilege denied: the size of oldAuthorizables must equals the newAuthorizables "
- + "oldAuthorizables:" + Arrays.toString(oldAuthorizables.toArray()) + " "
- + "newAuthorizables:" + Arrays.toString(newAuthorizables.toArray()));
- }
-
- PersistenceManager pm = null;
- boolean rollbackTransaction = true;
- try {
- pm = openTransaction();
-
- privilegeOperator.renamePrivilege(toTrimmedLower(component), toTrimmedLower(service),
- oldAuthorizables, newAuthorizables, requestor, pm);
-
- CommitContext commitContext = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commitContext;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- @Override
- public CommitContext dropPrivilege(String component,
- PrivilegeObject privilege, String requestor) throws SentryUserException {
- Preconditions.checkNotNull(requestor);
-
- PersistenceManager pm = null;
- boolean rollbackTransaction = true;
- try {
- pm = openTransaction();
-
- privilegeOperator.dropPrivilege(privilege, pm);
-
- CommitContext commitContext = commitUpdateTransaction(pm);
- rollbackTransaction = false;
- return commitContext;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-
- /**
- * Grant option check
- * @param component
- * @param pm
- * @param privilegeReader
- * @throws SentryUserException
- */
- private void grantOptionCheck(PrivilegeObject requestPrivilege, String grantorPrincipal,PersistenceManager pm)
- throws SentryUserException {
-
- if (Strings.isNullOrEmpty(grantorPrincipal)) {
- throw new SentryInvalidInputException("grantorPrincipal should not be null or empty");
- }
-
- Set<String> groups = getRequestorGroups(grantorPrincipal);
- if (groups == null || groups.isEmpty()) {
- throw new SentryGrantDeniedException(grantorPrincipal
- + " has no grant!");
- }
- //admin group check
- if (!Sets.intersection(adminGroups, toTrimmed(groups)).isEmpty()) {
- return;
- }
- //privilege grant option check
- Set<MSentryRole> mRoles = delegate.getRolesForGroups(pm, groups);
- if (!privilegeOperator.checkPrivilegeOption(mRoles, requestPrivilege, pm)) {
- throw new SentryGrantDeniedException(grantorPrincipal
- + " has no grant!");
- }
- }
-
- @Override
- public Set<String> getRolesByGroups(String component, Set<String> groups)
- throws SentryUserException {
- Set<String> roles = Sets.newHashSet();
- if (groups == null) {
- return roles;
- }
- for (TSentryRole tSentryRole : delegate.getTSentryRolesByGroupName(groups, true)) {
- roles.add(tSentryRole.getRoleName());
- }
- return roles;
- }
-
- @Override
- public Set<String> getGroupsByRoles(String component, Set<String> roles)
- throws SentryUserException {
- Set<String> trimmedRoles = toTrimmedLower(roles);
- Set<String> groupNames = Sets.newHashSet();
- if (trimmedRoles.size() == 0) {
- return groupNames;
- }
-
- PersistenceManager pm = null;
- try{
- pm = openTransaction();
- //get groups by roles
- Query query = pm.newQuery(MSentryGroup.class);
- StringBuilder filters = new StringBuilder();
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (String role : trimmedRoles) {
- rolesFiler.add("role.roleName == \"" + role + "\" ");
- }
- filters.append("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ")");
- query.setFilter(filters.toString());
-
- List<MSentryGroup> groups = (List<MSentryGroup>)query.execute();
- if (groups == null) {
- return groupNames;
- }
- for (MSentryGroup group : groups) {
- groupNames.add(group.getGroupName());
- }
- return groupNames;
- } finally {
- if (pm != null) {
- commitTransaction(pm);
- }
- }
- }
-
- @Override
- public Set<PrivilegeObject> getPrivilegesByRole(String component,
- Set<String> roles) throws SentryUserException {
- Preconditions.checkNotNull(roles);
- Set<PrivilegeObject> privileges = Sets.newHashSet();
- if (roles.isEmpty()) {
- return privileges;
- }
-
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- Set<MSentryRole> mRoles = Sets.newHashSet();
- for (String role : roles) {
- MSentryRole mRole = getRole(toTrimmedLower(role), pm);
- if (mRole != null) {
- mRoles.add(mRole);
- }
- }
- privileges.addAll(privilegeOperator.getPrivilegesByRole(mRoles, pm));
- } finally {
- if (pm != null) {
- commitTransaction(pm);
- }
- }
- return privileges;
- }
-
- @Override
- public Set<PrivilegeObject> getPrivilegesByProvider(String component,
- String service, Set<String> roles, Set<String> groups,
- List<? extends Authorizable> authorizables) throws SentryUserException {
- Preconditions.checkNotNull(component);
- Preconditions.checkNotNull(service);
-
- String trimmedComponent = toTrimmedLower(component);
- String trimmedService = toTrimmedLower(service);
-
- Set<PrivilegeObject> privileges = Sets.newHashSet();
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- //CaseInsensitive roleNames
- Set<String> trimmedRoles = toTrimmedLower(roles);
-
- if (groups != null) {
- trimmedRoles.addAll(delegate.getRoleNamesForGroups(groups));
- }
-
- if (trimmedRoles.size() == 0) {
- return privileges;
- }
-
- Set<MSentryRole> mRoles = Sets.newHashSet();
- for (String role : trimmedRoles) {
- MSentryRole mRole = getRole(role, pm);
- if (mRole != null) {
- mRoles.add(mRole);
- }
- }
- //get the privileges
- privileges.addAll(privilegeOperator.getPrivilegesByProvider(trimmedComponent, trimmedService, mRoles, authorizables, pm));
- } finally {
- if (pm != null) {
- commitTransaction(pm);
- }
- }
- return privileges;
- }
-
- @Override
- public Set<MSentryGMPrivilege> getPrivilegesByAuthorizable(String component, String service,
- Set<String> validActiveRoles, List<? extends Authorizable> authorizables)
- throws SentryUserException {
-
- Preconditions.checkNotNull(component);
- Preconditions.checkNotNull(service);
-
- component = toTrimmedLower(component);
- service = toTrimmedLower(service);
-
- Set<MSentryGMPrivilege> privileges = Sets.newHashSet();
-
- if (validActiveRoles == null || validActiveRoles.isEmpty()) {
- return privileges;
- }
-
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
-
- Set<MSentryRole> mRoles = Sets.newHashSet();
- for (String role : validActiveRoles) {
- MSentryRole mRole = getRole(role, pm);
- if (mRole != null) {
- mRoles.add(mRole);
- }
- }
-
- //get the privileges
- Set<MSentryGMPrivilege> mSentryGMPrivileges = privilegeOperator.getPrivilegesByAuthorizable(component, service, mRoles, authorizables, pm);
-
- for (MSentryGMPrivilege mSentryGMPrivilege : mSentryGMPrivileges) {
- /**
- * force to load all roles related this privilege
- * avoid the lazy-loading
- */
- pm.retrieve(mSentryGMPrivilege);
- privileges.add(mSentryGMPrivilege);
- }
-
- } finally {
- commitTransaction(pm);
- }
- return privileges;
- }
-
- @Override
- public void close() {
- delegate.stop();
- }
-
- private Set<TSentryGroup> toTSentryGroups(Set<String> groups) {
- Set<TSentryGroup> tSentryGroups = Sets.newHashSet();
- for (String group : groups) {
- tSentryGroups.add(new TSentryGroup(group));
- }
- return tSentryGroups;
- }
-
- private Set<String> toTrimmedLower(Set<String> s) {
- if (s == null) {
- return new HashSet<String>();
- }
- Set<String> result = Sets.newHashSet();
- for (String v : s) {
- result.add(v.trim().toLowerCase());
- }
- return result;
- }
-
- private Set<String> toTrimmed(Set<String> s) {
- if (s == null) {
- return new HashSet<String>();
- }
- Set<String> result = Sets.newHashSet();
- for (String v : s) {
- result.add(v.trim());
- }
- return result;
- }
-
- private String toTrimmedLower(String s) {
- if (s == null) {
- return "";
- }
- return s.trim().toLowerCase();
- }
-
- private Set<String> getRequestorGroups(String userName)
- throws SentryUserException {
- return SentryPolicyStoreProcessor.getGroupsFromUserName(this.conf, userName);
- }
-
- @VisibleForTesting
- void clearAllTables() {
- boolean rollbackTransaction = true;
- PersistenceManager pm = null;
- try {
- pm = openTransaction();
- pm.newQuery(MSentryRole.class).deletePersistentAll();
- pm.newQuery(MSentryGroup.class).deletePersistentAll();
- pm.newQuery(MSentryGMPrivilege.class).deletePersistentAll();
- commitUpdateTransaction(pm);
- rollbackTransaction = false;
- } finally {
- if (rollbackTransaction) {
- rollbackTransaction(pm);
- }
- }
- }
-}
[21/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java
deleted file mode 100644
index 223cc87..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStoreSchemaInfo.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileReader;
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-
-public class SentryStoreSchemaInfo {
- private static final String SQL_FILE_EXTENSION = ".sql";
- private static final String UPGRADE_FILE_PREFIX = "upgrade-";
- private static final String INIT_FILE_PREFIX = "sentry-";
- private static final String VERSION_UPGRADE_LIST = "upgrade.order";
- private final String dbType;
- private final String sentrySchemaVersions[];
- private final String sentryScriptDir;
-
- private static final String SENTRY_VERSION = "1.8.0";
-
- public SentryStoreSchemaInfo(String sentryScriptDir, String dbType)
- throws SentryUserException {
- this.sentryScriptDir = sentryScriptDir;
- this.dbType = dbType;
- // load upgrade order for the given dbType
- List<String> upgradeOrderList = new ArrayList<String>();
- String upgradeListFile = getSentryStoreScriptDir() + File.separator
- + VERSION_UPGRADE_LIST + "." + dbType;
- try (BufferedReader bfReader = new BufferedReader(new FileReader(upgradeListFile))) {
- String currSchemaVersion;
- while ((currSchemaVersion = bfReader.readLine()) != null) {
- upgradeOrderList.add(currSchemaVersion.trim());
- }
- } catch (FileNotFoundException e) {
- throw new SentryUserException("File " + upgradeListFile + " not found ", e);
- } catch (IOException e) {
- throw new SentryUserException("Error reading " + upgradeListFile, e);
- }
- sentrySchemaVersions = upgradeOrderList.toArray(new String[0]);
- }
-
- public String getSentrySchemaVersion() {
- return SENTRY_VERSION;
- }
-
- public List<String> getUpgradeScripts(String fromSchemaVer)
- throws SentryUserException {
- List<String> upgradeScriptList = new ArrayList<String>();
-
- // check if we are already at current schema level
- if (getSentryVersion().equals(fromSchemaVer)) {
- return upgradeScriptList;
- }
-
- // Find the list of scripts to execute for this upgrade
- int firstScript = sentrySchemaVersions.length;
- for (int i = 0; i < sentrySchemaVersions.length; i++) {
- String fromVersion = sentrySchemaVersions[i].split("-to-")[0];
- if (fromVersion.equals(fromSchemaVer)) {
- firstScript = i;
- break;
- }
- }
- if (firstScript == sentrySchemaVersions.length) {
- throw new SentryUserException("Unknown version specified for upgrade "
- + fromSchemaVer + " Metastore schema may be too old or newer");
- }
-
- for (int i = firstScript; i < sentrySchemaVersions.length; i++) {
- String scriptFile = generateUpgradeFileName(sentrySchemaVersions[i]);
- upgradeScriptList.add(scriptFile);
- }
- return upgradeScriptList;
- }
-
- /***
- * Get the name of the script to initialize the schema for given version
- *
- * @param toVersion
- * Target version. If it's null, then the current server version is
- * used
- * @return
- * @throws SentryUserException
- */
- public String generateInitFileName(String toVersion)
- throws SentryUserException {
- String version = toVersion;
- if (version == null) {
- version = getSentryVersion();
- }
- String initScriptName = INIT_FILE_PREFIX + dbType + "-" + version
- + SQL_FILE_EXTENSION;
- // check if the file exists
- if (!(new File(getSentryStoreScriptDir() + File.separatorChar
- + initScriptName).exists())) {
- throw new SentryUserException(
- "Unknown version specified for initialization: " + version);
- }
- return initScriptName;
- }
-
- /**
- * Find the directory of sentry store scripts
- *
- * @return
- */
- public String getSentryStoreScriptDir() {
- return sentryScriptDir;
- }
-
- // format the upgrade script name eg upgrade-x-y-dbType.sql
- private String generateUpgradeFileName(String fileVersion) {
- return INIT_FILE_PREFIX + UPGRADE_FILE_PREFIX + dbType + "-"
- + fileVersion + SQL_FILE_EXTENSION;
- }
-
- // Current hive version, in majorVersion.minorVersion.changeVersion format
- // TODO: store the version using the build script
- public static String getSentryVersion() {
- return SENTRY_VERSION;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java
deleted file mode 100644
index 9f921d4..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-
-import org.apache.curator.x.discovery.ServiceDiscovery;
-import org.apache.curator.x.discovery.ServiceDiscoveryBuilder;
-import org.apache.curator.x.discovery.ServiceInstance;
-import org.apache.curator.x.discovery.ServiceProvider;
-import org.apache.curator.x.discovery.details.InstanceSerializer;
-import org.apache.hadoop.net.NetUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/***
- * ServerManager handles registration of the Sentry service for Curator service
- * discovery. Each server registers with ZK and add its host:port details which
- * is used by the clients to discover available servers
- */
-public class ServiceManager {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(ServiceManager.class);
- private HAContext haContext;
- private ServiceProvider<Void> serviceProvider;
- private ServiceDiscovery<Void> serviceDiscovery;
-
- public ServiceManager(HAContext haContext) throws IOException {
- this.haContext = haContext;
- init();
- }
-
- private void init() throws IOException {
- try {
- haContext.startCuratorFramework();
- InstanceSerializer<Void> instanceSerializer = new FixedJsonInstanceSerializer<Void>(Void.class);
- serviceDiscovery = ServiceDiscoveryBuilder.<Void>builder(Void.class)
- .basePath(HAContext.SENTRY_SERVICE_REGISTER_NAMESPACE)
- .serializer(instanceSerializer)
- .client(haContext.getCuratorFramework())
- .build();
- serviceDiscovery.start();
- serviceProvider = serviceDiscovery
- .serviceProviderBuilder()
- .serviceName(HAContext.SENTRY_SERVICE_REGISTER_NAMESPACE)
- .build();
- serviceProvider.start();
- } catch (Exception e) {
- throw new IOException(e);
- }
- }
-
- public ServiceInstance<Void> getServiceInstance() throws IOException {
- ServiceInstance<Void> service;
- try {
- service = serviceProvider.getInstance();
- return service;
- } catch (Exception e) {
- throw new IOException(e);
- }
- }
-
- public void reportError(ServiceInstance<Void> instance) {
- serviceProvider.noteError(instance);
- }
-
- public static InetSocketAddress convertServiceInstance(ServiceInstance<?> service) {
- return NetUtils.createSocketAddr(service.getAddress(),service.getPort());
- }
-
- public void close() {
- try {
- serviceProvider.close();
- serviceDiscovery.close();
- LOGGER.debug("Closed ZK resources");
- } catch (IOException e) {
- LOGGER.warn("Error closing the service manager", e);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java
deleted file mode 100644
index 79dfe48..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import org.apache.curator.x.discovery.ServiceDiscoveryBuilder;
-import org.apache.curator.x.discovery.ServiceInstance;
-import org.apache.curator.x.discovery.details.InstanceSerializer;
-
-public class ServiceRegister {
-
- private HAContext haContext;
-
- public ServiceRegister(HAContext haContext) {
- this.haContext = haContext;
- }
-
- public void regService(String host, int port) throws Exception {
-
- haContext.startCuratorFramework();
- ServiceInstance<Void> serviceInstance = ServiceInstance.<Void>builder()
- .address(host)
- .port(port)
- .name(HAContext.SENTRY_SERVICE_REGISTER_NAMESPACE)
- .build();
-
- InstanceSerializer<Void> instanceSerializer = new FixedJsonInstanceSerializer<Void>(Void.class);
- ServiceDiscoveryBuilder.builder(Void.class)
- .basePath(HAContext.SENTRY_SERVICE_REGISTER_NAMESPACE)
- .client(haContext.getCuratorFramework())
- .serializer(instanceSerializer)
- .thisInstance(serviceInstance)
- .build()
- .start();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java
deleted file mode 100644
index 9e7fca8..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java
+++ /dev/null
@@ -1,69 +0,0 @@
-package org.apache.sentry.provider.db.service.thrift;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import java.io.IOException;
-import java.io.Writer;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.hadoop.conf.Configuration;
-
-/**
- * Servlet to print out all sentry configuration.
- */
-public class ConfServlet extends HttpServlet {
- public static final String CONF_CONTEXT_ATTRIBUTE = "sentry.conf";
- public static final String FORMAT_JSON = "json";
- public static final String FORMAT_XML = "xml";
- public static final String FORMAT_PARAM = "format";
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String format = request.getParameter(FORMAT_PARAM);
- if (format == null) {
- format = FORMAT_XML;
- }
-
- if (FORMAT_XML.equals(format)) {
- response.setContentType("text/xml; charset=utf-8");
- } else if (FORMAT_JSON.equals(format)) {
- response.setContentType("application/json; charset=utf-8");
- }
-
- Configuration conf = (Configuration)getServletContext().getAttribute(
- CONF_CONTEXT_ATTRIBUTE);
- assert conf != null;
-
- Writer out = response.getWriter();
- if (FORMAT_JSON.equals(format)) {
- Configuration.dumpConfiguration(conf, out);
- } else if (FORMAT_XML.equals(format)) {
- conf.writeXml(out);
- } else {
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Bad format: " + format);
- }
- out.close();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java
deleted file mode 100644
index b1a4b7f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java
+++ /dev/null
@@ -1,79 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-
-/**
- * Users wishing to be notified when a metadata changing event occurs
- * should extend this abstract class. All methods which modify the underlying
- * metadata in SentryPolicyStoreProcessor will have a corresponding method
- * on this class. Each method will contain a copy of the request and response
- * object. Therefore any change to the request or response object will be ignored.
- * Additionally each method will be passed a CommitContext.
- *
- * Sub-classes should be thread-safe.
- */
-public abstract class NotificationHandler {
-
- private final Configuration config;
-
- public NotificationHandler(Configuration config) throws Exception {
- this.config = config;
- }
-
- protected Configuration getConf() {
- return config;
- }
-
- public void create_sentry_role(CommitContext context,
- TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) {
- }
-
- public void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request,
- TDropSentryRoleResponse response) {
- }
-
- public void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response) {
- }
-
- public void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response) {
- }
-
- public void alter_sentry_role_add_groups(CommitContext context,
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response) {
- }
-
- public void alter_sentry_role_delete_groups(
- CommitContext context, TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response) {
- }
-
- public void alter_sentry_role_add_users(CommitContext context,
- TAlterSentryRoleAddUsersRequest request, TAlterSentryRoleAddUsersResponse response) {
- }
-
- public void alter_sentry_role_delete_users(CommitContext context,
- TAlterSentryRoleDeleteUsersRequest request, TAlterSentryRoleDeleteUsersResponse response) {
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java
deleted file mode 100644
index 856ef9a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java
+++ /dev/null
@@ -1,176 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.util.List;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.ImmutableList;
-
-/**
- * Invokes configured instances of NotificationHandler. Importantly
- * NotificationHandler's each receive a copy of the request and
- * response thrift objects from each successful request.
- */
-public class NotificationHandlerInvoker extends NotificationHandler {
- private static final Logger LOGGER = LoggerFactory.getLogger(NotificationHandlerInvoker.class);
-
- private final ImmutableList<NotificationHandler> handlers;
-
- public NotificationHandlerInvoker(Configuration conf, NotificationHandler handler)
- throws Exception {
- this(conf, ImmutableList.of(handler));
- }
-
- public NotificationHandlerInvoker(Configuration conf, List<NotificationHandler> handlers)
- throws Exception {
- super(conf);
- this.handlers = ImmutableList.copyOf(handlers);
- }
-
- @Override
- public void create_sentry_role(CommitContext context,
- TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.create_sentry_role(context, new TCreateSentryRoleRequest(request),
- new TCreateSentryRoleResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request,
- TDropSentryRoleResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.drop_sentry_role(context, new TDropSentryRoleRequest(request),
- new TDropSentryRoleResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_grant_privilege(CommitContext context,
- TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_grant_privilege(context,
- new TAlterSentryRoleGrantPrivilegeRequest(request),
- new TAlterSentryRoleGrantPrivilegeResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_revoke_privilege(CommitContext context,
- TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_revoke_privilege(context,
- new TAlterSentryRoleRevokePrivilegeRequest(request),
- new TAlterSentryRoleRevokePrivilegeResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_add_groups(CommitContext context,
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_add_groups(context, new TAlterSentryRoleAddGroupsRequest(request),
- new TAlterSentryRoleAddGroupsResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_delete_groups(
- CommitContext context, TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_delete_groups(context, new TAlterSentryRoleDeleteGroupsRequest(request),
- new TAlterSentryRoleDeleteGroupsResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_add_users(CommitContext context,
- TAlterSentryRoleAddUsersRequest request, TAlterSentryRoleAddUsersResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_add_users(context, new TAlterSentryRoleAddUsersRequest(request),
- new TAlterSentryRoleAddUsersResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: "
- + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_delete_users(CommitContext context,
- TAlterSentryRoleDeleteUsersRequest request, TAlterSentryRoleDeleteUsersResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_delete_users(context, new TAlterSentryRoleDeleteUsersRequest(
- request), new TAlterSentryRoleDeleteUsersResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: "
- + response, ex);
- }
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java
deleted file mode 100644
index 8cf1c1a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-public final class PolicyStoreConstants {
- public static final String SENTRY_GENERIC_POLICY_NOTIFICATION = "sentry.generic.policy.notification";
- public static final String SENTRY_GENERIC_POLICY_STORE = "sentry.generic.policy.store";
- public static final String SENTRY_GENERIC_POLICY_STORE_DEFAULT =
- "org.apache.sentry.provider.db.generic.service.persistent.DelegateSentryStore";
- public static class PolicyStoreServerConfig {
- public static final String NOTIFICATION_HANDLERS = "sentry.policy.store.notification.handlers";
- }
-
- private PolicyStoreConstants() {
- // Make constructor private to avoid instantiation
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java
deleted file mode 100644
index c1cfc1b..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryAuthFilter.java
+++ /dev/null
@@ -1,92 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.io.IOException;
-import java.util.Enumeration;
-import java.util.Properties;
-import java.util.Set;
-
-import javax.servlet.FilterChain;
-import javax.servlet.FilterConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.hadoop.security.authentication.server.AuthenticationFilter;
-import org.apache.hadoop.util.StringUtils;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Sets;
-
-/**
- * SentryAuthFilter is a subclass of AuthenticationFilter,
- * add authorization: Only allowed users could connect the web server.
- */
-public class SentryAuthFilter extends AuthenticationFilter {
-
- private static final Logger LOG = LoggerFactory.getLogger(SentryAuthFilter.class);
-
- public static final String ALLOW_WEB_CONNECT_USERS = ServerConfig.SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS;
-
- private Set<String> allowUsers;
-
- @Override
- protected void doFilter(FilterChain filterChain, HttpServletRequest request,
- HttpServletResponse response) throws IOException, ServletException {
- String userName = request.getRemoteUser();
- LOG.debug("Authenticating user: " + userName + " from request.");
- if (!allowUsers.contains(userName)) {
- response.sendError(HttpServletResponse.SC_FORBIDDEN,
- "Unauthorized user status code: " + HttpServletResponse.SC_FORBIDDEN);
- throw new ServletException(userName + " is unauthorized. status code: " + HttpServletResponse.SC_FORBIDDEN);
- }
- super.doFilter(filterChain, request, response);
- }
-
- /**
- * Override <code>getConfiguration<code> to get <code>ALLOW_WEB_CONNECT_USERS<code>.
- */
- @Override
- protected Properties getConfiguration(String configPrefix, FilterConfig filterConfig) throws ServletException {
- Properties props = new Properties();
- Enumeration<?> names = filterConfig.getInitParameterNames();
- while (names.hasMoreElements()) {
- String name = (String) names.nextElement();
- if (name.startsWith(configPrefix)) {
- String value = filterConfig.getInitParameter(name);
- if (ALLOW_WEB_CONNECT_USERS.equals(name)) {
- allowUsers = parseConnectUsersFromConf(value);
- } else {
- props.put(name.substring(configPrefix.length()), value);
- }
- }
- }
- return props;
- }
-
- private static Set<String> parseConnectUsersFromConf(String value) {
- String lcValue = value;
- if (lcValue != null) {
- lcValue = lcValue.toLowerCase();
- }
- return Sets.newHashSet(StringUtils.getStrings(lcValue));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryHealthCheckServletContextListener.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryHealthCheckServletContextListener.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryHealthCheckServletContextListener.java
deleted file mode 100644
index 8822c2e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryHealthCheckServletContextListener.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import com.codahale.metrics.health.HealthCheckRegistry;
-import com.codahale.metrics.servlets.HealthCheckServlet;
-
-/**
- * Use this class's registry to register health checks: Can be some tests which make sure Sentry service is healthy
- */
-public class SentryHealthCheckServletContextListener extends HealthCheckServlet.ContextListener {
-
- //This is just a place holder for health check registry, with out this AdminServlet throws out an error
- public static final HealthCheckRegistry HEALTH_CHECK_REGISTRY = new HealthCheckRegistry();
-
- @Override
- protected HealthCheckRegistry getHealthCheckRegistry() {
- return HEALTH_CHECK_REGISTRY;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java
deleted file mode 100644
index c6d4d02..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetrics.java
+++ /dev/null
@@ -1,162 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import com.codahale.metrics.ConsoleReporter;
-import com.codahale.metrics.Counter;
-import com.codahale.metrics.Gauge;
-import com.codahale.metrics.Histogram;
-import com.codahale.metrics.JmxReporter;
-import com.codahale.metrics.Metric;
-import com.codahale.metrics.MetricRegistry;
-import com.codahale.metrics.MetricSet;
-import com.codahale.metrics.Timer;
-import com.codahale.metrics.jvm.BufferPoolMetricSet;
-import com.codahale.metrics.jvm.GarbageCollectorMetricSet;
-import com.codahale.metrics.jvm.MemoryUsageGaugeSet;
-import com.codahale.metrics.jvm.ThreadStatesGaugeSet;
-import org.apache.sentry.provider.db.service.persistent.SentryStore;
-
-import java.lang.management.ManagementFactory;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
-
-/**
- * A singleton class which holds metrics related utility functions as well as the list of metrics
- */
-public final class SentryMetrics {
- private static SentryMetrics sentryMetrics = null;
- private boolean reportingInitialized = false;
- private boolean gaugesAdded = false;
-
- public final Timer createRoleTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "create-role"));
- public final Timer dropRoleTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "drop-role"));
- public final Timer grantRoleTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "grant-role"));
- public final Timer revokeRoleTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "revoke-role"));
- public final Timer grantTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "grant-privilege"));
- public final Timer revokeTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "revoke-privilege"));
-
- public final Timer dropPrivilegeTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "drop-privilege"));
- public final Timer renamePrivilegeTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "rename-privilege"));
-
- public final Timer listRolesByGroupTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "list-roles-by-group"));
- public final Timer listPrivilegesByRoleTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "list-privileges-by-role"));
- public final Timer listPrivilegesForProviderTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "list-privileges-for-provider"));
- public final Timer listPrivilegesByAuthorizableTimer = SentryMetricsServletContextListener.METRIC_REGISTRY.timer(
- MetricRegistry.name(SentryPolicyStoreProcessor.class, "list-privileges-by-authorizable"));
-
- /**
- * Return a Timer with name.
- */
- public Timer getTimer(String name) {
- return SentryMetricsServletContextListener.METRIC_REGISTRY.timer(name);
- }
-
- /**
- * Return a Histogram with name.
- */
- public Histogram getHistogram(String name) {
- return SentryMetricsServletContextListener.METRIC_REGISTRY.histogram(name);
- }
-
- /**
- * Return a Counter with name.
- */
- public Counter getCounter(String name) {
- return SentryMetricsServletContextListener.METRIC_REGISTRY.counter(name);
- }
-
- private SentryMetrics() {
- registerMetricSet("gc", new GarbageCollectorMetricSet(), SentryMetricsServletContextListener.METRIC_REGISTRY);
- registerMetricSet("buffers", new BufferPoolMetricSet(ManagementFactory.getPlatformMBeanServer()),
- SentryMetricsServletContextListener.METRIC_REGISTRY);
- registerMetricSet("memory", new MemoryUsageGaugeSet(), SentryMetricsServletContextListener.METRIC_REGISTRY);
- registerMetricSet("threads", new ThreadStatesGaugeSet(), SentryMetricsServletContextListener.METRIC_REGISTRY);
- }
-
- public static synchronized SentryMetrics getInstance() {
- if (sentryMetrics == null) {
- sentryMetrics = new SentryMetrics();
- }
- return sentryMetrics;
- }
-
- public void addSentryStoreGauges(SentryStore sentryStore) {
- if(!gaugesAdded) {
- addGauge(SentryStore.class, "role_count", sentryStore.getRoleCountGauge());
- addGauge(SentryStore.class, "privilege_count", sentryStore.getPrivilegeCountGauge());
- addGauge(SentryStore.class, "group_count", sentryStore.getGroupCountGauge());
- gaugesAdded = true;
- }
- }
-
-
- /* Should be only called once to initialize the reporters
- */
- public synchronized void initReporting(Reporting reporting) {
- if(!reportingInitialized) {
- switch(reporting) {
- case CONSOLE:
- final ConsoleReporter consoleReporter = ConsoleReporter.forRegistry(SentryMetricsServletContextListener.METRIC_REGISTRY)
- .convertRatesTo(TimeUnit.SECONDS)
- .convertDurationsTo(TimeUnit.MILLISECONDS)
- .build();
- consoleReporter.start(1, TimeUnit.SECONDS);
- break;
- case JMX:
- final JmxReporter jmxReporter = JmxReporter.forRegistry(SentryMetricsServletContextListener.METRIC_REGISTRY)
- .convertRatesTo(TimeUnit.SECONDS)
- .convertDurationsTo(TimeUnit.MILLISECONDS)
- .build();
- jmxReporter.start();
- break;
- }
- }
- }
-
- private <T, V> void addGauge(Class<T> tClass, String gaugeName, Gauge<V> gauge) {
- SentryMetricsServletContextListener.METRIC_REGISTRY.register(
- MetricRegistry.name(tClass, gaugeName), gauge);
- }
-
- private void registerMetricSet(String prefix, MetricSet metricSet, MetricRegistry registry) {
- for (Map.Entry<String, Metric> entry : metricSet.getMetrics().entrySet()) {
- if (entry.getValue() instanceof MetricSet) {
- registerMetricSet(prefix + "." + entry.getKey(), (MetricSet) entry.getValue(), registry);
- } else {
- registry.register(prefix + "." + entry.getKey(), entry.getValue());
- }
- }
- }
-
- public enum Reporting {
- JMX,
- CONSOLE;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetricsServletContextListener.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetricsServletContextListener.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetricsServletContextListener.java
deleted file mode 100644
index 6692197..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetricsServletContextListener.java
+++ /dev/null
@@ -1,32 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import com.codahale.metrics.MetricRegistry;
-import com.codahale.metrics.servlets.MetricsServlet;
-
-public class SentryMetricsServletContextListener extends MetricsServlet.ContextListener {
-
- public static final MetricRegistry METRIC_REGISTRY = new MetricRegistry();
-
- @Override
- protected MetricRegistry getMetricRegistry() {
- return METRIC_REGISTRY;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
deleted file mode 100644
index c2b03e5..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
+++ /dev/null
@@ -1,220 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-
-public interface SentryPolicyServiceClient {
-
- void createRole(String requestorUserName, String roleName) throws SentryUserException;
-
- void dropRole(String requestorUserName, String roleName) throws SentryUserException;
-
- void dropRoleIfExists(String requestorUserName, String roleName)
- throws SentryUserException;
-
- Set<TSentryRole> listRolesByUserName(String requestorUserName, String userName)
- throws SentryUserException;
-
- Set<TSentryRole> listRolesByGroupName(String requestorUserName, String groupName)
- throws SentryUserException;
-
- Set<TSentryPrivilege> listAllPrivilegesByRoleName(String requestorUserName, String roleName)
- throws SentryUserException;
-
- /**
- * Gets sentry privilege objects for a given roleName using the Sentry service
- *
- * @param requestorUserName : user on whose behalf the request is issued
- * @param roleName : roleName to look up
- * @param authorizable : authorizable Hierarchy (server->db->table etc)
- * @return Set of thrift sentry privilege objects
- * @throws SentryUserException
- */
- Set<TSentryPrivilege> listPrivilegesByRoleName(String requestorUserName, String roleName,
- List<? extends Authorizable> authorizable) throws SentryUserException;
-
- Set<TSentryRole> listRoles(String requestorUserName) throws SentryUserException;
-
- Set<TSentryRole> listUserRoles(String requestorUserName) throws SentryUserException;
-
- TSentryPrivilege grantURIPrivilege(String requestorUserName, String roleName,
- String server, String uri) throws SentryUserException;
-
- TSentryPrivilege grantURIPrivilege(String requestorUserName, String roleName,
- String server, String uri, Boolean grantOption) throws SentryUserException;
-
- void grantServerPrivilege(String requestorUserName, String roleName, String server,
- String action) throws SentryUserException;
-
- TSentryPrivilege grantServerPrivilege(String requestorUserName, String roleName,
- String server, Boolean grantOption) throws SentryUserException;
-
- TSentryPrivilege grantServerPrivilege(String requestorUserName, String roleName,
- String server, String action, Boolean grantOption) throws SentryUserException;
-
- TSentryPrivilege grantDatabasePrivilege(String requestorUserName, String roleName,
- String server, String db, String action) throws SentryUserException;
-
- TSentryPrivilege grantDatabasePrivilege(String requestorUserName, String roleName,
- String server, String db, String action, Boolean grantOption) throws SentryUserException;
-
- TSentryPrivilege grantTablePrivilege(String requestorUserName, String roleName,
- String server, String db, String table, String action) throws SentryUserException;
-
- TSentryPrivilege grantTablePrivilege(String requestorUserName, String roleName,
- String server, String db, String table, String action, Boolean grantOption)
- throws SentryUserException;
-
- TSentryPrivilege grantColumnPrivilege(String requestorUserName, String roleName,
- String server, String db, String table, String columnName, String action)
- throws SentryUserException;
-
- TSentryPrivilege grantColumnPrivilege(String requestorUserName, String roleName,
- String server, String db, String table, String columnName, String action, Boolean grantOption)
- throws SentryUserException;
-
- Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName, String roleName,
- String server, String db, String table, List<String> columnNames, String action)
- throws SentryUserException;
-
- Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName, String roleName,
- String server, String db, String table, List<String> columnNames, String action,
- Boolean grantOption) throws SentryUserException;
-
- Set<TSentryPrivilege> grantPrivileges(String requestorUserName, String
- roleName, Set<TSentryPrivilege> privileges) throws SentryUserException;
-
- TSentryPrivilege grantPrivilege(String requestorUserName, String roleName,
- TSentryPrivilege privilege) throws
- SentryUserException;
-
- void revokeURIPrivilege(String requestorUserName, String roleName, String server,
- String uri) throws SentryUserException;
-
- void revokeURIPrivilege(String requestorUserName, String roleName, String server,
- String uri, Boolean grantOption) throws SentryUserException;
-
- void revokeServerPrivilege(String requestorUserName, String roleName, String server,
- String action) throws SentryUserException;
-
- void revokeServerPrivilege(String requestorUserName, String roleName, String server,
- String action, Boolean grantOption) throws SentryUserException;
-
- void revokeServerPrivilege(String requestorUserName, String roleName, String server,
- boolean grantOption) throws SentryUserException;
-
- void revokeDatabasePrivilege(String requestorUserName, String roleName, String server,
- String db, String action) throws SentryUserException;
-
- void revokeDatabasePrivilege(String requestorUserName, String roleName, String server,
- String db, String action, Boolean grantOption) throws SentryUserException;
-
- void revokeTablePrivilege(String requestorUserName, String roleName, String server,
- String db, String table, String action) throws SentryUserException;
-
- void revokeTablePrivilege(String requestorUserName, String roleName, String server,
- String db, String table, String action, Boolean grantOption) throws SentryUserException;
-
- void revokeColumnPrivilege(String requestorUserName, String roleName, String server,
- String db, String table, String columnName, String action) throws SentryUserException;
-
- void revokeColumnPrivilege(String requestorUserName, String roleName, String server,
- String db, String table, String columnName, String action, Boolean grantOption)
- throws SentryUserException;
-
- void revokeColumnsPrivilege(String requestorUserName, String roleName, String server,
- String db, String table, List<String> columns, String action) throws SentryUserException;
-
- void revokeColumnsPrivilege(String requestorUserName, String roleName, String server,
- String db, String table, List<String> columns, String action, Boolean grantOption)
- throws SentryUserException;
-
- void revokePrivileges(String requestorUserName, String roleName, Set<TSentryPrivilege> privileges)
- throws SentryUserException;
-
- void revokePrivilege(String requestorUserName, String roleName, TSentryPrivilege privilege)
- throws SentryUserException;
-
- Set<String> listPrivilegesForProvider(Set<String> groups, Set<String> users,
- ActiveRoleSet roleSet, Authorizable... authorizable) throws SentryUserException;
-
- void grantRoleToGroup(String requestorUserName, String groupName, String roleName)
- throws SentryUserException;
-
- void revokeRoleFromGroup(String requestorUserName, String groupName, String roleName)
- throws SentryUserException;
-
- void grantRoleToGroups(String requestorUserName, String roleName, Set<String> groups)
- throws SentryUserException;
-
- void revokeRoleFromGroups(String requestorUserName, String roleName, Set<String> groups)
- throws SentryUserException;
-
- void grantRoleToUser(String requestorUserName, String userName, String roleName)
- throws SentryUserException;
-
- void revokeRoleFromUser(String requestorUserName, String userName, String roleName)
- throws SentryUserException;
-
- void grantRoleToUsers(String requestorUserName, String roleName, Set<String> users)
- throws SentryUserException;
-
- void revokeRoleFromUsers(String requestorUserName, String roleName, Set<String> users)
- throws SentryUserException;
-
- void dropPrivileges(String requestorUserName,
- List<? extends Authorizable> authorizableObjects) throws SentryUserException;
-
- void renamePrivileges(String requestorUserName,
- List<? extends Authorizable> oldAuthorizables, List<? extends Authorizable> newAuthorizables)
- throws SentryUserException;
-
- Map<TSentryAuthorizable, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(
- String requestorUserName, Set<List<? extends Authorizable>> authorizables,
- Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException;
-
- /**
- * Returns the configuration value in the sentry server associated with propertyName, or if
- * propertyName does not exist, the defaultValue. There is no "requestorUserName" because this is
- * regarded as an internal interface.
- *
- * @param propertyName Config attribute to search for
- * @param defaultValue String to return if not found
- * @return The value of the propertyName
- * @throws SentryUserException
- */
- String getConfigValue(String propertyName, String defaultValue) throws SentryUserException;
-
- void close();
-
- // Import the sentry mapping data with map structure
- void importPolicy(Map<String, Map<String, Set<String>>> policyFileMappingData,
- String requestorUserName, boolean isOverwriteRole) throws SentryUserException;
-
- // export the sentry mapping data with map structure
- Map<String, Map<String, Set<String>>> exportPolicy(String requestorUserName, String objectPath)
- throws SentryUserException;
-}
[40/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryGrantOption.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryGrantOption.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryGrantOption.java
deleted file mode 100644
index 9898c08..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryGrantOption.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-
-import java.util.Map;
-import java.util.HashMap;
-import org.apache.thrift.TEnum;
-
-public enum TSentryGrantOption implements org.apache.thrift.TEnum {
- TRUE(1),
- FALSE(0),
- UNSET(-1);
-
- private final int value;
-
- private TSentryGrantOption(int value) {
- this.value = value;
- }
-
- /**
- * Get the integer value of this enum value, as defined in the Thrift IDL.
- */
- public int getValue() {
- return value;
- }
-
- /**
- * Find a the enum type by its integer value, as defined in the Thrift IDL.
- * @return null if the value is not found.
- */
- public static TSentryGrantOption findByValue(int value) {
- switch (value) {
- case 1:
- return TRUE;
- case 0:
- return FALSE;
- case -1:
- return UNSET;
- default:
- return null;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilege.java
deleted file mode 100644
index 2d0a297..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilege.java
+++ /dev/null
@@ -1,1080 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryPrivilege implements org.apache.thrift.TBase<TSentryPrivilege, TSentryPrivilege._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryPrivilege> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryPrivilege");
-
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)1);
- private static final org.apache.thrift.protocol.TField SERVICE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("serviceName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLES_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizables", org.apache.thrift.protocol.TType.LIST, (short)3);
- private static final org.apache.thrift.protocol.TField ACTION_FIELD_DESC = new org.apache.thrift.protocol.TField("action", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField CREATE_TIME_FIELD_DESC = new org.apache.thrift.protocol.TField("createTime", org.apache.thrift.protocol.TType.I64, (short)5);
- private static final org.apache.thrift.protocol.TField GRANTOR_PRINCIPAL_FIELD_DESC = new org.apache.thrift.protocol.TField("grantorPrincipal", org.apache.thrift.protocol.TType.STRING, (short)6);
- private static final org.apache.thrift.protocol.TField GRANT_OPTION_FIELD_DESC = new org.apache.thrift.protocol.TField("grantOption", org.apache.thrift.protocol.TType.I32, (short)7);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryPrivilegeStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryPrivilegeTupleSchemeFactory());
- }
-
- private String component; // required
- private String serviceName; // required
- private List<TAuthorizable> authorizables; // required
- private String action; // required
- private long createTime; // optional
- private String grantorPrincipal; // optional
- private TSentryGrantOption grantOption; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- COMPONENT((short)1, "component"),
- SERVICE_NAME((short)2, "serviceName"),
- AUTHORIZABLES((short)3, "authorizables"),
- ACTION((short)4, "action"),
- CREATE_TIME((short)5, "createTime"),
- GRANTOR_PRINCIPAL((short)6, "grantorPrincipal"),
- /**
- *
- * @see TSentryGrantOption
- */
- GRANT_OPTION((short)7, "grantOption");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // COMPONENT
- return COMPONENT;
- case 2: // SERVICE_NAME
- return SERVICE_NAME;
- case 3: // AUTHORIZABLES
- return AUTHORIZABLES;
- case 4: // ACTION
- return ACTION;
- case 5: // CREATE_TIME
- return CREATE_TIME;
- case 6: // GRANTOR_PRINCIPAL
- return GRANTOR_PRINCIPAL;
- case 7: // GRANT_OPTION
- return GRANT_OPTION;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __CREATETIME_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.CREATE_TIME,_Fields.GRANTOR_PRINCIPAL,_Fields.GRANT_OPTION};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.SERVICE_NAME, new org.apache.thrift.meta_data.FieldMetaData("serviceName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.AUTHORIZABLES, new org.apache.thrift.meta_data.FieldMetaData("authorizables", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.ListMetaData(org.apache.thrift.protocol.TType.LIST,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TAuthorizable.class))));
- tmpMap.put(_Fields.ACTION, new org.apache.thrift.meta_data.FieldMetaData("action", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.CREATE_TIME, new org.apache.thrift.meta_data.FieldMetaData("createTime", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
- tmpMap.put(_Fields.GRANTOR_PRINCIPAL, new org.apache.thrift.meta_data.FieldMetaData("grantorPrincipal", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GRANT_OPTION, new org.apache.thrift.meta_data.FieldMetaData("grantOption", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.EnumMetaData(org.apache.thrift.protocol.TType.ENUM, TSentryGrantOption.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryPrivilege.class, metaDataMap);
- }
-
- public TSentryPrivilege() {
- this.grantOption = org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.FALSE;
-
- }
-
- public TSentryPrivilege(
- String component,
- String serviceName,
- List<TAuthorizable> authorizables,
- String action)
- {
- this();
- this.component = component;
- this.serviceName = serviceName;
- this.authorizables = authorizables;
- this.action = action;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryPrivilege(TSentryPrivilege other) {
- __isset_bitfield = other.__isset_bitfield;
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetServiceName()) {
- this.serviceName = other.serviceName;
- }
- if (other.isSetAuthorizables()) {
- List<TAuthorizable> __this__authorizables = new ArrayList<TAuthorizable>(other.authorizables.size());
- for (TAuthorizable other_element : other.authorizables) {
- __this__authorizables.add(new TAuthorizable(other_element));
- }
- this.authorizables = __this__authorizables;
- }
- if (other.isSetAction()) {
- this.action = other.action;
- }
- this.createTime = other.createTime;
- if (other.isSetGrantorPrincipal()) {
- this.grantorPrincipal = other.grantorPrincipal;
- }
- if (other.isSetGrantOption()) {
- this.grantOption = other.grantOption;
- }
- }
-
- public TSentryPrivilege deepCopy() {
- return new TSentryPrivilege(this);
- }
-
- @Override
- public void clear() {
- this.component = null;
- this.serviceName = null;
- this.authorizables = null;
- this.action = null;
- setCreateTimeIsSet(false);
- this.createTime = 0;
- this.grantorPrincipal = null;
- this.grantOption = org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.FALSE;
-
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public String getServiceName() {
- return this.serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public void unsetServiceName() {
- this.serviceName = null;
- }
-
- /** Returns true if field serviceName is set (has been assigned a value) and false otherwise */
- public boolean isSetServiceName() {
- return this.serviceName != null;
- }
-
- public void setServiceNameIsSet(boolean value) {
- if (!value) {
- this.serviceName = null;
- }
- }
-
- public int getAuthorizablesSize() {
- return (this.authorizables == null) ? 0 : this.authorizables.size();
- }
-
- public java.util.Iterator<TAuthorizable> getAuthorizablesIterator() {
- return (this.authorizables == null) ? null : this.authorizables.iterator();
- }
-
- public void addToAuthorizables(TAuthorizable elem) {
- if (this.authorizables == null) {
- this.authorizables = new ArrayList<TAuthorizable>();
- }
- this.authorizables.add(elem);
- }
-
- public List<TAuthorizable> getAuthorizables() {
- return this.authorizables;
- }
-
- public void setAuthorizables(List<TAuthorizable> authorizables) {
- this.authorizables = authorizables;
- }
-
- public void unsetAuthorizables() {
- this.authorizables = null;
- }
-
- /** Returns true if field authorizables is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizables() {
- return this.authorizables != null;
- }
-
- public void setAuthorizablesIsSet(boolean value) {
- if (!value) {
- this.authorizables = null;
- }
- }
-
- public String getAction() {
- return this.action;
- }
-
- public void setAction(String action) {
- this.action = action;
- }
-
- public void unsetAction() {
- this.action = null;
- }
-
- /** Returns true if field action is set (has been assigned a value) and false otherwise */
- public boolean isSetAction() {
- return this.action != null;
- }
-
- public void setActionIsSet(boolean value) {
- if (!value) {
- this.action = null;
- }
- }
-
- public long getCreateTime() {
- return this.createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- setCreateTimeIsSet(true);
- }
-
- public void unsetCreateTime() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __CREATETIME_ISSET_ID);
- }
-
- /** Returns true if field createTime is set (has been assigned a value) and false otherwise */
- public boolean isSetCreateTime() {
- return EncodingUtils.testBit(__isset_bitfield, __CREATETIME_ISSET_ID);
- }
-
- public void setCreateTimeIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __CREATETIME_ISSET_ID, value);
- }
-
- public String getGrantorPrincipal() {
- return this.grantorPrincipal;
- }
-
- public void setGrantorPrincipal(String grantorPrincipal) {
- this.grantorPrincipal = grantorPrincipal;
- }
-
- public void unsetGrantorPrincipal() {
- this.grantorPrincipal = null;
- }
-
- /** Returns true if field grantorPrincipal is set (has been assigned a value) and false otherwise */
- public boolean isSetGrantorPrincipal() {
- return this.grantorPrincipal != null;
- }
-
- public void setGrantorPrincipalIsSet(boolean value) {
- if (!value) {
- this.grantorPrincipal = null;
- }
- }
-
- /**
- *
- * @see TSentryGrantOption
- */
- public TSentryGrantOption getGrantOption() {
- return this.grantOption;
- }
-
- /**
- *
- * @see TSentryGrantOption
- */
- public void setGrantOption(TSentryGrantOption grantOption) {
- this.grantOption = grantOption;
- }
-
- public void unsetGrantOption() {
- this.grantOption = null;
- }
-
- /** Returns true if field grantOption is set (has been assigned a value) and false otherwise */
- public boolean isSetGrantOption() {
- return this.grantOption != null;
- }
-
- public void setGrantOptionIsSet(boolean value) {
- if (!value) {
- this.grantOption = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case SERVICE_NAME:
- if (value == null) {
- unsetServiceName();
- } else {
- setServiceName((String)value);
- }
- break;
-
- case AUTHORIZABLES:
- if (value == null) {
- unsetAuthorizables();
- } else {
- setAuthorizables((List<TAuthorizable>)value);
- }
- break;
-
- case ACTION:
- if (value == null) {
- unsetAction();
- } else {
- setAction((String)value);
- }
- break;
-
- case CREATE_TIME:
- if (value == null) {
- unsetCreateTime();
- } else {
- setCreateTime((Long)value);
- }
- break;
-
- case GRANTOR_PRINCIPAL:
- if (value == null) {
- unsetGrantorPrincipal();
- } else {
- setGrantorPrincipal((String)value);
- }
- break;
-
- case GRANT_OPTION:
- if (value == null) {
- unsetGrantOption();
- } else {
- setGrantOption((TSentryGrantOption)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case COMPONENT:
- return getComponent();
-
- case SERVICE_NAME:
- return getServiceName();
-
- case AUTHORIZABLES:
- return getAuthorizables();
-
- case ACTION:
- return getAction();
-
- case CREATE_TIME:
- return getCreateTime();
-
- case GRANTOR_PRINCIPAL:
- return getGrantorPrincipal();
-
- case GRANT_OPTION:
- return getGrantOption();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case COMPONENT:
- return isSetComponent();
- case SERVICE_NAME:
- return isSetServiceName();
- case AUTHORIZABLES:
- return isSetAuthorizables();
- case ACTION:
- return isSetAction();
- case CREATE_TIME:
- return isSetCreateTime();
- case GRANTOR_PRINCIPAL:
- return isSetGrantorPrincipal();
- case GRANT_OPTION:
- return isSetGrantOption();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryPrivilege)
- return this.equals((TSentryPrivilege)that);
- return false;
- }
-
- public boolean equals(TSentryPrivilege that) {
- if (that == null)
- return false;
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_serviceName = true && this.isSetServiceName();
- boolean that_present_serviceName = true && that.isSetServiceName();
- if (this_present_serviceName || that_present_serviceName) {
- if (!(this_present_serviceName && that_present_serviceName))
- return false;
- if (!this.serviceName.equals(that.serviceName))
- return false;
- }
-
- boolean this_present_authorizables = true && this.isSetAuthorizables();
- boolean that_present_authorizables = true && that.isSetAuthorizables();
- if (this_present_authorizables || that_present_authorizables) {
- if (!(this_present_authorizables && that_present_authorizables))
- return false;
- if (!this.authorizables.equals(that.authorizables))
- return false;
- }
-
- boolean this_present_action = true && this.isSetAction();
- boolean that_present_action = true && that.isSetAction();
- if (this_present_action || that_present_action) {
- if (!(this_present_action && that_present_action))
- return false;
- if (!this.action.equals(that.action))
- return false;
- }
-
- boolean this_present_createTime = true && this.isSetCreateTime();
- boolean that_present_createTime = true && that.isSetCreateTime();
- if (this_present_createTime || that_present_createTime) {
- if (!(this_present_createTime && that_present_createTime))
- return false;
- if (this.createTime != that.createTime)
- return false;
- }
-
- boolean this_present_grantorPrincipal = true && this.isSetGrantorPrincipal();
- boolean that_present_grantorPrincipal = true && that.isSetGrantorPrincipal();
- if (this_present_grantorPrincipal || that_present_grantorPrincipal) {
- if (!(this_present_grantorPrincipal && that_present_grantorPrincipal))
- return false;
- if (!this.grantorPrincipal.equals(that.grantorPrincipal))
- return false;
- }
-
- boolean this_present_grantOption = true && this.isSetGrantOption();
- boolean that_present_grantOption = true && that.isSetGrantOption();
- if (this_present_grantOption || that_present_grantOption) {
- if (!(this_present_grantOption && that_present_grantOption))
- return false;
- if (!this.grantOption.equals(that.grantOption))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_serviceName = true && (isSetServiceName());
- list.add(present_serviceName);
- if (present_serviceName)
- list.add(serviceName);
-
- boolean present_authorizables = true && (isSetAuthorizables());
- list.add(present_authorizables);
- if (present_authorizables)
- list.add(authorizables);
-
- boolean present_action = true && (isSetAction());
- list.add(present_action);
- if (present_action)
- list.add(action);
-
- boolean present_createTime = true && (isSetCreateTime());
- list.add(present_createTime);
- if (present_createTime)
- list.add(createTime);
-
- boolean present_grantorPrincipal = true && (isSetGrantorPrincipal());
- list.add(present_grantorPrincipal);
- if (present_grantorPrincipal)
- list.add(grantorPrincipal);
-
- boolean present_grantOption = true && (isSetGrantOption());
- list.add(present_grantOption);
- if (present_grantOption)
- list.add(grantOption.getValue());
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryPrivilege other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetServiceName()).compareTo(other.isSetServiceName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetServiceName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.serviceName, other.serviceName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizables()).compareTo(other.isSetAuthorizables());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizables()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizables, other.authorizables);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAction()).compareTo(other.isSetAction());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAction()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.action, other.action);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetCreateTime()).compareTo(other.isSetCreateTime());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetCreateTime()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.createTime, other.createTime);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGrantorPrincipal()).compareTo(other.isSetGrantorPrincipal());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGrantorPrincipal()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantorPrincipal, other.grantorPrincipal);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGrantOption()).compareTo(other.isSetGrantOption());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGrantOption()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.grantOption, other.grantOption);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryPrivilege(");
- boolean first = true;
-
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("serviceName:");
- if (this.serviceName == null) {
- sb.append("null");
- } else {
- sb.append(this.serviceName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("authorizables:");
- if (this.authorizables == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizables);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("action:");
- if (this.action == null) {
- sb.append("null");
- } else {
- sb.append(this.action);
- }
- first = false;
- if (isSetCreateTime()) {
- if (!first) sb.append(", ");
- sb.append("createTime:");
- sb.append(this.createTime);
- first = false;
- }
- if (isSetGrantorPrincipal()) {
- if (!first) sb.append(", ");
- sb.append("grantorPrincipal:");
- if (this.grantorPrincipal == null) {
- sb.append("null");
- } else {
- sb.append(this.grantorPrincipal);
- }
- first = false;
- }
- if (isSetGrantOption()) {
- if (!first) sb.append(", ");
- sb.append("grantOption:");
- if (this.grantOption == null) {
- sb.append("null");
- } else {
- sb.append(this.grantOption);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetServiceName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'serviceName' is unset! Struct:" + toString());
- }
-
- if (!isSetAuthorizables()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'authorizables' is unset! Struct:" + toString());
- }
-
- if (!isSetAction()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'action' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryPrivilegeStandardSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeStandardScheme getScheme() {
- return new TSentryPrivilegeStandardScheme();
- }
- }
-
- private static class TSentryPrivilegeStandardScheme extends StandardScheme<TSentryPrivilege> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // SERVICE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // AUTHORIZABLES
- if (schemeField.type == org.apache.thrift.protocol.TType.LIST) {
- {
- org.apache.thrift.protocol.TList _list0 = iprot.readListBegin();
- struct.authorizables = new ArrayList<TAuthorizable>(_list0.size);
- TAuthorizable _elem1;
- for (int _i2 = 0; _i2 < _list0.size; ++_i2)
- {
- _elem1 = new TAuthorizable();
- _elem1.read(iprot);
- struct.authorizables.add(_elem1);
- }
- iprot.readListEnd();
- }
- struct.setAuthorizablesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // ACTION
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.action = iprot.readString();
- struct.setActionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // CREATE_TIME
- if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
- struct.createTime = iprot.readI64();
- struct.setCreateTimeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // GRANTOR_PRINCIPAL
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.grantorPrincipal = iprot.readString();
- struct.setGrantorPrincipalIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 7: // GRANT_OPTION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.grantOption = org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.findByValue(iprot.readI32());
- struct.setGrantOptionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.serviceName != null) {
- oprot.writeFieldBegin(SERVICE_NAME_FIELD_DESC);
- oprot.writeString(struct.serviceName);
- oprot.writeFieldEnd();
- }
- if (struct.authorizables != null) {
- oprot.writeFieldBegin(AUTHORIZABLES_FIELD_DESC);
- {
- oprot.writeListBegin(new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, struct.authorizables.size()));
- for (TAuthorizable _iter3 : struct.authorizables)
- {
- _iter3.write(oprot);
- }
- oprot.writeListEnd();
- }
- oprot.writeFieldEnd();
- }
- if (struct.action != null) {
- oprot.writeFieldBegin(ACTION_FIELD_DESC);
- oprot.writeString(struct.action);
- oprot.writeFieldEnd();
- }
- if (struct.isSetCreateTime()) {
- oprot.writeFieldBegin(CREATE_TIME_FIELD_DESC);
- oprot.writeI64(struct.createTime);
- oprot.writeFieldEnd();
- }
- if (struct.grantorPrincipal != null) {
- if (struct.isSetGrantorPrincipal()) {
- oprot.writeFieldBegin(GRANTOR_PRINCIPAL_FIELD_DESC);
- oprot.writeString(struct.grantorPrincipal);
- oprot.writeFieldEnd();
- }
- }
- if (struct.grantOption != null) {
- if (struct.isSetGrantOption()) {
- oprot.writeFieldBegin(GRANT_OPTION_FIELD_DESC);
- oprot.writeI32(struct.grantOption.getValue());
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryPrivilegeTupleSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeTupleScheme getScheme() {
- return new TSentryPrivilegeTupleScheme();
- }
- }
-
- private static class TSentryPrivilegeTupleScheme extends TupleScheme<TSentryPrivilege> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeString(struct.component);
- oprot.writeString(struct.serviceName);
- {
- oprot.writeI32(struct.authorizables.size());
- for (TAuthorizable _iter4 : struct.authorizables)
- {
- _iter4.write(oprot);
- }
- }
- oprot.writeString(struct.action);
- BitSet optionals = new BitSet();
- if (struct.isSetCreateTime()) {
- optionals.set(0);
- }
- if (struct.isSetGrantorPrincipal()) {
- optionals.set(1);
- }
- if (struct.isSetGrantOption()) {
- optionals.set(2);
- }
- oprot.writeBitSet(optionals, 3);
- if (struct.isSetCreateTime()) {
- oprot.writeI64(struct.createTime);
- }
- if (struct.isSetGrantorPrincipal()) {
- oprot.writeString(struct.grantorPrincipal);
- }
- if (struct.isSetGrantOption()) {
- oprot.writeI32(struct.grantOption.getValue());
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilege struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- {
- org.apache.thrift.protocol.TList _list5 = new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.authorizables = new ArrayList<TAuthorizable>(_list5.size);
- TAuthorizable _elem6;
- for (int _i7 = 0; _i7 < _list5.size; ++_i7)
- {
- _elem6 = new TAuthorizable();
- _elem6.read(iprot);
- struct.authorizables.add(_elem6);
- }
- }
- struct.setAuthorizablesIsSet(true);
- struct.action = iprot.readString();
- struct.setActionIsSet(true);
- BitSet incoming = iprot.readBitSet(3);
- if (incoming.get(0)) {
- struct.createTime = iprot.readI64();
- struct.setCreateTimeIsSet(true);
- }
- if (incoming.get(1)) {
- struct.grantorPrincipal = iprot.readString();
- struct.setGrantorPrincipalIsSet(true);
- }
- if (incoming.get(2)) {
- struct.grantOption = org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.findByValue(iprot.readI32());
- struct.setGrantOptionIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilegeMap.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilegeMap.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilegeMap.java
deleted file mode 100644
index 52cb3f3..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryPrivilegeMap.java
+++ /dev/null
@@ -1,490 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryPrivilegeMap implements org.apache.thrift.TBase<TSentryPrivilegeMap, TSentryPrivilegeMap._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryPrivilegeMap> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryPrivilegeMap");
-
- private static final org.apache.thrift.protocol.TField PRIVILEGE_MAP_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegeMap", org.apache.thrift.protocol.TType.MAP, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryPrivilegeMapStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryPrivilegeMapTupleSchemeFactory());
- }
-
- private Map<String,Set<TSentryPrivilege>> privilegeMap; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PRIVILEGE_MAP((short)1, "privilegeMap");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PRIVILEGE_MAP
- return PRIVILEGE_MAP;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PRIVILEGE_MAP, new org.apache.thrift.meta_data.FieldMetaData("privilegeMap", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING),
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryPrivilegeMap.class, metaDataMap);
- }
-
- public TSentryPrivilegeMap() {
- }
-
- public TSentryPrivilegeMap(
- Map<String,Set<TSentryPrivilege>> privilegeMap)
- {
- this();
- this.privilegeMap = privilegeMap;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryPrivilegeMap(TSentryPrivilegeMap other) {
- if (other.isSetPrivilegeMap()) {
- Map<String,Set<TSentryPrivilege>> __this__privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(other.privilegeMap.size());
- for (Map.Entry<String, Set<TSentryPrivilege>> other_element : other.privilegeMap.entrySet()) {
-
- String other_element_key = other_element.getKey();
- Set<TSentryPrivilege> other_element_value = other_element.getValue();
-
- String __this__privilegeMap_copy_key = other_element_key;
-
- Set<TSentryPrivilege> __this__privilegeMap_copy_value = new HashSet<TSentryPrivilege>(other_element_value.size());
- for (TSentryPrivilege other_element_value_element : other_element_value) {
- __this__privilegeMap_copy_value.add(new TSentryPrivilege(other_element_value_element));
- }
-
- __this__privilegeMap.put(__this__privilegeMap_copy_key, __this__privilegeMap_copy_value);
- }
- this.privilegeMap = __this__privilegeMap;
- }
- }
-
- public TSentryPrivilegeMap deepCopy() {
- return new TSentryPrivilegeMap(this);
- }
-
- @Override
- public void clear() {
- this.privilegeMap = null;
- }
-
- public int getPrivilegeMapSize() {
- return (this.privilegeMap == null) ? 0 : this.privilegeMap.size();
- }
-
- public void putToPrivilegeMap(String key, Set<TSentryPrivilege> val) {
- if (this.privilegeMap == null) {
- this.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>();
- }
- this.privilegeMap.put(key, val);
- }
-
- public Map<String,Set<TSentryPrivilege>> getPrivilegeMap() {
- return this.privilegeMap;
- }
-
- public void setPrivilegeMap(Map<String,Set<TSentryPrivilege>> privilegeMap) {
- this.privilegeMap = privilegeMap;
- }
-
- public void unsetPrivilegeMap() {
- this.privilegeMap = null;
- }
-
- /** Returns true if field privilegeMap is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilegeMap() {
- return this.privilegeMap != null;
- }
-
- public void setPrivilegeMapIsSet(boolean value) {
- if (!value) {
- this.privilegeMap = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PRIVILEGE_MAP:
- if (value == null) {
- unsetPrivilegeMap();
- } else {
- setPrivilegeMap((Map<String,Set<TSentryPrivilege>>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PRIVILEGE_MAP:
- return getPrivilegeMap();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PRIVILEGE_MAP:
- return isSetPrivilegeMap();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryPrivilegeMap)
- return this.equals((TSentryPrivilegeMap)that);
- return false;
- }
-
- public boolean equals(TSentryPrivilegeMap that) {
- if (that == null)
- return false;
-
- boolean this_present_privilegeMap = true && this.isSetPrivilegeMap();
- boolean that_present_privilegeMap = true && that.isSetPrivilegeMap();
- if (this_present_privilegeMap || that_present_privilegeMap) {
- if (!(this_present_privilegeMap && that_present_privilegeMap))
- return false;
- if (!this.privilegeMap.equals(that.privilegeMap))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_privilegeMap = true && (isSetPrivilegeMap());
- list.add(present_privilegeMap);
- if (present_privilegeMap)
- list.add(privilegeMap);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryPrivilegeMap other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetPrivilegeMap()).compareTo(other.isSetPrivilegeMap());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilegeMap()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegeMap, other.privilegeMap);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryPrivilegeMap(");
- boolean first = true;
-
- sb.append("privilegeMap:");
- if (this.privilegeMap == null) {
- sb.append("null");
- } else {
- sb.append(this.privilegeMap);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetPrivilegeMap()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilegeMap' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryPrivilegeMapStandardSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeMapStandardScheme getScheme() {
- return new TSentryPrivilegeMapStandardScheme();
- }
- }
-
- private static class TSentryPrivilegeMapStandardScheme extends StandardScheme<TSentryPrivilegeMap> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PRIVILEGE_MAP
- if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
- {
- org.apache.thrift.protocol.TMap _map104 = iprot.readMapBegin();
- struct.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map104.size);
- String _key105;
- Set<TSentryPrivilege> _val106;
- for (int _i107 = 0; _i107 < _map104.size; ++_i107)
- {
- _key105 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set108 = iprot.readSetBegin();
- _val106 = new HashSet<TSentryPrivilege>(2*_set108.size);
- TSentryPrivilege _elem109;
- for (int _i110 = 0; _i110 < _set108.size; ++_i110)
- {
- _elem109 = new TSentryPrivilege();
- _elem109.read(iprot);
- _val106.add(_elem109);
- }
- iprot.readSetEnd();
- }
- struct.privilegeMap.put(_key105, _val106);
- }
- iprot.readMapEnd();
- }
- struct.setPrivilegeMapIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.privilegeMap != null) {
- oprot.writeFieldBegin(PRIVILEGE_MAP_FIELD_DESC);
- {
- oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, struct.privilegeMap.size()));
- for (Map.Entry<String, Set<TSentryPrivilege>> _iter111 : struct.privilegeMap.entrySet())
- {
- oprot.writeString(_iter111.getKey());
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, _iter111.getValue().size()));
- for (TSentryPrivilege _iter112 : _iter111.getValue())
- {
- _iter112.write(oprot);
- }
- oprot.writeSetEnd();
- }
- }
- oprot.writeMapEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryPrivilegeMapTupleSchemeFactory implements SchemeFactory {
- public TSentryPrivilegeMapTupleScheme getScheme() {
- return new TSentryPrivilegeMapTupleScheme();
- }
- }
-
- private static class TSentryPrivilegeMapTupleScheme extends TupleScheme<TSentryPrivilegeMap> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- {
- oprot.writeI32(struct.privilegeMap.size());
- for (Map.Entry<String, Set<TSentryPrivilege>> _iter113 : struct.privilegeMap.entrySet())
- {
- oprot.writeString(_iter113.getKey());
- {
- oprot.writeI32(_iter113.getValue().size());
- for (TSentryPrivilege _iter114 : _iter113.getValue())
- {
- _iter114.write(oprot);
- }
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- {
- org.apache.thrift.protocol.TMap _map115 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, iprot.readI32());
- struct.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map115.size);
- String _key116;
- Set<TSentryPrivilege> _val117;
- for (int _i118 = 0; _i118 < _map115.size; ++_i118)
- {
- _key116 = iprot.readString();
- {
- org.apache.thrift.protocol.TSet _set119 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- _val117 = new HashSet<TSentryPrivilege>(2*_set119.size);
- TSentryPrivilege _elem120;
- for (int _i121 = 0; _i121 < _set119.size; ++_i121)
- {
- _elem120 = new TSentryPrivilege();
- _elem120.read(iprot);
- _val117.add(_elem120);
- }
- }
- struct.privilegeMap.put(_key116, _val117);
- }
- }
- struct.setPrivilegeMapIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryRole.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryRole.java
deleted file mode 100644
index b043183..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryRole.java
+++ /dev/null
@@ -1,539 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentryRole._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryRole> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryRole");
-
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)1);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryRoleStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryRoleTupleSchemeFactory());
- }
-
- private String roleName; // required
- private Set<String> groups; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- ROLE_NAME((short)1, "roleName"),
- GROUPS((short)2, "groups");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // ROLE_NAME
- return ROLE_NAME;
- case 2: // GROUPS
- return GROUPS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryRole.class, metaDataMap);
- }
-
- public TSentryRole() {
- }
-
- public TSentryRole(
- String roleName,
- Set<String> groups)
- {
- this();
- this.roleName = roleName;
- this.groups = groups;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryRole(TSentryRole other) {
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetGroups()) {
- Set<String> __this__groups = new HashSet<String>(other.groups);
- this.groups = __this__groups;
- }
- }
-
- public TSentryRole deepCopy() {
- return new TSentryRole(this);
- }
-
- @Override
- public void clear() {
- this.roleName = null;
- this.groups = null;
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<String> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(String elem) {
- if (this.groups == null) {
- this.groups = new HashSet<String>();
- }
- this.groups.add(elem);
- }
-
- public Set<String> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<String> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case ROLE_NAME:
- return getRoleName();
-
- case GROUPS:
- return getGroups();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case ROLE_NAME:
- return isSetRoleName();
- case GROUPS:
- return isSetGroups();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryRole)
- return this.equals((TSentryRole)that);
- return false;
- }
-
- public boolean equals(TSentryRole that) {
- if (that == null)
- return false;
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryRole other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryRole(");
- boolean first = true;
-
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryRoleStandardSchemeFactory implements SchemeFactory {
- public TSentryRoleStandardScheme getScheme() {
- return new TSentryRoleStandardScheme();
- }
- }
-
- private static class TSentryRoleStandardScheme extends StandardScheme<TSentryRole> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryRole struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set24 = iprot.readSetBegin();
- struct.groups = new HashSet<String>(2*_set24.size);
- String _elem25;
- for (int _i26 = 0; _i26 < _set24.size; ++_i26)
- {
- _elem25 = iprot.readString();
- struct.groups.add(_elem25);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryRole struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
- for (String _iter27 : struct.groups)
- {
- oprot.writeString(_iter27);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryRoleTupleSchemeFactory implements SchemeFactory {
- public TSentryRoleTupleScheme getScheme() {
- return new TSentryRoleTupleScheme();
- }
- }
-
- private static class TSentryRoleTupleScheme extends TupleScheme<TSentryRole> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryRole struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeString(struct.roleName);
- {
- oprot.writeI32(struct.groups.size());
- for (String _iter28 : struct.groups)
- {
- oprot.writeString(_iter28);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryRole struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set29 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.groups = new HashSet<String>(2*_set29.size);
- String _elem30;
- for (int _i31 = 0; _i31 < _set29.size; ++_i31)
- {
- _elem30 = iprot.readString();
- struct.groups.add(_elem30);
- }
- }
- struct.setGroupsIsSet(true);
- }
- }
-
-}
-
[15/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
deleted file mode 100644
index d522026..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-derby-1.8.0.sql
+++ /dev/null
@@ -1,184 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
--- Table SENTRY_DB_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE TABLE SENTRY_DB_PRIVILEGE
-(
- DB_PRIVILEGE_ID BIGINT NOT NULL generated always as identity (start with 1),
- URI VARCHAR(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR(40),
- CREATE_TIME BIGINT NOT NULL,
- DB_NAME VARCHAR(4000) DEFAULT '__NULL__',
- PRIVILEGE_SCOPE VARCHAR(40),
- "SERVER_NAME" VARCHAR(4000),
- "TABLE_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR(4000) DEFAULT '__NULL__',
- WITH_GRANT_OPTION CHAR(1) NOT NULL
-);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT SENTRY_DB_PRIVILEGE_PK PRIMARY KEY (DB_PRIVILEGE_ID);
-
--- Table SENTRY_ROLE for classes [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE TABLE SENTRY_ROLE
-(
- ROLE_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- ROLE_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE ADD CONSTRAINT SENTRY_ROLE_PK PRIMARY KEY (ROLE_ID);
-
--- Table SENTRY_GROUP for classes [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE TABLE SENTRY_GROUP
-(
- GROUP_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- GROUP_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_GROUP ADD CONSTRAINT SENTRY_GROUP_PK PRIMARY KEY (GROUP_ID);
-
--- Table SENTRY_ROLE_GROUP_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GROUP_MAP
-(
- GROUP_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_PK PRIMARY KEY (GROUP_ID,ROLE_ID);
-
--- Table SENTRY_ROLE_DB_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- DB_PRIVILEGE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,DB_PRIVILEGE_ID);
-
-CREATE TABLE "SENTRY_VERSION" (
- VER_ID BIGINT NOT NULL,
- SCHEMA_VERSION VARCHAR(127),
- VERSION_COMMENT VARCHAR(255)
-);
-
-ALTER TABLE SENTRY_VERSION ADD CONSTRAINT SENTRY_VERSION_PK PRIMARY KEY (VER_ID);
-
--- Constraints for table SENTRY_DB_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryPrivilege]
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-
--- Constraints for table SENTRY_ROLE for class(es) [org.apache.sentry.provider.db.service.model.MSentryRole]
-CREATE UNIQUE INDEX SENTRYROLENAME ON SENTRY_ROLE (ROLE_NAME);
-
-
--- Constraints for table SENTRY_GROUP for class(es) [org.apache.sentry.provider.db.service.model.MSentryGroup]
-CREATE UNIQUE INDEX SENTRYGROUPNAME ON SENTRY_GROUP (GROUP_NAME);
-
-
--- Constraints for table SENTRY_ROLE_GROUP_MAP
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N49 ON SENTRY_ROLE_GROUP_MAP (GROUP_ID);
-
-CREATE INDEX SENTRY_ROLE_GROUP_MAP_N50 ON SENTRY_ROLE_GROUP_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD CONSTRAINT SENTRY_ROLE_GROUP_MAP_FK1 FOREIGN KEY (GROUP_ID) REFERENCES SENTRY_GROUP (GROUP_ID) ;
-
-
--- Constraints for table SENTRY_ROLE_DB_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_DB_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK2 FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_DB_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.8.0', 'Sentry release version 1.8.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE SENTRY_GM_PRIVILEGE
-(
- GM_PRIVILEGE_ID BIGINT NOT NULL,
- "ACTION" VARCHAR(40),
- COMPONENT_NAME VARCHAR(400),
- CREATE_TIME BIGINT NOT NULL,
- WITH_GRANT_OPTION CHAR(1),
- RESOURCE_NAME_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_NAME_3 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_0 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_1 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_2 VARCHAR(400) DEFAULT '__NULL__',
- RESOURCE_TYPE_3 VARCHAR(400) DEFAULT '__NULL__',
- "SCOPE" VARCHAR(40),
- SERVICE_NAME VARCHAR(400)
-);
--- Primary key(GM_PRIVILEGE_ID)
-ALTER TABLE SENTRY_GM_PRIVILEGE ADD CONSTRAINT SENTRY_GM_PRIVILEGE_PK PRIMARY KEY (GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX GM_PRIVILEGE_INDEX ON SENTRY_GM_PRIVILEGE (COMPONENT_NAME,SERVICE_NAME,RESOURCE_NAME_0,RESOURCE_TYPE_0,RESOURCE_NAME_1,RESOURCE_TYPE_1,RESOURCE_NAME_2,RESOURCE_TYPE_2,RESOURCE_NAME_3,RESOURCE_TYPE_3,"ACTION",WITH_GRANT_OPTION);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP
-(
- ROLE_ID BIGINT NOT NULL,
- GM_PRIVILEGE_ID BIGINT NOT NULL
-);
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_PK PRIMARY KEY (ROLE_ID,GM_PRIVILEGE_ID);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N50 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_GM_PRIVILEGE_MAP_N49 ON SENTRY_ROLE_GM_PRIVILEGE_MAP (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK2 FOREIGN KEY (GM_PRIVILEGE_ID) REFERENCES SENTRY_GM_PRIVILEGE (GM_PRIVILEGE_ID);
-
-ALTER TABLE SENTRY_ROLE_GM_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_ROLE_GM_PRIVILEGE_MAP_FK1 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID);
-
-CREATE TABLE SENTRY_USER
-(
- USER_ID BIGINT NOT NULL generated always as identity (start with 1),
- CREATE_TIME BIGINT NOT NULL,
- USER_NAME VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_USER ADD CONSTRAINT SENTRY_USER_PK PRIMARY KEY (USER_ID);
-
-CREATE UNIQUE INDEX SENTRYUSERNAME ON SENTRY_USER (USER_NAME);
-
-CREATE TABLE SENTRY_ROLE_USER_MAP
-(
- USER_ID BIGINT NOT NULL,
- ROLE_ID BIGINT NOT NULL,
- GRANTOR_PRINCIPAL VARCHAR(128)
-);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_PK PRIMARY KEY (USER_ID,ROLE_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N49 ON SENTRY_ROLE_USER_MAP (USER_ID);
-
-CREATE INDEX SENTRY_ROLE_USER_MAP_N50 ON SENTRY_ROLE_USER_MAP (ROLE_ID);
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ;
-
-ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK1 FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER (USER_ID) ;
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.4.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.4.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.4.0.sql
deleted file mode 100644
index 70f4dbb..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.4.0.sql
+++ /dev/null
@@ -1,126 +0,0 @@
--- Licensed to the Apache Software Foundation (ASF) under one or more
--- contributor license agreements. See the NOTICE file distributed with
--- this work for additional information regarding copyright ownership.
--- The ASF licenses this file to You under the Apache License, Version 2.0
--- (the "License"); you may not use this file except in compliance with
--- the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
--- Unless required by applicable law or agreed to in writing, software
--- distributed under the License is distributed on an "AS IS" BASIS,
--- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
--- See the License for the specific language governing permissions and
--- limitations under the License.
-
-
-/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
-/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
-/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
-/*!40101 SET NAMES utf8 */;
-/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
-/*!40103 SET TIME_ZONE='+00:00' */;
-/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
-/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
-/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
-/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
-
-CREATE TABLE `SENTRY_DB_PRIVILEGE` (
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `PRIVILEGE_NAME` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `PRIVILEGE_SCOPE` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `DB_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL,
- `TABLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL,
- `URI` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT NULL,
- `ACTION` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE` (
- `ROLE_ID` BIGINT NOT NULL,
- `ROLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_GROUP` (
- `GROUP_ID` BIGINT NOT NULL,
- `GROUP_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `DB_PRIVILEGE_ID` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_GROUP_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `GROUP_ID` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE IF NOT EXISTS `SENTRY_VERSION` (
- `VER_ID` BIGINT NOT NULL,
- `SCHEMA_VERSION` VARCHAR(127) NOT NULL,
- `VERSION_COMMENT` VARCHAR(255) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_DB_PRIV_PK` PRIMARY KEY (`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_PK` PRIMARY KEY (`ROLE_ID`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GROUP_PK` PRIMARY KEY (`GROUP_ID`);
-
-ALTER TABLE `SENTRY_VERSION`
- ADD CONSTRAINT `SENTRY_VERSION` PRIMARY KEY (`VER_ID`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`PRIVILEGE_NAME`(250));
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_SERV_IDX` (`SERVER_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_DB_IDX` (`DB_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_TBL_IDX` (`TABLE_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_URI_IDX` (`URI`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_ROLE_NAME_UNIQUE` UNIQUE (`ROLE_NAME`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GRP_GRP_NAME_UNIQUE` UNIQUE (`GROUP_NAME`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_DB_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GROUP_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GROUP_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_DB_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`DB_PRIVILEGE_ID`) REFERENCES `SENTRY_DB_PRIVILEGE`(`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_ROLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_GRP_FK`
- FOREIGN KEY (`GROUP_ID`) REFERENCES `SENTRY_GROUP`(`GROUP_ID`);
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.4.0', 'Sentry release version 1.4.0');
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.5.0.sql
deleted file mode 100644
index d5d2e0a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.5.0.sql
+++ /dev/null
@@ -1,192 +0,0 @@
--- Licensed to the Apache Software Foundation (ASF) under one or more
--- contributor license agreements. See the NOTICE file distributed with
--- this work for additional information regarding copyright ownership.
--- The ASF licenses this file to You under the Apache License, Version 2.0
--- (the "License"); you may not use this file except in compliance with
--- the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
--- Unless required by applicable law or agreed to in writing, software
--- distributed under the License is distributed on an "AS IS" BASIS,
--- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
--- See the License for the specific language governing permissions and
--- limitations under the License.
-
-
-/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
-/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
-/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
-/*!40101 SET NAMES utf8 */;
-/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
-/*!40103 SET TIME_ZONE='+00:00' */;
-/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
-/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
-/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
-/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
-
-CREATE TABLE `SENTRY_DB_PRIVILEGE` (
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `PRIVILEGE_SCOPE` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `DB_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `TABLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `COLUMN_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `URI` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `ACTION` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE` (
- `ROLE_ID` BIGINT NOT NULL,
- `ROLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_GROUP` (
- `GROUP_ID` BIGINT NOT NULL,
- `GROUP_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_GROUP_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `GROUP_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE IF NOT EXISTS `SENTRY_VERSION` (
- `VER_ID` BIGINT NOT NULL,
- `SCHEMA_VERSION` VARCHAR(127) NOT NULL,
- `VERSION_COMMENT` VARCHAR(255) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_DB_PRIV_PK` PRIMARY KEY (`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_PK` PRIMARY KEY (`ROLE_ID`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GROUP_PK` PRIMARY KEY (`GROUP_ID`);
-
-ALTER TABLE `SENTRY_VERSION`
- ADD CONSTRAINT `SENTRY_VERSION` PRIMARY KEY (`VER_ID`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`COLUMN_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_SERV_IDX` (`SERVER_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_DB_IDX` (`DB_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_TBL_IDX` (`TABLE_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_COL_IDX` (`COLUMN_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_URI_IDX` (`URI`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_ROLE_NAME_UNIQUE` UNIQUE (`ROLE_NAME`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GRP_GRP_NAME_UNIQUE` UNIQUE (`GROUP_NAME`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_DB_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GROUP_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GROUP_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_DB_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`DB_PRIVILEGE_ID`) REFERENCES `SENTRY_DB_PRIVILEGE`(`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_ROLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_GRP_FK`
- FOREIGN KEY (`GROUP_ID`) REFERENCES `SENTRY_GROUP`(`GROUP_ID`);
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.5.0', 'Sentry release version 1.5.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE `SENTRY_GM_PRIVILEGE`
-(
- `GM_PRIVILEGE_ID` BIGINT NOT NULL,
- `ACTION` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `COMPONENT_NAME` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL,
- `RESOURCE_NAME_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `SCOPE` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVICE_NAME` VARCHAR(64) BINARY CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_GM_PRIVILEGE_PK` PRIMARY KEY (`GM_PRIVILEGE_ID`);
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE UNIQUE INDEX `GM_PRIVILEGE_INDEX` ON `SENTRY_GM_PRIVILEGE` (`COMPONENT_NAME`,`SERVICE_NAME`,`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`,`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`,`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`,`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`,`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_COMP_IDX` (`COMPONENT_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_SERV_IDX` (`SERVICE_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES0_IDX` (`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES1_IDX` (`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES2_IDX` (`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES3_IDX` (`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
-(
- `ROLE_ID` BIGINT NOT NULL,
- `GM_PRIVILEGE_ID` BIGINT NOT NULL
-) ENGINE=INNODB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GM_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GM_PRIVILEGE_ID`);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_GM_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`GM_PRIVILEGE_ID`) REFERENCES `SENTRY_GM_PRIVILEGE`(`GM_PRIVILEGE_ID`);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.6.0.sql
deleted file mode 100644
index 1c1bb94..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.6.0.sql
+++ /dev/null
@@ -1,193 +0,0 @@
--- Licensed to the Apache Software Foundation (ASF) under one or more
--- contributor license agreements. See the NOTICE file distributed with
--- this work for additional information regarding copyright ownership.
--- The ASF licenses this file to You under the Apache License, Version 2.0
--- (the "License"); you may not use this file except in compliance with
--- the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
--- Unless required by applicable law or agreed to in writing, software
--- distributed under the License is distributed on an "AS IS" BASIS,
--- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
--- See the License for the specific language governing permissions and
--- limitations under the License.
-
-
-/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
-/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
-/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
-/*!40101 SET NAMES utf8 */;
-/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
-/*!40103 SET TIME_ZONE='+00:00' */;
-/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
-/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
-/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
-/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
-
-CREATE TABLE `SENTRY_DB_PRIVILEGE` (
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `PRIVILEGE_SCOPE` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `DB_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `TABLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `COLUMN_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `URI` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `ACTION` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE` (
- `ROLE_ID` BIGINT NOT NULL,
- `ROLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_GROUP` (
- `GROUP_ID` BIGINT NOT NULL,
- `GROUP_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_GROUP_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `GROUP_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE IF NOT EXISTS `SENTRY_VERSION` (
- `VER_ID` BIGINT NOT NULL,
- `SCHEMA_VERSION` VARCHAR(127) NOT NULL,
- `VERSION_COMMENT` VARCHAR(255) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_DB_PRIV_PK` PRIMARY KEY (`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_PK` PRIMARY KEY (`ROLE_ID`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GROUP_PK` PRIMARY KEY (`GROUP_ID`);
-
-ALTER TABLE `SENTRY_VERSION`
- ADD CONSTRAINT `SENTRY_VERSION` PRIMARY KEY (`VER_ID`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`COLUMN_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_SERV_IDX` (`SERVER_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_DB_IDX` (`DB_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_TBL_IDX` (`TABLE_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_COL_IDX` (`COLUMN_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_URI_IDX` (`URI`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_ROLE_NAME_UNIQUE` UNIQUE (`ROLE_NAME`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GRP_GRP_NAME_UNIQUE` UNIQUE (`GROUP_NAME`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_DB_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GROUP_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GROUP_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_DB_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`DB_PRIVILEGE_ID`) REFERENCES `SENTRY_DB_PRIVILEGE`(`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_ROLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_GRP_FK`
- FOREIGN KEY (`GROUP_ID`) REFERENCES `SENTRY_GROUP`(`GROUP_ID`);
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.6.0', 'Sentry release version 1.6.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE `SENTRY_GM_PRIVILEGE`
-(
- `GM_PRIVILEGE_ID` BIGINT NOT NULL,
- `ACTION` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `COMPONENT_NAME` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL,
- `RESOURCE_NAME_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `SCOPE` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVICE_NAME` VARCHAR(64) BINARY CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_GM_PRIVILEGE_PK` PRIMARY KEY (`GM_PRIVILEGE_ID`);
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD UNIQUE `GM_PRIVILEGE_UNIQUE` (`COMPONENT_NAME`,`SERVICE_NAME`,`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`,`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`,`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`,`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`,`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_COMP_IDX` (`COMPONENT_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_SERV_IDX` (`SERVICE_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES0_IDX` (`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES1_IDX` (`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES2_IDX` (`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES3_IDX` (`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
-(
- `ROLE_ID` BIGINT NOT NULL,
- `GM_PRIVILEGE_ID` BIGINT NOT NULL
-) ENGINE=INNODB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GM_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GM_PRIVILEGE_ID`);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_GM_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`GM_PRIVILEGE_ID`) REFERENCES `SENTRY_GM_PRIVILEGE`(`GM_PRIVILEGE_ID`);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.7.0.sql
deleted file mode 100644
index faff348..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.7.0.sql
+++ /dev/null
@@ -1,193 +0,0 @@
--- Licensed to the Apache Software Foundation (ASF) under one or more
--- contributor license agreements. See the NOTICE file distributed with
--- this work for additional information regarding copyright ownership.
--- The ASF licenses this file to You under the Apache License, Version 2.0
--- (the "License"); you may not use this file except in compliance with
--- the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
--- Unless required by applicable law or agreed to in writing, software
--- distributed under the License is distributed on an "AS IS" BASIS,
--- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
--- See the License for the specific language governing permissions and
--- limitations under the License.
-
-
-/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
-/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
-/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
-/*!40101 SET NAMES utf8 */;
-/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
-/*!40103 SET TIME_ZONE='+00:00' */;
-/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
-/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
-/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
-/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
-
-CREATE TABLE `SENTRY_DB_PRIVILEGE` (
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `PRIVILEGE_SCOPE` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `DB_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `TABLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `COLUMN_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `URI` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `ACTION` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE` (
- `ROLE_ID` BIGINT NOT NULL,
- `ROLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_GROUP` (
- `GROUP_ID` BIGINT NOT NULL,
- `GROUP_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_GROUP_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `GROUP_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE IF NOT EXISTS `SENTRY_VERSION` (
- `VER_ID` BIGINT NOT NULL,
- `SCHEMA_VERSION` VARCHAR(127) NOT NULL,
- `VERSION_COMMENT` VARCHAR(255) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_DB_PRIV_PK` PRIMARY KEY (`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_PK` PRIMARY KEY (`ROLE_ID`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GROUP_PK` PRIMARY KEY (`GROUP_ID`);
-
-ALTER TABLE `SENTRY_VERSION`
- ADD CONSTRAINT `SENTRY_VERSION` PRIMARY KEY (`VER_ID`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`COLUMN_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_SERV_IDX` (`SERVER_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_DB_IDX` (`DB_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_TBL_IDX` (`TABLE_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_COL_IDX` (`COLUMN_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_URI_IDX` (`URI`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_ROLE_NAME_UNIQUE` UNIQUE (`ROLE_NAME`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GRP_GRP_NAME_UNIQUE` UNIQUE (`GROUP_NAME`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_DB_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GROUP_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GROUP_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_DB_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`DB_PRIVILEGE_ID`) REFERENCES `SENTRY_DB_PRIVILEGE`(`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_ROLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_GRP_FK`
- FOREIGN KEY (`GROUP_ID`) REFERENCES `SENTRY_GROUP`(`GROUP_ID`);
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.7.0', 'Sentry release version 1.7.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE `SENTRY_GM_PRIVILEGE`
-(
- `GM_PRIVILEGE_ID` BIGINT NOT NULL,
- `ACTION` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `COMPONENT_NAME` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL,
- `RESOURCE_NAME_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `SCOPE` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVICE_NAME` VARCHAR(64) BINARY CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_GM_PRIVILEGE_PK` PRIMARY KEY (`GM_PRIVILEGE_ID`);
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD UNIQUE `GM_PRIVILEGE_UNIQUE` (`COMPONENT_NAME`,`SERVICE_NAME`,`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`,`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`,`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`,`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`,`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_COMP_IDX` (`COMPONENT_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_SERV_IDX` (`SERVICE_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES0_IDX` (`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES1_IDX` (`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES2_IDX` (`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES3_IDX` (`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
-(
- `ROLE_ID` BIGINT NOT NULL,
- `GM_PRIVILEGE_ID` BIGINT NOT NULL
-) ENGINE=INNODB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GM_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GM_PRIVILEGE_ID`);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_GM_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`GM_PRIVILEGE_ID`) REFERENCES `SENTRY_GM_PRIVILEGE`(`GM_PRIVILEGE_ID`);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
deleted file mode 100644
index d27d7b9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-mysql-1.8.0.sql
+++ /dev/null
@@ -1,223 +0,0 @@
--- Licensed to the Apache Software Foundation (ASF) under one or more
--- contributor license agreements. See the NOTICE file distributed with
--- this work for additional information regarding copyright ownership.
--- The ASF licenses this file to You under the Apache License, Version 2.0
--- (the "License"); you may not use this file except in compliance with
--- the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
--- Unless required by applicable law or agreed to in writing, software
--- distributed under the License is distributed on an "AS IS" BASIS,
--- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
--- See the License for the specific language governing permissions and
--- limitations under the License.
-
-
-/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
-/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
-/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
-/*!40101 SET NAMES utf8 */;
-/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
-/*!40103 SET TIME_ZONE='+00:00' */;
-/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
-/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
-/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
-/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
-
-CREATE TABLE `SENTRY_DB_PRIVILEGE` (
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `PRIVILEGE_SCOPE` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `DB_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `TABLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `COLUMN_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `URI` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `ACTION` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE` (
- `ROLE_ID` BIGINT NOT NULL,
- `ROLE_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_GROUP` (
- `GROUP_ID` BIGINT NOT NULL,
- `GROUP_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `DB_PRIVILEGE_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE `SENTRY_ROLE_GROUP_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `GROUP_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-CREATE TABLE IF NOT EXISTS `SENTRY_VERSION` (
- `VER_ID` BIGINT NOT NULL,
- `SCHEMA_VERSION` VARCHAR(127) NOT NULL,
- `VERSION_COMMENT` VARCHAR(255) NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_DB_PRIV_PK` PRIMARY KEY (`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_PK` PRIMARY KEY (`ROLE_ID`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GROUP_PK` PRIMARY KEY (`GROUP_ID`);
-
-ALTER TABLE `SENTRY_VERSION`
- ADD CONSTRAINT `SENTRY_VERSION` PRIMARY KEY (`VER_ID`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`COLUMN_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_SERV_IDX` (`SERVER_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_DB_IDX` (`DB_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_TBL_IDX` (`TABLE_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_COL_IDX` (`COLUMN_NAME`);
-
-ALTER TABLE `SENTRY_DB_PRIVILEGE`
- ADD INDEX `SENTRY_PRIV_URI_IDX` (`URI`);
-
-ALTER TABLE `SENTRY_ROLE`
- ADD CONSTRAINT `SENTRY_ROLE_ROLE_NAME_UNIQUE` UNIQUE (`ROLE_NAME`);
-
-ALTER TABLE `SENTRY_GROUP`
- ADD CONSTRAINT `SENTRY_GRP_GRP_NAME_UNIQUE` UNIQUE (`GROUP_NAME`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_DB_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GROUP_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GROUP_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_DB_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`DB_PRIVILEGE_ID`) REFERENCES `SENTRY_DB_PRIVILEGE`(`DB_PRIVILEGE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_ROLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP`
- ADD CONSTRAINT `SEN_ROLE_GROUP_MAP_SEN_GRP_FK`
- FOREIGN KEY (`GROUP_ID`) REFERENCES `SENTRY_GROUP`(`GROUP_ID`);
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.8.0', 'Sentry release version 1.8.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE `SENTRY_GM_PRIVILEGE`
-(
- `GM_PRIVILEGE_ID` BIGINT NOT NULL,
- `ACTION` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `COMPONENT_NAME` VARCHAR(32) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL,
- `WITH_GRANT_OPTION` CHAR(1) NOT NULL,
- `RESOURCE_NAME_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_NAME_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_0` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_1` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_2` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `RESOURCE_TYPE_3` VARCHAR(64) CHARACTER SET utf8 COLLATE utf8_bin DEFAULT '__NULL__',
- `SCOPE` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `SERVICE_NAME` VARCHAR(64) BINARY CHARACTER SET utf8 COLLATE utf8_bin NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD CONSTRAINT `SENTRY_GM_PRIVILEGE_PK` PRIMARY KEY (`GM_PRIVILEGE_ID`);
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD UNIQUE `GM_PRIVILEGE_UNIQUE` (`COMPONENT_NAME`,`SERVICE_NAME`,`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`,`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`,`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`,`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`,`ACTION`,`WITH_GRANT_OPTION`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_COMP_IDX` (`COMPONENT_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_SERV_IDX` (`SERVICE_NAME`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES0_IDX` (`RESOURCE_NAME_0`,`RESOURCE_TYPE_0`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES1_IDX` (`RESOURCE_NAME_1`,`RESOURCE_TYPE_1`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES2_IDX` (`RESOURCE_NAME_2`,`RESOURCE_TYPE_2`);
-
-ALTER TABLE `SENTRY_GM_PRIVILEGE`
- ADD INDEX `SENTRY_GM_PRIV_RES3_IDX` (`RESOURCE_NAME_3`,`RESOURCE_TYPE_3`);
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
-(
- `ROLE_ID` BIGINT NOT NULL,
- `GM_PRIVILEGE_ID` BIGINT NOT NULL
-) ENGINE=INNODB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_GM_PRIVILEGE_MAP_PK` PRIMARY KEY (`ROLE_ID`,`GM_PRIVILEGE_ID`);
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RLE_GM_PRV_MAP_SN_RLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_GM_PRIVILEGE_MAP`
- ADD CONSTRAINT `SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK`
- FOREIGN KEY (`GM_PRIVILEGE_ID`) REFERENCES `SENTRY_GM_PRIVILEGE`(`GM_PRIVILEGE_ID`);
-
-CREATE TABLE `SENTRY_USER` (
- `USER_ID` BIGINT NOT NULL,
- `USER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL,
- `CREATE_TIME` BIGINT NOT NULL
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_USER`
- ADD CONSTRAINT `SENTRY_USER_PK` PRIMARY KEY (`USER_ID`);
-
-ALTER TABLE `SENTRY_USER`
- ADD CONSTRAINT `SENTRY_USER_USER_NAME_UNIQUE` UNIQUE (`USER_NAME`);
-
-CREATE TABLE `SENTRY_ROLE_USER_MAP` (
- `ROLE_ID` BIGINT NOT NULL,
- `USER_ID` BIGINT NOT NULL,
- `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin
-) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-
-ALTER TABLE `SENTRY_ROLE_USER_MAP`
- ADD CONSTRAINT `SENTRY_ROLE_USER_MAP_PK` PRIMARY KEY (`ROLE_ID`,`USER_ID`);
-
-ALTER TABLE `SENTRY_ROLE_USER_MAP`
- ADD CONSTRAINT `SEN_ROLE_USER_MAP_SEN_ROLE_FK`
- FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`);
-
-ALTER TABLE `SENTRY_ROLE_USER_MAP`
- ADD CONSTRAINT `SEN_ROLE_USER_MAP_SEN_USER_FK`
- FOREIGN KEY (`USER_ID`) REFERENCES `SENTRY_USER`(`USER_ID`);
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.4.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.4.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.4.0.sql
deleted file mode 100644
index 363590e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.4.0.sql
+++ /dev/null
@@ -1,110 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "PRIVILEGE_NAME" VARCHAR2(4000) NOT NULL,
- "PRIVILEGE_SCOPE" VARCHAR2(32) NOT NULL,
- "SERVER_NAME" VARCHAR2(128) NOT NULL,
- "DB_NAME" VARCHAR2(128) NULL,
- "TABLE_NAME" VARCHAR2(128) NULL,
- "URI" VARCHAR2(4000) NULL,
- "ACTION" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR(128) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" NUMBER NOT NULL,
- "ROLE_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128) NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" NUMBER NOT NULL,
- "GROUP_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128) NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "DB_PRIVILEGE_ID" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GROUP_ID" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" NUMBER NOT NULL,
- "SCHEMA_VERSION" VARCHAR(127) NOT NULL,
- "VERSION_COMMENT" VARCHAR(255) NOT NULL
-);
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("PRIVILEGE_NAME");
-
-CREATE INDEX "SENTRY_SERV_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_DB_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("DB_NAME");
-
-CREATE INDEX "SENTRY_TBL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_URI_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("URI");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") INITIALLY DEFERRED;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.4.0', 'Sentry release version 1.4.0');
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.5.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.5.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.5.0.sql
deleted file mode 100644
index fe8e93c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.5.0.sql
+++ /dev/null
@@ -1,168 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "PRIVILEGE_SCOPE" VARCHAR2(32) NOT NULL,
- "SERVER_NAME" VARCHAR2(128) NOT NULL,
- "DB_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "TABLE_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "URI" VARCHAR2(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" NUMBER NOT NULL,
- "ROLE_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" NUMBER NOT NULL,
- "GROUP_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GROUP_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" NUMBER NOT NULL,
- "SCHEMA_VERSION" VARCHAR(127) NOT NULL,
- "VERSION_COMMENT" VARCHAR(255) NOT NULL
-);
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_SERV_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_DB_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("DB_NAME");
-
-CREATE INDEX "SENTRY_TBL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_COL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_URI_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("URI");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") INITIALLY DEFERRED;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.5.0', 'Sentry release version 1.5.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" NUMBER NOT NULL,
- "COMPONENT_NAME" VARCHAR2(32) NOT NULL,
- "SERVICE_NAME" VARCHAR2(64) NOT NULL,
- "RESOURCE_NAME_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" VARCHAR2(64) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(32) NOT NULL,
- "SCOPE" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GM_PRIVILEGE_ID" NUMBER NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") INITIALLY DEFERRED;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.6.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.6.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.6.0.sql
deleted file mode 100644
index 3a22335..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.6.0.sql
+++ /dev/null
@@ -1,168 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "PRIVILEGE_SCOPE" VARCHAR2(32) NOT NULL,
- "SERVER_NAME" VARCHAR2(128) NOT NULL,
- "DB_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "TABLE_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "URI" VARCHAR2(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" NUMBER NOT NULL,
- "ROLE_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" NUMBER NOT NULL,
- "GROUP_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GROUP_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" NUMBER NOT NULL,
- "SCHEMA_VERSION" VARCHAR(127) NOT NULL,
- "VERSION_COMMENT" VARCHAR(255) NOT NULL
-);
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_SERV_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_DB_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("DB_NAME");
-
-CREATE INDEX "SENTRY_TBL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_COL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_URI_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("URI");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") INITIALLY DEFERRED;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.6.0', 'Sentry release version 1.6.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" NUMBER NOT NULL,
- "COMPONENT_NAME" VARCHAR2(32) NOT NULL,
- "SERVICE_NAME" VARCHAR2(64) NOT NULL,
- "RESOURCE_NAME_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" VARCHAR2(64) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(32) NOT NULL,
- "SCOPE" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GM_PRIVILEGE_ID" NUMBER NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") INITIALLY DEFERRED;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.7.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.7.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.7.0.sql
deleted file mode 100644
index ae9cd06..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.7.0.sql
+++ /dev/null
@@ -1,168 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "PRIVILEGE_SCOPE" VARCHAR2(32) NOT NULL,
- "SERVER_NAME" VARCHAR2(128) NOT NULL,
- "DB_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "TABLE_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "URI" VARCHAR2(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" NUMBER NOT NULL,
- "ROLE_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" NUMBER NOT NULL,
- "GROUP_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GROUP_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" NUMBER NOT NULL,
- "SCHEMA_VERSION" VARCHAR(127) NOT NULL,
- "VERSION_COMMENT" VARCHAR(255) NOT NULL
-);
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_SERV_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_DB_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("DB_NAME");
-
-CREATE INDEX "SENTRY_TBL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_COL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_URI_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("URI");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") INITIALLY DEFERRED;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.7.0', 'Sentry release version 1.7.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" NUMBER NOT NULL,
- "COMPONENT_NAME" VARCHAR2(32) NOT NULL,
- "SERVICE_NAME" VARCHAR2(64) NOT NULL,
- "RESOURCE_NAME_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" VARCHAR2(64) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(32) NOT NULL,
- "SCOPE" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GM_PRIVILEGE_ID" NUMBER NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") INITIALLY DEFERRED;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql b/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
deleted file mode 100644
index ced5c31..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry-oracle-1.8.0.sql
+++ /dev/null
@@ -1,197 +0,0 @@
---Licensed to the Apache Software Foundation (ASF) under one or more
---contributor license agreements. See the NOTICE file distributed with
---this work for additional information regarding copyright ownership.
---The ASF licenses this file to You under the Apache License, Version 2.0
---(the "License"); you may not use this file except in compliance with
---the License. You may obtain a copy of the License at
---
--- http://www.apache.org/licenses/LICENSE-2.0
---
---Unless required by applicable law or agreed to in writing, software
---distributed under the License is distributed on an "AS IS" BASIS,
---WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
---See the License for the specific language governing permissions and
---limitations under the License.
-
-CREATE TABLE "SENTRY_DB_PRIVILEGE" (
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "PRIVILEGE_SCOPE" VARCHAR2(32) NOT NULL,
- "SERVER_NAME" VARCHAR2(128) NOT NULL,
- "DB_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "TABLE_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "COLUMN_NAME" VARCHAR2(128) DEFAULT '__NULL__',
- "URI" VARCHAR2(4000) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE" (
- "ROLE_ID" NUMBER NOT NULL,
- "ROLE_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_GROUP" (
- "GROUP_ID" NUMBER NOT NULL,
- "GROUP_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-CREATE TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "DB_PRIVILEGE_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_ROLE_GROUP_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GROUP_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-CREATE TABLE "SENTRY_VERSION" (
- "VER_ID" NUMBER NOT NULL,
- "SCHEMA_VERSION" VARCHAR(127) NOT NULL,
- "VERSION_COMMENT" VARCHAR(255) NOT NULL
-);
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PK" PRIMARY KEY ("DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_PK" PRIMARY KEY ("ROLE_ID");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GROUP_PK" PRIMARY KEY ("GROUP_ID");
-
-ALTER TABLE "SENTRY_VERSION" ADD CONSTRAINT "SENTRY_VERSION_PK" PRIMARY KEY ("VER_ID");
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_SERV_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("SERVER_NAME");
-
-CREATE INDEX "SENTRY_DB_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("DB_NAME");
-
-CREATE INDEX "SENTRY_TBL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("TABLE_NAME");
-
-CREATE INDEX "SENTRY_COL_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("COLUMN_NAME");
-
-CREATE INDEX "SENTRY_URI_PRIV_IDX" ON "SENTRY_DB_PRIVILEGE" ("URI");
-
-ALTER TABLE "SENTRY_ROLE"
- ADD CONSTRAINT "SENTRY_ROLE_ROLE_NAME_UNIQUE" UNIQUE ("ROLE_NAME");
-
-ALTER TABLE "SENTRY_GROUP"
- ADD CONSTRAINT "SENTRY_GRP_GRP_NAME_UNIQUE" UNIQUE ("GROUP_NAME");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","DB_PRIVILEGE_ID");
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_GROUP_MAP_PK" PRIMARY KEY ("ROLE_ID","GROUP_ID");
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_DB_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_DB_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP"
- ADD CONSTRAINT "SEN_ROLE_GROUP_MAP_SEN_GRP_FK"
- FOREIGN KEY ("GROUP_ID") REFERENCES "SENTRY_GROUP"("GROUP_ID") INITIALLY DEFERRED;
-
-INSERT INTO SENTRY_VERSION (VER_ID, SCHEMA_VERSION, VERSION_COMMENT) VALUES (1, '1.8.0', 'Sentry release version 1.8.0');
-
--- Generic Model
--- Table SENTRY_GM_PRIVILEGE for classes [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-CREATE TABLE "SENTRY_GM_PRIVILEGE" (
- "GM_PRIVILEGE_ID" NUMBER NOT NULL,
- "COMPONENT_NAME" VARCHAR2(32) NOT NULL,
- "SERVICE_NAME" VARCHAR2(64) NOT NULL,
- "RESOURCE_NAME_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_NAME_3" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_0" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_1" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_2" VARCHAR2(64) DEFAULT '__NULL__',
- "RESOURCE_TYPE_3" VARCHAR2(64) DEFAULT '__NULL__',
- "ACTION" VARCHAR2(32) NOT NULL,
- "SCOPE" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL,
- "WITH_GRANT_OPTION" CHAR(1) DEFAULT 'N' NOT NULL
-);
-
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PK" PRIMARY KEY ("GM_PRIVILEGE_ID");
--- Constraints for table SENTRY_GM_PRIVILEGE for class(es) [org.apache.sentry.provider.db.service.model.MSentryGMPrivilege]
-ALTER TABLE "SENTRY_GM_PRIVILEGE"
- ADD CONSTRAINT "SENTRY_GM_PRIV_PRIV_NAME_UNIQ" UNIQUE ("COMPONENT_NAME","SERVICE_NAME","RESOURCE_NAME_0","RESOURCE_NAME_1","RESOURCE_NAME_2",
- "RESOURCE_NAME_3","RESOURCE_TYPE_0","RESOURCE_TYPE_1","RESOURCE_TYPE_2","RESOURCE_TYPE_3","ACTION","WITH_GRANT_OPTION");
-
-CREATE INDEX "SENTRY_GM_PRIV_COMP_IDX" ON "SENTRY_GM_PRIVILEGE" ("COMPONENT_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_SERV_IDX" ON "SENTRY_GM_PRIVILEGE" ("SERVICE_NAME");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES0_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_0","RESOURCE_TYPE_0");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES1_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_1","RESOURCE_TYPE_1");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES2_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_2","RESOURCE_TYPE_2");
-
-CREATE INDEX "SENTRY_GM_PRIV_RES3_IDX" ON "SENTRY_GM_PRIVILEGE" ("RESOURCE_NAME_3","RESOURCE_TYPE_3");
-
--- Table SENTRY_ROLE_GM_PRIVILEGE_MAP for join relationship
-CREATE TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "GM_PRIVILEGE_ID" NUMBER NOT NULL
-);
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRIV_MAP_PK" PRIMARY KEY ("ROLE_ID","GM_PRIVILEGE_ID");
-
--- Constraints for table SENTRY_ROLE_GM_PRIVILEGE_MAP
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RLE_GM_PRV_MAP_SN_RLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_GM_PRIVILEGE_MAP"
- ADD CONSTRAINT "SEN_RL_GM_PRV_MAP_SN_DB_PRV_FK"
- FOREIGN KEY ("GM_PRIVILEGE_ID") REFERENCES "SENTRY_GM_PRIVILEGE"("GM_PRIVILEGE_ID") INITIALLY DEFERRED;
-
-CREATE TABLE "SENTRY_USER" (
- "USER_ID" NUMBER NOT NULL,
- "USER_NAME" VARCHAR2(128) NOT NULL,
- "CREATE_TIME" NUMBER NOT NULL
-);
-
-ALTER TABLE "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_PK" PRIMARY KEY ("USER_ID");
-
-ALTER TABLE "SENTRY_USER"
- ADD CONSTRAINT "SENTRY_USER_USER_NAME_UNIQUE" UNIQUE ("USER_NAME");
-
-CREATE TABLE "SENTRY_ROLE_USER_MAP" (
- "ROLE_ID" NUMBER NOT NULL,
- "USER_ID" NUMBER NOT NULL,
- "GRANTOR_PRINCIPAL" VARCHAR2(128)
-);
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SENTRY_ROLE_USER_MAP_PK" PRIMARY KEY ("ROLE_ID","USER_ID");
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_ROLE_FK"
- FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED;
-
-ALTER TABLE "SENTRY_ROLE_USER_MAP"
- ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_USER_FK"
- FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") INITIALLY DEFERRED;
[49/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyService.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyService.java
deleted file mode 100644
index aa56e8d..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyService.java
+++ /dev/null
@@ -1,10416 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class SentryGenericPolicyService {
-
- public interface Iface {
-
- public TCreateSentryRoleResponse create_sentry_role(TCreateSentryRoleRequest request) throws org.apache.thrift.TException;
-
- public TDropSentryRoleResponse drop_sentry_role(TDropSentryRoleRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request) throws org.apache.thrift.TException;
-
- public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request) throws org.apache.thrift.TException;
-
- public TListSentryRolesResponse list_sentry_roles_by_group(TListSentryRolesRequest request) throws org.apache.thrift.TException;
-
- public TListSentryPrivilegesResponse list_sentry_privileges_by_role(TListSentryPrivilegesRequest request) throws org.apache.thrift.TException;
-
- public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException;
-
- public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException;
-
- public TDropPrivilegesResponse drop_sentry_privilege(TDropPrivilegesRequest request) throws org.apache.thrift.TException;
-
- public TRenamePrivilegesResponse rename_sentry_privilege(TRenamePrivilegesRequest request) throws org.apache.thrift.TException;
-
- }
-
- public interface AsyncIface {
-
- public void create_sentry_role(TCreateSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void drop_sentry_role(TDropSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_roles_by_group(TListSentryRolesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_privileges_by_role(TListSentryPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void drop_sentry_privilege(TDropPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- public void rename_sentry_privilege(TRenamePrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException;
-
- }
-
- public static class Client extends org.apache.thrift.TServiceClient implements Iface {
- public static class Factory implements org.apache.thrift.TServiceClientFactory<Client> {
- public Factory() {}
- public Client getClient(org.apache.thrift.protocol.TProtocol prot) {
- return new Client(prot);
- }
- public Client getClient(org.apache.thrift.protocol.TProtocol iprot, org.apache.thrift.protocol.TProtocol oprot) {
- return new Client(iprot, oprot);
- }
- }
-
- public Client(org.apache.thrift.protocol.TProtocol prot)
- {
- super(prot, prot);
- }
-
- public Client(org.apache.thrift.protocol.TProtocol iprot, org.apache.thrift.protocol.TProtocol oprot) {
- super(iprot, oprot);
- }
-
- public TCreateSentryRoleResponse create_sentry_role(TCreateSentryRoleRequest request) throws org.apache.thrift.TException
- {
- send_create_sentry_role(request);
- return recv_create_sentry_role();
- }
-
- public void send_create_sentry_role(TCreateSentryRoleRequest request) throws org.apache.thrift.TException
- {
- create_sentry_role_args args = new create_sentry_role_args();
- args.setRequest(request);
- sendBase("create_sentry_role", args);
- }
-
- public TCreateSentryRoleResponse recv_create_sentry_role() throws org.apache.thrift.TException
- {
- create_sentry_role_result result = new create_sentry_role_result();
- receiveBase(result, "create_sentry_role");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "create_sentry_role failed: unknown result");
- }
-
- public TDropSentryRoleResponse drop_sentry_role(TDropSentryRoleRequest request) throws org.apache.thrift.TException
- {
- send_drop_sentry_role(request);
- return recv_drop_sentry_role();
- }
-
- public void send_drop_sentry_role(TDropSentryRoleRequest request) throws org.apache.thrift.TException
- {
- drop_sentry_role_args args = new drop_sentry_role_args();
- args.setRequest(request);
- sendBase("drop_sentry_role", args);
- }
-
- public TDropSentryRoleResponse recv_drop_sentry_role() throws org.apache.thrift.TException
- {
- drop_sentry_role_result result = new drop_sentry_role_result();
- receiveBase(result, "drop_sentry_role");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "drop_sentry_role failed: unknown result");
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_grant_privilege(request);
- return recv_alter_sentry_role_grant_privilege();
- }
-
- public void send_alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_grant_privilege_args args = new alter_sentry_role_grant_privilege_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_grant_privilege", args);
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse recv_alter_sentry_role_grant_privilege() throws org.apache.thrift.TException
- {
- alter_sentry_role_grant_privilege_result result = new alter_sentry_role_grant_privilege_result();
- receiveBase(result, "alter_sentry_role_grant_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_grant_privilege failed: unknown result");
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_revoke_privilege(request);
- return recv_alter_sentry_role_revoke_privilege();
- }
-
- public void send_alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_revoke_privilege_args args = new alter_sentry_role_revoke_privilege_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_revoke_privilege", args);
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse recv_alter_sentry_role_revoke_privilege() throws org.apache.thrift.TException
- {
- alter_sentry_role_revoke_privilege_result result = new alter_sentry_role_revoke_privilege_result();
- receiveBase(result, "alter_sentry_role_revoke_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_revoke_privilege failed: unknown result");
- }
-
- public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_add_groups(request);
- return recv_alter_sentry_role_add_groups();
- }
-
- public void send_alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_add_groups_args args = new alter_sentry_role_add_groups_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_add_groups", args);
- }
-
- public TAlterSentryRoleAddGroupsResponse recv_alter_sentry_role_add_groups() throws org.apache.thrift.TException
- {
- alter_sentry_role_add_groups_result result = new alter_sentry_role_add_groups_result();
- receiveBase(result, "alter_sentry_role_add_groups");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_add_groups failed: unknown result");
- }
-
- public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request) throws org.apache.thrift.TException
- {
- send_alter_sentry_role_delete_groups(request);
- return recv_alter_sentry_role_delete_groups();
- }
-
- public void send_alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request) throws org.apache.thrift.TException
- {
- alter_sentry_role_delete_groups_args args = new alter_sentry_role_delete_groups_args();
- args.setRequest(request);
- sendBase("alter_sentry_role_delete_groups", args);
- }
-
- public TAlterSentryRoleDeleteGroupsResponse recv_alter_sentry_role_delete_groups() throws org.apache.thrift.TException
- {
- alter_sentry_role_delete_groups_result result = new alter_sentry_role_delete_groups_result();
- receiveBase(result, "alter_sentry_role_delete_groups");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "alter_sentry_role_delete_groups failed: unknown result");
- }
-
- public TListSentryRolesResponse list_sentry_roles_by_group(TListSentryRolesRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_roles_by_group(request);
- return recv_list_sentry_roles_by_group();
- }
-
- public void send_list_sentry_roles_by_group(TListSentryRolesRequest request) throws org.apache.thrift.TException
- {
- list_sentry_roles_by_group_args args = new list_sentry_roles_by_group_args();
- args.setRequest(request);
- sendBase("list_sentry_roles_by_group", args);
- }
-
- public TListSentryRolesResponse recv_list_sentry_roles_by_group() throws org.apache.thrift.TException
- {
- list_sentry_roles_by_group_result result = new list_sentry_roles_by_group_result();
- receiveBase(result, "list_sentry_roles_by_group");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_roles_by_group failed: unknown result");
- }
-
- public TListSentryPrivilegesResponse list_sentry_privileges_by_role(TListSentryPrivilegesRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_privileges_by_role(request);
- return recv_list_sentry_privileges_by_role();
- }
-
- public void send_list_sentry_privileges_by_role(TListSentryPrivilegesRequest request) throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_role_args args = new list_sentry_privileges_by_role_args();
- args.setRequest(request);
- sendBase("list_sentry_privileges_by_role", args);
- }
-
- public TListSentryPrivilegesResponse recv_list_sentry_privileges_by_role() throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_role_result result = new list_sentry_privileges_by_role_result();
- receiveBase(result, "list_sentry_privileges_by_role");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_by_role failed: unknown result");
- }
-
- public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_privileges_for_provider(request);
- return recv_list_sentry_privileges_for_provider();
- }
-
- public void send_list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException
- {
- list_sentry_privileges_for_provider_args args = new list_sentry_privileges_for_provider_args();
- args.setRequest(request);
- sendBase("list_sentry_privileges_for_provider", args);
- }
-
- public TListSentryPrivilegesForProviderResponse recv_list_sentry_privileges_for_provider() throws org.apache.thrift.TException
- {
- list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
- receiveBase(result, "list_sentry_privileges_for_provider");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_for_provider failed: unknown result");
- }
-
- public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException
- {
- send_list_sentry_privileges_by_authorizable(request);
- return recv_list_sentry_privileges_by_authorizable();
- }
-
- public void send_list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_authorizable_args args = new list_sentry_privileges_by_authorizable_args();
- args.setRequest(request);
- sendBase("list_sentry_privileges_by_authorizable", args);
- }
-
- public TListSentryPrivilegesByAuthResponse recv_list_sentry_privileges_by_authorizable() throws org.apache.thrift.TException
- {
- list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
- receiveBase(result, "list_sentry_privileges_by_authorizable");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_by_authorizable failed: unknown result");
- }
-
- public TDropPrivilegesResponse drop_sentry_privilege(TDropPrivilegesRequest request) throws org.apache.thrift.TException
- {
- send_drop_sentry_privilege(request);
- return recv_drop_sentry_privilege();
- }
-
- public void send_drop_sentry_privilege(TDropPrivilegesRequest request) throws org.apache.thrift.TException
- {
- drop_sentry_privilege_args args = new drop_sentry_privilege_args();
- args.setRequest(request);
- sendBase("drop_sentry_privilege", args);
- }
-
- public TDropPrivilegesResponse recv_drop_sentry_privilege() throws org.apache.thrift.TException
- {
- drop_sentry_privilege_result result = new drop_sentry_privilege_result();
- receiveBase(result, "drop_sentry_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "drop_sentry_privilege failed: unknown result");
- }
-
- public TRenamePrivilegesResponse rename_sentry_privilege(TRenamePrivilegesRequest request) throws org.apache.thrift.TException
- {
- send_rename_sentry_privilege(request);
- return recv_rename_sentry_privilege();
- }
-
- public void send_rename_sentry_privilege(TRenamePrivilegesRequest request) throws org.apache.thrift.TException
- {
- rename_sentry_privilege_args args = new rename_sentry_privilege_args();
- args.setRequest(request);
- sendBase("rename_sentry_privilege", args);
- }
-
- public TRenamePrivilegesResponse recv_rename_sentry_privilege() throws org.apache.thrift.TException
- {
- rename_sentry_privilege_result result = new rename_sentry_privilege_result();
- receiveBase(result, "rename_sentry_privilege");
- if (result.isSetSuccess()) {
- return result.success;
- }
- throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "rename_sentry_privilege failed: unknown result");
- }
-
- }
- public static class AsyncClient extends org.apache.thrift.async.TAsyncClient implements AsyncIface {
- public static class Factory implements org.apache.thrift.async.TAsyncClientFactory<AsyncClient> {
- private org.apache.thrift.async.TAsyncClientManager clientManager;
- private org.apache.thrift.protocol.TProtocolFactory protocolFactory;
- public Factory(org.apache.thrift.async.TAsyncClientManager clientManager, org.apache.thrift.protocol.TProtocolFactory protocolFactory) {
- this.clientManager = clientManager;
- this.protocolFactory = protocolFactory;
- }
- public AsyncClient getAsyncClient(org.apache.thrift.transport.TNonblockingTransport transport) {
- return new AsyncClient(protocolFactory, clientManager, transport);
- }
- }
-
- public AsyncClient(org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.async.TAsyncClientManager clientManager, org.apache.thrift.transport.TNonblockingTransport transport) {
- super(protocolFactory, clientManager, transport);
- }
-
- public void create_sentry_role(TCreateSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- create_sentry_role_call method_call = new create_sentry_role_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class create_sentry_role_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TCreateSentryRoleRequest request;
- public create_sentry_role_call(TCreateSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("create_sentry_role", org.apache.thrift.protocol.TMessageType.CALL, 0));
- create_sentry_role_args args = new create_sentry_role_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TCreateSentryRoleResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_create_sentry_role();
- }
- }
-
- public void drop_sentry_role(TDropSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- drop_sentry_role_call method_call = new drop_sentry_role_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class drop_sentry_role_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TDropSentryRoleRequest request;
- public drop_sentry_role_call(TDropSentryRoleRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("drop_sentry_role", org.apache.thrift.protocol.TMessageType.CALL, 0));
- drop_sentry_role_args args = new drop_sentry_role_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TDropSentryRoleResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_drop_sentry_role();
- }
- }
-
- public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_grant_privilege_call method_call = new alter_sentry_role_grant_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_grant_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleGrantPrivilegeRequest request;
- public alter_sentry_role_grant_privilege_call(TAlterSentryRoleGrantPrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_grant_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_grant_privilege_args args = new alter_sentry_role_grant_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_grant_privilege();
- }
- }
-
- public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_revoke_privilege_call method_call = new alter_sentry_role_revoke_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_revoke_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleRevokePrivilegeRequest request;
- public alter_sentry_role_revoke_privilege_call(TAlterSentryRoleRevokePrivilegeRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_revoke_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_revoke_privilege_args args = new alter_sentry_role_revoke_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_revoke_privilege();
- }
- }
-
- public void alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_add_groups_call method_call = new alter_sentry_role_add_groups_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_add_groups_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleAddGroupsRequest request;
- public alter_sentry_role_add_groups_call(TAlterSentryRoleAddGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_add_groups", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_add_groups_args args = new alter_sentry_role_add_groups_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleAddGroupsResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_add_groups();
- }
- }
-
- public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- alter_sentry_role_delete_groups_call method_call = new alter_sentry_role_delete_groups_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class alter_sentry_role_delete_groups_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TAlterSentryRoleDeleteGroupsRequest request;
- public alter_sentry_role_delete_groups_call(TAlterSentryRoleDeleteGroupsRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("alter_sentry_role_delete_groups", org.apache.thrift.protocol.TMessageType.CALL, 0));
- alter_sentry_role_delete_groups_args args = new alter_sentry_role_delete_groups_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TAlterSentryRoleDeleteGroupsResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_alter_sentry_role_delete_groups();
- }
- }
-
- public void list_sentry_roles_by_group(TListSentryRolesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_roles_by_group_call method_call = new list_sentry_roles_by_group_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_roles_by_group_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryRolesRequest request;
- public list_sentry_roles_by_group_call(TListSentryRolesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_roles_by_group", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_roles_by_group_args args = new list_sentry_roles_by_group_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryRolesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_roles_by_group();
- }
- }
-
- public void list_sentry_privileges_by_role(TListSentryPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_privileges_by_role_call method_call = new list_sentry_privileges_by_role_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_privileges_by_role_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryPrivilegesRequest request;
- public list_sentry_privileges_by_role_call(TListSentryPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_by_role", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_privileges_by_role_args args = new list_sentry_privileges_by_role_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryPrivilegesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_privileges_by_role();
- }
- }
-
- public void list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_privileges_for_provider_call method_call = new list_sentry_privileges_for_provider_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_privileges_for_provider_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryPrivilegesForProviderRequest request;
- public list_sentry_privileges_for_provider_call(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_for_provider", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_privileges_for_provider_args args = new list_sentry_privileges_for_provider_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryPrivilegesForProviderResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_privileges_for_provider();
- }
- }
-
- public void list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- list_sentry_privileges_by_authorizable_call method_call = new list_sentry_privileges_by_authorizable_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class list_sentry_privileges_by_authorizable_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TListSentryPrivilegesByAuthRequest request;
- public list_sentry_privileges_by_authorizable_call(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_by_authorizable", org.apache.thrift.protocol.TMessageType.CALL, 0));
- list_sentry_privileges_by_authorizable_args args = new list_sentry_privileges_by_authorizable_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TListSentryPrivilegesByAuthResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_list_sentry_privileges_by_authorizable();
- }
- }
-
- public void drop_sentry_privilege(TDropPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- drop_sentry_privilege_call method_call = new drop_sentry_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class drop_sentry_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TDropPrivilegesRequest request;
- public drop_sentry_privilege_call(TDropPrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("drop_sentry_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- drop_sentry_privilege_args args = new drop_sentry_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TDropPrivilegesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_drop_sentry_privilege();
- }
- }
-
- public void rename_sentry_privilege(TRenamePrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException {
- checkReady();
- rename_sentry_privilege_call method_call = new rename_sentry_privilege_call(request, resultHandler, this, ___protocolFactory, ___transport);
- this.___currentMethod = method_call;
- ___manager.call(method_call);
- }
-
- public static class rename_sentry_privilege_call extends org.apache.thrift.async.TAsyncMethodCall {
- private TRenamePrivilegesRequest request;
- public rename_sentry_privilege_call(TRenamePrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
- super(client, protocolFactory, transport, resultHandler, false);
- this.request = request;
- }
-
- public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
- prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("rename_sentry_privilege", org.apache.thrift.protocol.TMessageType.CALL, 0));
- rename_sentry_privilege_args args = new rename_sentry_privilege_args();
- args.setRequest(request);
- args.write(prot);
- prot.writeMessageEnd();
- }
-
- public TRenamePrivilegesResponse getResult() throws org.apache.thrift.TException {
- if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
- throw new IllegalStateException("Method call not finished!");
- }
- org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
- org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
- return (new Client(prot)).recv_rename_sentry_privilege();
- }
- }
-
- }
-
- public static class Processor<I extends Iface> extends org.apache.thrift.TBaseProcessor<I> implements org.apache.thrift.TProcessor {
- private static final Logger LOGGER = LoggerFactory.getLogger(Processor.class.getName());
- public Processor(I iface) {
- super(iface, getProcessMap(new HashMap<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>>()));
- }
-
- protected Processor(I iface, Map<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>> processMap) {
- super(iface, getProcessMap(processMap));
- }
-
- private static <I extends Iface> Map<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>> getProcessMap(Map<String, org.apache.thrift.ProcessFunction<I, ? extends org.apache.thrift.TBase>> processMap) {
- processMap.put("create_sentry_role", new create_sentry_role());
- processMap.put("drop_sentry_role", new drop_sentry_role());
- processMap.put("alter_sentry_role_grant_privilege", new alter_sentry_role_grant_privilege());
- processMap.put("alter_sentry_role_revoke_privilege", new alter_sentry_role_revoke_privilege());
- processMap.put("alter_sentry_role_add_groups", new alter_sentry_role_add_groups());
- processMap.put("alter_sentry_role_delete_groups", new alter_sentry_role_delete_groups());
- processMap.put("list_sentry_roles_by_group", new list_sentry_roles_by_group());
- processMap.put("list_sentry_privileges_by_role", new list_sentry_privileges_by_role());
- processMap.put("list_sentry_privileges_for_provider", new list_sentry_privileges_for_provider());
- processMap.put("list_sentry_privileges_by_authorizable", new list_sentry_privileges_by_authorizable());
- processMap.put("drop_sentry_privilege", new drop_sentry_privilege());
- processMap.put("rename_sentry_privilege", new rename_sentry_privilege());
- return processMap;
- }
-
- public static class create_sentry_role<I extends Iface> extends org.apache.thrift.ProcessFunction<I, create_sentry_role_args> {
- public create_sentry_role() {
- super("create_sentry_role");
- }
-
- public create_sentry_role_args getEmptyArgsInstance() {
- return new create_sentry_role_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public create_sentry_role_result getResult(I iface, create_sentry_role_args args) throws org.apache.thrift.TException {
- create_sentry_role_result result = new create_sentry_role_result();
- result.success = iface.create_sentry_role(args.request);
- return result;
- }
- }
-
- public static class drop_sentry_role<I extends Iface> extends org.apache.thrift.ProcessFunction<I, drop_sentry_role_args> {
- public drop_sentry_role() {
- super("drop_sentry_role");
- }
-
- public drop_sentry_role_args getEmptyArgsInstance() {
- return new drop_sentry_role_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public drop_sentry_role_result getResult(I iface, drop_sentry_role_args args) throws org.apache.thrift.TException {
- drop_sentry_role_result result = new drop_sentry_role_result();
- result.success = iface.drop_sentry_role(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_grant_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_grant_privilege_args> {
- public alter_sentry_role_grant_privilege() {
- super("alter_sentry_role_grant_privilege");
- }
-
- public alter_sentry_role_grant_privilege_args getEmptyArgsInstance() {
- return new alter_sentry_role_grant_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_grant_privilege_result getResult(I iface, alter_sentry_role_grant_privilege_args args) throws org.apache.thrift.TException {
- alter_sentry_role_grant_privilege_result result = new alter_sentry_role_grant_privilege_result();
- result.success = iface.alter_sentry_role_grant_privilege(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_revoke_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_revoke_privilege_args> {
- public alter_sentry_role_revoke_privilege() {
- super("alter_sentry_role_revoke_privilege");
- }
-
- public alter_sentry_role_revoke_privilege_args getEmptyArgsInstance() {
- return new alter_sentry_role_revoke_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_revoke_privilege_result getResult(I iface, alter_sentry_role_revoke_privilege_args args) throws org.apache.thrift.TException {
- alter_sentry_role_revoke_privilege_result result = new alter_sentry_role_revoke_privilege_result();
- result.success = iface.alter_sentry_role_revoke_privilege(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_add_groups<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_add_groups_args> {
- public alter_sentry_role_add_groups() {
- super("alter_sentry_role_add_groups");
- }
-
- public alter_sentry_role_add_groups_args getEmptyArgsInstance() {
- return new alter_sentry_role_add_groups_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_add_groups_result getResult(I iface, alter_sentry_role_add_groups_args args) throws org.apache.thrift.TException {
- alter_sentry_role_add_groups_result result = new alter_sentry_role_add_groups_result();
- result.success = iface.alter_sentry_role_add_groups(args.request);
- return result;
- }
- }
-
- public static class alter_sentry_role_delete_groups<I extends Iface> extends org.apache.thrift.ProcessFunction<I, alter_sentry_role_delete_groups_args> {
- public alter_sentry_role_delete_groups() {
- super("alter_sentry_role_delete_groups");
- }
-
- public alter_sentry_role_delete_groups_args getEmptyArgsInstance() {
- return new alter_sentry_role_delete_groups_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public alter_sentry_role_delete_groups_result getResult(I iface, alter_sentry_role_delete_groups_args args) throws org.apache.thrift.TException {
- alter_sentry_role_delete_groups_result result = new alter_sentry_role_delete_groups_result();
- result.success = iface.alter_sentry_role_delete_groups(args.request);
- return result;
- }
- }
-
- public static class list_sentry_roles_by_group<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_roles_by_group_args> {
- public list_sentry_roles_by_group() {
- super("list_sentry_roles_by_group");
- }
-
- public list_sentry_roles_by_group_args getEmptyArgsInstance() {
- return new list_sentry_roles_by_group_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_roles_by_group_result getResult(I iface, list_sentry_roles_by_group_args args) throws org.apache.thrift.TException {
- list_sentry_roles_by_group_result result = new list_sentry_roles_by_group_result();
- result.success = iface.list_sentry_roles_by_group(args.request);
- return result;
- }
- }
-
- public static class list_sentry_privileges_by_role<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_by_role_args> {
- public list_sentry_privileges_by_role() {
- super("list_sentry_privileges_by_role");
- }
-
- public list_sentry_privileges_by_role_args getEmptyArgsInstance() {
- return new list_sentry_privileges_by_role_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_privileges_by_role_result getResult(I iface, list_sentry_privileges_by_role_args args) throws org.apache.thrift.TException {
- list_sentry_privileges_by_role_result result = new list_sentry_privileges_by_role_result();
- result.success = iface.list_sentry_privileges_by_role(args.request);
- return result;
- }
- }
-
- public static class list_sentry_privileges_for_provider<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_for_provider_args> {
- public list_sentry_privileges_for_provider() {
- super("list_sentry_privileges_for_provider");
- }
-
- public list_sentry_privileges_for_provider_args getEmptyArgsInstance() {
- return new list_sentry_privileges_for_provider_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_privileges_for_provider_result getResult(I iface, list_sentry_privileges_for_provider_args args) throws org.apache.thrift.TException {
- list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
- result.success = iface.list_sentry_privileges_for_provider(args.request);
- return result;
- }
- }
-
- public static class list_sentry_privileges_by_authorizable<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_by_authorizable_args> {
- public list_sentry_privileges_by_authorizable() {
- super("list_sentry_privileges_by_authorizable");
- }
-
- public list_sentry_privileges_by_authorizable_args getEmptyArgsInstance() {
- return new list_sentry_privileges_by_authorizable_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public list_sentry_privileges_by_authorizable_result getResult(I iface, list_sentry_privileges_by_authorizable_args args) throws org.apache.thrift.TException {
- list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
- result.success = iface.list_sentry_privileges_by_authorizable(args.request);
- return result;
- }
- }
-
- public static class drop_sentry_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, drop_sentry_privilege_args> {
- public drop_sentry_privilege() {
- super("drop_sentry_privilege");
- }
-
- public drop_sentry_privilege_args getEmptyArgsInstance() {
- return new drop_sentry_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public drop_sentry_privilege_result getResult(I iface, drop_sentry_privilege_args args) throws org.apache.thrift.TException {
- drop_sentry_privilege_result result = new drop_sentry_privilege_result();
- result.success = iface.drop_sentry_privilege(args.request);
- return result;
- }
- }
-
- public static class rename_sentry_privilege<I extends Iface> extends org.apache.thrift.ProcessFunction<I, rename_sentry_privilege_args> {
- public rename_sentry_privilege() {
- super("rename_sentry_privilege");
- }
-
- public rename_sentry_privilege_args getEmptyArgsInstance() {
- return new rename_sentry_privilege_args();
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public rename_sentry_privilege_result getResult(I iface, rename_sentry_privilege_args args) throws org.apache.thrift.TException {
- rename_sentry_privilege_result result = new rename_sentry_privilege_result();
- result.success = iface.rename_sentry_privilege(args.request);
- return result;
- }
- }
-
- }
-
- public static class AsyncProcessor<I extends AsyncIface> extends org.apache.thrift.TBaseAsyncProcessor<I> {
- private static final Logger LOGGER = LoggerFactory.getLogger(AsyncProcessor.class.getName());
- public AsyncProcessor(I iface) {
- super(iface, getProcessMap(new HashMap<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase, ?>>()));
- }
-
- protected AsyncProcessor(I iface, Map<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase, ?>> processMap) {
- super(iface, getProcessMap(processMap));
- }
-
- private static <I extends AsyncIface> Map<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase,?>> getProcessMap(Map<String, org.apache.thrift.AsyncProcessFunction<I, ? extends org.apache.thrift.TBase, ?>> processMap) {
- processMap.put("create_sentry_role", new create_sentry_role());
- processMap.put("drop_sentry_role", new drop_sentry_role());
- processMap.put("alter_sentry_role_grant_privilege", new alter_sentry_role_grant_privilege());
- processMap.put("alter_sentry_role_revoke_privilege", new alter_sentry_role_revoke_privilege());
- processMap.put("alter_sentry_role_add_groups", new alter_sentry_role_add_groups());
- processMap.put("alter_sentry_role_delete_groups", new alter_sentry_role_delete_groups());
- processMap.put("list_sentry_roles_by_group", new list_sentry_roles_by_group());
- processMap.put("list_sentry_privileges_by_role", new list_sentry_privileges_by_role());
- processMap.put("list_sentry_privileges_for_provider", new list_sentry_privileges_for_provider());
- processMap.put("list_sentry_privileges_by_authorizable", new list_sentry_privileges_by_authorizable());
- processMap.put("drop_sentry_privilege", new drop_sentry_privilege());
- processMap.put("rename_sentry_privilege", new rename_sentry_privilege());
- return processMap;
- }
-
- public static class create_sentry_role<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, create_sentry_role_args, TCreateSentryRoleResponse> {
- public create_sentry_role() {
- super("create_sentry_role");
- }
-
- public create_sentry_role_args getEmptyArgsInstance() {
- return new create_sentry_role_args();
- }
-
- public AsyncMethodCallback<TCreateSentryRoleResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TCreateSentryRoleResponse>() {
- public void onComplete(TCreateSentryRoleResponse o) {
- create_sentry_role_result result = new create_sentry_role_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- create_sentry_role_result result = new create_sentry_role_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, create_sentry_role_args args, org.apache.thrift.async.AsyncMethodCallback<TCreateSentryRoleResponse> resultHandler) throws TException {
- iface.create_sentry_role(args.request,resultHandler);
- }
- }
-
- public static class drop_sentry_role<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, drop_sentry_role_args, TDropSentryRoleResponse> {
- public drop_sentry_role() {
- super("drop_sentry_role");
- }
-
- public drop_sentry_role_args getEmptyArgsInstance() {
- return new drop_sentry_role_args();
- }
-
- public AsyncMethodCallback<TDropSentryRoleResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TDropSentryRoleResponse>() {
- public void onComplete(TDropSentryRoleResponse o) {
- drop_sentry_role_result result = new drop_sentry_role_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- drop_sentry_role_result result = new drop_sentry_role_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, drop_sentry_role_args args, org.apache.thrift.async.AsyncMethodCallback<TDropSentryRoleResponse> resultHandler) throws TException {
- iface.drop_sentry_role(args.request,resultHandler);
- }
- }
-
- public static class alter_sentry_role_grant_privilege<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, alter_sentry_role_grant_privilege_args, TAlterSentryRoleGrantPrivilegeResponse> {
- public alter_sentry_role_grant_privilege() {
- super("alter_sentry_role_grant_privilege");
- }
-
- public alter_sentry_role_grant_privilege_args getEmptyArgsInstance() {
- return new alter_sentry_role_grant_privilege_args();
- }
-
- public AsyncMethodCallback<TAlterSentryRoleGrantPrivilegeResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TAlterSentryRoleGrantPrivilegeResponse>() {
- public void onComplete(TAlterSentryRoleGrantPrivilegeResponse o) {
- alter_sentry_role_grant_privilege_result result = new alter_sentry_role_grant_privilege_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- alter_sentry_role_grant_privilege_result result = new alter_sentry_role_grant_privilege_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, alter_sentry_role_grant_privilege_args args, org.apache.thrift.async.AsyncMethodCallback<TAlterSentryRoleGrantPrivilegeResponse> resultHandler) throws TException {
- iface.alter_sentry_role_grant_privilege(args.request,resultHandler);
- }
- }
-
- public static class alter_sentry_role_revoke_privilege<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, alter_sentry_role_revoke_privilege_args, TAlterSentryRoleRevokePrivilegeResponse> {
- public alter_sentry_role_revoke_privilege() {
- super("alter_sentry_role_revoke_privilege");
- }
-
- public alter_sentry_role_revoke_privilege_args getEmptyArgsInstance() {
- return new alter_sentry_role_revoke_privilege_args();
- }
-
- public AsyncMethodCallback<TAlterSentryRoleRevokePrivilegeResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TAlterSentryRoleRevokePrivilegeResponse>() {
- public void onComplete(TAlterSentryRoleRevokePrivilegeResponse o) {
- alter_sentry_role_revoke_privilege_result result = new alter_sentry_role_revoke_privilege_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- alter_sentry_role_revoke_privilege_result result = new alter_sentry_role_revoke_privilege_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, alter_sentry_role_revoke_privilege_args args, org.apache.thrift.async.AsyncMethodCallback<TAlterSentryRoleRevokePrivilegeResponse> resultHandler) throws TException {
- iface.alter_sentry_role_revoke_privilege(args.request,resultHandler);
- }
- }
-
- public static class alter_sentry_role_add_groups<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, alter_sentry_role_add_groups_args, TAlterSentryRoleAddGroupsResponse> {
- public alter_sentry_role_add_groups() {
- super("alter_sentry_role_add_groups");
- }
-
- public alter_sentry_role_add_groups_args getEmptyArgsInstance() {
- return new alter_sentry_role_add_groups_args();
- }
-
- public AsyncMethodCallback<TAlterSentryRoleAddGroupsResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TAlterSentryRoleAddGroupsResponse>() {
- public void onComplete(TAlterSentryRoleAddGroupsResponse o) {
- alter_sentry_role_add_groups_result result = new alter_sentry_role_add_groups_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- alter_sentry_role_add_groups_result result = new alter_sentry_role_add_groups_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, alter_sentry_role_add_groups_args args, org.apache.thrift.async.AsyncMethodCallback<TAlterSentryRoleAddGroupsResponse> resultHandler) throws TException {
- iface.alter_sentry_role_add_groups(args.request,resultHandler);
- }
- }
-
- public static class alter_sentry_role_delete_groups<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, alter_sentry_role_delete_groups_args, TAlterSentryRoleDeleteGroupsResponse> {
- public alter_sentry_role_delete_groups() {
- super("alter_sentry_role_delete_groups");
- }
-
- public alter_sentry_role_delete_groups_args getEmptyArgsInstance() {
- return new alter_sentry_role_delete_groups_args();
- }
-
- public AsyncMethodCallback<TAlterSentryRoleDeleteGroupsResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TAlterSentryRoleDeleteGroupsResponse>() {
- public void onComplete(TAlterSentryRoleDeleteGroupsResponse o) {
- alter_sentry_role_delete_groups_result result = new alter_sentry_role_delete_groups_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- alter_sentry_role_delete_groups_result result = new alter_sentry_role_delete_groups_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, alter_sentry_role_delete_groups_args args, org.apache.thrift.async.AsyncMethodCallback<TAlterSentryRoleDeleteGroupsResponse> resultHandler) throws TException {
- iface.alter_sentry_role_delete_groups(args.request,resultHandler);
- }
- }
-
- public static class list_sentry_roles_by_group<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, list_sentry_roles_by_group_args, TListSentryRolesResponse> {
- public list_sentry_roles_by_group() {
- super("list_sentry_roles_by_group");
- }
-
- public list_sentry_roles_by_group_args getEmptyArgsInstance() {
- return new list_sentry_roles_by_group_args();
- }
-
- public AsyncMethodCallback<TListSentryRolesResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TListSentryRolesResponse>() {
- public void onComplete(TListSentryRolesResponse o) {
- list_sentry_roles_by_group_result result = new list_sentry_roles_by_group_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- list_sentry_roles_by_group_result result = new list_sentry_roles_by_group_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, list_sentry_roles_by_group_args args, org.apache.thrift.async.AsyncMethodCallback<TListSentryRolesResponse> resultHandler) throws TException {
- iface.list_sentry_roles_by_group(args.request,resultHandler);
- }
- }
-
- public static class list_sentry_privileges_by_role<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, list_sentry_privileges_by_role_args, TListSentryPrivilegesResponse> {
- public list_sentry_privileges_by_role() {
- super("list_sentry_privileges_by_role");
- }
-
- public list_sentry_privileges_by_role_args getEmptyArgsInstance() {
- return new list_sentry_privileges_by_role_args();
- }
-
- public AsyncMethodCallback<TListSentryPrivilegesResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TListSentryPrivilegesResponse>() {
- public void onComplete(TListSentryPrivilegesResponse o) {
- list_sentry_privileges_by_role_result result = new list_sentry_privileges_by_role_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- list_sentry_privileges_by_role_result result = new list_sentry_privileges_by_role_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, list_sentry_privileges_by_role_args args, org.apache.thrift.async.AsyncMethodCallback<TListSentryPrivilegesResponse> resultHandler) throws TException {
- iface.list_sentry_privileges_by_role(args.request,resultHandler);
- }
- }
-
- public static class list_sentry_privileges_for_provider<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, list_sentry_privileges_for_provider_args, TListSentryPrivilegesForProviderResponse> {
- public list_sentry_privileges_for_provider() {
- super("list_sentry_privileges_for_provider");
- }
-
- public list_sentry_privileges_for_provider_args getEmptyArgsInstance() {
- return new list_sentry_privileges_for_provider_args();
- }
-
- public AsyncMethodCallback<TListSentryPrivilegesForProviderResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TListSentryPrivilegesForProviderResponse>() {
- public void onComplete(TListSentryPrivilegesForProviderResponse o) {
- list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, list_sentry_privileges_for_provider_args args, org.apache.thrift.async.AsyncMethodCallback<TListSentryPrivilegesForProviderResponse> resultHandler) throws TException {
- iface.list_sentry_privileges_for_provider(args.request,resultHandler);
- }
- }
-
- public static class list_sentry_privileges_by_authorizable<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, list_sentry_privileges_by_authorizable_args, TListSentryPrivilegesByAuthResponse> {
- public list_sentry_privileges_by_authorizable() {
- super("list_sentry_privileges_by_authorizable");
- }
-
- public list_sentry_privileges_by_authorizable_args getEmptyArgsInstance() {
- return new list_sentry_privileges_by_authorizable_args();
- }
-
- public AsyncMethodCallback<TListSentryPrivilegesByAuthResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TListSentryPrivilegesByAuthResponse>() {
- public void onComplete(TListSentryPrivilegesByAuthResponse o) {
- list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, list_sentry_privileges_by_authorizable_args args, org.apache.thrift.async.AsyncMethodCallback<TListSentryPrivilegesByAuthResponse> resultHandler) throws TException {
- iface.list_sentry_privileges_by_authorizable(args.request,resultHandler);
- }
- }
-
- public static class drop_sentry_privilege<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, drop_sentry_privilege_args, TDropPrivilegesResponse> {
- public drop_sentry_privilege() {
- super("drop_sentry_privilege");
- }
-
- public drop_sentry_privilege_args getEmptyArgsInstance() {
- return new drop_sentry_privilege_args();
- }
-
- public AsyncMethodCallback<TDropPrivilegesResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TDropPrivilegesResponse>() {
- public void onComplete(TDropPrivilegesResponse o) {
- drop_sentry_privilege_result result = new drop_sentry_privilege_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- drop_sentry_privilege_result result = new drop_sentry_privilege_result();
- {
- msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION;
- msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage());
- }
- try {
- fcall.sendResponse(fb,msg,msgType,seqid);
- return;
- } catch (Exception ex) {
- LOGGER.error("Exception writing to internal frame buffer", ex);
- }
- fb.close();
- }
- };
- }
-
- protected boolean isOneway() {
- return false;
- }
-
- public void start(I iface, drop_sentry_privilege_args args, org.apache.thrift.async.AsyncMethodCallback<TDropPrivilegesResponse> resultHandler) throws TException {
- iface.drop_sentry_privilege(args.request,resultHandler);
- }
- }
-
- public static class rename_sentry_privilege<I extends AsyncIface> extends org.apache.thrift.AsyncProcessFunction<I, rename_sentry_privilege_args, TRenamePrivilegesResponse> {
- public rename_sentry_privilege() {
- super("rename_sentry_privilege");
- }
-
- public rename_sentry_privilege_args getEmptyArgsInstance() {
- return new rename_sentry_privilege_args();
- }
-
- public AsyncMethodCallback<TRenamePrivilegesResponse> getResultHandler(final AsyncFrameBuffer fb, final int seqid) {
- final org.apache.thrift.AsyncProcessFunction fcall = this;
- return new AsyncMethodCallback<TRenamePrivilegesResponse>() {
- public void onComplete(TRenamePrivilegesResponse o) {
- rename_sentry_privilege_result result = new rename_sentry_privilege_result();
- result.success = o;
- try {
- fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid);
- return;
- } catch (Exception e) {
- LOGGER.error("Exception writing to internal frame buffer", e);
- }
- fb.close();
- }
- public void onError(Exception e) {
- byte msgType = org.apache.thrift.protocol.TMessageType.REPLY;
- org.apache.thrift.TBase msg;
- rename_sentry_privilege_result result = new rename_sentry_privilege_result();
- {
-
<TRUNCATED>
[42/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesRequest.java
deleted file mode 100644
index 6c8562a..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesRequest.java
+++ /dev/null
@@ -1,957 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesRequest implements org.apache.thrift.TBase<TListSentryPrivilegesRequest, TListSentryPrivilegesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField SERVICE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("serviceName", org.apache.thrift.protocol.TType.STRING, (short)5);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLES_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizables", org.apache.thrift.protocol.TType.LIST, (short)6);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private String component; // required
- private String serviceName; // required
- private List<TAuthorizable> authorizables; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- COMPONENT((short)4, "component"),
- SERVICE_NAME((short)5, "serviceName"),
- AUTHORIZABLES((short)6, "authorizables");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- case 5: // SERVICE_NAME
- return SERVICE_NAME;
- case 6: // AUTHORIZABLES
- return AUTHORIZABLES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.AUTHORIZABLES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.SERVICE_NAME, new org.apache.thrift.meta_data.FieldMetaData("serviceName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.AUTHORIZABLES, new org.apache.thrift.meta_data.FieldMetaData("authorizables", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.ListMetaData(org.apache.thrift.protocol.TType.LIST,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TAuthorizable.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesRequest.class, metaDataMap);
- }
-
- public TListSentryPrivilegesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryPrivilegesRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- String component,
- String serviceName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.component = component;
- this.serviceName = serviceName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesRequest(TListSentryPrivilegesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetServiceName()) {
- this.serviceName = other.serviceName;
- }
- if (other.isSetAuthorizables()) {
- List<TAuthorizable> __this__authorizables = new ArrayList<TAuthorizable>(other.authorizables.size());
- for (TAuthorizable other_element : other.authorizables) {
- __this__authorizables.add(new TAuthorizable(other_element));
- }
- this.authorizables = __this__authorizables;
- }
- }
-
- public TListSentryPrivilegesRequest deepCopy() {
- return new TListSentryPrivilegesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.component = null;
- this.serviceName = null;
- this.authorizables = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public String getServiceName() {
- return this.serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public void unsetServiceName() {
- this.serviceName = null;
- }
-
- /** Returns true if field serviceName is set (has been assigned a value) and false otherwise */
- public boolean isSetServiceName() {
- return this.serviceName != null;
- }
-
- public void setServiceNameIsSet(boolean value) {
- if (!value) {
- this.serviceName = null;
- }
- }
-
- public int getAuthorizablesSize() {
- return (this.authorizables == null) ? 0 : this.authorizables.size();
- }
-
- public java.util.Iterator<TAuthorizable> getAuthorizablesIterator() {
- return (this.authorizables == null) ? null : this.authorizables.iterator();
- }
-
- public void addToAuthorizables(TAuthorizable elem) {
- if (this.authorizables == null) {
- this.authorizables = new ArrayList<TAuthorizable>();
- }
- this.authorizables.add(elem);
- }
-
- public List<TAuthorizable> getAuthorizables() {
- return this.authorizables;
- }
-
- public void setAuthorizables(List<TAuthorizable> authorizables) {
- this.authorizables = authorizables;
- }
-
- public void unsetAuthorizables() {
- this.authorizables = null;
- }
-
- /** Returns true if field authorizables is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizables() {
- return this.authorizables != null;
- }
-
- public void setAuthorizablesIsSet(boolean value) {
- if (!value) {
- this.authorizables = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case SERVICE_NAME:
- if (value == null) {
- unsetServiceName();
- } else {
- setServiceName((String)value);
- }
- break;
-
- case AUTHORIZABLES:
- if (value == null) {
- unsetAuthorizables();
- } else {
- setAuthorizables((List<TAuthorizable>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case COMPONENT:
- return getComponent();
-
- case SERVICE_NAME:
- return getServiceName();
-
- case AUTHORIZABLES:
- return getAuthorizables();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case COMPONENT:
- return isSetComponent();
- case SERVICE_NAME:
- return isSetServiceName();
- case AUTHORIZABLES:
- return isSetAuthorizables();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesRequest)
- return this.equals((TListSentryPrivilegesRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_serviceName = true && this.isSetServiceName();
- boolean that_present_serviceName = true && that.isSetServiceName();
- if (this_present_serviceName || that_present_serviceName) {
- if (!(this_present_serviceName && that_present_serviceName))
- return false;
- if (!this.serviceName.equals(that.serviceName))
- return false;
- }
-
- boolean this_present_authorizables = true && this.isSetAuthorizables();
- boolean that_present_authorizables = true && that.isSetAuthorizables();
- if (this_present_authorizables || that_present_authorizables) {
- if (!(this_present_authorizables && that_present_authorizables))
- return false;
- if (!this.authorizables.equals(that.authorizables))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_serviceName = true && (isSetServiceName());
- list.add(present_serviceName);
- if (present_serviceName)
- list.add(serviceName);
-
- boolean present_authorizables = true && (isSetAuthorizables());
- list.add(present_authorizables);
- if (present_authorizables)
- list.add(authorizables);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetServiceName()).compareTo(other.isSetServiceName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetServiceName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.serviceName, other.serviceName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizables()).compareTo(other.isSetAuthorizables());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizables()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizables, other.authorizables);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("serviceName:");
- if (this.serviceName == null) {
- sb.append("null");
- } else {
- sb.append(this.serviceName);
- }
- first = false;
- if (isSetAuthorizables()) {
- if (!first) sb.append(", ");
- sb.append("authorizables:");
- if (this.authorizables == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizables);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetServiceName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'serviceName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesRequestStandardScheme getScheme() {
- return new TListSentryPrivilegesRequestStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesRequestStandardScheme extends StandardScheme<TListSentryPrivilegesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // SERVICE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // AUTHORIZABLES
- if (schemeField.type == org.apache.thrift.protocol.TType.LIST) {
- {
- org.apache.thrift.protocol.TList _list40 = iprot.readListBegin();
- struct.authorizables = new ArrayList<TAuthorizable>(_list40.size);
- TAuthorizable _elem41;
- for (int _i42 = 0; _i42 < _list40.size; ++_i42)
- {
- _elem41 = new TAuthorizable();
- _elem41.read(iprot);
- struct.authorizables.add(_elem41);
- }
- iprot.readListEnd();
- }
- struct.setAuthorizablesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.serviceName != null) {
- oprot.writeFieldBegin(SERVICE_NAME_FIELD_DESC);
- oprot.writeString(struct.serviceName);
- oprot.writeFieldEnd();
- }
- if (struct.authorizables != null) {
- if (struct.isSetAuthorizables()) {
- oprot.writeFieldBegin(AUTHORIZABLES_FIELD_DESC);
- {
- oprot.writeListBegin(new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, struct.authorizables.size()));
- for (TAuthorizable _iter43 : struct.authorizables)
- {
- _iter43.write(oprot);
- }
- oprot.writeListEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesRequestTupleScheme getScheme() {
- return new TListSentryPrivilegesRequestTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesRequestTupleScheme extends TupleScheme<TListSentryPrivilegesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- oprot.writeString(struct.component);
- oprot.writeString(struct.serviceName);
- BitSet optionals = new BitSet();
- if (struct.isSetAuthorizables()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetAuthorizables()) {
- {
- oprot.writeI32(struct.authorizables.size());
- for (TAuthorizable _iter44 : struct.authorizables)
- {
- _iter44.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TList _list45 = new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.authorizables = new ArrayList<TAuthorizable>(_list45.size);
- TAuthorizable _elem46;
- for (int _i47 = 0; _i47 < _list45.size; ++_i47)
- {
- _elem46 = new TAuthorizable();
- _elem46.read(iprot);
- struct.authorizables.add(_elem46);
- }
- }
- struct.setAuthorizablesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesResponse.java
deleted file mode 100644
index a079b41..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryPrivilegesResponse.java
+++ /dev/null
@@ -1,555 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesResponse implements org.apache.thrift.TBase<TListSentryPrivilegesResponse, TListSentryPrivilegesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Set<TSentryPrivilege> privileges; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- PRIVILEGES((short)2, "privileges");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // PRIVILEGES
- return PRIVILEGES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.PRIVILEGES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesResponse.class, metaDataMap);
- }
-
- public TListSentryPrivilegesResponse() {
- }
-
- public TListSentryPrivilegesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesResponse(TListSentryPrivilegesResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- if (other.isSetPrivileges()) {
- Set<TSentryPrivilege> __this__privileges = new HashSet<TSentryPrivilege>(other.privileges.size());
- for (TSentryPrivilege other_element : other.privileges) {
- __this__privileges.add(new TSentryPrivilege(other_element));
- }
- this.privileges = __this__privileges;
- }
- }
-
- public TListSentryPrivilegesResponse deepCopy() {
- return new TListSentryPrivilegesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.privileges = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getPrivilegesSize() {
- return (this.privileges == null) ? 0 : this.privileges.size();
- }
-
- public java.util.Iterator<TSentryPrivilege> getPrivilegesIterator() {
- return (this.privileges == null) ? null : this.privileges.iterator();
- }
-
- public void addToPrivileges(TSentryPrivilege elem) {
- if (this.privileges == null) {
- this.privileges = new HashSet<TSentryPrivilege>();
- }
- this.privileges.add(elem);
- }
-
- public Set<TSentryPrivilege> getPrivileges() {
- return this.privileges;
- }
-
- public void setPrivileges(Set<TSentryPrivilege> privileges) {
- this.privileges = privileges;
- }
-
- public void unsetPrivileges() {
- this.privileges = null;
- }
-
- /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivileges() {
- return this.privileges != null;
- }
-
- public void setPrivilegesIsSet(boolean value) {
- if (!value) {
- this.privileges = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case PRIVILEGES:
- if (value == null) {
- unsetPrivileges();
- } else {
- setPrivileges((Set<TSentryPrivilege>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case PRIVILEGES:
- return getPrivileges();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case PRIVILEGES:
- return isSetPrivileges();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesResponse)
- return this.equals((TListSentryPrivilegesResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_privileges = true && this.isSetPrivileges();
- boolean that_present_privileges = true && that.isSetPrivileges();
- if (this_present_privileges || that_present_privileges) {
- if (!(this_present_privileges && that_present_privileges))
- return false;
- if (!this.privileges.equals(that.privileges))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_privileges = true && (isSetPrivileges());
- list.add(present_privileges);
- if (present_privileges)
- list.add(privileges);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(other.isSetPrivileges());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivileges()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, other.privileges);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetPrivileges()) {
- if (!first) sb.append(", ");
- sb.append("privileges:");
- if (this.privileges == null) {
- sb.append("null");
- } else {
- sb.append(this.privileges);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesResponseStandardScheme getScheme() {
- return new TListSentryPrivilegesResponseStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesResponseStandardScheme extends StandardScheme<TListSentryPrivilegesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PRIVILEGES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set48 = iprot.readSetBegin();
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set48.size);
- TSentryPrivilege _elem49;
- for (int _i50 = 0; _i50 < _set48.size; ++_i50)
- {
- _elem49 = new TSentryPrivilege();
- _elem49.read(iprot);
- struct.privileges.add(_elem49);
- }
- iprot.readSetEnd();
- }
- struct.setPrivilegesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.privileges != null) {
- if (struct.isSetPrivileges()) {
- oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.privileges.size()));
- for (TSentryPrivilege _iter51 : struct.privileges)
- {
- _iter51.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesResponseTupleScheme getScheme() {
- return new TListSentryPrivilegesResponseTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesResponseTupleScheme extends TupleScheme<TListSentryPrivilegesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetPrivileges()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetPrivileges()) {
- {
- oprot.writeI32(struct.privileges.size());
- for (TSentryPrivilege _iter52 : struct.privileges)
- {
- _iter52.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TSet _set53 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set53.size);
- TSentryPrivilege _elem54;
- for (int _i55 = 0; _i55 < _set53.size; ++_i55)
- {
- _elem54 = new TSentryPrivilege();
- _elem54.read(iprot);
- struct.privileges.add(_elem54);
- }
- }
- struct.setPrivilegesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesRequest.java
deleted file mode 100644
index 7e23bb8..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesRequest.java
+++ /dev/null
@@ -1,701 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSentryRolesRequest, TListSentryRolesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryRolesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryRolesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("groupName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryRolesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryRolesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String groupName; // optional
- private String component; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- GROUP_NAME((short)3, "groupName"),
- COMPONENT((short)4, "component");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // GROUP_NAME
- return GROUP_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.GROUP_NAME};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("groupName", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryRolesRequest.class, metaDataMap);
- }
-
- public TListSentryRolesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryRolesRequest(
- int protocol_version,
- String requestorUserName,
- String component)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.component = component;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryRolesRequest(TListSentryRolesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetGroupName()) {
- this.groupName = other.groupName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- }
-
- public TListSentryRolesRequest deepCopy() {
- return new TListSentryRolesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.groupName = null;
- this.component = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getGroupName() {
- return this.groupName;
- }
-
- public void setGroupName(String groupName) {
- this.groupName = groupName;
- }
-
- public void unsetGroupName() {
- this.groupName = null;
- }
-
- /** Returns true if field groupName is set (has been assigned a value) and false otherwise */
- public boolean isSetGroupName() {
- return this.groupName != null;
- }
-
- public void setGroupNameIsSet(boolean value) {
- if (!value) {
- this.groupName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case GROUP_NAME:
- if (value == null) {
- unsetGroupName();
- } else {
- setGroupName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case GROUP_NAME:
- return getGroupName();
-
- case COMPONENT:
- return getComponent();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case GROUP_NAME:
- return isSetGroupName();
- case COMPONENT:
- return isSetComponent();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryRolesRequest)
- return this.equals((TListSentryRolesRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryRolesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_groupName = true && this.isSetGroupName();
- boolean that_present_groupName = true && that.isSetGroupName();
- if (this_present_groupName || that_present_groupName) {
- if (!(this_present_groupName && that_present_groupName))
- return false;
- if (!this.groupName.equals(that.groupName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_groupName = true && (isSetGroupName());
- list.add(present_groupName);
- if (present_groupName)
- list.add(groupName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryRolesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroupName()).compareTo(other.isSetGroupName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groupName, other.groupName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryRolesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (isSetGroupName()) {
- if (!first) sb.append(", ");
- sb.append("groupName:");
- if (this.groupName == null) {
- sb.append("null");
- } else {
- sb.append(this.groupName);
- }
- first = false;
- }
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryRolesRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryRolesRequestStandardScheme getScheme() {
- return new TListSentryRolesRequestStandardScheme();
- }
- }
-
- private static class TListSentryRolesRequestStandardScheme extends StandardScheme<TListSentryRolesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // GROUP_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.groupName = iprot.readString();
- struct.setGroupNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.groupName != null) {
- if (struct.isSetGroupName()) {
- oprot.writeFieldBegin(GROUP_NAME_FIELD_DESC);
- oprot.writeString(struct.groupName);
- oprot.writeFieldEnd();
- }
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryRolesRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryRolesRequestTupleScheme getScheme() {
- return new TListSentryRolesRequestTupleScheme();
- }
- }
-
- private static class TListSentryRolesRequestTupleScheme extends TupleScheme<TListSentryRolesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.component);
- BitSet optionals = new BitSet();
- if (struct.isSetGroupName()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetGroupName()) {
- oprot.writeString(struct.groupName);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- struct.groupName = iprot.readString();
- struct.setGroupNameIsSet(true);
- }
- }
- }
-
-}
-
[48/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsRequest.java
deleted file mode 100644
index 7e3a14c..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsRequest.java
+++ /dev/null
@@ -1,842 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase<TAlterSentryRoleAddGroupsRequest, TAlterSentryRoleAddGroupsRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleAddGroupsRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleAddGroupsRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleAddGroupsRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleAddGroupsRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private String component; // required
- private Set<String> groups; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- COMPONENT((short)4, "component"),
- GROUPS((short)5, "groups");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- case 5: // GROUPS
- return GROUPS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleAddGroupsRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleAddGroupsRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleAddGroupsRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- String component,
- Set<String> groups)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.component = component;
- this.groups = groups;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleAddGroupsRequest(TAlterSentryRoleAddGroupsRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetGroups()) {
- Set<String> __this__groups = new HashSet<String>(other.groups);
- this.groups = __this__groups;
- }
- }
-
- public TAlterSentryRoleAddGroupsRequest deepCopy() {
- return new TAlterSentryRoleAddGroupsRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.component = null;
- this.groups = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<String> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(String elem) {
- if (this.groups == null) {
- this.groups = new HashSet<String>();
- }
- this.groups.add(elem);
- }
-
- public Set<String> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<String> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case COMPONENT:
- return getComponent();
-
- case GROUPS:
- return getGroups();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case COMPONENT:
- return isSetComponent();
- case GROUPS:
- return isSetGroups();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleAddGroupsRequest)
- return this.equals((TAlterSentryRoleAddGroupsRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleAddGroupsRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleAddGroupsRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleAddGroupsRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleAddGroupsRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsRequestStandardScheme getScheme() {
- return new TAlterSentryRoleAddGroupsRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsRequestStandardScheme extends StandardScheme<TAlterSentryRoleAddGroupsRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set8 = iprot.readSetBegin();
- struct.groups = new HashSet<String>(2*_set8.size);
- String _elem9;
- for (int _i10 = 0; _i10 < _set8.size; ++_i10)
- {
- _elem9 = iprot.readString();
- struct.groups.add(_elem9);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
- for (String _iter11 : struct.groups)
- {
- oprot.writeString(_iter11);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleAddGroupsRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsRequestTupleScheme getScheme() {
- return new TAlterSentryRoleAddGroupsRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsRequestTupleScheme extends TupleScheme<TAlterSentryRoleAddGroupsRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- oprot.writeString(struct.component);
- {
- oprot.writeI32(struct.groups.size());
- for (String _iter12 : struct.groups)
- {
- oprot.writeString(_iter12);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set13 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.groups = new HashSet<String>(2*_set13.size);
- String _elem14;
- for (int _i15 = 0; _i15 < _set13.size; ++_i15)
- {
- _elem14 = iprot.readString();
- struct.groups.add(_elem14);
- }
- }
- struct.setGroupsIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsResponse.java
deleted file mode 100644
index 47555a6..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleAddGroupsResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleAddGroupsResponse implements org.apache.thrift.TBase<TAlterSentryRoleAddGroupsResponse, TAlterSentryRoleAddGroupsResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleAddGroupsResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleAddGroupsResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleAddGroupsResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleAddGroupsResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleAddGroupsResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleAddGroupsResponse() {
- }
-
- public TAlterSentryRoleAddGroupsResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleAddGroupsResponse(TAlterSentryRoleAddGroupsResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TAlterSentryRoleAddGroupsResponse deepCopy() {
- return new TAlterSentryRoleAddGroupsResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleAddGroupsResponse)
- return this.equals((TAlterSentryRoleAddGroupsResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleAddGroupsResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleAddGroupsResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleAddGroupsResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleAddGroupsResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsResponseStandardScheme getScheme() {
- return new TAlterSentryRoleAddGroupsResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsResponseStandardScheme extends StandardScheme<TAlterSentryRoleAddGroupsResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleAddGroupsResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsResponseTupleScheme getScheme() {
- return new TAlterSentryRoleAddGroupsResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsResponseTupleScheme extends TupleScheme<TAlterSentryRoleAddGroupsResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
deleted file mode 100644
index a754fe4..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
+++ /dev/null
@@ -1,842 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TBase<TAlterSentryRoleDeleteGroupsRequest, TAlterSentryRoleDeleteGroupsRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleDeleteGroupsRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleDeleteGroupsRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleDeleteGroupsRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleDeleteGroupsRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private String component; // required
- private Set<String> groups; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- COMPONENT((short)4, "component"),
- GROUPS((short)5, "groups");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- case 5: // GROUPS
- return GROUPS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleDeleteGroupsRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleDeleteGroupsRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleDeleteGroupsRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- String component,
- Set<String> groups)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.component = component;
- this.groups = groups;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleDeleteGroupsRequest(TAlterSentryRoleDeleteGroupsRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetGroups()) {
- Set<String> __this__groups = new HashSet<String>(other.groups);
- this.groups = __this__groups;
- }
- }
-
- public TAlterSentryRoleDeleteGroupsRequest deepCopy() {
- return new TAlterSentryRoleDeleteGroupsRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.component = null;
- this.groups = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<String> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(String elem) {
- if (this.groups == null) {
- this.groups = new HashSet<String>();
- }
- this.groups.add(elem);
- }
-
- public Set<String> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<String> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case COMPONENT:
- return getComponent();
-
- case GROUPS:
- return getGroups();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case COMPONENT:
- return isSetComponent();
- case GROUPS:
- return isSetGroups();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleDeleteGroupsRequest)
- return this.equals((TAlterSentryRoleDeleteGroupsRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleDeleteGroupsRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleDeleteGroupsRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleDeleteGroupsRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsRequestStandardScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestStandardScheme extends StandardScheme<TAlterSentryRoleDeleteGroupsRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set16 = iprot.readSetBegin();
- struct.groups = new HashSet<String>(2*_set16.size);
- String _elem17;
- for (int _i18 = 0; _i18 < _set16.size; ++_i18)
- {
- _elem17 = iprot.readString();
- struct.groups.add(_elem17);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
- for (String _iter19 : struct.groups)
- {
- oprot.writeString(_iter19);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsRequestTupleScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsRequestTupleScheme extends TupleScheme<TAlterSentryRoleDeleteGroupsRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- oprot.writeString(struct.component);
- {
- oprot.writeI32(struct.groups.size());
- for (String _iter20 : struct.groups)
- {
- oprot.writeString(_iter20);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set21 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.groups = new HashSet<String>(2*_set21.size);
- String _elem22;
- for (int _i23 = 0; _i23 < _set21.size; ++_i23)
- {
- _elem22 = iprot.readString();
- struct.groups.add(_elem22);
- }
- }
- struct.setGroupsIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java
deleted file mode 100644
index ded6d24..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleDeleteGroupsResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleDeleteGroupsResponse implements org.apache.thrift.TBase<TAlterSentryRoleDeleteGroupsResponse, TAlterSentryRoleDeleteGroupsResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleDeleteGroupsResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleDeleteGroupsResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleDeleteGroupsResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleDeleteGroupsResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleDeleteGroupsResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleDeleteGroupsResponse() {
- }
-
- public TAlterSentryRoleDeleteGroupsResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleDeleteGroupsResponse(TAlterSentryRoleDeleteGroupsResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TAlterSentryRoleDeleteGroupsResponse deepCopy() {
- return new TAlterSentryRoleDeleteGroupsResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleDeleteGroupsResponse)
- return this.equals((TAlterSentryRoleDeleteGroupsResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleDeleteGroupsResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleDeleteGroupsResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleDeleteGroupsResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsResponseStandardScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseStandardScheme extends StandardScheme<TAlterSentryRoleDeleteGroupsResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleDeleteGroupsResponseTupleScheme getScheme() {
- return new TAlterSentryRoleDeleteGroupsResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleDeleteGroupsResponseTupleScheme extends TupleScheme<TAlterSentryRoleDeleteGroupsResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleDeleteGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
[20/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
deleted file mode 100644
index d2d3f9e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
+++ /dev/null
@@ -1,1084 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.security.PrivilegedExceptionAction;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import javax.security.auth.callback.CallbackHandler;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.net.NetUtils;
-import org.apache.hadoop.security.SaslRpcServer;
-import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.hadoop.security.UserGroupInformation;
-
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Preconditions;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Lists;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-import org.apache.commons.lang.StringUtils;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.db.DBModelAuthorizable;
-import org.apache.sentry.service.thrift.SentryServiceUtil;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ThriftConstants;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.thrift.TException;
-import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.protocol.TMultiplexedProtocol;
-import org.apache.thrift.transport.TSaslClientTransport;
-import org.apache.thrift.transport.TSocket;
-import org.apache.thrift.transport.TTransport;
-import org.apache.thrift.transport.TTransportException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/*
- A Sentry Client in which all the operations are synchronized for thread safety
- Note: When using this client, if there is an exception in RPC, socket can get into an inconsistent state.
- So it is important to recreate the client, which uses a new socket.
- */
-public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyServiceClient {
-
- private final Configuration conf;
- private final InetSocketAddress serverAddress;
- private final boolean kerberos;
- private final String[] serverPrincipalParts;
- private SentryPolicyService.Client client;
- private TTransport transport;
- private int connectionTimeout;
- private static final Logger LOGGER = LoggerFactory
- .getLogger(SentryPolicyServiceClient.class);
- private static final String THRIFT_EXCEPTION_MESSAGE = "Thrift exception occurred ";
-
- /**
- * This transport wraps the Sasl transports to set up the right UGI context for open().
- */
- public static class UgiSaslClientTransport extends TSaslClientTransport {
- protected UserGroupInformation ugi = null;
-
- public UgiSaslClientTransport(String mechanism, String authorizationId,
- String protocol, String serverName, Map<String, String> props,
- CallbackHandler cbh, TTransport transport, boolean wrapUgi)
- throws IOException {
- super(mechanism, authorizationId, protocol, serverName, props, cbh,
- transport);
- if (wrapUgi) {
- ugi = UserGroupInformation.getLoginUser();
- }
- }
-
- // open the SASL transport with using the current UserGroupInformation
- // This is needed to get the current login context stored
- @Override
- public synchronized void open() throws TTransportException {
- if (ugi == null) {
- baseOpen();
- } else {
- try {
- if (ugi.isFromKeytab()) {
- ugi.checkTGTAndReloginFromKeytab();
- }
- ugi.doAs(new PrivilegedExceptionAction<Void>() {
- public Void run() throws TTransportException {
- baseOpen();
- return null;
- }
- });
- } catch (IOException e) {
- throw new TTransportException("Failed to open SASL transport", e);
- } catch (InterruptedException e) {
- throw new TTransportException(
- "Interrupted while opening underlying transport", e);
- }
- }
- }
-
- private void baseOpen() throws TTransportException {
- super.open();
- }
- }
-
- public SentryPolicyServiceClientDefaultImpl(Configuration conf) throws IOException {
- this.conf = conf;
- Preconditions.checkNotNull(this.conf, "Configuration object cannot be null");
- this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(
- conf.get(ClientConfig.SERVER_RPC_ADDRESS), "Config key "
- + ClientConfig.SERVER_RPC_ADDRESS + " is required"), conf.getInt(
- ClientConfig.SERVER_RPC_PORT, ClientConfig.SERVER_RPC_PORT_DEFAULT));
- this.connectionTimeout = conf.getInt(ClientConfig.SERVER_RPC_CONN_TIMEOUT,
- ClientConfig.SERVER_RPC_CONN_TIMEOUT_DEFAULT);
- kerberos = ServerConfig.SECURITY_MODE_KERBEROS.equalsIgnoreCase(
- conf.get(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_KERBEROS).trim());
- transport = new TSocket(serverAddress.getHostName(),
- serverAddress.getPort(), connectionTimeout);
- if (kerberos) {
- String serverPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL), ServerConfig.PRINCIPAL + " is required");
-
- // Resolve server host in the same way as we are doing on server side
- serverPrincipal = SecurityUtil.getServerPrincipal(serverPrincipal, serverAddress.getAddress());
- LOGGER.debug("Using server kerberos principal: " + serverPrincipal);
-
- serverPrincipalParts = SaslRpcServer.splitKerberosName(serverPrincipal);
- Preconditions.checkArgument(serverPrincipalParts.length == 3,
- "Kerberos principal should have 3 parts: " + serverPrincipal);
- boolean wrapUgi = "true".equalsIgnoreCase(conf
- .get(ServerConfig.SECURITY_USE_UGI_TRANSPORT, "true"));
- transport = new UgiSaslClientTransport(AuthMethod.KERBEROS.getMechanismName(),
- null, serverPrincipalParts[0], serverPrincipalParts[1],
- ClientConfig.SASL_PROPERTIES, null, transport, wrapUgi);
- } else {
- serverPrincipalParts = null;
- }
- try {
- transport.open();
- } catch (TTransportException e) {
- throw new IOException("Transport exception while opening transport: " + e.getMessage(), e);
- }
- LOGGER.debug("Successfully opened transport: " + transport + " to " + serverAddress);
- long maxMessageSize = conf.getLong(ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE,
- ServiceConstants.ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT);
- TMultiplexedProtocol protocol = new TMultiplexedProtocol(
- new TBinaryProtocol(transport, maxMessageSize, maxMessageSize, true, true),
- SentryPolicyStoreProcessor.SENTRY_POLICY_SERVICE_NAME);
- client = new SentryPolicyService.Client(protocol);
- LOGGER.debug("Successfully created client");
- }
-
- public synchronized void createRole(String requestorUserName, String roleName)
- throws SentryUserException {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- try {
- TCreateSentryRoleResponse response = client.create_sentry_role(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public synchronized void dropRole(String requestorUserName,
- String roleName)
- throws SentryUserException {
- dropRole(requestorUserName, roleName, false);
- }
-
- public synchronized void dropRoleIfExists(String requestorUserName,
- String roleName)
- throws SentryUserException {
- dropRole(requestorUserName, roleName, true);
- }
-
- private synchronized void dropRole(String requestorUserName,
- String roleName, boolean ifExists)
- throws SentryUserException {
- TDropSentryRoleRequest request = new TDropSentryRoleRequest();
- request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- try {
- TDropSentryRoleResponse response = client.drop_sentry_role(request);
- Status status = Status.fromCode(response.getStatus().getValue());
- if (ifExists && status == Status.NO_SUCH_OBJECT) {
- return;
- }
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Gets sentry role objects for a given groupName using the Sentry service
- * @param requestorUserName : user on whose behalf the request is issued
- * @param groupName : groupName to look up ( if null returns all roles for all groups)
- * @return Set of thrift sentry role objects
- * @throws SentryUserException
- */
- public synchronized Set<TSentryRole> listRolesByGroupName(
- String requestorUserName,
- String groupName)
- throws SentryUserException {
- TListSentryRolesRequest request = new TListSentryRolesRequest();
- request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- request.setRequestorUserName(requestorUserName);
- request.setGroupName(groupName);
- TListSentryRolesResponse response;
- Set<TSentryRole> roles = new HashSet<TSentryRole>();
- try {
- response = client.list_sentry_roles_by_group(request);
- Status status = Status.fromCode(response.getStatus().getValue());
- if (status == Status.NO_SUCH_OBJECT) {
- return roles;
- }
- Status.throwIfNotOk(response.getStatus());
- return response.getRoles();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Gets sentry role objects for a given userName using the Sentry service
- *
- * @param requestorUserName
- * : user on whose behalf the request is issued
- * @param userName
- * : userName to look up (can't be empty)
- * @return Set of thrift sentry role objects
- * @throws SentryUserException
- */
- public Set<TSentryRole> listRolesByUserName(String requestorUserName, String userName)
- throws SentryUserException {
- TListSentryRolesForUserRequest request = new TListSentryRolesForUserRequest();
- request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- request.setRequestorUserName(requestorUserName);
- request.setUserName(userName);
- TListSentryRolesResponse response;
- try {
- response = client.list_sentry_roles_by_user(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getRoles();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public synchronized Set<TSentryPrivilege> listAllPrivilegesByRoleName(String requestorUserName,
- String roleName)
- throws SentryUserException {
- return listPrivilegesByRoleName(requestorUserName, roleName, null);
- }
-
- /**
- * Gets sentry privilege objects for a given roleName using the Sentry service
- * @param requestorUserName : user on whose behalf the request is issued
- * @param roleName : roleName to look up
- * @param authorizable : authorizable Hierarchy (server->db->table etc)
- * @return Set of thrift sentry privilege objects
- * @throws SentryUserException
- */
- public synchronized Set<TSentryPrivilege> listPrivilegesByRoleName(String requestorUserName,
- String roleName, List<? extends Authorizable> authorizable)
- throws SentryUserException {
- TListSentryPrivilegesRequest request = new TListSentryPrivilegesRequest();
- request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- if (authorizable != null && !authorizable.isEmpty()) {
- TSentryAuthorizable tSentryAuthorizable = setupSentryAuthorizable(authorizable);
- request.setAuthorizableHierarchy(tSentryAuthorizable);
- }
- TListSentryPrivilegesResponse response;
- try {
- response = client.list_sentry_privileges_by_role(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivileges();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public synchronized Set<TSentryRole> listRoles(String requestorUserName)
- throws SentryUserException {
- return listRolesByGroupName(requestorUserName, null);
- }
-
- public synchronized Set<TSentryRole> listUserRoles(String requestorUserName)
- throws SentryUserException {
- Set<TSentryRole> tSentryRoles = Sets.newHashSet();
- tSentryRoles.addAll(listRolesByGroupName(requestorUserName, AccessConstants.ALL));
- tSentryRoles.addAll(listRolesByUserName(requestorUserName, requestorUserName));
- return tSentryRoles;
- }
-
- public synchronized TSentryPrivilege grantURIPrivilege(String requestorUserName,
- String roleName, String server, String uri)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName,
- PrivilegeScope.URI, server, uri, null, null, null, AccessConstants.ALL);
- }
-
- public synchronized TSentryPrivilege grantURIPrivilege(String requestorUserName,
- String roleName, String server, String uri, Boolean grantOption)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName,
- PrivilegeScope.URI, server, uri, null, null, null, AccessConstants.ALL, grantOption);
- }
-
- public synchronized void grantServerPrivilege(String requestorUserName,
- String roleName, String server, String action)
- throws SentryUserException {
-
- // "ALL" and "*" should be synonyms for action and need to be unified with grantServerPrivilege without
- // action explicitly specified.
- if (AccessConstants.ACTION_ALL.equalsIgnoreCase(action) || AccessConstants.ALL.equals(action)) {
- action = AccessConstants.ALL;
- }
-
- grantPrivilege(requestorUserName, roleName,
- PrivilegeScope.SERVER, server, null, null, null, null, action);
- }
-
- @Deprecated
- /***
- * Should use grantServerPrivilege(String requestorUserName,
- * String roleName, String server, String action, Boolean grantOption)
- */
- public synchronized TSentryPrivilege grantServerPrivilege(String requestorUserName,
- String roleName, String server, Boolean grantOption) throws SentryUserException {
- return grantServerPrivilege(requestorUserName, roleName, server,
- AccessConstants.ALL, grantOption);
- }
-
- public synchronized TSentryPrivilege grantServerPrivilege(String requestorUserName,
- String roleName, String server, String action, Boolean grantOption)
- throws SentryUserException {
-
- // "ALL" and "*" should be synonyms for action and need to be unified with grantServerPrivilege without
- // action explicitly specified.
- if (AccessConstants.ACTION_ALL.equalsIgnoreCase(action) || AccessConstants.ALL.equals(action)) {
- action = AccessConstants.ALL;
- }
-
- return grantPrivilege(requestorUserName, roleName,
- PrivilegeScope.SERVER, server, null, null, null, null, action, grantOption);
- }
-
- public synchronized TSentryPrivilege grantDatabasePrivilege(String requestorUserName,
- String roleName, String server, String db, String action)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName,
- PrivilegeScope.DATABASE, server, null, db, null, null, action);
- }
-
- public synchronized TSentryPrivilege grantDatabasePrivilege(String requestorUserName,
- String roleName, String server, String db, String action, Boolean grantOption)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName,
- PrivilegeScope.DATABASE, server, null, db, null, null, action, grantOption);
- }
-
- public synchronized TSentryPrivilege grantTablePrivilege(String requestorUserName,
- String roleName, String server, String db, String table, String action)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName, PrivilegeScope.TABLE, server,
- null,
- db, table, null, action);
- }
-
- public synchronized TSentryPrivilege grantTablePrivilege(String requestorUserName,
- String roleName, String server, String db, String table, String action, Boolean grantOption)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName, PrivilegeScope.TABLE, server,
- null, db, table, null, action, grantOption);
- }
-
- public synchronized TSentryPrivilege grantColumnPrivilege(String requestorUserName,
- String roleName, String server, String db, String table, String columnName, String action)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName, PrivilegeScope.COLUMN, server,
- null,
- db, table, columnName, action);
- }
-
- public synchronized TSentryPrivilege grantColumnPrivilege(String requestorUserName,
- String roleName, String server, String db, String table, String columnName, String action, Boolean grantOption)
- throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName, PrivilegeScope.COLUMN, server,
- null, db, table, columnName, action, grantOption);
- }
-
- public synchronized Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName,
- String roleName, String server, String db, String table, List<String> columnNames, String action)
- throws SentryUserException {
- return grantPrivileges(requestorUserName, roleName, PrivilegeScope.COLUMN, server,
- null,
- db, table, columnNames, action);
- }
-
- public synchronized Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName,
- String roleName, String server, String db, String table, List<String> columnNames, String action, Boolean grantOption)
- throws SentryUserException {
- return grantPrivileges(requestorUserName, roleName, PrivilegeScope.COLUMN,
- server,
- null, db, table, columnNames, action, grantOption);
- }
-
- public synchronized Set<TSentryPrivilege> grantPrivileges(
- String requestorUserName, String roleName,
- Set<TSentryPrivilege> privileges) throws SentryUserException {
- return grantPrivilegesCore(requestorUserName, roleName, privileges);
- }
-
- public synchronized TSentryPrivilege grantPrivilege(String requestorUserName, String roleName,
- TSentryPrivilege privilege) throws SentryUserException {
- return grantPrivilegeCore(requestorUserName, roleName, privilege);
- }
-
- private TSentryPrivilege grantPrivilegeCore(String requestorUserName, String roleName,
- TSentryPrivilege privilege) throws SentryUserException {
- Set<TSentryPrivilege> results =
- grantPrivilegesCore(requestorUserName, roleName, ImmutableSet.of(privilege));
- if (results != null && results.size() > 0) {
- return results.iterator().next();
- } else {
- return new TSentryPrivilege();
- }
- }
-
- private Set<TSentryPrivilege> grantPrivilegesCore(String requestorUserName, String roleName,
- Set<TSentryPrivilege> privileges) throws SentryUserException {
- TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
- request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setPrivileges(privileges);
- try {
- TAlterSentryRoleGrantPrivilegeResponse response =
- client.alter_sentry_role_grant_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivileges();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @VisibleForTesting
- public static TSentryAuthorizable setupSentryAuthorizable(
- List<? extends Authorizable> authorizable) {
- TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
-
- for (Authorizable authzble : authorizable) {
- if (authzble.getTypeName().equalsIgnoreCase(
- DBModelAuthorizable.AuthorizableType.Server.toString())) {
- tSentryAuthorizable.setServer(authzble.getName());
- } else if (authzble.getTypeName().equalsIgnoreCase(
- DBModelAuthorizable.AuthorizableType.URI.toString())) {
- tSentryAuthorizable.setUri(authzble.getName());
- } else if (authzble.getTypeName().equalsIgnoreCase(
- DBModelAuthorizable.AuthorizableType.Db.toString())) {
- tSentryAuthorizable.setDb(authzble.getName());
- } else if (authzble.getTypeName().equalsIgnoreCase(
- DBModelAuthorizable.AuthorizableType.Table.toString())) {
- tSentryAuthorizable.setTable(authzble.getName());
- } else if (authzble.getTypeName().equalsIgnoreCase(
- DBModelAuthorizable.AuthorizableType.Column.toString())) {
- tSentryAuthorizable.setColumn(authzble.getName());
- }
- }
- return tSentryAuthorizable;
- }
-
- private TSentryPrivilege grantPrivilege(String requestorUserName,
- String roleName,
- PrivilegeScope scope, String serverName, String uri, String db,
- String table, String column, String action) throws SentryUserException {
- return grantPrivilege(requestorUserName, roleName, scope, serverName, uri,
- db, table, column, action, false);
- }
-
- private TSentryPrivilege grantPrivilege(String requestorUserName,
- String roleName, PrivilegeScope scope, String serverName, String uri, String db, String table,
- String column, String action, Boolean grantOption)
- throws SentryUserException {
- TSentryPrivilege privilege =
- convertToTSentryPrivilege(scope, serverName, uri, db, table, column, action, grantOption);
- return grantPrivilegeCore(requestorUserName, roleName, privilege);
- }
-
- private Set<TSentryPrivilege> grantPrivileges(String requestorUserName,
- String roleName,
- PrivilegeScope scope, String serverName, String uri, String db,
- String table, List<String> columns, String action) throws SentryUserException {
- return grantPrivileges(requestorUserName, roleName, scope, serverName, uri,
- db, table, columns, action, false);
- }
-
- private Set<TSentryPrivilege> grantPrivileges(String requestorUserName,
- String roleName, PrivilegeScope scope, String serverName, String uri, String db, String table,
- List<String> columns, String action, Boolean grantOption)
- throws SentryUserException {
- Set<TSentryPrivilege> privileges = convertColumnPrivileges(scope,
- serverName, uri, db, table, columns, action, grantOption);
- return grantPrivilegesCore(requestorUserName, roleName, privileges);
- }
-
- public synchronized void revokePrivileges(String requestorUserName, String roleName, Set<TSentryPrivilege> privileges) throws SentryUserException {
- this.revokePrivilegesCore(requestorUserName, roleName, privileges);
- }
-
- public synchronized void revokePrivilege(String requestorUserName, String roleName, TSentryPrivilege privilege) throws SentryUserException {
- this.revokePrivilegeCore(requestorUserName, roleName, privilege);
-
- }
-
- private void revokePrivilegeCore(String requestorUserName, String roleName, TSentryPrivilege privilege) throws SentryUserException {
- this.revokePrivilegesCore(requestorUserName, roleName, ImmutableSet.of(privilege));
- }
-
- private void revokePrivilegesCore(String requestorUserName, String roleName, Set<TSentryPrivilege> privileges) throws SentryUserException {
- TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
- request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setPrivileges(privileges);
- try {
- TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege(
- request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public synchronized void revokeURIPrivilege(String requestorUserName,
- String roleName, String server, String uri)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.URI, server, uri, null, null, null, AccessConstants.ALL);
- }
-
- public synchronized void revokeURIPrivilege(String requestorUserName,
- String roleName, String server, String uri, Boolean grantOption)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.URI, server, uri, null, null, null, AccessConstants.ALL, grantOption);
- }
-
- public synchronized void revokeServerPrivilege(String requestorUserName,
- String roleName, String server, String action)
- throws SentryUserException {
-
- // "ALL" and "*" should be synonyms for action and need to be unified with revokeServerPrivilege without
- // action explicitly specified.
- if (AccessConstants.ACTION_ALL.equalsIgnoreCase(action) || AccessConstants.ALL.equals(action)) {
- action = AccessConstants.ALL;
- }
-
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.SERVER, server, null, null, null, null, action);
- }
-
- public synchronized void revokeServerPrivilege(String requestorUserName,
- String roleName, String server, String action, Boolean grantOption)
- throws SentryUserException {
-
- // "ALL" and "*" should be synonyms for action and need to be unified with revokeServerPrivilege without
- // action explicitly specified.
- if (AccessConstants.ACTION_ALL.equalsIgnoreCase(action) || AccessConstants.ALL.equals(action)) {
- action = AccessConstants.ALL;
- }
-
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.SERVER, server, null, null, null, null, action, grantOption);
- }
-
- @Deprecated
- /***
- * Should use revokeServerPrivilege(String requestorUserName,
- * String roleName, String server, String action, Boolean grantOption)
- */
- public synchronized void revokeServerPrivilege(String requestorUserName,
- String roleName, String server, boolean grantOption)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.SERVER, server, null, null, null, null, AccessConstants.ALL, grantOption);
- }
-
- public synchronized void revokeDatabasePrivilege(String requestorUserName,
- String roleName, String server, String db, String action)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.DATABASE, server, null, db, null, null, action);
- }
-
- public synchronized void revokeDatabasePrivilege(String requestorUserName,
- String roleName, String server, String db, String action, Boolean grantOption)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.DATABASE, server, null, db, null, null, action, grantOption);
- }
-
- public synchronized void revokeTablePrivilege(String requestorUserName,
- String roleName, String server, String db, String table, String action)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.TABLE, server, null,
- db, table, null, action);
- }
-
- public synchronized void revokeTablePrivilege(String requestorUserName,
- String roleName, String server, String db, String table, String action, Boolean grantOption)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.TABLE, server, null,
- db, table, null, action, grantOption);
- }
-
- public synchronized void revokeColumnPrivilege(String requestorUserName, String roleName,
- String server, String db, String table, String columnName, String action)
- throws SentryUserException {
- ImmutableList.Builder<String> listBuilder = ImmutableList.builder();
- listBuilder.add(columnName);
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.COLUMN, server, null,
- db, table, listBuilder.build(), action);
- }
-
- public synchronized void revokeColumnPrivilege(String requestorUserName, String roleName,
- String server, String db, String table, String columnName, String action, Boolean grantOption)
- throws SentryUserException {
- ImmutableList.Builder<String> listBuilder = ImmutableList.builder();
- listBuilder.add(columnName);
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.COLUMN, server, null,
- db, table, listBuilder.build(), action, grantOption);
- }
-
- public synchronized void revokeColumnsPrivilege(String requestorUserName, String roleName,
- String server, String db, String table, List<String> columns, String action)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.COLUMN, server, null,
- db, table, columns, action);
- }
-
- public synchronized void revokeColumnsPrivilege(String requestorUserName, String roleName,
- String server, String db, String table, List<String> columns, String action, Boolean grantOption)
- throws SentryUserException {
- revokePrivilege(requestorUserName, roleName,
- PrivilegeScope.COLUMN, server, null,
- db, table, columns, action, grantOption);
- }
-
- private void revokePrivilege(String requestorUserName,
- String roleName, PrivilegeScope scope, String serverName, String uri,
- String db, String table, List<String> columns, String action)
- throws SentryUserException {
- this.revokePrivilege(requestorUserName, roleName, scope, serverName, uri, db, table, columns, action, false);
- }
-
- private void revokePrivilege(String requestorUserName, String roleName,
- PrivilegeScope scope, String serverName, String uri, String db, String table, List<String> columns,
- String action, Boolean grantOption)
- throws SentryUserException {
- Set<TSentryPrivilege> privileges = convertColumnPrivileges(scope,
- serverName, uri, db, table, columns, action, grantOption);
- this.revokePrivilegesCore(requestorUserName, roleName, privileges);
- }
-
- private Set<TSentryPrivilege> convertColumnPrivileges(
- PrivilegeScope scope, String serverName, String uri, String db, String table, List<String> columns,
- String action, Boolean grantOption) {
- ImmutableSet.Builder<TSentryPrivilege> setBuilder = ImmutableSet.builder();
- if (columns == null || columns.isEmpty()) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope(scope.toString());
- privilege.setServerName(serverName);
- privilege.setURI(uri);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setColumnName(null);
- privilege.setAction(action);
- privilege.setCreateTime(System.currentTimeMillis());
- privilege.setGrantOption(convertTSentryGrantOption(grantOption));
- setBuilder.add(privilege);
- } else {
- for (String column : columns) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope(scope.toString());
- privilege.setServerName(serverName);
- privilege.setURI(uri);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setColumnName(column);
- privilege.setAction(action);
- privilege.setCreateTime(System.currentTimeMillis());
- privilege.setGrantOption(convertTSentryGrantOption(grantOption));
- setBuilder.add(privilege);
- }
- }
- return setBuilder.build();
- }
-
- private TSentryPrivilege convertToTSentryPrivilege(
- PrivilegeScope scope, String serverName, String uri, String db, String table, String column,
- String action, Boolean grantOption) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope(scope.toString());
- privilege.setServerName(serverName);
- privilege.setURI(uri);
- privilege.setDbName(db);
- privilege.setTableName(table);
- privilege.setColumnName(column);
- privilege.setAction(action);
- privilege.setCreateTime(System.currentTimeMillis());
- privilege.setGrantOption(convertTSentryGrantOption(grantOption));
- return privilege;
- }
-
- private TSentryGrantOption convertTSentryGrantOption(Boolean grantOption) {
- if (grantOption == null) {
- return TSentryGrantOption.UNSET;
- } else if (grantOption.equals(true)) {
- return TSentryGrantOption.TRUE;
- } else if (grantOption.equals(false)) {
- return TSentryGrantOption.FALSE;
- }
- return TSentryGrantOption.FALSE;
- }
-
- public synchronized Set<String> listPrivilegesForProvider(Set<String> groups, Set<String> users,
- ActiveRoleSet roleSet, Authorizable... authorizable) throws SentryUserException {
- TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles());
- TListSentryPrivilegesForProviderRequest request =
- new TListSentryPrivilegesForProviderRequest(ThriftConstants.
- TSENTRY_SERVICE_VERSION_CURRENT, groups, thriftRoleSet);
- if (authorizable != null && authorizable.length > 0) {
- TSentryAuthorizable tSentryAuthorizable = setupSentryAuthorizable(Lists
- .newArrayList(authorizable));
- request.setAuthorizableHierarchy(tSentryAuthorizable);
- }
- if (users != null) {
- request.setUsers(users);
- }
- try {
- TListSentryPrivilegesForProviderResponse response = client.list_sentry_privileges_for_provider(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivileges();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public synchronized void grantRoleToGroup(String requestorUserName,
- String groupName, String roleName)
- throws SentryUserException {
- grantRoleToGroups(requestorUserName, roleName, Sets.newHashSet(groupName));
- }
-
- @Override
- public synchronized void revokeRoleFromGroup(String requestorUserName,
- String groupName, String roleName)
- throws SentryUserException {
- revokeRoleFromGroups(requestorUserName, roleName, Sets.newHashSet(groupName));
- }
-
- @Override
- public synchronized void grantRoleToGroups(String requestorUserName,
- String roleName, Set<String> groups)
- throws SentryUserException {
- TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName,
- roleName, convert2TGroups(groups));
- try {
- TAlterSentryRoleAddGroupsResponse response = client.alter_sentry_role_add_groups(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public synchronized void revokeRoleFromGroups(String requestorUserName,
- String roleName, Set<String> groups)
- throws SentryUserException {
- TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName,
- roleName, convert2TGroups(groups));
- try {
- TAlterSentryRoleDeleteGroupsResponse response = client.alter_sentry_role_delete_groups(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public synchronized void grantRoleToUser(String requestorUserName, String userName,
- String roleName) throws SentryUserException {
- grantRoleToUsers(requestorUserName, roleName, Sets.newHashSet(userName));
- }
-
- @Override
- public synchronized void revokeRoleFromUser(String requestorUserName, String userName,
- String roleName) throws SentryUserException {
- revokeRoleFromUsers(requestorUserName, roleName, Sets.newHashSet(userName));
- }
-
- @Override
- public synchronized void grantRoleToUsers(String requestorUserName, String roleName,
- Set<String> users) throws SentryUserException {
- TAlterSentryRoleAddUsersRequest request = new TAlterSentryRoleAddUsersRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName, roleName, users);
- try {
- TAlterSentryRoleAddUsersResponse response = client.alter_sentry_role_add_users(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public synchronized void revokeRoleFromUsers(String requestorUserName, String roleName,
- Set<String> users) throws SentryUserException {
- TAlterSentryRoleDeleteUsersRequest request = new TAlterSentryRoleDeleteUsersRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName, roleName, users);
- try {
- TAlterSentryRoleDeleteUsersResponse response = client.alter_sentry_role_delete_users(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- private Set<TSentryGroup> convert2TGroups(Set<String> groups) {
- Set<TSentryGroup> tGroups = Sets.newHashSet();
- if (groups != null) {
- for (String groupName : groups) {
- tGroups.add(new TSentryGroup(groupName));
- }
- }
- return tGroups;
- }
-
- public synchronized void dropPrivileges(String requestorUserName,
- List<? extends Authorizable> authorizableObjects)
- throws SentryUserException {
- TSentryAuthorizable tSentryAuthorizable = setupSentryAuthorizable(authorizableObjects);
-
- TDropPrivilegesRequest request = new TDropPrivilegesRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName,
- tSentryAuthorizable);
- try {
- TDropPrivilegesResponse response = client.drop_sentry_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public synchronized void renamePrivileges(String requestorUserName,
- List<? extends Authorizable> oldAuthorizables,
- List<? extends Authorizable> newAuthorizables) throws SentryUserException {
- TSentryAuthorizable tOldSentryAuthorizable = setupSentryAuthorizable(oldAuthorizables);
- TSentryAuthorizable tNewSentryAuthorizable = setupSentryAuthorizable(newAuthorizables);
-
- TRenamePrivilegesRequest request = new TRenamePrivilegesRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName,
- tOldSentryAuthorizable, tNewSentryAuthorizable);
- try {
- TRenamePrivilegesResponse response = client
- .rename_sentry_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public synchronized Map<TSentryAuthorizable, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(
- String requestorUserName,
- Set<List<? extends Authorizable>> authorizables, Set<String> groups,
- ActiveRoleSet roleSet) throws SentryUserException {
- Set<TSentryAuthorizable> authSet = Sets.newTreeSet();
-
- for (List<? extends Authorizable> authorizableHierarchy : authorizables) {
- authSet.add(setupSentryAuthorizable(authorizableHierarchy));
- }
- TListSentryPrivilegesByAuthRequest request = new TListSentryPrivilegesByAuthRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName,
- authSet);
- if (groups != null) {
- request.setGroups(groups);
- }
- if (roleSet != null) {
- request.setRoleSet(new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles()));
- }
-
- try {
- TListSentryPrivilegesByAuthResponse response = client
- .list_sentry_privileges_by_authorizable(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivilegesMapByAuth();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Returns the configuration value in the sentry server associated with
- * propertyName, or if propertyName does not exist, the defaultValue.
- * There is no "requestorUserName" because this is regarded as an
- * internal interface.
- * @param propertyName Config attribute to search for
- * @param defaultValue String to return if not found
- * @return The value of the propertyName
- * @throws SentryUserException
- */
- public synchronized String getConfigValue(String propertyName, String defaultValue)
- throws SentryUserException {
- TSentryConfigValueRequest request = new TSentryConfigValueRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, propertyName);
- if (defaultValue != null) {
- request.setDefaultValue(defaultValue);
- }
- try {
- TSentryConfigValueResponse response = client.get_sentry_config_value(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getValue();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- public synchronized void close() {
- if (transport != null) {
- transport.close();
- }
- }
-
- /**
- * Import the sentry mapping data, convert the mapping data from map structure to
- * TSentryMappingData, and call the import API.
- *
- * @param policyFileMappingData
- * Include 2 maps to save the mapping data, the following is the example of the data
- * structure:
- * for the following mapping data:
- * group1=role1,role2
- * group2=role2,role3
- * role1=server=server1->db=db1
- * role2=server=server1->db=db1->table=tbl1,server=server1->db=db1->table=tbl2
- * role3=server=server1->url=hdfs://localhost/path
- *
- * The policyFileMappingData will be inputed as:
- * {
- * groups={[group1={role1, role2}], group2=[role2, role3]},
- * roles={role1=[server=server1->db=db1],
- * role2=[server=server1->db=db1->table=tbl1,server=server1->db=db1->table=tbl2],
- * role3=[server=server1->url=hdfs://localhost/path]
- * }
- * }
- * @param requestorUserName
- * The name of the request user
- */
- public synchronized void importPolicy(Map<String, Map<String, Set<String>>> policyFileMappingData,
- String requestorUserName, boolean isOverwriteRole)
- throws SentryUserException {
- try {
- TSentryMappingData tSentryMappingData = new TSentryMappingData();
- // convert the mapping data for [group,role] from map structure to
- // TSentryMappingData.GroupRolesMap
- tSentryMappingData.setGroupRolesMap(policyFileMappingData.get(PolicyFileConstants.GROUPS));
- tSentryMappingData.setUserRolesMap(policyFileMappingData.get(PolicyFileConstants.USER_ROLES));
- // convert the mapping data for [role,privilege] from map structure to
- // TSentryMappingData.RolePrivilegesMap
- tSentryMappingData
- .setRolePrivilegesMap(convertRolePrivilegesMapForSentryDB(policyFileMappingData
- .get(PolicyFileConstants.ROLES)));
- TSentryImportMappingDataRequest request = new TSentryImportMappingDataRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName, isOverwriteRole,
- tSentryMappingData);
- TSentryImportMappingDataResponse response = client.import_sentry_mapping_data(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- // convert the mapping data for [role,privilege] from map structure to
- // TSentryMappingData.RolePrivilegesMap
- private Map<String, Set<TSentryPrivilege>> convertRolePrivilegesMapForSentryDB(
- Map<String, Set<String>> rolePrivilegesMap) {
- Map<String, Set<TSentryPrivilege>> rolePrivilegesMapResult = Maps.newHashMap();
- if (rolePrivilegesMap != null) {
- for (Map.Entry<String, Set<String>> entry : rolePrivilegesMap.entrySet()) {
- Set<TSentryPrivilege> tempTSentryPrivileges = Sets.newHashSet();
- Set<String> tempPrivileges = entry.getValue();
- for (String tempPrivilege : tempPrivileges) {
- tempTSentryPrivileges.add(SentryServiceUtil.convertToTSentryPrivilege(tempPrivilege));
- }
- rolePrivilegesMapResult.put(entry.getKey(), tempTSentryPrivileges);
- }
- }
- return rolePrivilegesMapResult;
- }
-
- // export the sentry mapping data with map structure
- public synchronized Map<String, Map<String, Set<String>>> exportPolicy(String requestorUserName,
- String objectPath) throws SentryUserException {
- TSentryExportMappingDataRequest request = new TSentryExportMappingDataRequest(
- ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName);
- request.setObjectPath(objectPath);
- try {
- TSentryExportMappingDataResponse response = client.export_sentry_mapping_data(request);
- Status.throwIfNotOk(response.getStatus());
- TSentryMappingData tSentryMappingData = response.getMappingData();
- Map<String, Map<String, Set<String>>> resultMap = Maps.newHashMap();
- resultMap.put(PolicyFileConstants.USER_ROLES, tSentryMappingData.getUserRolesMap());
- resultMap.put(PolicyFileConstants.GROUPS, tSentryMappingData.getGroupRolesMap());
- resultMap.put(PolicyFileConstants.ROLES, convertRolePrivilegesMapForPolicyFile(tSentryMappingData.getRolePrivilegesMap()));
- return resultMap;
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- // convert the mapping data for [roleName,privilege] from TSentryMappingData.RolePrivilegesMap to
- // map structure
- private Map<String, Set<String>> convertRolePrivilegesMapForPolicyFile(
- Map<String, Set<TSentryPrivilege>> rolePrivilegesMap) {
- Map<String, Set<String>> rolePrivilegesMapForFile = Maps.newHashMap();
- if (rolePrivilegesMap != null) {
- for (Map.Entry<String, Set<TSentryPrivilege>> entry : rolePrivilegesMap.entrySet()) {
- Set<TSentryPrivilege> tempSentryPrivileges = entry.getValue();
- Set<String> tempStrPrivileges = Sets.newHashSet();
- for (TSentryPrivilege tSentryPrivilege : tempSentryPrivileges) {
- // convert TSentryPrivilege to privilege in string
- String privilegeStr = SentryServiceUtil.convertTSentryPrivilegeToStr(tSentryPrivilege);
- if (!StringUtils.isEmpty(privilegeStr)) {
- tempStrPrivileges.add(privilegeStr);
- }
- }
- rolePrivilegesMapForFile.put(entry.getKey(), tempStrPrivileges);
- }
- }
- return rolePrivilegesMapForFile;
- }
-}
\ No newline at end of file
[35/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java
deleted file mode 100644
index 9f331d3..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleRevokePrivilegeResponse implements org.apache.thrift.TBase<TAlterSentryRoleRevokePrivilegeResponse, TAlterSentryRoleRevokePrivilegeResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleRevokePrivilegeResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleRevokePrivilegeResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleRevokePrivilegeResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleRevokePrivilegeResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleRevokePrivilegeResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse() {
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleRevokePrivilegeResponse(TAlterSentryRoleRevokePrivilegeResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse deepCopy() {
- return new TAlterSentryRoleRevokePrivilegeResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleRevokePrivilegeResponse)
- return this.equals((TAlterSentryRoleRevokePrivilegeResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleRevokePrivilegeResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleRevokePrivilegeResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleRevokePrivilegeResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeResponseStandardScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseStandardScheme extends StandardScheme<TAlterSentryRoleRevokePrivilegeResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeResponseTupleScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseTupleScheme extends TupleScheme<TAlterSentryRoleRevokePrivilegeResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java
deleted file mode 100644
index a3f9e6b..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java
+++ /dev/null
@@ -1,591 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreateSentryRoleRequest, TCreateSentryRoleRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TCreateSentryRoleRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TCreateSentryRoleRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TCreateSentryRoleRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TCreateSentryRoleRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TCreateSentryRoleRequest.class, metaDataMap);
- }
-
- public TCreateSentryRoleRequest() {
- this.protocol_version = 2;
-
- }
-
- public TCreateSentryRoleRequest(
- int protocol_version,
- String requestorUserName,
- String roleName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TCreateSentryRoleRequest(TCreateSentryRoleRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- }
-
- public TCreateSentryRoleRequest deepCopy() {
- return new TCreateSentryRoleRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TCreateSentryRoleRequest)
- return this.equals((TCreateSentryRoleRequest)that);
- return false;
- }
-
- public boolean equals(TCreateSentryRoleRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TCreateSentryRoleRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TCreateSentryRoleRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TCreateSentryRoleRequestStandardSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleRequestStandardScheme getScheme() {
- return new TCreateSentryRoleRequestStandardScheme();
- }
- }
-
- private static class TCreateSentryRoleRequestStandardScheme extends StandardScheme<TCreateSentryRoleRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TCreateSentryRoleRequestTupleSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleRequestTupleScheme getScheme() {
- return new TCreateSentryRoleRequestTupleScheme();
- }
- }
-
- private static class TCreateSentryRoleRequestTupleScheme extends TupleScheme<TCreateSentryRoleRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleResponse.java
deleted file mode 100644
index 68068a7..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TCreateSentryRoleResponse implements org.apache.thrift.TBase<TCreateSentryRoleResponse, TCreateSentryRoleResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TCreateSentryRoleResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TCreateSentryRoleResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TCreateSentryRoleResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TCreateSentryRoleResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TCreateSentryRoleResponse.class, metaDataMap);
- }
-
- public TCreateSentryRoleResponse() {
- }
-
- public TCreateSentryRoleResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TCreateSentryRoleResponse(TCreateSentryRoleResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TCreateSentryRoleResponse deepCopy() {
- return new TCreateSentryRoleResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TCreateSentryRoleResponse)
- return this.equals((TCreateSentryRoleResponse)that);
- return false;
- }
-
- public boolean equals(TCreateSentryRoleResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TCreateSentryRoleResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TCreateSentryRoleResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TCreateSentryRoleResponseStandardSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleResponseStandardScheme getScheme() {
- return new TCreateSentryRoleResponseStandardScheme();
- }
- }
-
- private static class TCreateSentryRoleResponseStandardScheme extends StandardScheme<TCreateSentryRoleResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TCreateSentryRoleResponseTupleSchemeFactory implements SchemeFactory {
- public TCreateSentryRoleResponseTupleScheme getScheme() {
- return new TCreateSentryRoleResponseTupleScheme();
- }
- }
-
- private static class TCreateSentryRoleResponseTupleScheme extends TupleScheme<TCreateSentryRoleResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TCreateSentryRoleResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesRequest.java
deleted file mode 100644
index 8cd89fd..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesRequest.java
+++ /dev/null
@@ -1,596 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropPrivilegesRequest implements org.apache.thrift.TBase<TDropPrivilegesRequest, TDropPrivilegesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TDropPrivilegesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropPrivilegesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLE_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizable", org.apache.thrift.protocol.TType.STRUCT, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropPrivilegesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropPrivilegesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private TSentryAuthorizable authorizable; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- AUTHORIZABLE((short)3, "authorizable");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // AUTHORIZABLE
- return AUTHORIZABLE;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.AUTHORIZABLE, new org.apache.thrift.meta_data.FieldMetaData("authorizable", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropPrivilegesRequest.class, metaDataMap);
- }
-
- public TDropPrivilegesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TDropPrivilegesRequest(
- int protocol_version,
- String requestorUserName,
- TSentryAuthorizable authorizable)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.authorizable = authorizable;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropPrivilegesRequest(TDropPrivilegesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetAuthorizable()) {
- this.authorizable = new TSentryAuthorizable(other.authorizable);
- }
- }
-
- public TDropPrivilegesRequest deepCopy() {
- return new TDropPrivilegesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.authorizable = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public TSentryAuthorizable getAuthorizable() {
- return this.authorizable;
- }
-
- public void setAuthorizable(TSentryAuthorizable authorizable) {
- this.authorizable = authorizable;
- }
-
- public void unsetAuthorizable() {
- this.authorizable = null;
- }
-
- /** Returns true if field authorizable is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizable() {
- return this.authorizable != null;
- }
-
- public void setAuthorizableIsSet(boolean value) {
- if (!value) {
- this.authorizable = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case AUTHORIZABLE:
- if (value == null) {
- unsetAuthorizable();
- } else {
- setAuthorizable((TSentryAuthorizable)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case AUTHORIZABLE:
- return getAuthorizable();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case AUTHORIZABLE:
- return isSetAuthorizable();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropPrivilegesRequest)
- return this.equals((TDropPrivilegesRequest)that);
- return false;
- }
-
- public boolean equals(TDropPrivilegesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_authorizable = true && this.isSetAuthorizable();
- boolean that_present_authorizable = true && that.isSetAuthorizable();
- if (this_present_authorizable || that_present_authorizable) {
- if (!(this_present_authorizable && that_present_authorizable))
- return false;
- if (!this.authorizable.equals(that.authorizable))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_authorizable = true && (isSetAuthorizable());
- list.add(present_authorizable);
- if (present_authorizable)
- list.add(authorizable);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropPrivilegesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizable()).compareTo(other.isSetAuthorizable());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizable()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizable, other.authorizable);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropPrivilegesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("authorizable:");
- if (this.authorizable == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizable);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetAuthorizable()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'authorizable' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (authorizable != null) {
- authorizable.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropPrivilegesRequestStandardSchemeFactory implements SchemeFactory {
- public TDropPrivilegesRequestStandardScheme getScheme() {
- return new TDropPrivilegesRequestStandardScheme();
- }
- }
-
- private static class TDropPrivilegesRequestStandardScheme extends StandardScheme<TDropPrivilegesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // AUTHORIZABLE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.authorizable = new TSentryAuthorizable();
- struct.authorizable.read(iprot);
- struct.setAuthorizableIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.authorizable != null) {
- oprot.writeFieldBegin(AUTHORIZABLE_FIELD_DESC);
- struct.authorizable.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropPrivilegesRequestTupleSchemeFactory implements SchemeFactory {
- public TDropPrivilegesRequestTupleScheme getScheme() {
- return new TDropPrivilegesRequestTupleScheme();
- }
- }
-
- private static class TDropPrivilegesRequestTupleScheme extends TupleScheme<TDropPrivilegesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- struct.authorizable.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.authorizable = new TSentryAuthorizable();
- struct.authorizable.read(iprot);
- struct.setAuthorizableIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesResponse.java
deleted file mode 100644
index 6e49039..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropPrivilegesResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TDropPrivilegesResponse implements org.apache.thrift.TBase<TDropPrivilegesResponse, TDropPrivilegesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TDropPrivilegesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropPrivilegesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TDropPrivilegesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TDropPrivilegesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropPrivilegesResponse.class, metaDataMap);
- }
-
- public TDropPrivilegesResponse() {
- }
-
- public TDropPrivilegesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TDropPrivilegesResponse(TDropPrivilegesResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TDropPrivilegesResponse deepCopy() {
- return new TDropPrivilegesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TDropPrivilegesResponse)
- return this.equals((TDropPrivilegesResponse)that);
- return false;
- }
-
- public boolean equals(TDropPrivilegesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TDropPrivilegesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TDropPrivilegesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TDropPrivilegesResponseStandardSchemeFactory implements SchemeFactory {
- public TDropPrivilegesResponseStandardScheme getScheme() {
- return new TDropPrivilegesResponseStandardScheme();
- }
- }
-
- private static class TDropPrivilegesResponseStandardScheme extends StandardScheme<TDropPrivilegesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TDropPrivilegesResponseTupleSchemeFactory implements SchemeFactory {
- public TDropPrivilegesResponseTupleScheme getScheme() {
- return new TDropPrivilegesResponseTupleScheme();
- }
- }
-
- private static class TDropPrivilegesResponseTupleScheme extends TupleScheme<TDropPrivilegesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TDropPrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
[33/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java
deleted file mode 100644
index 2d1a8cf..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java
+++ /dev/null
@@ -1,571 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesByAuthResponse implements org.apache.thrift.TBase<TListSentryPrivilegesByAuthResponse, TListSentryPrivilegesByAuthResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesByAuthResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_MAP_BY_AUTH_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegesMapByAuth", org.apache.thrift.protocol.TType.MAP, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Map<TSentryAuthorizable,TSentryPrivilegeMap> privilegesMapByAuth; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- PRIVILEGES_MAP_BY_AUTH((short)2, "privilegesMapByAuth");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // PRIVILEGES_MAP_BY_AUTH
- return PRIVILEGES_MAP_BY_AUTH;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.PRIVILEGES_MAP_BY_AUTH};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.PRIVILEGES_MAP_BY_AUTH, new org.apache.thrift.meta_data.FieldMetaData("privilegesMapByAuth", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class),
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilegeMap.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthResponse.class, metaDataMap);
- }
-
- public TListSentryPrivilegesByAuthResponse() {
- }
-
- public TListSentryPrivilegesByAuthResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesByAuthResponse(TListSentryPrivilegesByAuthResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetPrivilegesMapByAuth()) {
- Map<TSentryAuthorizable,TSentryPrivilegeMap> __this__privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>(other.privilegesMapByAuth.size());
- for (Map.Entry<TSentryAuthorizable, TSentryPrivilegeMap> other_element : other.privilegesMapByAuth.entrySet()) {
-
- TSentryAuthorizable other_element_key = other_element.getKey();
- TSentryPrivilegeMap other_element_value = other_element.getValue();
-
- TSentryAuthorizable __this__privilegesMapByAuth_copy_key = new TSentryAuthorizable(other_element_key);
-
- TSentryPrivilegeMap __this__privilegesMapByAuth_copy_value = new TSentryPrivilegeMap(other_element_value);
-
- __this__privilegesMapByAuth.put(__this__privilegesMapByAuth_copy_key, __this__privilegesMapByAuth_copy_value);
- }
- this.privilegesMapByAuth = __this__privilegesMapByAuth;
- }
- }
-
- public TListSentryPrivilegesByAuthResponse deepCopy() {
- return new TListSentryPrivilegesByAuthResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.privilegesMapByAuth = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getPrivilegesMapByAuthSize() {
- return (this.privilegesMapByAuth == null) ? 0 : this.privilegesMapByAuth.size();
- }
-
- public void putToPrivilegesMapByAuth(TSentryAuthorizable key, TSentryPrivilegeMap val) {
- if (this.privilegesMapByAuth == null) {
- this.privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>();
- }
- this.privilegesMapByAuth.put(key, val);
- }
-
- public Map<TSentryAuthorizable,TSentryPrivilegeMap> getPrivilegesMapByAuth() {
- return this.privilegesMapByAuth;
- }
-
- public void setPrivilegesMapByAuth(Map<TSentryAuthorizable,TSentryPrivilegeMap> privilegesMapByAuth) {
- this.privilegesMapByAuth = privilegesMapByAuth;
- }
-
- public void unsetPrivilegesMapByAuth() {
- this.privilegesMapByAuth = null;
- }
-
- /** Returns true if field privilegesMapByAuth is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilegesMapByAuth() {
- return this.privilegesMapByAuth != null;
- }
-
- public void setPrivilegesMapByAuthIsSet(boolean value) {
- if (!value) {
- this.privilegesMapByAuth = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case PRIVILEGES_MAP_BY_AUTH:
- if (value == null) {
- unsetPrivilegesMapByAuth();
- } else {
- setPrivilegesMapByAuth((Map<TSentryAuthorizable,TSentryPrivilegeMap>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case PRIVILEGES_MAP_BY_AUTH:
- return getPrivilegesMapByAuth();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case PRIVILEGES_MAP_BY_AUTH:
- return isSetPrivilegesMapByAuth();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesByAuthResponse)
- return this.equals((TListSentryPrivilegesByAuthResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesByAuthResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_privilegesMapByAuth = true && this.isSetPrivilegesMapByAuth();
- boolean that_present_privilegesMapByAuth = true && that.isSetPrivilegesMapByAuth();
- if (this_present_privilegesMapByAuth || that_present_privilegesMapByAuth) {
- if (!(this_present_privilegesMapByAuth && that_present_privilegesMapByAuth))
- return false;
- if (!this.privilegesMapByAuth.equals(that.privilegesMapByAuth))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_privilegesMapByAuth = true && (isSetPrivilegesMapByAuth());
- list.add(present_privilegesMapByAuth);
- if (present_privilegesMapByAuth)
- list.add(privilegesMapByAuth);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesByAuthResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilegesMapByAuth()).compareTo(other.isSetPrivilegesMapByAuth());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilegesMapByAuth()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegesMapByAuth, other.privilegesMapByAuth);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetPrivilegesMapByAuth()) {
- if (!first) sb.append(", ");
- sb.append("privilegesMapByAuth:");
- if (this.privilegesMapByAuth == null) {
- sb.append("null");
- } else {
- sb.append(this.privilegesMapByAuth);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesByAuthResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthResponseStandardScheme getScheme() {
- return new TListSentryPrivilegesByAuthResponseStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthResponseStandardScheme extends StandardScheme<TListSentryPrivilegesByAuthResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PRIVILEGES_MAP_BY_AUTH
- if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
- {
- org.apache.thrift.protocol.TMap _map146 = iprot.readMapBegin();
- struct.privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>(2*_map146.size);
- TSentryAuthorizable _key147;
- TSentryPrivilegeMap _val148;
- for (int _i149 = 0; _i149 < _map146.size; ++_i149)
- {
- _key147 = new TSentryAuthorizable();
- _key147.read(iprot);
- _val148 = new TSentryPrivilegeMap();
- _val148.read(iprot);
- struct.privilegesMapByAuth.put(_key147, _val148);
- }
- iprot.readMapEnd();
- }
- struct.setPrivilegesMapByAuthIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.privilegesMapByAuth != null) {
- if (struct.isSetPrivilegesMapByAuth()) {
- oprot.writeFieldBegin(PRIVILEGES_MAP_BY_AUTH_FIELD_DESC);
- {
- oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRUCT, org.apache.thrift.protocol.TType.STRUCT, struct.privilegesMapByAuth.size()));
- for (Map.Entry<TSentryAuthorizable, TSentryPrivilegeMap> _iter150 : struct.privilegesMapByAuth.entrySet())
- {
- _iter150.getKey().write(oprot);
- _iter150.getValue().write(oprot);
- }
- oprot.writeMapEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesByAuthResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesByAuthResponseTupleScheme getScheme() {
- return new TListSentryPrivilegesByAuthResponseTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesByAuthResponseTupleScheme extends TupleScheme<TListSentryPrivilegesByAuthResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetPrivilegesMapByAuth()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetPrivilegesMapByAuth()) {
- {
- oprot.writeI32(struct.privilegesMapByAuth.size());
- for (Map.Entry<TSentryAuthorizable, TSentryPrivilegeMap> _iter151 : struct.privilegesMapByAuth.entrySet())
- {
- _iter151.getKey().write(oprot);
- _iter151.getValue().write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TMap _map152 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRUCT, org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>(2*_map152.size);
- TSentryAuthorizable _key153;
- TSentryPrivilegeMap _val154;
- for (int _i155 = 0; _i155 < _map152.size; ++_i155)
- {
- _key153 = new TSentryAuthorizable();
- _key153.read(iprot);
- _val154 = new TSentryPrivilegeMap();
- _val154.read(iprot);
- struct.privilegesMapByAuth.put(_key153, _val154);
- }
- }
- struct.setPrivilegesMapByAuthIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java
deleted file mode 100644
index 2c8ad8d..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java
+++ /dev/null
@@ -1,915 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesForProviderRequest implements org.apache.thrift.TBase<TListSentryPrivilegesForProviderRequest, TListSentryPrivilegesForProviderRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesForProviderRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesForProviderRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("roleSet", org.apache.thrift.protocol.TType.STRUCT, (short)3);
- private static final org.apache.thrift.protocol.TField AUTHORIZABLE_HIERARCHY_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizableHierarchy", org.apache.thrift.protocol.TType.STRUCT, (short)4);
- private static final org.apache.thrift.protocol.TField USERS_FIELD_DESC = new org.apache.thrift.protocol.TField("users", org.apache.thrift.protocol.TType.SET, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesForProviderRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesForProviderRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private Set<String> groups; // required
- private TSentryActiveRoleSet roleSet; // required
- private TSentryAuthorizable authorizableHierarchy; // optional
- private Set<String> users; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- GROUPS((short)2, "groups"),
- ROLE_SET((short)3, "roleSet"),
- AUTHORIZABLE_HIERARCHY((short)4, "authorizableHierarchy"),
- USERS((short)5, "users");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // GROUPS
- return GROUPS;
- case 3: // ROLE_SET
- return ROLE_SET;
- case 4: // AUTHORIZABLE_HIERARCHY
- return AUTHORIZABLE_HIERARCHY;
- case 5: // USERS
- return USERS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.AUTHORIZABLE_HIERARCHY,_Fields.USERS};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- tmpMap.put(_Fields.ROLE_SET, new org.apache.thrift.meta_data.FieldMetaData("roleSet", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryActiveRoleSet.class)));
- tmpMap.put(_Fields.AUTHORIZABLE_HIERARCHY, new org.apache.thrift.meta_data.FieldMetaData("authorizableHierarchy", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class)));
- tmpMap.put(_Fields.USERS, new org.apache.thrift.meta_data.FieldMetaData("users", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesForProviderRequest.class, metaDataMap);
- }
-
- public TListSentryPrivilegesForProviderRequest() {
- this.protocol_version = 2;
-
- }
-
- public TListSentryPrivilegesForProviderRequest(
- int protocol_version,
- Set<String> groups,
- TSentryActiveRoleSet roleSet)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.groups = groups;
- this.roleSet = roleSet;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesForProviderRequest(TListSentryPrivilegesForProviderRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetGroups()) {
- Set<String> __this__groups = new HashSet<String>(other.groups);
- this.groups = __this__groups;
- }
- if (other.isSetRoleSet()) {
- this.roleSet = new TSentryActiveRoleSet(other.roleSet);
- }
- if (other.isSetAuthorizableHierarchy()) {
- this.authorizableHierarchy = new TSentryAuthorizable(other.authorizableHierarchy);
- }
- if (other.isSetUsers()) {
- Set<String> __this__users = new HashSet<String>(other.users);
- this.users = __this__users;
- }
- }
-
- public TListSentryPrivilegesForProviderRequest deepCopy() {
- return new TListSentryPrivilegesForProviderRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.groups = null;
- this.roleSet = null;
- this.authorizableHierarchy = null;
- this.users = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<String> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(String elem) {
- if (this.groups == null) {
- this.groups = new HashSet<String>();
- }
- this.groups.add(elem);
- }
-
- public Set<String> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<String> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public TSentryActiveRoleSet getRoleSet() {
- return this.roleSet;
- }
-
- public void setRoleSet(TSentryActiveRoleSet roleSet) {
- this.roleSet = roleSet;
- }
-
- public void unsetRoleSet() {
- this.roleSet = null;
- }
-
- /** Returns true if field roleSet is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleSet() {
- return this.roleSet != null;
- }
-
- public void setRoleSetIsSet(boolean value) {
- if (!value) {
- this.roleSet = null;
- }
- }
-
- public TSentryAuthorizable getAuthorizableHierarchy() {
- return this.authorizableHierarchy;
- }
-
- public void setAuthorizableHierarchy(TSentryAuthorizable authorizableHierarchy) {
- this.authorizableHierarchy = authorizableHierarchy;
- }
-
- public void unsetAuthorizableHierarchy() {
- this.authorizableHierarchy = null;
- }
-
- /** Returns true if field authorizableHierarchy is set (has been assigned a value) and false otherwise */
- public boolean isSetAuthorizableHierarchy() {
- return this.authorizableHierarchy != null;
- }
-
- public void setAuthorizableHierarchyIsSet(boolean value) {
- if (!value) {
- this.authorizableHierarchy = null;
- }
- }
-
- public int getUsersSize() {
- return (this.users == null) ? 0 : this.users.size();
- }
-
- public java.util.Iterator<String> getUsersIterator() {
- return (this.users == null) ? null : this.users.iterator();
- }
-
- public void addToUsers(String elem) {
- if (this.users == null) {
- this.users = new HashSet<String>();
- }
- this.users.add(elem);
- }
-
- public Set<String> getUsers() {
- return this.users;
- }
-
- public void setUsers(Set<String> users) {
- this.users = users;
- }
-
- public void unsetUsers() {
- this.users = null;
- }
-
- /** Returns true if field users is set (has been assigned a value) and false otherwise */
- public boolean isSetUsers() {
- return this.users != null;
- }
-
- public void setUsersIsSet(boolean value) {
- if (!value) {
- this.users = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<String>)value);
- }
- break;
-
- case ROLE_SET:
- if (value == null) {
- unsetRoleSet();
- } else {
- setRoleSet((TSentryActiveRoleSet)value);
- }
- break;
-
- case AUTHORIZABLE_HIERARCHY:
- if (value == null) {
- unsetAuthorizableHierarchy();
- } else {
- setAuthorizableHierarchy((TSentryAuthorizable)value);
- }
- break;
-
- case USERS:
- if (value == null) {
- unsetUsers();
- } else {
- setUsers((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case GROUPS:
- return getGroups();
-
- case ROLE_SET:
- return getRoleSet();
-
- case AUTHORIZABLE_HIERARCHY:
- return getAuthorizableHierarchy();
-
- case USERS:
- return getUsers();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case GROUPS:
- return isSetGroups();
- case ROLE_SET:
- return isSetRoleSet();
- case AUTHORIZABLE_HIERARCHY:
- return isSetAuthorizableHierarchy();
- case USERS:
- return isSetUsers();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesForProviderRequest)
- return this.equals((TListSentryPrivilegesForProviderRequest)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesForProviderRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- boolean this_present_roleSet = true && this.isSetRoleSet();
- boolean that_present_roleSet = true && that.isSetRoleSet();
- if (this_present_roleSet || that_present_roleSet) {
- if (!(this_present_roleSet && that_present_roleSet))
- return false;
- if (!this.roleSet.equals(that.roleSet))
- return false;
- }
-
- boolean this_present_authorizableHierarchy = true && this.isSetAuthorizableHierarchy();
- boolean that_present_authorizableHierarchy = true && that.isSetAuthorizableHierarchy();
- if (this_present_authorizableHierarchy || that_present_authorizableHierarchy) {
- if (!(this_present_authorizableHierarchy && that_present_authorizableHierarchy))
- return false;
- if (!this.authorizableHierarchy.equals(that.authorizableHierarchy))
- return false;
- }
-
- boolean this_present_users = true && this.isSetUsers();
- boolean that_present_users = true && that.isSetUsers();
- if (this_present_users || that_present_users) {
- if (!(this_present_users && that_present_users))
- return false;
- if (!this.users.equals(that.users))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- boolean present_roleSet = true && (isSetRoleSet());
- list.add(present_roleSet);
- if (present_roleSet)
- list.add(roleSet);
-
- boolean present_authorizableHierarchy = true && (isSetAuthorizableHierarchy());
- list.add(present_authorizableHierarchy);
- if (present_authorizableHierarchy)
- list.add(authorizableHierarchy);
-
- boolean present_users = true && (isSetUsers());
- list.add(present_users);
- if (present_users)
- list.add(users);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesForProviderRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleSet()).compareTo(other.isSetRoleSet());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleSet()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleSet, other.roleSet);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetAuthorizableHierarchy()).compareTo(other.isSetAuthorizableHierarchy());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAuthorizableHierarchy()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizableHierarchy, other.authorizableHierarchy);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetUsers()).compareTo(other.isSetUsers());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetUsers()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.users, other.users);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesForProviderRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleSet:");
- if (this.roleSet == null) {
- sb.append("null");
- } else {
- sb.append(this.roleSet);
- }
- first = false;
- if (isSetAuthorizableHierarchy()) {
- if (!first) sb.append(", ");
- sb.append("authorizableHierarchy:");
- if (this.authorizableHierarchy == null) {
- sb.append("null");
- } else {
- sb.append(this.authorizableHierarchy);
- }
- first = false;
- }
- if (isSetUsers()) {
- if (!first) sb.append(", ");
- sb.append("users:");
- if (this.users == null) {
- sb.append("null");
- } else {
- sb.append(this.users);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleSet()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleSet' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (roleSet != null) {
- roleSet.validate();
- }
- if (authorizableHierarchy != null) {
- authorizableHierarchy.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesForProviderRequestStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderRequestStandardScheme getScheme() {
- return new TListSentryPrivilegesForProviderRequestStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderRequestStandardScheme extends StandardScheme<TListSentryPrivilegesForProviderRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set88 = iprot.readSetBegin();
- struct.groups = new HashSet<String>(2*_set88.size);
- String _elem89;
- for (int _i90 = 0; _i90 < _set88.size; ++_i90)
- {
- _elem89 = iprot.readString();
- struct.groups.add(_elem89);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_SET
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // AUTHORIZABLE_HIERARCHY
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.authorizableHierarchy = new TSentryAuthorizable();
- struct.authorizableHierarchy.read(iprot);
- struct.setAuthorizableHierarchyIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // USERS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set91 = iprot.readSetBegin();
- struct.users = new HashSet<String>(2*_set91.size);
- String _elem92;
- for (int _i93 = 0; _i93 < _set91.size; ++_i93)
- {
- _elem92 = iprot.readString();
- struct.users.add(_elem92);
- }
- iprot.readSetEnd();
- }
- struct.setUsersIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
- for (String _iter94 : struct.groups)
- {
- oprot.writeString(_iter94);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- if (struct.roleSet != null) {
- oprot.writeFieldBegin(ROLE_SET_FIELD_DESC);
- struct.roleSet.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.authorizableHierarchy != null) {
- if (struct.isSetAuthorizableHierarchy()) {
- oprot.writeFieldBegin(AUTHORIZABLE_HIERARCHY_FIELD_DESC);
- struct.authorizableHierarchy.write(oprot);
- oprot.writeFieldEnd();
- }
- }
- if (struct.users != null) {
- if (struct.isSetUsers()) {
- oprot.writeFieldBegin(USERS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.users.size()));
- for (String _iter95 : struct.users)
- {
- oprot.writeString(_iter95);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesForProviderRequestTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderRequestTupleScheme getScheme() {
- return new TListSentryPrivilegesForProviderRequestTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderRequestTupleScheme extends TupleScheme<TListSentryPrivilegesForProviderRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- {
- oprot.writeI32(struct.groups.size());
- for (String _iter96 : struct.groups)
- {
- oprot.writeString(_iter96);
- }
- }
- struct.roleSet.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetAuthorizableHierarchy()) {
- optionals.set(0);
- }
- if (struct.isSetUsers()) {
- optionals.set(1);
- }
- oprot.writeBitSet(optionals, 2);
- if (struct.isSetAuthorizableHierarchy()) {
- struct.authorizableHierarchy.write(oprot);
- }
- if (struct.isSetUsers()) {
- {
- oprot.writeI32(struct.users.size());
- for (String _iter97 : struct.users)
- {
- oprot.writeString(_iter97);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set98 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.groups = new HashSet<String>(2*_set98.size);
- String _elem99;
- for (int _i100 = 0; _i100 < _set98.size; ++_i100)
- {
- _elem99 = iprot.readString();
- struct.groups.add(_elem99);
- }
- }
- struct.setGroupsIsSet(true);
- struct.roleSet = new TSentryActiveRoleSet();
- struct.roleSet.read(iprot);
- struct.setRoleSetIsSet(true);
- BitSet incoming = iprot.readBitSet(2);
- if (incoming.get(0)) {
- struct.authorizableHierarchy = new TSentryAuthorizable();
- struct.authorizableHierarchy.read(iprot);
- struct.setAuthorizableHierarchyIsSet(true);
- }
- if (incoming.get(1)) {
- {
- org.apache.thrift.protocol.TSet _set101 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.users = new HashSet<String>(2*_set101.size);
- String _elem102;
- for (int _i103 = 0; _i103 < _set101.size; ++_i103)
- {
- _elem102 = iprot.readString();
- struct.users.add(_elem102);
- }
- }
- struct.setUsersIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java
deleted file mode 100644
index 3860b19..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java
+++ /dev/null
@@ -1,544 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryPrivilegesForProviderResponse implements org.apache.thrift.TBase<TListSentryPrivilegesForProviderResponse, TListSentryPrivilegesForProviderResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryPrivilegesForProviderResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesForProviderResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryPrivilegesForProviderResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryPrivilegesForProviderResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Set<String> privileges; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- PRIVILEGES((short)2, "privileges");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // PRIVILEGES
- return PRIVILEGES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesForProviderResponse.class, metaDataMap);
- }
-
- public TListSentryPrivilegesForProviderResponse() {
- }
-
- public TListSentryPrivilegesForProviderResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status,
- Set<String> privileges)
- {
- this();
- this.status = status;
- this.privileges = privileges;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryPrivilegesForProviderResponse(TListSentryPrivilegesForProviderResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetPrivileges()) {
- Set<String> __this__privileges = new HashSet<String>(other.privileges);
- this.privileges = __this__privileges;
- }
- }
-
- public TListSentryPrivilegesForProviderResponse deepCopy() {
- return new TListSentryPrivilegesForProviderResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.privileges = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getPrivilegesSize() {
- return (this.privileges == null) ? 0 : this.privileges.size();
- }
-
- public java.util.Iterator<String> getPrivilegesIterator() {
- return (this.privileges == null) ? null : this.privileges.iterator();
- }
-
- public void addToPrivileges(String elem) {
- if (this.privileges == null) {
- this.privileges = new HashSet<String>();
- }
- this.privileges.add(elem);
- }
-
- public Set<String> getPrivileges() {
- return this.privileges;
- }
-
- public void setPrivileges(Set<String> privileges) {
- this.privileges = privileges;
- }
-
- public void unsetPrivileges() {
- this.privileges = null;
- }
-
- /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivileges() {
- return this.privileges != null;
- }
-
- public void setPrivilegesIsSet(boolean value) {
- if (!value) {
- this.privileges = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case PRIVILEGES:
- if (value == null) {
- unsetPrivileges();
- } else {
- setPrivileges((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case PRIVILEGES:
- return getPrivileges();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case PRIVILEGES:
- return isSetPrivileges();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryPrivilegesForProviderResponse)
- return this.equals((TListSentryPrivilegesForProviderResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryPrivilegesForProviderResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_privileges = true && this.isSetPrivileges();
- boolean that_present_privileges = true && that.isSetPrivileges();
- if (this_present_privileges || that_present_privileges) {
- if (!(this_present_privileges && that_present_privileges))
- return false;
- if (!this.privileges.equals(that.privileges))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_privileges = true && (isSetPrivileges());
- list.add(present_privileges);
- if (present_privileges)
- list.add(privileges);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryPrivilegesForProviderResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(other.isSetPrivileges());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivileges()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, other.privileges);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryPrivilegesForProviderResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("privileges:");
- if (this.privileges == null) {
- sb.append("null");
- } else {
- sb.append(this.privileges);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- if (!isSetPrivileges()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privileges' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryPrivilegesForProviderResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderResponseStandardScheme getScheme() {
- return new TListSentryPrivilegesForProviderResponseStandardScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderResponseStandardScheme extends StandardScheme<TListSentryPrivilegesForProviderResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PRIVILEGES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set104 = iprot.readSetBegin();
- struct.privileges = new HashSet<String>(2*_set104.size);
- String _elem105;
- for (int _i106 = 0; _i106 < _set104.size; ++_i106)
- {
- _elem105 = iprot.readString();
- struct.privileges.add(_elem105);
- }
- iprot.readSetEnd();
- }
- struct.setPrivilegesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.privileges != null) {
- oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.privileges.size()));
- for (String _iter107 : struct.privileges)
- {
- oprot.writeString(_iter107);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryPrivilegesForProviderResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryPrivilegesForProviderResponseTupleScheme getScheme() {
- return new TListSentryPrivilegesForProviderResponseTupleScheme();
- }
- }
-
- private static class TListSentryPrivilegesForProviderResponseTupleScheme extends TupleScheme<TListSentryPrivilegesForProviderResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- {
- oprot.writeI32(struct.privileges.size());
- for (String _iter108 : struct.privileges)
- {
- oprot.writeString(_iter108);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set109 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.privileges = new HashSet<String>(2*_set109.size);
- String _elem110;
- for (int _i111 = 0; _i111 < _set109.size; ++_i111)
- {
- _elem110 = iprot.readString();
- struct.privileges.add(_elem110);
- }
- }
- struct.setPrivilegesIsSet(true);
- }
- }
-
-}
-
[47/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
deleted file mode 100644
index d7b65fd..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
+++ /dev/null
@@ -1,798 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.TBase<TAlterSentryRoleGrantPrivilegeRequest, TAlterSentryRoleGrantPrivilegeRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleGrantPrivilegeRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleGrantPrivilegeRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleGrantPrivilegeRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleGrantPrivilegeRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private String component; // required
- private TSentryPrivilege privilege; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- COMPONENT((short)4, "component"),
- PRIVILEGE((short)5, "privilege");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- case 5: // PRIVILEGE
- return PRIVILEGE;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleGrantPrivilegeRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleGrantPrivilegeRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleGrantPrivilegeRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- String component,
- TSentryPrivilege privilege)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.component = component;
- this.privilege = privilege;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleGrantPrivilegeRequest(TAlterSentryRoleGrantPrivilegeRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetPrivilege()) {
- this.privilege = new TSentryPrivilege(other.privilege);
- }
- }
-
- public TAlterSentryRoleGrantPrivilegeRequest deepCopy() {
- return new TAlterSentryRoleGrantPrivilegeRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.component = null;
- this.privilege = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public TSentryPrivilege getPrivilege() {
- return this.privilege;
- }
-
- public void setPrivilege(TSentryPrivilege privilege) {
- this.privilege = privilege;
- }
-
- public void unsetPrivilege() {
- this.privilege = null;
- }
-
- /** Returns true if field privilege is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilege() {
- return this.privilege != null;
- }
-
- public void setPrivilegeIsSet(boolean value) {
- if (!value) {
- this.privilege = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case PRIVILEGE:
- if (value == null) {
- unsetPrivilege();
- } else {
- setPrivilege((TSentryPrivilege)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case COMPONENT:
- return getComponent();
-
- case PRIVILEGE:
- return getPrivilege();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case COMPONENT:
- return isSetComponent();
- case PRIVILEGE:
- return isSetPrivilege();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleGrantPrivilegeRequest)
- return this.equals((TAlterSentryRoleGrantPrivilegeRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleGrantPrivilegeRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_privilege = true && this.isSetPrivilege();
- boolean that_present_privilege = true && that.isSetPrivilege();
- if (this_present_privilege || that_present_privilege) {
- if (!(this_present_privilege && that_present_privilege))
- return false;
- if (!this.privilege.equals(that.privilege))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_privilege = true && (isSetPrivilege());
- list.add(present_privilege);
- if (present_privilege)
- list.add(privilege);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleGrantPrivilegeRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilege()).compareTo(other.isSetPrivilege());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilege()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilege, other.privilege);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleGrantPrivilegeRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("privilege:");
- if (this.privilege == null) {
- sb.append("null");
- } else {
- sb.append(this.privilege);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetPrivilege()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilege' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (privilege != null) {
- privilege.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeRequestStandardScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestStandardScheme extends StandardScheme<TAlterSentryRoleGrantPrivilegeRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // PRIVILEGE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.privilege != null) {
- oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
- struct.privilege.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeRequestTupleScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeRequestTupleScheme extends TupleScheme<TAlterSentryRoleGrantPrivilegeRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- oprot.writeString(struct.component);
- struct.privilege.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
deleted file mode 100644
index fcb1db3..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift.TBase<TAlterSentryRoleGrantPrivilegeResponse, TAlterSentryRoleGrantPrivilegeResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleGrantPrivilegeResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleGrantPrivilegeResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleGrantPrivilegeResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleGrantPrivilegeResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleGrantPrivilegeResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse() {
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleGrantPrivilegeResponse(TAlterSentryRoleGrantPrivilegeResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TAlterSentryRoleGrantPrivilegeResponse deepCopy() {
- return new TAlterSentryRoleGrantPrivilegeResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleGrantPrivilegeResponse)
- return this.equals((TAlterSentryRoleGrantPrivilegeResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleGrantPrivilegeResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleGrantPrivilegeResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleGrantPrivilegeResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeResponseStandardScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseStandardScheme extends StandardScheme<TAlterSentryRoleGrantPrivilegeResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleGrantPrivilegeResponseTupleScheme getScheme() {
- return new TAlterSentryRoleGrantPrivilegeResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleGrantPrivilegeResponseTupleScheme extends TupleScheme<TAlterSentryRoleGrantPrivilegeResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
deleted file mode 100644
index de0b371..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
+++ /dev/null
@@ -1,798 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift.TBase<TAlterSentryRoleRevokePrivilegeRequest, TAlterSentryRoleRevokePrivilegeRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleRevokePrivilegeRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleRevokePrivilegeRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleRevokePrivilegeRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleRevokePrivilegeRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private String component; // required
- private TSentryPrivilege privilege; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- COMPONENT((short)4, "component"),
- PRIVILEGE((short)5, "privilege");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // COMPONENT
- return COMPONENT;
- case 5: // PRIVILEGE
- return PRIVILEGE;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleRevokePrivilegeRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleRevokePrivilegeRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleRevokePrivilegeRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- String component,
- TSentryPrivilege privilege)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.component = component;
- this.privilege = privilege;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleRevokePrivilegeRequest(TAlterSentryRoleRevokePrivilegeRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetPrivilege()) {
- this.privilege = new TSentryPrivilege(other.privilege);
- }
- }
-
- public TAlterSentryRoleRevokePrivilegeRequest deepCopy() {
- return new TAlterSentryRoleRevokePrivilegeRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.component = null;
- this.privilege = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public TSentryPrivilege getPrivilege() {
- return this.privilege;
- }
-
- public void setPrivilege(TSentryPrivilege privilege) {
- this.privilege = privilege;
- }
-
- public void unsetPrivilege() {
- this.privilege = null;
- }
-
- /** Returns true if field privilege is set (has been assigned a value) and false otherwise */
- public boolean isSetPrivilege() {
- return this.privilege != null;
- }
-
- public void setPrivilegeIsSet(boolean value) {
- if (!value) {
- this.privilege = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case PRIVILEGE:
- if (value == null) {
- unsetPrivilege();
- } else {
- setPrivilege((TSentryPrivilege)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case COMPONENT:
- return getComponent();
-
- case PRIVILEGE:
- return getPrivilege();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case COMPONENT:
- return isSetComponent();
- case PRIVILEGE:
- return isSetPrivilege();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleRevokePrivilegeRequest)
- return this.equals((TAlterSentryRoleRevokePrivilegeRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleRevokePrivilegeRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_privilege = true && this.isSetPrivilege();
- boolean that_present_privilege = true && that.isSetPrivilege();
- if (this_present_privilege || that_present_privilege) {
- if (!(this_present_privilege && that_present_privilege))
- return false;
- if (!this.privilege.equals(that.privilege))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_privilege = true && (isSetPrivilege());
- list.add(present_privilege);
- if (present_privilege)
- list.add(privilege);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleRevokePrivilegeRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPrivilege()).compareTo(other.isSetPrivilege());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPrivilege()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilege, other.privilege);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleRevokePrivilegeRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("privilege:");
- if (this.privilege == null) {
- sb.append("null");
- } else {
- sb.append(this.privilege);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetPrivilege()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilege' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (privilege != null) {
- privilege.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeRequestStandardScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestStandardScheme extends StandardScheme<TAlterSentryRoleRevokePrivilegeRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // PRIVILEGE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.privilege != null) {
- oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
- struct.privilege.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeRequestTupleScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeRequestTupleScheme extends TupleScheme<TAlterSentryRoleRevokePrivilegeRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- oprot.writeString(struct.component);
- struct.privilege.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- struct.privilege = new TSentryPrivilege();
- struct.privilege.read(iprot);
- struct.setPrivilegeIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java
deleted file mode 100644
index d37fe4e..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TAlterSentryRoleRevokePrivilegeResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleRevokePrivilegeResponse implements org.apache.thrift.TBase<TAlterSentryRoleRevokePrivilegeResponse, TAlterSentryRoleRevokePrivilegeResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleRevokePrivilegeResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleRevokePrivilegeResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleRevokePrivilegeResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleRevokePrivilegeResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleRevokePrivilegeResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse() {
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleRevokePrivilegeResponse(TAlterSentryRoleRevokePrivilegeResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TAlterSentryRoleRevokePrivilegeResponse deepCopy() {
- return new TAlterSentryRoleRevokePrivilegeResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleRevokePrivilegeResponse)
- return this.equals((TAlterSentryRoleRevokePrivilegeResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleRevokePrivilegeResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleRevokePrivilegeResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleRevokePrivilegeResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeResponseStandardScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseStandardScheme extends StandardScheme<TAlterSentryRoleRevokePrivilegeResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleRevokePrivilegeResponseTupleScheme getScheme() {
- return new TAlterSentryRoleRevokePrivilegeResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleRevokePrivilegeResponseTupleScheme extends TupleScheme<TAlterSentryRoleRevokePrivilegeResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleRevokePrivilegeResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
[26/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
deleted file mode 100644
index feab1e9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
+++ /dev/null
@@ -1,231 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import static org.apache.sentry.core.common.utils.SentryConstants.KV_JOINER;
-import static org.apache.sentry.core.common.utils.SentryConstants.AUTHORIZABLE_JOINER;
-
-import java.util.List;
-import org.apache.sentry.core.common.Authorizable;
-import com.google.common.base.Preconditions;
-import com.google.common.collect.Lists;
-
-public final class PrivilegeObject {
- private final String component;
- private final String service;
- private final String action;
- private final Boolean grantOption;
- private List<? extends Authorizable> authorizables;
-
- private PrivilegeObject(String component, String service, String action,
- Boolean grantOption,
- List<? extends Authorizable> authorizables) {
- this.component = component;
- this.service = service;
- this.action = action;
- this.grantOption = grantOption;
- this.authorizables = authorizables;
- }
-
- public List<? extends Authorizable> getAuthorizables() {
- return authorizables;
- }
-
- public String getAction() {
- return action;
- }
-
- public String getComponent() {
- return component;
- }
-
- public String getService() {
- return service;
- }
-
- public Boolean getGrantOption() {
- return grantOption;
- }
-
- @Override
- public String toString() {
- List<String> authorizable = Lists.newArrayList();
- for (Authorizable az : authorizables) {
- authorizable.add(KV_JOINER.join(az.getTypeName(),az.getName()));
- }
- return "PrivilegeObject [" + ", service=" + service + ", component="
- + component + ", authorizables=" + AUTHORIZABLE_JOINER.join(authorizable)
- + ", action=" + action + ", grantOption=" + grantOption + "]";
- }
-
- @Override
- public int hashCode() {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((action == null) ? 0 : action.hashCode());
- result = prime * result + ((component == null) ? 0 : component.hashCode());
- result = prime * result + ((service == null) ? 0 : service.hashCode());
- result = prime * result + ((grantOption == null) ? 0 : grantOption.hashCode());
- for (Authorizable authorizable : authorizables) {
- result = prime * result + authorizable.getTypeName().hashCode();
- result = prime * result + authorizable.getName().hashCode();
- }
- return result;
- }
-
- @Override
- public boolean equals(Object obj) {
- if (this == obj) {
- return true;
- }
- if (obj == null) {
- return false;
- }
- if (getClass() != obj.getClass()) {
- return false;
- }
- PrivilegeObject other = (PrivilegeObject) obj;
- if (action == null) {
- if (other.action != null) {
- return false;
- }
- } else if (!action.equals(other.action)) {
- return false;
- }
- if (service == null) {
- if (other.service != null) {
- return false;
- }
- } else if (!service.equals(other.service)) {
- return false;
- }
- if (component == null) {
- if (other.component != null) {
- return false;
- }
- } else if (!component.equals(other.component)) {
- return false;
- }
- if (grantOption == null) {
- if (other.grantOption != null) {
- return false;
- }
- } else if (!grantOption.equals(other.grantOption)) {
- return false;
- }
-
- if (authorizables.size() != other.authorizables.size()) {
- return false;
- }
- for (int i = 0; i < authorizables.size(); i++) {
- String o1 = KV_JOINER.join(authorizables.get(i).getTypeName(),
- authorizables.get(i).getName());
- String o2 = KV_JOINER.join(other.authorizables.get(i).getTypeName(),
- other.authorizables.get(i).getName());
- if (!o1.equalsIgnoreCase(o2)) {
- return false;
- }
- }
- return true;
- }
-
- public static class Builder {
- private String component;
- private String service;
- private String action;
- private Boolean grantOption;
- private List<? extends Authorizable> authorizables;
-
- public Builder() {
-
- }
-
- public Builder(PrivilegeObject privilege) {
- this.component = privilege.component;
- this.service = privilege.service;
- this.action = privilege.action;
- this.grantOption = privilege.grantOption;
- this.authorizables = privilege.authorizables;
- }
-
- public Builder setComponent(String component) {
- this.component = component;
- return this;
- }
-
- public Builder setService(String service) {
- this.service = service;
- return this;
- }
-
- public Builder setAction(String action) {
- this.action = action;
- return this;
- }
-
- public Builder withGrantOption(Boolean grantOption) {
- this.grantOption = grantOption;
- return this;
- }
-
- public Builder setAuthorizables(List<? extends Authorizable> authorizables) {
- this.authorizables = authorizables;
- return this;
- }
-
- /**
- * TolowerCase the authorizable name, the authorizable type is define when it was created.
- * Take the Solr for example, it has two Authorizable objects. They have the type Collection
- * and Field, they are can't be changed. So we should unified the authorizable name tolowercase.
- * @return new authorizable lists
- */
- private List<? extends Authorizable> toLowerAuthorizableName(List<? extends Authorizable> authorizables) {
- List<Authorizable> newAuthorizable = Lists.newArrayList();
- if (authorizables == null || authorizables.size() == 0) {
- return newAuthorizable;
- }
- for (final Authorizable authorizable : authorizables) {
- newAuthorizable.add(new Authorizable() {
- @Override
- public String getTypeName() {
- return authorizable.getTypeName();
- }
- @Override
- public String getName() {
- return authorizable.getName();
- }
- });
- }
- return newAuthorizable;
- }
-
- public PrivilegeObject build() {
- Preconditions.checkNotNull(component);
- Preconditions.checkNotNull(service);
- Preconditions.checkNotNull(action);
- //CaseInsensitive authorizable name
- List<? extends Authorizable> newAuthorizable = toLowerAuthorizableName(authorizables);
-
- return new PrivilegeObject(component.toLowerCase(),
- service.toLowerCase(),
- action.toLowerCase(),
- grantOption,
- newAuthorizable);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
deleted file mode 100644
index fa9dadf..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
+++ /dev/null
@@ -1,485 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import java.lang.reflect.Constructor;
-import java.util.ArrayList;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.jdo.PersistenceManager;
-import javax.jdo.Query;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.Action;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.BitFieldAction;
-import org.apache.sentry.core.common.BitFieldActionFactory;
-import org.apache.sentry.core.model.kafka.KafkaActionFactory;
-import org.apache.sentry.core.model.search.SearchActionFactory;
-import org.apache.sentry.core.model.sqoop.SqoopActionFactory;
-import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
-import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-
-import com.google.common.base.Joiner;
-import com.google.common.base.Strings;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * This class used do some operations related privilege and make the results
- * persistence
- */
-public class PrivilegeOperatePersistence {
- private static final Logger LOGGER = LoggerFactory.getLogger(PrivilegeOperatePersistence.class);
- private static final Map<String, BitFieldActionFactory> actionFactories = Maps.newHashMap();
- static{
- actionFactories.put("solr", new SearchActionFactory());
- actionFactories.put("sqoop", new SqoopActionFactory());
- actionFactories.put("kafka", KafkaActionFactory.getInstance());
- }
-
- private final Configuration conf;
-
- public PrivilegeOperatePersistence(Configuration conf) {
- this.conf = conf;
- }
-
- public boolean checkPrivilegeOption(Set<MSentryRole> roles, PrivilegeObject privilege, PersistenceManager pm) {
- MSentryGMPrivilege requestPrivilege = convertToPrivilege(privilege);
- boolean hasGrant = false;
- //get persistent privileges by roles
- Query query = pm.newQuery(MSentryGMPrivilege.class);
- StringBuilder filters = new StringBuilder();
- if (roles != null && roles.size() > 0) {
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (MSentryRole role : roles) {
- rolesFiler.add("role.roleName == \"" + role.getRoleName() + "\" ");
- }
- filters.append("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ")");
- }
- query.setFilter(filters.toString());
-
- List<MSentryGMPrivilege> tPrivileges = (List<MSentryGMPrivilege>)query.execute();
- for (MSentryGMPrivilege tPrivilege : tPrivileges) {
- if (tPrivilege.getGrantOption() && tPrivilege.implies(requestPrivilege)) {
- hasGrant = true;
- break;
- }
- }
- return hasGrant;
- }
- public void grantPrivilege(PrivilegeObject privilege,MSentryRole role, PersistenceManager pm) throws SentryUserException {
- MSentryGMPrivilege mPrivilege = convertToPrivilege(privilege);
- grantRolePartial(mPrivilege, role, pm);
- }
-
- private void grantRolePartial(MSentryGMPrivilege grantPrivilege,
- MSentryRole role,PersistenceManager pm) {
- /**
- * If Grant is for ALL action and other actions belongs to ALL action already exists..
- * need to remove it and GRANT ALL action
- */
- String component = grantPrivilege.getComponentName();
- BitFieldAction action = getAction(component, grantPrivilege.getAction());
- BitFieldAction allAction = getAction(component, Action.ALL);
-
- if (action.implies(allAction)) {
- /**
- * ALL action is a multi-bit set action that includes some actions such as INSERT,SELECT and CREATE.
- */
- List<? extends BitFieldAction> actions = getActionFactory(component).getActionsByCode(allAction.getActionCode());
- for (BitFieldAction ac : actions) {
- grantPrivilege.setAction(ac.getValue());
- MSentryGMPrivilege existPriv = getPrivilege(grantPrivilege, pm);
- if (existPriv != null && role.getGmPrivileges().contains(existPriv)) {
- /**
- * force to load all roles related this privilege
- * avoid the lazy-loading risk,such as:
- * if the roles field of privilege aren't loaded, then the roles is a empty set
- * privilege.removeRole(role) and pm.makePersistent(privilege)
- * will remove other roles that shouldn't been removed
- */
- pm.retrieve(existPriv);
- existPriv.removeRole(role);
- pm.makePersistent(existPriv);
- }
- }
- } else {
- /**
- * If ALL Action already exists..
- * do nothing.
- */
- grantPrivilege.setAction(allAction.getValue());
- MSentryGMPrivilege allPrivilege = getPrivilege(grantPrivilege, pm);
- if (allPrivilege != null && role.getGmPrivileges().contains(allPrivilege)) {
- return;
- }
- }
-
- /**
- * restore the action
- */
- grantPrivilege.setAction(action.getValue());
- /**
- * check the privilege is exist or not
- */
- MSentryGMPrivilege mPrivilege = getPrivilege(grantPrivilege, pm);
- if (mPrivilege == null) {
- mPrivilege = grantPrivilege;
- }
- mPrivilege.appendRole(role);
- pm.makePersistent(mPrivilege);
- }
-
-
- public void revokePrivilege(PrivilegeObject privilege,MSentryRole role, PersistenceManager pm) throws SentryUserException {
- MSentryGMPrivilege mPrivilege = getPrivilege(convertToPrivilege(privilege), pm);
- if (mPrivilege == null) {
- mPrivilege = convertToPrivilege(privilege);
- } else {
- mPrivilege = (MSentryGMPrivilege) pm.detachCopy(mPrivilege);
- }
-
- Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet();
- privilegeGraph.addAll(populateIncludePrivileges(Sets.newHashSet(role), mPrivilege, pm));
-
- /**
- * Get the privilege graph
- * populateIncludePrivileges will get the privileges that needed revoke
- */
- for (MSentryGMPrivilege persistedPriv : privilegeGraph) {
- /**
- * force to load all roles related this privilege
- * avoid the lazy-loading risk,such as:
- * if the roles field of privilege aren't loaded, then the roles is a empty set
- * privilege.removeRole(role) and pm.makePersistent(privilege)
- * will remove other roles that shouldn't been removed
- */
- revokeRolePartial(mPrivilege, persistedPriv, role, pm);
- }
- pm.makePersistent(role);
- }
-
- /**
- * Explore Privilege graph and collect privileges that are belong to the specific privilege
- */
- @SuppressWarnings("unchecked")
- private Set<MSentryGMPrivilege> populateIncludePrivileges(Set<MSentryRole> roles,
- MSentryGMPrivilege parent, PersistenceManager pm) {
- Set<MSentryGMPrivilege> childrens = Sets.newHashSet();
-
- Query query = pm.newQuery(MSentryGMPrivilege.class);
- StringBuilder filters = new StringBuilder();
- //add populateIncludePrivilegesQuery
- filters.append(MSentryGMPrivilege.populateIncludePrivilegesQuery(parent));
- // add filter for role names
- if (roles != null && roles.size() > 0) {
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (MSentryRole role : roles) {
- rolesFiler.add("role.roleName == \"" + role.getRoleName() + "\" ");
- }
- filters.append("&& roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ")");
- }
- query.setFilter(filters.toString());
-
- List<MSentryGMPrivilege> privileges = (List<MSentryGMPrivilege>)query.execute();
- childrens.addAll(privileges);
- return childrens;
- }
-
- /**
- * Roles can be granted multi-bit set action like ALL action on resource object.
- * Take solr component for example, When a role has been granted ALL action but
- * QUERY or UPDATE or CREATE are revoked, we need to remove the ALL
- * privilege and add left privileges like UPDATE and CREATE(QUERY was revoked) or
- * QUERY and UPDATE(CREATEE was revoked).
- */
- private void revokeRolePartial(MSentryGMPrivilege revokePrivilege,
- MSentryGMPrivilege persistedPriv, MSentryRole role,
- PersistenceManager pm) {
- String component = revokePrivilege.getComponentName();
- BitFieldAction revokeaction = getAction(component, revokePrivilege.getAction());
- BitFieldAction persistedAction = getAction(component, persistedPriv.getAction());
- BitFieldAction allAction = getAction(component, Action.ALL);
-
- if (revokeaction.implies(allAction)) {
- /**
- * if revoke action is ALL, directly revoke its children privileges and itself
- */
- persistedPriv.removeRole(role);
- pm.makePersistent(persistedPriv);
- } else {
- /**
- * if persisted action is ALL, it only revoke the requested action and left partial actions
- * like the requested action is SELECT, the UPDATE and CREATE action are left
- */
- if (persistedAction.implies(allAction)) {
- /**
- * revoke the ALL privilege
- */
- persistedPriv.removeRole(role);
- pm.makePersistent(persistedPriv);
-
- List<? extends BitFieldAction> actions = getActionFactory(component).getActionsByCode(allAction.getActionCode());
- for (BitFieldAction ac: actions) {
- if (ac.getActionCode() != revokeaction.getActionCode()) {
- /**
- * grant the left privileges to role
- */
- MSentryGMPrivilege tmpPriv = new MSentryGMPrivilege(persistedPriv);
- tmpPriv.setAction(ac.getValue());
- MSentryGMPrivilege leftPersistedPriv = getPrivilege(tmpPriv, pm);
- if (leftPersistedPriv == null) {
- //leftPersistedPriv isn't exist
- leftPersistedPriv = tmpPriv;
- role.appendGMPrivilege(leftPersistedPriv);
- }
- leftPersistedPriv.appendRole(role);
- pm.makePersistent(leftPersistedPriv);
- }
- }
- } else if (revokeaction.implies(persistedAction)) {
- /**
- * if the revoke action is equal to the persisted action and they aren't ALL action
- * directly remove the role from privilege
- */
- persistedPriv.removeRole(role);
- pm.makePersistent(persistedPriv);
- }
- /**
- * if the revoke action is not equal to the persisted action,
- * do nothing
- */
- }
- }
-
- /**
- * Drop any role related to the requested privilege and its children privileges
- */
- public void dropPrivilege(PrivilegeObject privilege,PersistenceManager pm) {
- MSentryGMPrivilege requestPrivilege = convertToPrivilege(privilege);
-
- if (Strings.isNullOrEmpty(privilege.getAction())) {
- requestPrivilege.setAction(getAction(privilege.getComponent(), Action.ALL).getValue());
- }
- /**
- * Get the privilege graph
- * populateIncludePrivileges will get the privileges that need dropped,
- */
- Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet();
- privilegeGraph.addAll(populateIncludePrivileges(null, requestPrivilege, pm));
-
- for (MSentryGMPrivilege mPrivilege : privilegeGraph) {
- /**
- * force to load all roles related this privilege
- * avoid the lazy-loading
- */
- pm.retrieve(mPrivilege);
- Set<MSentryRole> roles = mPrivilege.getRoles();
- for (MSentryRole role : roles) {
- revokeRolePartial(requestPrivilege, mPrivilege, role, pm);
- }
- }
- }
-
- private MSentryGMPrivilege convertToPrivilege(PrivilegeObject privilege) {
- return new MSentryGMPrivilege(privilege.getComponent(),
- privilege.getService(), privilege.getAuthorizables(),
- privilege.getAction(), privilege.getGrantOption());
- }
-
- private MSentryGMPrivilege getPrivilege(MSentryGMPrivilege privilege, PersistenceManager pm) {
- Query query = pm.newQuery(MSentryGMPrivilege.class);
- query.setFilter(MSentryGMPrivilege.toQuery(privilege));
- query.setUnique(true);
- return (MSentryGMPrivilege)query.execute();
- }
-
- @SuppressWarnings("unchecked")
- public Set<PrivilegeObject> getPrivilegesByRole(Set<MSentryRole> roles, PersistenceManager pm) {
- Set<PrivilegeObject> privileges = Sets.newHashSet();
- if (roles == null || roles.size() == 0) {
- return privileges;
- }
- Query query = pm.newQuery(MSentryGMPrivilege.class);
- StringBuilder filters = new StringBuilder();
- // add filter for role names
- query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
- List<String> rolesFiler = new LinkedList<String>();
- for (MSentryRole role : roles) {
- rolesFiler.add("role.roleName == \"" + role.getRoleName() + "\" ");
- }
- filters.append("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ")");
-
- query.setFilter(filters.toString());
- List<MSentryGMPrivilege> mPrivileges = (List<MSentryGMPrivilege>) query.execute();
- if (mPrivileges == null || mPrivileges.isEmpty()) {
- return privileges;
- }
- for (MSentryGMPrivilege mPrivilege : mPrivileges) {
- privileges.add(new Builder()
- .setComponent(mPrivilege.getComponentName())
- .setService(mPrivilege.getServiceName())
- .setAction(mPrivilege.getAction())
- .setAuthorizables(mPrivilege.getAuthorizables())
- .withGrantOption(mPrivilege.getGrantOption())
- .build());
- }
- return privileges;
- }
-
- public Set<PrivilegeObject> getPrivilegesByProvider(String component,
- String service, Set<MSentryRole> roles,
- List<? extends Authorizable> authorizables, PersistenceManager pm) {
- Set<PrivilegeObject> privileges = Sets.newHashSet();
- if (roles == null || roles.isEmpty()) {
- return privileges;
- }
-
- MSentryGMPrivilege parentPrivilege = new MSentryGMPrivilege(component, service, authorizables, null, null);
- Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet();
- privilegeGraph.addAll(populateIncludePrivileges(roles, parentPrivilege, pm));
-
- for (MSentryGMPrivilege mPrivilege : privilegeGraph) {
- privileges.add(new Builder()
- .setComponent(mPrivilege.getComponentName())
- .setService(mPrivilege.getServiceName())
- .setAction(mPrivilege.getAction())
- .setAuthorizables(mPrivilege.getAuthorizables())
- .withGrantOption(mPrivilege.getGrantOption())
- .build());
- }
- return privileges;
- }
-
- public Set<MSentryGMPrivilege> getPrivilegesByAuthorizable(String component,
- String service, Set<MSentryRole> roles,
- List<? extends Authorizable> authorizables, PersistenceManager pm) {
-
- Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet();
-
- if (roles == null || roles.isEmpty()) {
- return privilegeGraph;
- }
-
- MSentryGMPrivilege parentPrivilege = new MSentryGMPrivilege(component, service, authorizables, null, null);
- privilegeGraph.addAll(populateIncludePrivileges(roles, parentPrivilege, pm));
- return privilegeGraph;
- }
-
- public void renamePrivilege(String component, String service,
- List<? extends Authorizable> oldAuthorizables, List<? extends Authorizable> newAuthorizables,
- String grantorPrincipal, PersistenceManager pm)
- throws SentryUserException {
- MSentryGMPrivilege oldPrivilege = new MSentryGMPrivilege(component, service, oldAuthorizables, null, null);
- oldPrivilege.setAction(getAction(component,Action.ALL).getValue());
- /**
- * Get the privilege graph
- * populateIncludePrivileges will get the old privileges that need dropped
- */
- Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet();
- privilegeGraph.addAll(populateIncludePrivileges(null, oldPrivilege, pm));
-
- for (MSentryGMPrivilege dropPrivilege : privilegeGraph) {
- /**
- * construct the new privilege needed to add
- */
- List<Authorizable> authorizables = new ArrayList<Authorizable>(
- dropPrivilege.getAuthorizables());
- for (int i = 0; i < newAuthorizables.size(); i++) {
- authorizables.set(i, newAuthorizables.get(i));
- }
- MSentryGMPrivilege newPrivilge = new MSentryGMPrivilege(
- component,service, authorizables, dropPrivilege.getAction(),
- dropPrivilege.getGrantOption());
-
- /**
- * force to load all roles related this privilege
- * avoid the lazy-loading
- */
- pm.retrieve(dropPrivilege);
-
- Set<MSentryRole> roles = dropPrivilege.getRoles();
- for (MSentryRole role : roles) {
- revokeRolePartial(oldPrivilege, dropPrivilege, role, pm);
- grantRolePartial(newPrivilge, role, pm);
- }
- }
- }
-
- private BitFieldAction getAction(String component, String name) {
- BitFieldActionFactory actionFactory = getActionFactory(component);
- BitFieldAction action = actionFactory.getActionByName(name);
- if (action == null) {
- throw new RuntimeException("Can not get BitFieldAction for name: " + name);
- }
- return action;
- }
-
- private BitFieldActionFactory getActionFactory(String component) {
- String caseInsensitiveComponent = component.toLowerCase();
- if (actionFactories.containsKey(caseInsensitiveComponent)) {
- return actionFactories.get(caseInsensitiveComponent);
- }
- BitFieldActionFactory actionFactory = createActionFactory(caseInsensitiveComponent);
- actionFactories.put(caseInsensitiveComponent, actionFactory);
- LOGGER.info("Action factory for component {} is not found in cache. Loaded it from configuration as {}.",
- component, actionFactory.getClass().getName());
- return actionFactory;
- }
-
- private BitFieldActionFactory createActionFactory(String component) {
- String actionFactoryClassName =
- conf.get(String.format(ServiceConstants.ServerConfig.SENTRY_COMPONENT_ACTION_FACTORY_FORMAT, component));
- if (actionFactoryClassName == null) {
- throw new RuntimeException("ActionFactory not defined for component " + component +
- ". Please define the parameter " +
- "sentry." + component + ".action.factory in configuration");
- }
- Class<?> actionFactoryClass;
- try {
- actionFactoryClass = Class.forName(actionFactoryClassName);
- } catch (ClassNotFoundException e) {
- throw new RuntimeException("ActionFactory class " + actionFactoryClassName + " not found.");
- }
- if (!BitFieldActionFactory.class.isAssignableFrom(actionFactoryClass)) {
- throw new RuntimeException("ActionFactory class " + actionFactoryClassName + " must extend "
- + BitFieldActionFactory.class.getName());
- }
- BitFieldActionFactory actionFactory;
- try {
- Constructor<?> actionFactoryConstructor = actionFactoryClass.getDeclaredConstructor();
- actionFactoryConstructor.setAccessible(true);
- actionFactory = (BitFieldActionFactory) actionFactoryClass.newInstance();
- } catch (NoSuchMethodException | InstantiationException | IllegalAccessException e) {
- throw new RuntimeException("Could not instantiate actionFactory " + actionFactoryClassName +
- " for component: " + component, e);
- }
- return actionFactory;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
deleted file mode 100644
index c003965..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
+++ /dev/null
@@ -1,198 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import java.util.List;
-import java.util.Set;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-
-/**
- * Sentry store for persistent the authorize object to database
- */
-public interface SentryStoreLayer {
- /**
- * Create a role
- * @param component: The request respond to which component
- * @param role: The name of role
- * @param requestor: User on whose behalf the request is launched
- * @returns commit context used for notification handlers
- * @throws SentryAlreadyExistsException
- */
- CommitContext createRole(String component, String role,
- String requestor) throws SentryAlreadyExistsException;
-
- /**
- * Drop a role
- * @param component: The request respond to which component
- * @param role: The name of role
- * @param requestor: user on whose behalf the request is launched
- * @returns commit context used for notification handlers
- * @throws SentryNoSuchObjectException
- */
- CommitContext dropRole(String component, String role,
- String requestor) throws SentryNoSuchObjectException;
-
- /**
- * Add a role to groups.
- * @param component: The request respond to which component
- * @param role: The name of role
- * @param groups: The name of groups
- * @param requestor: User on whose behalf the request is issued
- * @returns commit context used for notification handlers
- * @throws SentryNoSuchObjectException
- */
- CommitContext alterRoleAddGroups(String component, String role,
- Set<String> groups, String requestor) throws SentryNoSuchObjectException;
-
- /**
- * Delete a role from groups.
- * @param component: The request respond to which component
- * @param role: The name of role
- * @param groups: The name of groups
- * @param requestor: User on whose behalf the request is launched
- * @returns commit context used for notification handlers
- * @throws SentryNoSuchObjectException
- */
- CommitContext alterRoleDeleteGroups(String component, String role,
- Set<String> groups, String requestor) throws SentryNoSuchObjectException;
-
- /**
- * Grant a privilege to role.
- * @param component: The request respond to which component
- * @param role: The name of role
- * @param privilege: The privilege object will be granted
- * @param grantorPrincipal: User on whose behalf the request is launched
- * @returns commit context Used for notification handlers
- * @throws SentryUserException
- */
- CommitContext alterRoleGrantPrivilege(String component, String role,
- PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException;
-
- /**
- * Revoke a privilege from role.
- * @param component: The request respond to which component
- * @param role: The name of role
- * @param privilege: The privilege object will revoked
- * @param grantorPrincipal: User on whose behalf the request is launched
- * @returns commit context used for notification handlers
- * @throws SentryUserException
- */
- CommitContext alterRoleRevokePrivilege(String component, String role,
- PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException;
-
- /**
- * Rename privilege
- *
- * @param component: The request respond to which component
- * @param service: The name of service
- * @param oldAuthorizables: The old list of authorize objects
- * @param newAuthorizables: The new list of authorize objects
- * @param requestor: User on whose behalf the request is launched
- * @returns commit context used for notification handlers
- * @throws SentryUserException
- */
- CommitContext renamePrivilege(
- String component, String service, List<? extends Authorizable> oldAuthorizables,
- List<? extends Authorizable> newAuthorizables, String requestor) throws SentryUserException;
-
- /**
- * Drop privilege
- * @param component: The request respond to which component
- * @param privilege: The privilege will be dropped
- * @param requestor: User on whose behalf the request is launched
- * @returns commit context used for notification handlers
- * @throws SentryUserException
- */
- CommitContext dropPrivilege(String component, PrivilegeObject privilege,
- String requestor) throws SentryUserException;
-
- /**
- * Get roles
- * @param component: The request respond to which component
- * @param groups: The name of groups
- * @returns the set of roles
- * @throws SentryUserException
- */
- Set<String> getRolesByGroups(String component, Set<String> groups) throws SentryUserException;
-
- /**
- * Get groups
- * @param component: The request respond to which component
- * @param roles: The name of roles
- * @returns the set of groups
- * @throws SentryUserException
- */
- Set<String> getGroupsByRoles(String component, Set<String> roles) throws SentryUserException;
-
- /**
- * Get privileges
- * @param component: The request respond to which component
- * @param roles: The name of roles
- * @returns the set of privileges
- * @throws SentryUserException
- */
- Set<PrivilegeObject> getPrivilegesByRole(String component, Set<String> roles) throws SentryUserException;
-
- /**
- * get sentry privileges from provider as followings:
- * @param component: The request respond to which component
- * @param service: The name of service
- * @param roles: The name of roles
- * @param groups: The name of groups
- * @param authorizables: The list of authorize objects
- * @returns the set of privileges
- * @throws SentryUserException
- */
-
- Set<PrivilegeObject> getPrivilegesByProvider(String component, String service, Set<String> roles,
- Set<String> groups, List<? extends Authorizable> authorizables)
- throws SentryUserException;
-
- /**
- * Get all roles name.
- *
- * @returns The set of roles name,
- */
- Set<String> getAllRoleNames();
-
- /**
- * Get sentry privileges based on valid active roles and the authorize objects.
- *
- * @param component: The request respond to which component
- * @param service: The name of service
- * @param validActiveRoles: The valid active roles
- * @param authorizables: The list of authorize objects
- * @returns The set of MSentryGMPrivilege
- * @throws SentryUserException
- */
- Set<MSentryGMPrivilege> getPrivilegesByAuthorizable(String component, String service,
- Set<String> validActiveRoles, List<? extends Authorizable> authorizables)
- throws SentryUserException;
-
- /**
- * close sentryStore
- */
- void close();
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
deleted file mode 100644
index e0a5f03..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-
-public interface NotificationHandler {
-
- void create_sentry_role(CommitContext context,
- TCreateSentryRoleRequest request, TCreateSentryRoleResponse response);
-
- void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request,
- TDropSentryRoleResponse response);
-
- void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response);
-
- void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response);
-
- void alter_sentry_role_add_groups(CommitContext context,TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response);
-
- void alter_sentry_role_delete_groups(CommitContext context, TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response);
-
- void drop_sentry_privilege(CommitContext context, TDropPrivilegesRequest request,
- TDropPrivilegesResponse response);
-
- void rename_sentry_privilege(CommitContext context, TRenamePrivilegesRequest request,
- TRenamePrivilegesResponse response);
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
deleted file mode 100644
index 1d9c246..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import java.util.List;
-
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Lists;
-
-/**
- * Invokes configured instances of NotificationHandler. Importantly
- * NotificationHandler's each receive a copy of the request and
- * response thrift objects from each successful request.
- */
-public class NotificationHandlerInvoker implements NotificationHandler {
- private static final Logger LOGGER = LoggerFactory.getLogger(NotificationHandlerInvoker.class);
- private List<? extends NotificationHandler> handlers = Lists.newArrayList();
-
- public NotificationHandlerInvoker(List<? extends NotificationHandler> handlers) {
- this.handlers = handlers;
- }
- @Override
- public void create_sentry_role(CommitContext context,
- TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.create_sentry_role(context, new TCreateSentryRoleRequest(request),
- new TCreateSentryRoleResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void drop_sentry_role(CommitContext context,
- TDropSentryRoleRequest request, TDropSentryRoleResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.drop_sentry_role(context, new TDropSentryRoleRequest(request),
- new TDropSentryRoleResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_grant_privilege(CommitContext context,
- TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_grant_privilege(context,
- new TAlterSentryRoleGrantPrivilegeRequest(request),
- new TAlterSentryRoleGrantPrivilegeResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_revoke_privilege(CommitContext context,
- TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_revoke_privilege(context,
- new TAlterSentryRoleRevokePrivilegeRequest(request),
- new TAlterSentryRoleRevokePrivilegeResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_add_groups(CommitContext context,
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_add_groups(context, new TAlterSentryRoleAddGroupsRequest(request),
- new TAlterSentryRoleAddGroupsResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_delete_groups(CommitContext context,
- TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_delete_groups(context, new TAlterSentryRoleDeleteGroupsRequest(request),
- new TAlterSentryRoleDeleteGroupsResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
- @Override
- public void drop_sentry_privilege(CommitContext context,
- TDropPrivilegesRequest request, TDropPrivilegesResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.drop_sentry_privilege(context, new TDropPrivilegesRequest(request),
- new TDropPrivilegesResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
- @Override
- public void rename_sentry_privilege(CommitContext context,
- TRenamePrivilegesRequest request, TRenamePrivilegesResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.rename_sentry_privilege(context, new TRenamePrivilegesRequest(request),
- new TRenamePrivilegesResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
deleted file mode 100644
index 04e7ea9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
+++ /dev/null
@@ -1,836 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import static org.apache.sentry.core.common.utils.SentryConstants.AUTHORIZABLE_JOINER;
-import static org.apache.sentry.core.common.utils.SentryConstants.KV_JOINER;
-
-import java.lang.reflect.Constructor;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.common.utils.KeyValue;
-import org.apache.sentry.provider.common.AuthorizationComponent;
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryInvalidInputException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException;
-import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject;
-import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
-import org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer;
-import org.apache.sentry.provider.db.log.entity.JsonLogEntityFactory;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ThriftConstants;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.sentry.service.thrift.TSentryResponseStatus;
-import org.apache.thrift.TException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Splitter;
-import com.google.common.base.Strings;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Lists;
-import com.google.common.collect.Maps;
-import com.google.common.collect.Sets;
-
-public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.Iface {
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryGenericPolicyProcessor.class);
- private static final Logger AUDIT_LOGGER = LoggerFactory
- .getLogger(Constants.AUDIT_LOGGER_NAME_GENERIC);
- private final Configuration conf;
- private final ImmutableSet<String> adminGroups;
- private final SentryStoreLayer store;
- private final NotificationHandlerInvoker handerInvoker;
-
- public static final String SENTRY_GENERIC_SERVICE_NAME = "SentryGenericPolicyService";
- private static final String ACCESS_DENIAL_MESSAGE = "Access denied to ";
-
- public SentryGenericPolicyProcessor(Configuration conf) throws Exception {
- this.store = createStore(conf);
- this.handerInvoker = new NotificationHandlerInvoker(createHandlers(conf));
- this.conf = conf;
- adminGroups = ImmutableSet.copyOf((Sets.newHashSet(conf.getStrings(
- ServerConfig.ADMIN_GROUPS, new String[]{}))));
- }
-
- @VisibleForTesting
- public SentryGenericPolicyProcessor(Configuration conf, SentryStoreLayer store) throws Exception {
- this.store = store;
- this.handerInvoker = new NotificationHandlerInvoker(createHandlers(conf));
- this.conf = conf;
- adminGroups = ImmutableSet.copyOf(toTrimmed(Sets.newHashSet(conf.getStrings(
- ServerConfig.ADMIN_GROUPS, new String[]{}))));
- }
-
- private void authorize(String requestorUser, Set<String> requestorGroups)
- throws SentryAccessDeniedException {
- if (!inAdminGroups(requestorGroups)) {
- String msg = "User: " + requestorUser + " is part of " + requestorGroups +
- " which does not, intersect admin groups " + adminGroups;
- LOGGER.warn(msg);
- throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + requestorUser);
- }
- }
-
- private Set<String> toTrimmedLower(Set<String> s) {
- if (null == s) {
- return new HashSet<String>();
- }
- Set<String> result = Sets.newHashSet();
- for (String v : s) {
- result.add(v.trim().toLowerCase());
- }
- return result;
- }
-
- private Set<String> toTrimmed(Set<String> s) {
- if (null == s) {
- return new HashSet<String>();
- }
- Set<String> result = Sets.newHashSet();
- for (String v : s) {
- result.add(v.trim());
- }
- return result;
- }
-
- private String toTrimmedLower(String s) {
- if (Strings.isNullOrEmpty(s)){
- return "";
- }
- return s.trim().toLowerCase();
- }
-
- public static Set<String> getRequestorGroups(Configuration conf, String userName) throws SentryUserException {
- return SentryPolicyStoreProcessor.getGroupsFromUserName(conf, userName);
- }
-
- private boolean inAdminGroups(Set<String> requestorGroups) {
- if (Sets.intersection(adminGroups, requestorGroups).isEmpty()) {
- return false;
- }
- return true;
- }
-
- public static SentryStoreLayer createStore(Configuration conf) throws SentrySiteConfigurationException {
- SentryStoreLayer storeLayer = null;
- String store = conf.get(PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE, PolicyStoreConstants.SENTRY_GENERIC_POLICY_STORE_DEFAULT);
-
- if (Strings.isNullOrEmpty(store)) {
- throw new SentrySiteConfigurationException("sentry.generic.policy.store can not be empty");
- }
- try {
- storeLayer = createInstance(store, conf, SentryStoreLayer.class);
- } catch (Exception e) {
- throw new SentrySiteConfigurationException("Create sentryStore error: " + e.getMessage(), e);
- }
- return storeLayer;
- }
-
- public static List<NotificationHandler> createHandlers(Configuration conf) throws SentrySiteConfigurationException {
-
- List<NotificationHandler> handlers = Lists.newArrayList();
- Iterable<String> notificationHandlers = Splitter.onPattern("[\\s,]").trimResults()
- .omitEmptyStrings().split(conf.get(PolicyStoreConstants.SENTRY_GENERIC_POLICY_NOTIFICATION, ""));
- try {
- for (String notificationHandler : notificationHandlers) {
- handlers.add(createInstance(notificationHandler, conf, NotificationHandler.class));
- }
- } catch (Exception e) {
- throw new SentrySiteConfigurationException("Create notificationHandlers error: " + e.getMessage(), e);
- }
- return handlers;
- }
-
- @SuppressWarnings("unchecked")
- public static <T> T createInstance(String className, Configuration conf, Class<T> iface) throws Exception {
- T result;
- try {
- Class<?> clazz = Class.forName(className);
- if (!iface.isAssignableFrom(clazz)) {
- throw new IllegalArgumentException("Class " + clazz + " is not a " +
- iface.getName());
- }
- Constructor<T> meth = (Constructor<T>)clazz.getDeclaredConstructor(Configuration.class);
- meth.setAccessible(true);
- result = meth.newInstance(new Object[]{conf});
- } catch (Exception e) {
- throw new RuntimeException(e);
- }
- return result;
- }
-
- private <T> Response<T> requestHandle(RequestHandler<T> handler) {
- Response<T> response = new Response<T>();
- try {
- response = handler.handle();
- } catch (SentryAccessDeniedException e) {
- String msg = "Sentry access denied: " + e.getMessage();
- LOGGER.error(msg, e);
- response.status = Status.AccessDenied(e.getMessage(), e);
- } catch (SentryAlreadyExistsException e) {
- String msg = "Sentry object already exists: " + e.getMessage();
- LOGGER.error(msg, e);
- response.status = Status.AlreadyExists(e.getMessage(), e);
- } catch (SentryNoSuchObjectException e) {
- String msg = "Sentry object doesn't exist: " + e.getMessage();
- LOGGER.error(msg, e);
- response.status = Status.NoSuchObject(e.getMessage(), e);
- } catch (SentryInvalidInputException e) {
- String msg = "Invalid input privilege object: " + e.getMessage();
- LOGGER.error(msg, e);
- response.status = Status.InvalidInput(msg, e);
- } catch (SentryThriftAPIMismatchException e) {
- String msg = "Sentry thrift API mismatch error: " + e.getMessage();
- LOGGER.error(msg, e);
- response.status = Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e);
- } catch (Exception e) {
- String msg = "Unknown error:" + e.getMessage();
- LOGGER.error(msg, e);
- response.status = Status.RuntimeError(msg, e);
- }
- return response;
- }
-
- private PrivilegeObject toPrivilegeObject(TSentryPrivilege tSentryPrivilege) {
- Boolean grantOption;
- if (tSentryPrivilege.getGrantOption().equals(TSentryGrantOption.TRUE)) {
- grantOption = true;
- } else if (tSentryPrivilege.getGrantOption().equals(TSentryGrantOption.FALSE)) {
- grantOption = false;
- } else {
- grantOption = null;
- }
- return new Builder().setComponent(tSentryPrivilege.getComponent())
- .setService(tSentryPrivilege.getServiceName())
- .setAuthorizables(toAuthorizables(tSentryPrivilege.getAuthorizables()))
- .setAction(tSentryPrivilege.getAction())
- .withGrantOption(grantOption)
- .build();
- }
-
- private TSentryPrivilege fromPrivilegeObject(PrivilegeObject privilege) {
-
- TSentryPrivilege tPrivilege = new TSentryPrivilege(privilege.getComponent(), privilege.getService(),
- fromAuthorizable(privilege.getAuthorizables()),
- privilege.getAction());
- if (privilege.getGrantOption() == null) {
- tPrivilege.setGrantOption(TSentryGrantOption.UNSET);
- } else if (privilege.getGrantOption()) {
- tPrivilege.setGrantOption(TSentryGrantOption.TRUE);
- } else {
- tPrivilege.setGrantOption(TSentryGrantOption.FALSE);
- }
- return tPrivilege;
- }
-
- private List<TAuthorizable> fromAuthorizable(List<? extends Authorizable> authorizables) {
- List<TAuthorizable> tAuthorizables = Lists.newArrayList();
- for (Authorizable authorizable : authorizables) {
- tAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- }
- return tAuthorizables;
- }
-
- private String fromAuthorizableToStr(List<? extends Authorizable> authorizables) {
- if (authorizables != null && !authorizables.isEmpty()) {
- List<String> privileges = Lists.newArrayList();
-
- for (Authorizable authorizable : authorizables) {
-
- privileges.add(SentryConstants.KV_JOINER.join(authorizable.getTypeName(),
- authorizable.getName()));
- }
-
- return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
- } else {
- return "";
- }
- }
-
- private List<? extends Authorizable> toAuthorizables(List<TAuthorizable> tAuthorizables) {
- List<Authorizable> authorizables = Lists.newArrayList();
- if (tAuthorizables == null) {
- return authorizables;
- }
- for (final TAuthorizable tAuthorizable : tAuthorizables) {
- authorizables.add(new Authorizable() {
- @Override
- public String getTypeName() {
- return tAuthorizable.getType();
- }
- @Override
- public String getName() {
- return tAuthorizable.getName();
- }
- });
- }
- return authorizables;
- }
-
- private List<? extends Authorizable> toAuthorizables(String privilegeStr) {
- List<Authorizable> authorizables = Lists.newArrayList();
- if (privilegeStr == null) {
- return authorizables;
- }
-
- for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
- KeyValue tempKV = new KeyValue(authorizable);
- final String key = tempKV.getKey();
- final String value = tempKV.getValue();
-
- authorizables.add(new Authorizable() {
- @Override
- public String getTypeName() {
- return key;
- }
-
- @Override
- public String getName() {
- return value;
- }
- });
- }
-
- return authorizables;
- }
-
- // Construct the role to set of privileges mapping based on the
- // MSentryGMPrivilege information.
- private TSentryPrivilegeMap toTSentryPrivilegeMap(Set<MSentryGMPrivilege> mPrivileges) {
-
- // Mapping of <Role, Set<Privilege>>.
- Map<String, Set<TSentryPrivilege>> tPrivilegeMap = Maps.newTreeMap();
-
- for (MSentryGMPrivilege mPrivilege : mPrivileges) {
- for (MSentryRole role : mPrivilege.getRoles()) {
-
- TSentryPrivilege tPrivilege = toTSentryPrivilege(mPrivilege);
-
- if (tPrivilegeMap.containsKey(role.getRoleName())) {
- tPrivilegeMap.get(role.getRoleName()).add(tPrivilege);
- } else {
- Set<TSentryPrivilege> tPrivilegeSet = Sets.newTreeSet();
- tPrivilegeSet.add(tPrivilege);
- tPrivilegeMap.put(role.getRoleName(), tPrivilegeSet);
- }
- }
- }
-
- return new TSentryPrivilegeMap(tPrivilegeMap);
- }
-
- // Construct TSentryPrivilege based on MSentryGMPrivilege information.
- private TSentryPrivilege toTSentryPrivilege(MSentryGMPrivilege mPrivilege) {
-
- TSentryPrivilege tPrivilege = new TSentryPrivilege(mPrivilege.getComponentName(),
- mPrivilege.getServiceName(), fromAuthorizable(mPrivilege.getAuthorizables()), mPrivilege.getAction());
-
- if (mPrivilege.getGrantOption() == null) {
- tPrivilege.setGrantOption(TSentryGrantOption.UNSET);
- } else if (mPrivilege.getGrantOption()) {
- tPrivilege.setGrantOption(TSentryGrantOption.TRUE);
- } else {
- tPrivilege.setGrantOption(TSentryGrantOption.FALSE);
- }
-
- return tPrivilege;
- }
-
- private Set<String> buildPermissions(Set<PrivilegeObject> privileges) {
- Set<String> permissions = Sets.newHashSet();
- for (PrivilegeObject privilege : privileges) {
- List<String> hierarchy = Lists.newArrayList();
- if (hasComponentServerPrivilege(privilege.getComponent())) {
- hierarchy.add(KV_JOINER.join("server", privilege.getService()));
- }
- for (Authorizable authorizable : privilege.getAuthorizables()) {
- hierarchy.add(KV_JOINER.join(authorizable.getTypeName(),authorizable.getName()));
- }
- hierarchy.add(KV_JOINER.join("action", privilege.getAction()));
- permissions.add(AUTHORIZABLE_JOINER.join(hierarchy));
- }
- return permissions;
- }
-
- private boolean hasComponentServerPrivilege(String component) {
- //judge the component whether has the server privilege, for example: sqoop has the privilege on the server
- return AuthorizationComponent.SQOOP.equalsIgnoreCase(component);
- }
-
- @Override
- public TCreateSentryRoleResponse create_sentry_role(
- final TCreateSentryRoleRequest request) throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(conf, request.getRequestorUserName()));
- CommitContext context = store.createRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName());
- return new Response<Void>(Status.OK(), context);
- }
- });
-
- TCreateSentryRoleResponse tResponse = new TCreateSentryRoleResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.create_sentry_role(respose.context, request, tResponse);
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error in creating audit log for create role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return tResponse;
- }
-
- @Override
- public TDropSentryRoleResponse drop_sentry_role(final TDropSentryRoleRequest request)
- throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(conf, request.getRequestorUserName()));
- CommitContext context = store.dropRole(request.getComponent(), request.getRoleName(), request.getRequestorUserName());
- return new Response<Void>(Status.OK(), context);
- }
- });
-
- TDropSentryRoleResponse tResponse = new TDropSentryRoleResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.drop_sentry_role(respose.context, request, tResponse);
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error in creating audit log for drop role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return tResponse;
- }
-
- @Override
- public TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(
- final TAlterSentryRoleGrantPrivilegeRequest request) throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- CommitContext context = store.alterRoleGrantPrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName());
- return new Response<Void>(Status.OK(), context);
- }
- });
-
- TAlterSentryRoleGrantPrivilegeResponse tResponse = new TAlterSentryRoleGrantPrivilegeResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.alter_sentry_role_grant_privilege(respose.context, request, tResponse);
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error in creating audit log for grant privilege to role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return tResponse;
- }
-
- @Override
- public TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(
- final TAlterSentryRoleRevokePrivilegeRequest request) throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- CommitContext context = store.alterRoleRevokePrivilege(request.getComponent(), request.getRoleName(), toPrivilegeObject(request.getPrivilege()), request.getRequestorUserName());
- return new Response<Void>(Status.OK(), context);
- }
- });
-
- TAlterSentryRoleRevokePrivilegeResponse tResponse = new TAlterSentryRoleRevokePrivilegeResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.alter_sentry_role_revoke_privilege(respose.context, request, tResponse);
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error in creating audit log for revoke privilege from role: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return tResponse;
- }
-
- @Override
- public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(
- final TAlterSentryRoleAddGroupsRequest request) throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(conf, request.getRequestorUserName()));
- CommitContext context = store.alterRoleAddGroups(request.getComponent(), request.getRoleName(), request.getGroups(), request.getRequestorUserName());
- return new Response<Void>(Status.OK(), context);
- }
- });
-
- TAlterSentryRoleAddGroupsResponse tResponse = new TAlterSentryRoleAddGroupsResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.alter_sentry_role_add_groups(respose.context, request, tResponse);
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error in creating audit log for add role to group: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return tResponse;
- }
-
- @Override
- public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(
- final TAlterSentryRoleDeleteGroupsRequest request) throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(conf, request.getRequestorUserName()));
- CommitContext context = store.alterRoleDeleteGroups(request.getComponent(), request.getRoleName(), request.getGroups(), request.getRequestorUserName());
- return new Response<Void>(Status.OK(), context);
- }
- });
-
- TAlterSentryRoleDeleteGroupsResponse tResponse = new TAlterSentryRoleDeleteGroupsResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.alter_sentry_role_delete_groups(respose.context, request, tResponse);
- }
-
- try {
- AUDIT_LOGGER.info(JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, tResponse, conf).toJsonFormatLog());
- } catch (Exception e) {
- // if any exception, log the exception.
- String msg = "Error in creating audit log for delete role from group: " + e.getMessage();
- LOGGER.error(msg, e);
- }
- return tResponse;
- }
-
- @Override
- public TListSentryRolesResponse list_sentry_roles_by_group(
- final TListSentryRolesRequest request) throws TException {
- Response<Set<TSentryRole>> respose = requestHandle(new RequestHandler<Set<TSentryRole>>() {
- @Override
- public Response<Set<TSentryRole>> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
- if (!AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) {
- boolean admin = inAdminGroups(groups);
- //Only admin users can list all roles in the system ( groupname = null)
- //Non admin users are only allowed to list only groups which they belong to
- if(!admin && (request.getGroupName() == null || !groups.contains(request.getGroupName()))) {
- throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
- }
- groups.clear();
- groups.add(request.getGroupName());
- }
-
- Set<String> roleNames = store.getRolesByGroups(request.getComponent(), groups);
- Set<TSentryRole> tSentryRoles = Sets.newHashSet();
- for (String roleName : roleNames) {
- Set<String> groupsForRoleName = store.getGroupsByRoles(request.getComponent(), Sets.newHashSet(roleName));
- tSentryRoles.add(new TSentryRole(roleName, groupsForRoleName));
- }
- return new Response<Set<TSentryRole>>(Status.OK(), tSentryRoles);
- }
- });
- TListSentryRolesResponse tResponse = new TListSentryRolesResponse();
- tResponse.setStatus(respose.status);
- tResponse.setRoles(respose.content);
- return tResponse;
- }
-
- @Override
- public TListSentryPrivilegesResponse list_sentry_privileges_by_role(
- final TListSentryPrivilegesRequest request) throws TException {
- Response<Set<TSentryPrivilege>> respose = requestHandle(new RequestHandler<Set<TSentryPrivilege>>() {
- @Override
- public Response<Set<TSentryPrivilege>> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
- if (!inAdminGroups(groups)) {
- Set<String> roleNamesForGroups = toTrimmedLower(store.getRolesByGroups(request.getComponent(), groups));
- if (!roleNamesForGroups.contains(toTrimmedLower(request.getRoleName()))) {
- throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + request.getRequestorUserName());
- }
- }
- Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
- request.getServiceName(),
- Sets.newHashSet(request.getRoleName()),
- null, toAuthorizables(request.getAuthorizables()));
- Set<TSentryPrivilege> tSentryPrivileges = Sets.newHashSet();
- for (PrivilegeObject privilege : privileges) {
- tSentryPrivileges.add(fromPrivilegeObject(privilege));
- }
- return new Response<Set<TSentryPrivilege>>(Status.OK(), tSentryPrivileges);
- }
- });
- TListSentryPrivilegesResponse tResponse = new TListSentryPrivilegesResponse();
- tResponse.setStatus(respose.status);
- tResponse.setPrivileges(respose.content);
- return tResponse;
- }
-
- @Override
- public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(
- final TListSentryPrivilegesForProviderRequest request) throws TException {
- Response<Set<String>> respose = requestHandle(new RequestHandler<Set<String>>() {
- @Override
- public Response<Set<String>> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- Set<String> activeRoleNames = toTrimmedLower(request.getRoleSet().getRoles());
- Set<String> roleNamesForGroups = store.getRolesByGroups(request.getComponent(), request.getGroups());
- Set<String> rolesToQuery = request.getRoleSet().isAll() ? roleNamesForGroups : Sets.intersection(activeRoleNames, roleNamesForGroups);
- Set<PrivilegeObject> privileges = store.getPrivilegesByProvider(request.getComponent(),
- request.getServiceName(),
- rolesToQuery, null,
- toAuthorizables(request.getAuthorizables()));
- return new Response<Set<String>>(Status.OK(), buildPermissions(privileges));
- }
- });
- TListSentryPrivilegesForProviderResponse tResponse = new TListSentryPrivilegesForProviderResponse();
- tResponse.setStatus(respose.status);
- tResponse.setPrivileges(respose.content);
- return tResponse;
- }
-
- @Override
- public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws TException {
-
- TListSentryPrivilegesByAuthResponse response = new TListSentryPrivilegesByAuthResponse();
- Map<String, TSentryPrivilegeMap> authRoleMap = Maps.newHashMap();
-
- // Group names are case sensitive.
- Set<String> requestedGroups = request.getGroups();
- String subject = request.getRequestorUserName();
- TSentryActiveRoleSet activeRoleSet = request.getRoleSet();
- Set<String> validActiveRoles = Sets.newHashSet();
-
- try {
- validateClientVersion(request.getProtocol_version());
- Set<String> memberGroups = getRequestorGroups(conf, subject);
-
- // Disallow non-admin users to lookup groups that
- // they are not part of.
- if(!inAdminGroups(memberGroups)) {
-
- if (requestedGroups != null && !requestedGroups.isEmpty()) {
- for (String requestedGroup : requestedGroups) {
-
- // If user doesn't belong to one of the requested groups,
- // then raise security exception.
- if (!memberGroups.contains(requestedGroup)) {
- throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE + subject);
- }
- }
- } else {
- // Non-admin's search is limited to its own groups.
- requestedGroups = memberGroups;
- }
-
- Set<String> grantedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
-
- // If activeRoleSet is not null, disallow non-admin to lookup roles that they are not part of.
- if (activeRoleSet != null && !activeRoleSet.isAll()) {
-
- Set<String> activeRoleNames = toTrimmedLower(activeRoleSet.getRoles());
- for (String activeRole : activeRoleNames) {
- if (!grantedRoles.contains(activeRole)) {
- throw new SentryAccessDeniedException(ACCESS_DENIAL_MESSAGE
- + subject);
- }
- }
-
- // For non-admin, valid active roles are intersection of active roles and granted roles.
- validActiveRoles.addAll(activeRoleSet.isAll() ? grantedRoles : Sets.intersection(activeRoleNames, grantedRoles));
- } else {
- // For non-admin, if activeRoleSet is null, valid active roles would be the granted roles.
- validActiveRoles.addAll(grantedRoles);
- }
- } else {
- // For admin, if requestedGroups are empty, requested roles will be all roles.
- Set<String> requestedRoles = toTrimmedLower(store.getAllRoleNames());
- if (requestedGroups != null && !requestedGroups.isEmpty()) {
- requestedRoles = toTrimmedLower(store.getRolesByGroups(request.getComponent(), requestedGroups));
- }
-
- // If activeRoleSet (which is optional) is not null, valid active role will be intersection
- // of active roles and requested roles. Otherwise, valid active roles are the requested roles.
- if (activeRoleSet != null && !activeRoleSet.isAll()) {
- validActiveRoles.addAll(Sets.intersection(toTrimmedLower(activeRoleSet.getRoles()), requestedRoles));
- } else {
- validActiveRoles.addAll(requestedRoles);
- }
- }
-
- // If user is not part of any group.. return empty response
- if (request.getAuthorizablesSet() != null) {
- for (String authorizablesStr : request.getAuthorizablesSet()) {
-
- List<? extends Authorizable> authorizables = toAuthorizables(authorizablesStr);
- Set<MSentryGMPrivilege> sentryPrivileges = store.getPrivilegesByAuthorizable(request.getComponent(), request.getServiceName(), validActiveRoles, authorizables);
- authRoleMap.put(fromAuthorizableToStr(authorizables), toTSentryPrivilegeMap(sentryPrivileges));
- }
- }
-
- response.setPrivilegesMapByAuth(authRoleMap);
- response.setStatus(Status.OK());
- } catch (SentryAccessDeniedException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.AccessDenied(e.getMessage(), e));
- } catch (SentryThriftAPIMismatchException e) {
- LOGGER.error(e.getMessage(), e);
- response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e));
- } catch (Exception e) {
- String msg = "Unknown error for request: " + request + ", message: "
- + e.getMessage();
- LOGGER.error(msg, e);
- response.setStatus(Status.RuntimeError(msg, e));
- }
-
- return response;
- }
-
- @Override
- public TDropPrivilegesResponse drop_sentry_privilege(
- final TDropPrivilegesRequest request) throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(conf, request.getRequestorUserName()));
- CommitContext context = store.dropPrivilege(request.getComponent(),
- toPrivilegeObject(request.getPrivilege()),
- request.getRequestorUserName());
- return new Response<Void>(Status.OK(), context);
- }
- });
-
- TDropPrivilegesResponse tResponse = new TDropPrivilegesResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.drop_sentry_privilege(respose.context, request, tResponse);
- }
- return tResponse;
- }
-
- @Override
- public TRenamePrivilegesResponse rename_sentry_privilege(
- final TRenamePrivilegesRequest request) throws TException {
- Response<Void> respose = requestHandle(new RequestHandler<Void>() {
- @Override
- public Response<Void> handle() throws Exception {
- validateClientVersion(request.getProtocol_version());
- authorize(request.getRequestorUserName(),
- getRequestorGroups(conf, request.getRequestorUserName()));
- CommitContext context = store.renamePrivilege(request.getComponent(), request.getServiceName(),
- toAuthorizables(request.getOldAuthorizables()),
- toAuthorizables(request.getNewAuthorizables()),
- request.getRequestorUserName());
- return new Response<Void>(Status.OK(),context);
- }
- });
-
- TRenamePrivilegesResponse tResponse = new TRenamePrivilegesResponse(respose.status);
- if (Status.OK.getCode() == respose.status.getValue()) {
- handerInvoker.rename_sentry_privilege(respose.context, request, tResponse);
- }
- return tResponse;
- }
-
- private static class Response<T> {
- private TSentryResponseStatus status;
- private CommitContext context;
- private T content;
-
- Response() {
- }
-
- Response(TSentryResponseStatus status, CommitContext context) {
- this(status,context,null);
- }
-
- Response(TSentryResponseStatus status, T content) {
- this(status,null,content);
- }
-
- Response(TSentryResponseStatus status, CommitContext context, T content) {
- this.status = status;
- this.context = context;
- this.content = content;
- }
- }
- private interface RequestHandler <T>{
- Response<T> handle() throws Exception ;
- }
-
- private static void validateClientVersion(int protocolVersion) throws SentryThriftAPIMismatchException {
- if (ServiceConstants.ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT != protocolVersion) {
- String msg = "Sentry thrift API protocol version mismatch: Client thrift version " +
- "is: " + protocolVersion + " , server thrift version " +
- "is " + ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT;
- throw new SentryThriftAPIMismatchException(msg);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorFactory.java
deleted file mode 100644
index 1cce1fc..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessorFactory.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.service.thrift.ProcessorFactory;
-import org.apache.thrift.TMultiplexedProcessor;
-import org.apache.thrift.TProcessor;
-
-public class SentryGenericPolicyProcessorFactory extends ProcessorFactory {
-
- public SentryGenericPolicyProcessorFactory(Configuration conf) {
- super(conf);
- }
-
- @Override
- public boolean register(TMultiplexedProcessor multiplexedProcessor) throws Exception {
- SentryGenericPolicyProcessor processHandler = new SentryGenericPolicyProcessor(conf);
- TProcessor processor = new SentryGenericPolicyProcessorWrapper<SentryGenericPolicyService.Iface>(
- processHandler);
- multiplexedProcessor.registerProcessor(SentryGenericPolicyProcessor.SENTRY_GENERIC_SERVICE_NAME, processor);
- return true;
- }
-
-}
[41/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesResponse.java
deleted file mode 100644
index 857b0b6..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TListSentryRolesResponse.java
+++ /dev/null
@@ -1,555 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TListSentryRolesResponse implements org.apache.thrift.TBase<TListSentryRolesResponse, TListSentryRolesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TListSentryRolesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryRolesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField ROLES_FIELD_DESC = new org.apache.thrift.protocol.TField("roles", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TListSentryRolesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TListSentryRolesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private Set<TSentryRole> roles; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- ROLES((short)2, "roles");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // ROLES
- return ROLES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.ROLES};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- tmpMap.put(_Fields.ROLES, new org.apache.thrift.meta_data.FieldMetaData("roles", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryRole.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryRolesResponse.class, metaDataMap);
- }
-
- public TListSentryRolesResponse() {
- }
-
- public TListSentryRolesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TListSentryRolesResponse(TListSentryRolesResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- if (other.isSetRoles()) {
- Set<TSentryRole> __this__roles = new HashSet<TSentryRole>(other.roles.size());
- for (TSentryRole other_element : other.roles) {
- __this__roles.add(new TSentryRole(other_element));
- }
- this.roles = __this__roles;
- }
- }
-
- public TListSentryRolesResponse deepCopy() {
- return new TListSentryRolesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.roles = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public int getRolesSize() {
- return (this.roles == null) ? 0 : this.roles.size();
- }
-
- public java.util.Iterator<TSentryRole> getRolesIterator() {
- return (this.roles == null) ? null : this.roles.iterator();
- }
-
- public void addToRoles(TSentryRole elem) {
- if (this.roles == null) {
- this.roles = new HashSet<TSentryRole>();
- }
- this.roles.add(elem);
- }
-
- public Set<TSentryRole> getRoles() {
- return this.roles;
- }
-
- public void setRoles(Set<TSentryRole> roles) {
- this.roles = roles;
- }
-
- public void unsetRoles() {
- this.roles = null;
- }
-
- /** Returns true if field roles is set (has been assigned a value) and false otherwise */
- public boolean isSetRoles() {
- return this.roles != null;
- }
-
- public void setRolesIsSet(boolean value) {
- if (!value) {
- this.roles = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case ROLES:
- if (value == null) {
- unsetRoles();
- } else {
- setRoles((Set<TSentryRole>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case ROLES:
- return getRoles();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case ROLES:
- return isSetRoles();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TListSentryRolesResponse)
- return this.equals((TListSentryRolesResponse)that);
- return false;
- }
-
- public boolean equals(TListSentryRolesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_roles = true && this.isSetRoles();
- boolean that_present_roles = true && that.isSetRoles();
- if (this_present_roles || that_present_roles) {
- if (!(this_present_roles && that_present_roles))
- return false;
- if (!this.roles.equals(that.roles))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_roles = true && (isSetRoles());
- list.add(present_roles);
- if (present_roles)
- list.add(roles);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TListSentryRolesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoles()).compareTo(other.isSetRoles());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoles()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roles, other.roles);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TListSentryRolesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetRoles()) {
- if (!first) sb.append(", ");
- sb.append("roles:");
- if (this.roles == null) {
- sb.append("null");
- } else {
- sb.append(this.roles);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TListSentryRolesResponseStandardSchemeFactory implements SchemeFactory {
- public TListSentryRolesResponseStandardScheme getScheme() {
- return new TListSentryRolesResponseStandardScheme();
- }
- }
-
- private static class TListSentryRolesResponseStandardScheme extends StandardScheme<TListSentryRolesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // ROLES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set32 = iprot.readSetBegin();
- struct.roles = new HashSet<TSentryRole>(2*_set32.size);
- TSentryRole _elem33;
- for (int _i34 = 0; _i34 < _set32.size; ++_i34)
- {
- _elem33 = new TSentryRole();
- _elem33.read(iprot);
- struct.roles.add(_elem33);
- }
- iprot.readSetEnd();
- }
- struct.setRolesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.roles != null) {
- if (struct.isSetRoles()) {
- oprot.writeFieldBegin(ROLES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.roles.size()));
- for (TSentryRole _iter35 : struct.roles)
- {
- _iter35.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TListSentryRolesResponseTupleSchemeFactory implements SchemeFactory {
- public TListSentryRolesResponseTupleScheme getScheme() {
- return new TListSentryRolesResponseTupleScheme();
- }
- }
-
- private static class TListSentryRolesResponseTupleScheme extends TupleScheme<TListSentryRolesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetRoles()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetRoles()) {
- {
- oprot.writeI32(struct.roles.size());
- for (TSentryRole _iter36 : struct.roles)
- {
- _iter36.write(oprot);
- }
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- {
- org.apache.thrift.protocol.TSet _set37 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.roles = new HashSet<TSentryRole>(2*_set37.size);
- TSentryRole _elem38;
- for (int _i39 = 0; _i39 < _set37.size; ++_i39)
- {
- _elem38 = new TSentryRole();
- _elem38.read(iprot);
- struct.roles.add(_elem38);
- }
- }
- struct.setRolesIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesRequest.java
deleted file mode 100644
index 22b5133..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesRequest.java
+++ /dev/null
@@ -1,1002 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TRenamePrivilegesRequest implements org.apache.thrift.TBase<TRenamePrivilegesRequest, TRenamePrivilegesRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TRenamePrivilegesRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TRenamePrivilegesRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField COMPONENT_FIELD_DESC = new org.apache.thrift.protocol.TField("component", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField SERVICE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("serviceName", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField OLD_AUTHORIZABLES_FIELD_DESC = new org.apache.thrift.protocol.TField("oldAuthorizables", org.apache.thrift.protocol.TType.LIST, (short)5);
- private static final org.apache.thrift.protocol.TField NEW_AUTHORIZABLES_FIELD_DESC = new org.apache.thrift.protocol.TField("newAuthorizables", org.apache.thrift.protocol.TType.LIST, (short)6);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TRenamePrivilegesRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TRenamePrivilegesRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String component; // required
- private String serviceName; // required
- private List<TAuthorizable> oldAuthorizables; // required
- private List<TAuthorizable> newAuthorizables; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- COMPONENT((short)3, "component"),
- SERVICE_NAME((short)4, "serviceName"),
- OLD_AUTHORIZABLES((short)5, "oldAuthorizables"),
- NEW_AUTHORIZABLES((short)6, "newAuthorizables");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // COMPONENT
- return COMPONENT;
- case 4: // SERVICE_NAME
- return SERVICE_NAME;
- case 5: // OLD_AUTHORIZABLES
- return OLD_AUTHORIZABLES;
- case 6: // NEW_AUTHORIZABLES
- return NEW_AUTHORIZABLES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COMPONENT, new org.apache.thrift.meta_data.FieldMetaData("component", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.SERVICE_NAME, new org.apache.thrift.meta_data.FieldMetaData("serviceName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.OLD_AUTHORIZABLES, new org.apache.thrift.meta_data.FieldMetaData("oldAuthorizables", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.ListMetaData(org.apache.thrift.protocol.TType.LIST,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TAuthorizable.class))));
- tmpMap.put(_Fields.NEW_AUTHORIZABLES, new org.apache.thrift.meta_data.FieldMetaData("newAuthorizables", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.ListMetaData(org.apache.thrift.protocol.TType.LIST,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TAuthorizable.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TRenamePrivilegesRequest.class, metaDataMap);
- }
-
- public TRenamePrivilegesRequest() {
- this.protocol_version = 2;
-
- }
-
- public TRenamePrivilegesRequest(
- int protocol_version,
- String requestorUserName,
- String component,
- String serviceName,
- List<TAuthorizable> oldAuthorizables,
- List<TAuthorizable> newAuthorizables)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.component = component;
- this.serviceName = serviceName;
- this.oldAuthorizables = oldAuthorizables;
- this.newAuthorizables = newAuthorizables;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TRenamePrivilegesRequest(TRenamePrivilegesRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetComponent()) {
- this.component = other.component;
- }
- if (other.isSetServiceName()) {
- this.serviceName = other.serviceName;
- }
- if (other.isSetOldAuthorizables()) {
- List<TAuthorizable> __this__oldAuthorizables = new ArrayList<TAuthorizable>(other.oldAuthorizables.size());
- for (TAuthorizable other_element : other.oldAuthorizables) {
- __this__oldAuthorizables.add(new TAuthorizable(other_element));
- }
- this.oldAuthorizables = __this__oldAuthorizables;
- }
- if (other.isSetNewAuthorizables()) {
- List<TAuthorizable> __this__newAuthorizables = new ArrayList<TAuthorizable>(other.newAuthorizables.size());
- for (TAuthorizable other_element : other.newAuthorizables) {
- __this__newAuthorizables.add(new TAuthorizable(other_element));
- }
- this.newAuthorizables = __this__newAuthorizables;
- }
- }
-
- public TRenamePrivilegesRequest deepCopy() {
- return new TRenamePrivilegesRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.component = null;
- this.serviceName = null;
- this.oldAuthorizables = null;
- this.newAuthorizables = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getComponent() {
- return this.component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- public void unsetComponent() {
- this.component = null;
- }
-
- /** Returns true if field component is set (has been assigned a value) and false otherwise */
- public boolean isSetComponent() {
- return this.component != null;
- }
-
- public void setComponentIsSet(boolean value) {
- if (!value) {
- this.component = null;
- }
- }
-
- public String getServiceName() {
- return this.serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public void unsetServiceName() {
- this.serviceName = null;
- }
-
- /** Returns true if field serviceName is set (has been assigned a value) and false otherwise */
- public boolean isSetServiceName() {
- return this.serviceName != null;
- }
-
- public void setServiceNameIsSet(boolean value) {
- if (!value) {
- this.serviceName = null;
- }
- }
-
- public int getOldAuthorizablesSize() {
- return (this.oldAuthorizables == null) ? 0 : this.oldAuthorizables.size();
- }
-
- public java.util.Iterator<TAuthorizable> getOldAuthorizablesIterator() {
- return (this.oldAuthorizables == null) ? null : this.oldAuthorizables.iterator();
- }
-
- public void addToOldAuthorizables(TAuthorizable elem) {
- if (this.oldAuthorizables == null) {
- this.oldAuthorizables = new ArrayList<TAuthorizable>();
- }
- this.oldAuthorizables.add(elem);
- }
-
- public List<TAuthorizable> getOldAuthorizables() {
- return this.oldAuthorizables;
- }
-
- public void setOldAuthorizables(List<TAuthorizable> oldAuthorizables) {
- this.oldAuthorizables = oldAuthorizables;
- }
-
- public void unsetOldAuthorizables() {
- this.oldAuthorizables = null;
- }
-
- /** Returns true if field oldAuthorizables is set (has been assigned a value) and false otherwise */
- public boolean isSetOldAuthorizables() {
- return this.oldAuthorizables != null;
- }
-
- public void setOldAuthorizablesIsSet(boolean value) {
- if (!value) {
- this.oldAuthorizables = null;
- }
- }
-
- public int getNewAuthorizablesSize() {
- return (this.newAuthorizables == null) ? 0 : this.newAuthorizables.size();
- }
-
- public java.util.Iterator<TAuthorizable> getNewAuthorizablesIterator() {
- return (this.newAuthorizables == null) ? null : this.newAuthorizables.iterator();
- }
-
- public void addToNewAuthorizables(TAuthorizable elem) {
- if (this.newAuthorizables == null) {
- this.newAuthorizables = new ArrayList<TAuthorizable>();
- }
- this.newAuthorizables.add(elem);
- }
-
- public List<TAuthorizable> getNewAuthorizables() {
- return this.newAuthorizables;
- }
-
- public void setNewAuthorizables(List<TAuthorizable> newAuthorizables) {
- this.newAuthorizables = newAuthorizables;
- }
-
- public void unsetNewAuthorizables() {
- this.newAuthorizables = null;
- }
-
- /** Returns true if field newAuthorizables is set (has been assigned a value) and false otherwise */
- public boolean isSetNewAuthorizables() {
- return this.newAuthorizables != null;
- }
-
- public void setNewAuthorizablesIsSet(boolean value) {
- if (!value) {
- this.newAuthorizables = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case COMPONENT:
- if (value == null) {
- unsetComponent();
- } else {
- setComponent((String)value);
- }
- break;
-
- case SERVICE_NAME:
- if (value == null) {
- unsetServiceName();
- } else {
- setServiceName((String)value);
- }
- break;
-
- case OLD_AUTHORIZABLES:
- if (value == null) {
- unsetOldAuthorizables();
- } else {
- setOldAuthorizables((List<TAuthorizable>)value);
- }
- break;
-
- case NEW_AUTHORIZABLES:
- if (value == null) {
- unsetNewAuthorizables();
- } else {
- setNewAuthorizables((List<TAuthorizable>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case COMPONENT:
- return getComponent();
-
- case SERVICE_NAME:
- return getServiceName();
-
- case OLD_AUTHORIZABLES:
- return getOldAuthorizables();
-
- case NEW_AUTHORIZABLES:
- return getNewAuthorizables();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case COMPONENT:
- return isSetComponent();
- case SERVICE_NAME:
- return isSetServiceName();
- case OLD_AUTHORIZABLES:
- return isSetOldAuthorizables();
- case NEW_AUTHORIZABLES:
- return isSetNewAuthorizables();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TRenamePrivilegesRequest)
- return this.equals((TRenamePrivilegesRequest)that);
- return false;
- }
-
- public boolean equals(TRenamePrivilegesRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_component = true && this.isSetComponent();
- boolean that_present_component = true && that.isSetComponent();
- if (this_present_component || that_present_component) {
- if (!(this_present_component && that_present_component))
- return false;
- if (!this.component.equals(that.component))
- return false;
- }
-
- boolean this_present_serviceName = true && this.isSetServiceName();
- boolean that_present_serviceName = true && that.isSetServiceName();
- if (this_present_serviceName || that_present_serviceName) {
- if (!(this_present_serviceName && that_present_serviceName))
- return false;
- if (!this.serviceName.equals(that.serviceName))
- return false;
- }
-
- boolean this_present_oldAuthorizables = true && this.isSetOldAuthorizables();
- boolean that_present_oldAuthorizables = true && that.isSetOldAuthorizables();
- if (this_present_oldAuthorizables || that_present_oldAuthorizables) {
- if (!(this_present_oldAuthorizables && that_present_oldAuthorizables))
- return false;
- if (!this.oldAuthorizables.equals(that.oldAuthorizables))
- return false;
- }
-
- boolean this_present_newAuthorizables = true && this.isSetNewAuthorizables();
- boolean that_present_newAuthorizables = true && that.isSetNewAuthorizables();
- if (this_present_newAuthorizables || that_present_newAuthorizables) {
- if (!(this_present_newAuthorizables && that_present_newAuthorizables))
- return false;
- if (!this.newAuthorizables.equals(that.newAuthorizables))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_component = true && (isSetComponent());
- list.add(present_component);
- if (present_component)
- list.add(component);
-
- boolean present_serviceName = true && (isSetServiceName());
- list.add(present_serviceName);
- if (present_serviceName)
- list.add(serviceName);
-
- boolean present_oldAuthorizables = true && (isSetOldAuthorizables());
- list.add(present_oldAuthorizables);
- if (present_oldAuthorizables)
- list.add(oldAuthorizables);
-
- boolean present_newAuthorizables = true && (isSetNewAuthorizables());
- list.add(present_newAuthorizables);
- if (present_newAuthorizables)
- list.add(newAuthorizables);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TRenamePrivilegesRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetComponent()).compareTo(other.isSetComponent());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetComponent()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.component, other.component);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetServiceName()).compareTo(other.isSetServiceName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetServiceName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.serviceName, other.serviceName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetOldAuthorizables()).compareTo(other.isSetOldAuthorizables());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetOldAuthorizables()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.oldAuthorizables, other.oldAuthorizables);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetNewAuthorizables()).compareTo(other.isSetNewAuthorizables());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetNewAuthorizables()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.newAuthorizables, other.newAuthorizables);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TRenamePrivilegesRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("component:");
- if (this.component == null) {
- sb.append("null");
- } else {
- sb.append(this.component);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("serviceName:");
- if (this.serviceName == null) {
- sb.append("null");
- } else {
- sb.append(this.serviceName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("oldAuthorizables:");
- if (this.oldAuthorizables == null) {
- sb.append("null");
- } else {
- sb.append(this.oldAuthorizables);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("newAuthorizables:");
- if (this.newAuthorizables == null) {
- sb.append("null");
- } else {
- sb.append(this.newAuthorizables);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetComponent()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'component' is unset! Struct:" + toString());
- }
-
- if (!isSetServiceName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'serviceName' is unset! Struct:" + toString());
- }
-
- if (!isSetOldAuthorizables()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'oldAuthorizables' is unset! Struct:" + toString());
- }
-
- if (!isSetNewAuthorizables()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'newAuthorizables' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TRenamePrivilegesRequestStandardSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesRequestStandardScheme getScheme() {
- return new TRenamePrivilegesRequestStandardScheme();
- }
- }
-
- private static class TRenamePrivilegesRequestStandardScheme extends StandardScheme<TRenamePrivilegesRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // COMPONENT
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // SERVICE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // OLD_AUTHORIZABLES
- if (schemeField.type == org.apache.thrift.protocol.TType.LIST) {
- {
- org.apache.thrift.protocol.TList _list56 = iprot.readListBegin();
- struct.oldAuthorizables = new ArrayList<TAuthorizable>(_list56.size);
- TAuthorizable _elem57;
- for (int _i58 = 0; _i58 < _list56.size; ++_i58)
- {
- _elem57 = new TAuthorizable();
- _elem57.read(iprot);
- struct.oldAuthorizables.add(_elem57);
- }
- iprot.readListEnd();
- }
- struct.setOldAuthorizablesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 6: // NEW_AUTHORIZABLES
- if (schemeField.type == org.apache.thrift.protocol.TType.LIST) {
- {
- org.apache.thrift.protocol.TList _list59 = iprot.readListBegin();
- struct.newAuthorizables = new ArrayList<TAuthorizable>(_list59.size);
- TAuthorizable _elem60;
- for (int _i61 = 0; _i61 < _list59.size; ++_i61)
- {
- _elem60 = new TAuthorizable();
- _elem60.read(iprot);
- struct.newAuthorizables.add(_elem60);
- }
- iprot.readListEnd();
- }
- struct.setNewAuthorizablesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.component != null) {
- oprot.writeFieldBegin(COMPONENT_FIELD_DESC);
- oprot.writeString(struct.component);
- oprot.writeFieldEnd();
- }
- if (struct.serviceName != null) {
- oprot.writeFieldBegin(SERVICE_NAME_FIELD_DESC);
- oprot.writeString(struct.serviceName);
- oprot.writeFieldEnd();
- }
- if (struct.oldAuthorizables != null) {
- oprot.writeFieldBegin(OLD_AUTHORIZABLES_FIELD_DESC);
- {
- oprot.writeListBegin(new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, struct.oldAuthorizables.size()));
- for (TAuthorizable _iter62 : struct.oldAuthorizables)
- {
- _iter62.write(oprot);
- }
- oprot.writeListEnd();
- }
- oprot.writeFieldEnd();
- }
- if (struct.newAuthorizables != null) {
- oprot.writeFieldBegin(NEW_AUTHORIZABLES_FIELD_DESC);
- {
- oprot.writeListBegin(new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, struct.newAuthorizables.size()));
- for (TAuthorizable _iter63 : struct.newAuthorizables)
- {
- _iter63.write(oprot);
- }
- oprot.writeListEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TRenamePrivilegesRequestTupleSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesRequestTupleScheme getScheme() {
- return new TRenamePrivilegesRequestTupleScheme();
- }
- }
-
- private static class TRenamePrivilegesRequestTupleScheme extends TupleScheme<TRenamePrivilegesRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.component);
- oprot.writeString(struct.serviceName);
- {
- oprot.writeI32(struct.oldAuthorizables.size());
- for (TAuthorizable _iter64 : struct.oldAuthorizables)
- {
- _iter64.write(oprot);
- }
- }
- {
- oprot.writeI32(struct.newAuthorizables.size());
- for (TAuthorizable _iter65 : struct.newAuthorizables)
- {
- _iter65.write(oprot);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.component = iprot.readString();
- struct.setComponentIsSet(true);
- struct.serviceName = iprot.readString();
- struct.setServiceNameIsSet(true);
- {
- org.apache.thrift.protocol.TList _list66 = new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.oldAuthorizables = new ArrayList<TAuthorizable>(_list66.size);
- TAuthorizable _elem67;
- for (int _i68 = 0; _i68 < _list66.size; ++_i68)
- {
- _elem67 = new TAuthorizable();
- _elem67.read(iprot);
- struct.oldAuthorizables.add(_elem67);
- }
- }
- struct.setOldAuthorizablesIsSet(true);
- {
- org.apache.thrift.protocol.TList _list69 = new org.apache.thrift.protocol.TList(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.newAuthorizables = new ArrayList<TAuthorizable>(_list69.size);
- TAuthorizable _elem70;
- for (int _i71 = 0; _i71 < _list69.size; ++_i71)
- {
- _elem70 = new TAuthorizable();
- _elem70.read(iprot);
- struct.newAuthorizables.add(_elem70);
- }
- }
- struct.setNewAuthorizablesIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesResponse.java
deleted file mode 100644
index 98f3d6e..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TRenamePrivilegesResponse.java
+++ /dev/null
@@ -1,391 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TRenamePrivilegesResponse implements org.apache.thrift.TBase<TRenamePrivilegesResponse, TRenamePrivilegesResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TRenamePrivilegesResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TRenamePrivilegesResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TRenamePrivilegesResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TRenamePrivilegesResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRUCT , "TSentryResponseStatus")));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TRenamePrivilegesResponse.class, metaDataMap);
- }
-
- public TRenamePrivilegesResponse() {
- }
-
- public TRenamePrivilegesResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TRenamePrivilegesResponse(TRenamePrivilegesResponse other) {
- if (other.isSetStatus()) {
- this.status = other.status;
- }
- }
-
- public TRenamePrivilegesResponse deepCopy() {
- return new TRenamePrivilegesResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TRenamePrivilegesResponse)
- return this.equals((TRenamePrivilegesResponse)that);
- return false;
- }
-
- public boolean equals(TRenamePrivilegesResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TRenamePrivilegesResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TRenamePrivilegesResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TRenamePrivilegesResponseStandardSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesResponseStandardScheme getScheme() {
- return new TRenamePrivilegesResponseStandardScheme();
- }
- }
-
- private static class TRenamePrivilegesResponseStandardScheme extends StandardScheme<TRenamePrivilegesResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TRenamePrivilegesResponseTupleSchemeFactory implements SchemeFactory {
- public TRenamePrivilegesResponseTupleScheme getScheme() {
- return new TRenamePrivilegesResponseTupleScheme();
- }
- }
-
- private static class TRenamePrivilegesResponseTupleScheme extends TupleScheme<TRenamePrivilegesResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TRenamePrivilegesResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryActiveRoleSet.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryActiveRoleSet.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryActiveRoleSet.java
deleted file mode 100644
index db3e479..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryActiveRoleSet.java
+++ /dev/null
@@ -1,537 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryActiveRoleSet implements org.apache.thrift.TBase<TSentryActiveRoleSet, TSentryActiveRoleSet._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryActiveRoleSet> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryActiveRoleSet");
-
- private static final org.apache.thrift.protocol.TField ALL_FIELD_DESC = new org.apache.thrift.protocol.TField("all", org.apache.thrift.protocol.TType.BOOL, (short)1);
- private static final org.apache.thrift.protocol.TField ROLES_FIELD_DESC = new org.apache.thrift.protocol.TField("roles", org.apache.thrift.protocol.TType.SET, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryActiveRoleSetStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryActiveRoleSetTupleSchemeFactory());
- }
-
- private boolean all; // required
- private Set<String> roles; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- ALL((short)1, "all"),
- ROLES((short)2, "roles");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // ALL
- return ALL;
- case 2: // ROLES
- return ROLES;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __ALL_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.ALL, new org.apache.thrift.meta_data.FieldMetaData("all", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL)));
- tmpMap.put(_Fields.ROLES, new org.apache.thrift.meta_data.FieldMetaData("roles", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryActiveRoleSet.class, metaDataMap);
- }
-
- public TSentryActiveRoleSet() {
- }
-
- public TSentryActiveRoleSet(
- boolean all,
- Set<String> roles)
- {
- this();
- this.all = all;
- setAllIsSet(true);
- this.roles = roles;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryActiveRoleSet(TSentryActiveRoleSet other) {
- __isset_bitfield = other.__isset_bitfield;
- this.all = other.all;
- if (other.isSetRoles()) {
- Set<String> __this__roles = new HashSet<String>(other.roles);
- this.roles = __this__roles;
- }
- }
-
- public TSentryActiveRoleSet deepCopy() {
- return new TSentryActiveRoleSet(this);
- }
-
- @Override
- public void clear() {
- setAllIsSet(false);
- this.all = false;
- this.roles = null;
- }
-
- public boolean isAll() {
- return this.all;
- }
-
- public void setAll(boolean all) {
- this.all = all;
- setAllIsSet(true);
- }
-
- public void unsetAll() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __ALL_ISSET_ID);
- }
-
- /** Returns true if field all is set (has been assigned a value) and false otherwise */
- public boolean isSetAll() {
- return EncodingUtils.testBit(__isset_bitfield, __ALL_ISSET_ID);
- }
-
- public void setAllIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __ALL_ISSET_ID, value);
- }
-
- public int getRolesSize() {
- return (this.roles == null) ? 0 : this.roles.size();
- }
-
- public java.util.Iterator<String> getRolesIterator() {
- return (this.roles == null) ? null : this.roles.iterator();
- }
-
- public void addToRoles(String elem) {
- if (this.roles == null) {
- this.roles = new HashSet<String>();
- }
- this.roles.add(elem);
- }
-
- public Set<String> getRoles() {
- return this.roles;
- }
-
- public void setRoles(Set<String> roles) {
- this.roles = roles;
- }
-
- public void unsetRoles() {
- this.roles = null;
- }
-
- /** Returns true if field roles is set (has been assigned a value) and false otherwise */
- public boolean isSetRoles() {
- return this.roles != null;
- }
-
- public void setRolesIsSet(boolean value) {
- if (!value) {
- this.roles = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case ALL:
- if (value == null) {
- unsetAll();
- } else {
- setAll((Boolean)value);
- }
- break;
-
- case ROLES:
- if (value == null) {
- unsetRoles();
- } else {
- setRoles((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case ALL:
- return isAll();
-
- case ROLES:
- return getRoles();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case ALL:
- return isSetAll();
- case ROLES:
- return isSetRoles();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryActiveRoleSet)
- return this.equals((TSentryActiveRoleSet)that);
- return false;
- }
-
- public boolean equals(TSentryActiveRoleSet that) {
- if (that == null)
- return false;
-
- boolean this_present_all = true;
- boolean that_present_all = true;
- if (this_present_all || that_present_all) {
- if (!(this_present_all && that_present_all))
- return false;
- if (this.all != that.all)
- return false;
- }
-
- boolean this_present_roles = true && this.isSetRoles();
- boolean that_present_roles = true && that.isSetRoles();
- if (this_present_roles || that_present_roles) {
- if (!(this_present_roles && that_present_roles))
- return false;
- if (!this.roles.equals(that.roles))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_all = true;
- list.add(present_all);
- if (present_all)
- list.add(all);
-
- boolean present_roles = true && (isSetRoles());
- list.add(present_roles);
- if (present_roles)
- list.add(roles);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryActiveRoleSet other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetAll()).compareTo(other.isSetAll());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetAll()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.all, other.all);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoles()).compareTo(other.isSetRoles());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoles()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roles, other.roles);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryActiveRoleSet(");
- boolean first = true;
-
- sb.append("all:");
- sb.append(this.all);
- first = false;
- if (!first) sb.append(", ");
- sb.append("roles:");
- if (this.roles == null) {
- sb.append("null");
- } else {
- sb.append(this.roles);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetAll()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'all' is unset! Struct:" + toString());
- }
-
- if (!isSetRoles()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roles' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryActiveRoleSetStandardSchemeFactory implements SchemeFactory {
- public TSentryActiveRoleSetStandardScheme getScheme() {
- return new TSentryActiveRoleSetStandardScheme();
- }
- }
-
- private static class TSentryActiveRoleSetStandardScheme extends StandardScheme<TSentryActiveRoleSet> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // ALL
- if (schemeField.type == org.apache.thrift.protocol.TType.BOOL) {
- struct.all = iprot.readBool();
- struct.setAllIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // ROLES
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set72 = iprot.readSetBegin();
- struct.roles = new HashSet<String>(2*_set72.size);
- String _elem73;
- for (int _i74 = 0; _i74 < _set72.size; ++_i74)
- {
- _elem73 = iprot.readString();
- struct.roles.add(_elem73);
- }
- iprot.readSetEnd();
- }
- struct.setRolesIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(ALL_FIELD_DESC);
- oprot.writeBool(struct.all);
- oprot.writeFieldEnd();
- if (struct.roles != null) {
- oprot.writeFieldBegin(ROLES_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.roles.size()));
- for (String _iter75 : struct.roles)
- {
- oprot.writeString(_iter75);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryActiveRoleSetTupleSchemeFactory implements SchemeFactory {
- public TSentryActiveRoleSetTupleScheme getScheme() {
- return new TSentryActiveRoleSetTupleScheme();
- }
- }
-
- private static class TSentryActiveRoleSetTupleScheme extends TupleScheme<TSentryActiveRoleSet> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeBool(struct.all);
- {
- oprot.writeI32(struct.roles.size());
- for (String _iter76 : struct.roles)
- {
- oprot.writeString(_iter76);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.all = iprot.readBool();
- struct.setAllIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set77 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.roles = new HashSet<String>(2*_set77.size);
- String _elem78;
- for (int _i79 = 0; _i79 < _set77.size; ++_i79)
- {
- _elem78 = iprot.readString();
- struct.roles.add(_elem78);
- }
- }
- struct.setRolesIsSet(true);
- }
- }
-
-}
-
[38/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java
deleted file mode 100644
index 3823460..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java
+++ /dev/null
@@ -1,746 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase<TAlterSentryRoleAddGroupsRequest, TAlterSentryRoleAddGroupsRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleAddGroupsRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleAddGroupsRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleAddGroupsRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleAddGroupsRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private Set<TSentryGroup> groups; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- GROUPS((short)5, "groups");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 5: // GROUPS
- return GROUPS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryGroup.class))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleAddGroupsRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleAddGroupsRequest() {
- this.protocol_version = 2;
-
- }
-
- public TAlterSentryRoleAddGroupsRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- Set<TSentryGroup> groups)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.groups = groups;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleAddGroupsRequest(TAlterSentryRoleAddGroupsRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetGroups()) {
- Set<TSentryGroup> __this__groups = new HashSet<TSentryGroup>(other.groups.size());
- for (TSentryGroup other_element : other.groups) {
- __this__groups.add(new TSentryGroup(other_element));
- }
- this.groups = __this__groups;
- }
- }
-
- public TAlterSentryRoleAddGroupsRequest deepCopy() {
- return new TAlterSentryRoleAddGroupsRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.groups = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public int getGroupsSize() {
- return (this.groups == null) ? 0 : this.groups.size();
- }
-
- public java.util.Iterator<TSentryGroup> getGroupsIterator() {
- return (this.groups == null) ? null : this.groups.iterator();
- }
-
- public void addToGroups(TSentryGroup elem) {
- if (this.groups == null) {
- this.groups = new HashSet<TSentryGroup>();
- }
- this.groups.add(elem);
- }
-
- public Set<TSentryGroup> getGroups() {
- return this.groups;
- }
-
- public void setGroups(Set<TSentryGroup> groups) {
- this.groups = groups;
- }
-
- public void unsetGroups() {
- this.groups = null;
- }
-
- /** Returns true if field groups is set (has been assigned a value) and false otherwise */
- public boolean isSetGroups() {
- return this.groups != null;
- }
-
- public void setGroupsIsSet(boolean value) {
- if (!value) {
- this.groups = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case GROUPS:
- if (value == null) {
- unsetGroups();
- } else {
- setGroups((Set<TSentryGroup>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case GROUPS:
- return getGroups();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case GROUPS:
- return isSetGroups();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleAddGroupsRequest)
- return this.equals((TAlterSentryRoleAddGroupsRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleAddGroupsRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_groups = true && this.isSetGroups();
- boolean that_present_groups = true && that.isSetGroups();
- if (this_present_groups || that_present_groups) {
- if (!(this_present_groups && that_present_groups))
- return false;
- if (!this.groups.equals(that.groups))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_groups = true && (isSetGroups());
- list.add(present_groups);
- if (present_groups)
- list.add(groups);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleAddGroupsRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetGroups()).compareTo(other.isSetGroups());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetGroups()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, other.groups);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleAddGroupsRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("groups:");
- if (this.groups == null) {
- sb.append("null");
- } else {
- sb.append(this.groups);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetGroups()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleAddGroupsRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsRequestStandardScheme getScheme() {
- return new TAlterSentryRoleAddGroupsRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsRequestStandardScheme extends StandardScheme<TAlterSentryRoleAddGroupsRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // GROUPS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set0 = iprot.readSetBegin();
- struct.groups = new HashSet<TSentryGroup>(2*_set0.size);
- TSentryGroup _elem1;
- for (int _i2 = 0; _i2 < _set0.size; ++_i2)
- {
- _elem1 = new TSentryGroup();
- _elem1.read(iprot);
- struct.groups.add(_elem1);
- }
- iprot.readSetEnd();
- }
- struct.setGroupsIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.groups != null) {
- oprot.writeFieldBegin(GROUPS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.groups.size()));
- for (TSentryGroup _iter3 : struct.groups)
- {
- _iter3.write(oprot);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleAddGroupsRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsRequestTupleScheme getScheme() {
- return new TAlterSentryRoleAddGroupsRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsRequestTupleScheme extends TupleScheme<TAlterSentryRoleAddGroupsRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- {
- oprot.writeI32(struct.groups.size());
- for (TSentryGroup _iter4 : struct.groups)
- {
- _iter4.write(oprot);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set5 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.groups = new HashSet<TSentryGroup>(2*_set5.size);
- TSentryGroup _elem6;
- for (int _i7 = 0; _i7 < _set5.size; ++_i7)
- {
- _elem6 = new TSentryGroup();
- _elem6.read(iprot);
- struct.groups.add(_elem6);
- }
- }
- struct.setGroupsIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsResponse.java
deleted file mode 100644
index 11bf031..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleAddGroupsResponse implements org.apache.thrift.TBase<TAlterSentryRoleAddGroupsResponse, TAlterSentryRoleAddGroupsResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleAddGroupsResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleAddGroupsResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleAddGroupsResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleAddGroupsResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleAddGroupsResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleAddGroupsResponse() {
- }
-
- public TAlterSentryRoleAddGroupsResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleAddGroupsResponse(TAlterSentryRoleAddGroupsResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TAlterSentryRoleAddGroupsResponse deepCopy() {
- return new TAlterSentryRoleAddGroupsResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleAddGroupsResponse)
- return this.equals((TAlterSentryRoleAddGroupsResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleAddGroupsResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleAddGroupsResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleAddGroupsResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleAddGroupsResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsResponseStandardScheme getScheme() {
- return new TAlterSentryRoleAddGroupsResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsResponseStandardScheme extends StandardScheme<TAlterSentryRoleAddGroupsResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleAddGroupsResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddGroupsResponseTupleScheme getScheme() {
- return new TAlterSentryRoleAddGroupsResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleAddGroupsResponseTupleScheme extends TupleScheme<TAlterSentryRoleAddGroupsResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddGroupsResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersRequest.java
deleted file mode 100644
index 0ba4268..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersRequest.java
+++ /dev/null
@@ -1,741 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleAddUsersRequest implements org.apache.thrift.TBase<TAlterSentryRoleAddUsersRequest, TAlterSentryRoleAddUsersRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleAddUsersRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleAddUsersRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField USERS_FIELD_DESC = new org.apache.thrift.protocol.TField("users", org.apache.thrift.protocol.TType.SET, (short)4);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleAddUsersRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleAddUsersRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String roleName; // required
- private Set<String> users; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- USERS((short)4, "users");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
- return ROLE_NAME;
- case 4: // USERS
- return USERS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.USERS, new org.apache.thrift.meta_data.FieldMetaData("users", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleAddUsersRequest.class, metaDataMap);
- }
-
- public TAlterSentryRoleAddUsersRequest() {
- this.protocol_version = 1;
-
- }
-
- public TAlterSentryRoleAddUsersRequest(
- int protocol_version,
- String requestorUserName,
- String roleName,
- Set<String> users)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- this.roleName = roleName;
- this.users = users;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleAddUsersRequest(TAlterSentryRoleAddUsersRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetRoleName()) {
- this.roleName = other.roleName;
- }
- if (other.isSetUsers()) {
- Set<String> __this__users = new HashSet<String>(other.users);
- this.users = __this__users;
- }
- }
-
- public TAlterSentryRoleAddUsersRequest deepCopy() {
- return new TAlterSentryRoleAddUsersRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 1;
-
- this.requestorUserName = null;
- this.roleName = null;
- this.users = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getRoleName() {
- return this.roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void unsetRoleName() {
- this.roleName = null;
- }
-
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
- }
-
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
- }
-
- public int getUsersSize() {
- return (this.users == null) ? 0 : this.users.size();
- }
-
- public java.util.Iterator<String> getUsersIterator() {
- return (this.users == null) ? null : this.users.iterator();
- }
-
- public void addToUsers(String elem) {
- if (this.users == null) {
- this.users = new HashSet<String>();
- }
- this.users.add(elem);
- }
-
- public Set<String> getUsers() {
- return this.users;
- }
-
- public void setUsers(Set<String> users) {
- this.users = users;
- }
-
- public void unsetUsers() {
- this.users = null;
- }
-
- /** Returns true if field users is set (has been assigned a value) and false otherwise */
- public boolean isSetUsers() {
- return this.users != null;
- }
-
- public void setUsersIsSet(boolean value) {
- if (!value) {
- this.users = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case ROLE_NAME:
- if (value == null) {
- unsetRoleName();
- } else {
- setRoleName((String)value);
- }
- break;
-
- case USERS:
- if (value == null) {
- unsetUsers();
- } else {
- setUsers((Set<String>)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case ROLE_NAME:
- return getRoleName();
-
- case USERS:
- return getUsers();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case ROLE_NAME:
- return isSetRoleName();
- case USERS:
- return isSetUsers();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleAddUsersRequest)
- return this.equals((TAlterSentryRoleAddUsersRequest)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleAddUsersRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_roleName = true && this.isSetRoleName();
- boolean that_present_roleName = true && that.isSetRoleName();
- if (this_present_roleName || that_present_roleName) {
- if (!(this_present_roleName && that_present_roleName))
- return false;
- if (!this.roleName.equals(that.roleName))
- return false;
- }
-
- boolean this_present_users = true && this.isSetUsers();
- boolean that_present_users = true && that.isSetUsers();
- if (this_present_users || that_present_users) {
- if (!(this_present_users && that_present_users))
- return false;
- if (!this.users.equals(that.users))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_roleName = true && (isSetRoleName());
- list.add(present_roleName);
- if (present_roleName)
- list.add(roleName);
-
- boolean present_users = true && (isSetUsers());
- list.add(present_users);
- if (present_users)
- list.add(users);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleAddUsersRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(other.isSetRoleName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, other.roleName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetUsers()).compareTo(other.isSetUsers());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetUsers()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.users, other.users);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleAddUsersRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
- sb.append("null");
- } else {
- sb.append(this.roleName);
- }
- first = false;
- if (!first) sb.append(", ");
- sb.append("users:");
- if (this.users == null) {
- sb.append("null");
- } else {
- sb.append(this.users);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
- }
-
- if (!isSetUsers()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'users' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleAddUsersRequestStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddUsersRequestStandardScheme getScheme() {
- return new TAlterSentryRoleAddUsersRequestStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleAddUsersRequestStandardScheme extends StandardScheme<TAlterSentryRoleAddUsersRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleAddUsersRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // USERS
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set8 = iprot.readSetBegin();
- struct.users = new HashSet<String>(2*_set8.size);
- String _elem9;
- for (int _i10 = 0; _i10 < _set8.size; ++_i10)
- {
- _elem9 = iprot.readString();
- struct.users.add(_elem9);
- }
- iprot.readSetEnd();
- }
- struct.setUsersIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleAddUsersRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.users != null) {
- oprot.writeFieldBegin(USERS_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.users.size()));
- for (String _iter11 : struct.users)
- {
- oprot.writeString(_iter11);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleAddUsersRequestTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddUsersRequestTupleScheme getScheme() {
- return new TAlterSentryRoleAddUsersRequestTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleAddUsersRequestTupleScheme extends TupleScheme<TAlterSentryRoleAddUsersRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddUsersRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
- {
- oprot.writeI32(struct.users.size());
- for (String _iter12 : struct.users)
- {
- oprot.writeString(_iter12);
- }
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddUsersRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set13 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.users = new HashSet<String>(2*_set13.size);
- String _elem14;
- for (int _i15 = 0; _i15 < _set13.size; ++_i15)
- {
- _elem14 = iprot.readString();
- struct.users.add(_elem14);
- }
- }
- struct.setUsersIsSet(true);
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersResponse.java
deleted file mode 100644
index 19b2296..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddUsersResponse.java
+++ /dev/null
@@ -1,394 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TAlterSentryRoleAddUsersResponse implements org.apache.thrift.TBase<TAlterSentryRoleAddUsersResponse, TAlterSentryRoleAddUsersResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TAlterSentryRoleAddUsersResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleAddUsersResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TAlterSentryRoleAddUsersResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TAlterSentryRoleAddUsersResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleAddUsersResponse.class, metaDataMap);
- }
-
- public TAlterSentryRoleAddUsersResponse() {
- }
-
- public TAlterSentryRoleAddUsersResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TAlterSentryRoleAddUsersResponse(TAlterSentryRoleAddUsersResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- }
-
- public TAlterSentryRoleAddUsersResponse deepCopy() {
- return new TAlterSentryRoleAddUsersResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TAlterSentryRoleAddUsersResponse)
- return this.equals((TAlterSentryRoleAddUsersResponse)that);
- return false;
- }
-
- public boolean equals(TAlterSentryRoleAddUsersResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TAlterSentryRoleAddUsersResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TAlterSentryRoleAddUsersResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TAlterSentryRoleAddUsersResponseStandardSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddUsersResponseStandardScheme getScheme() {
- return new TAlterSentryRoleAddUsersResponseStandardScheme();
- }
- }
-
- private static class TAlterSentryRoleAddUsersResponseStandardScheme extends StandardScheme<TAlterSentryRoleAddUsersResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TAlterSentryRoleAddUsersResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TAlterSentryRoleAddUsersResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TAlterSentryRoleAddUsersResponseTupleSchemeFactory implements SchemeFactory {
- public TAlterSentryRoleAddUsersResponseTupleScheme getScheme() {
- return new TAlterSentryRoleAddUsersResponseTupleScheme();
- }
- }
-
- private static class TAlterSentryRoleAddUsersResponseTupleScheme extends TupleScheme<TAlterSentryRoleAddUsersResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddUsersResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleAddUsersResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- }
- }
-
-}
-
[11/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/webapp/css/sentry.css
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/webapp/css/sentry.css b/sentry-provider/sentry-provider-db/src/main/webapp/css/sentry.css
deleted file mode 100644
index 69cba19..0000000
--- a/sentry-provider/sentry-provider-db/src/main/webapp/css/sentry.css
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-html {
- position: relative;
- min-height: 100%;
-}
-
-body {
- /* Margin bottom by footer height */
- margin-bottom: 60px;
- padding-top: 80px;
-}
-
-.navbar-collapse {margin-top:10px}
-
-.footer {
- position: absolute;
- bottom: 0;
- width: 100%;
- /* Set the fixed height of the footer here */
- height: 60px;
- background-color: #f5f5f5;
-}
-
-.container .text-muted {
- margin: 20px 0;
-}
-
-.footer > .container {
- padding-right: 15px;
- padding-left: 15px;
-}
-
-code {
- font-size: 80%;
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/webapp/sentry.png
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/webapp/sentry.png b/sentry-provider/sentry-provider-db/src/main/webapp/sentry.png
deleted file mode 100644
index 67edd90..0000000
Binary files a/sentry-provider/sentry-provider-db/src/main/webapp/sentry.png and /dev/null differ
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreIntegrationBase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreIntegrationBase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreIntegrationBase.java
deleted file mode 100644
index f14b586..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreIntegrationBase.java
+++ /dev/null
@@ -1,91 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import java.io.File;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.After;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
-
-import com.google.common.io.Files;
-
-public abstract class SentryStoreIntegrationBase {
- protected final static String[] adminGroups = { "adminGroup" };
- private static File dataDir;
- private static File policyFilePath;
- protected static Configuration conf;
- protected static DelegateSentryStore sentryStore;
- protected static PolicyFile policyFile;
-
- @BeforeClass
- public static void setup() throws Exception {
- conf = new Configuration(false);
- setup(conf);
- sentryStore = new DelegateSentryStore(conf);
- }
-
- private static void setup(Configuration conf) throws Exception {
- dataDir = new File(Files.createTempDir(), "sentry_policy_db");
- conf.set(ServerConfig.SENTRY_VERIFY_SCHEM_VERSION, "false");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
- "jdbc:derby:;databaseName=" + dataDir.getPath() + ";create=true");
- conf.set(ServerConfig.SENTRY_STORE_JDBC_PASS, "dummy");
- conf.setStrings(ServerConfig.ADMIN_GROUPS, adminGroups);
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING,
- ServerConfig.SENTRY_STORE_LOCAL_GROUP_MAPPING);
-
- policyFilePath = new File(Files.createTempDir(), "local_policy_file.ini");
- conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING_RESOURCE,
- policyFilePath.getPath());
- }
-
- @After
- public void clearData() {
- sentryStore.clearAllTables();
- }
-
- @AfterClass
- public static void teardown() {
- if (sentryStore != null) {
- sentryStore.close();
- }
- if (dataDir != null) {
- FileUtils.deleteQuietly(dataDir);
- }
- if (policyFilePath != null) {
- FileUtils.deleteQuietly(policyFilePath);
- }
- }
-
- public static void addGroupsToUser(String user, String... groupNames) {
- policyFile.addGroupsToUser(user, groupNames);
- }
-
- public static void writePolicyFile() throws Exception {
- policyFile.write(policyFilePath);
- }
-
- public String[] getAdminGroups() {
- return adminGroups;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestDelegateSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestDelegateSentryStore.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestDelegateSentryStore.java
deleted file mode 100644
index 1ab5f03..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestDelegateSentryStore.java
+++ /dev/null
@@ -1,182 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
-
-import java.util.Set;
-
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-public class TestDelegateSentryStore extends SentryStoreIntegrationBase{
- private static final String SEARCH = "solr";
-
- @Before
- public void configure() throws Exception {
- /**
- * add the admin user to admin groups
- */
- policyFile = new PolicyFile();
- addGroupsToUser("admin", getAdminGroups());
- writePolicyFile();
- }
-
- @Test
- public void testCreateDropRole() throws Exception {
- String roleName = "test-drop-role";
- String grantor = "grantor";
- long seqId = sentryStore.createRole(SEARCH, roleName, grantor).getSequenceId();
- assertEquals(seqId + 1, sentryStore.dropRole(SEARCH, roleName, grantor).getSequenceId());
- }
-
- @Test
- public void testCaseInsensitiveCreateDropRole() throws Exception {
- String roleName1 = "test";
- String roleName2 = "TeSt";
- String grantor = "grantor";
- sentryStore.createRole(SEARCH, roleName1, grantor);
- try {
- sentryStore.createRole(SEARCH, roleName2, grantor);
- fail("Fail to throw SentryAlreadyExistsException");
- } catch (SentryAlreadyExistsException e) {
- //ignore the exception
- }
-
- try {
- sentryStore.dropRole(SEARCH, roleName2, grantor);
- } catch (SentryNoSuchObjectException e) {
- fail("Shouldn't throw SentryNoSuchObjectException");
- }
- }
-
- @Test(expected=SentryAlreadyExistsException.class)
- public void testCreateDuplicateRole() throws Exception {
- String roleName = "test-dup-role";
- String grantor = "grantor";
- sentryStore.createRole(SEARCH, roleName, grantor);
- sentryStore.createRole(SEARCH, roleName, grantor);
- }
-
- @Test(expected=SentryNoSuchObjectException.class)
- public void testDropNotExistRole() throws Exception {
- String roleName = "not-exist";
- String grantor = "grantor";
- sentryStore.dropRole(SEARCH, roleName, grantor);
- }
-
- @Test(expected = SentryNoSuchObjectException.class)
- public void testAddGroupsNonExistantRole()
- throws Exception {
- String roleName = "non-existant-role";
- String grantor = "grantor";
- sentryStore.alterRoleAddGroups(SEARCH, roleName, Sets.newHashSet("g1"), grantor);
- }
-
- @Test(expected = SentryNoSuchObjectException.class)
- public void testDeleteGroupsNonExistantRole()
- throws Exception {
- String roleName = "non-existant-role";
- String grantor = "grantor";
- sentryStore.alterRoleDeleteGroups(SEARCH, roleName, Sets.newHashSet("g1"), grantor);
- }
-
- @Test
- public void testAddDeleteRoleToGroups() throws Exception {
- String role1 = "r1", role2 = "r2";
- Set<String> twoGroups = Sets.newHashSet("g1", "g2");
- Set<String> oneGroup = Sets.newHashSet("g3");
- String grantor = "grantor";
-
- sentryStore.createRole(SEARCH, role1, grantor);
- sentryStore.createRole(SEARCH, role2, grantor);
-
- sentryStore.alterRoleAddGroups(SEARCH, role1, twoGroups, grantor);
- assertEquals(twoGroups, sentryStore.getGroupsByRoles(SEARCH,Sets.newHashSet(role1)));
-
- assertEquals(Sets.newHashSet(role1), sentryStore.getRolesByGroups(SEARCH, twoGroups));
-
- sentryStore.alterRoleAddGroups(SEARCH, role2, oneGroup, grantor);
- assertEquals(oneGroup, sentryStore.getGroupsByRoles(SEARCH, Sets.newHashSet(role2)));
-
- sentryStore.alterRoleDeleteGroups(SEARCH, role1, Sets.newHashSet("g1"), grantor);
- assertEquals(Sets.newHashSet("g2"), sentryStore.getGroupsByRoles(SEARCH, Sets.newHashSet(role1)));
-
- sentryStore.alterRoleDeleteGroups(SEARCH, role2, oneGroup, grantor);
- assertEquals(Sets.newHashSet(), sentryStore.getGroupsByRoles(SEARCH, Sets.newHashSet(role2)));
- }
-
- @Test
- public void testGetRolesByGroupNames() throws Exception {
- String role1 = "r1", role2 = "r2";
- Set<String> twoGroups = Sets.newHashSet("g1", "g2");
- String grantor = "grantor";
-
- sentryStore.createRole(SEARCH, role1, grantor);
- sentryStore.createRole(SEARCH, role2, grantor);
-
- sentryStore.alterRoleAddGroups(SEARCH, role1, twoGroups, grantor);
- sentryStore.alterRoleAddGroups(SEARCH, role2, twoGroups, grantor);
-
- assertEquals(Sets.newHashSet(role1,role2), sentryStore.getRolesByGroups(SEARCH, twoGroups));
- }
-
- @Test
- public void testGetGroupsByRoleNames() throws Exception {
- String role1 = "r1", role2 = "r2";
- Set<String> twoGroups = Sets.newHashSet("g1", "g2");
- String grantor = "grantor";
-
- sentryStore.createRole(SEARCH, role1, grantor);
- sentryStore.createRole(SEARCH, role2, grantor);
-
- sentryStore.alterRoleAddGroups(SEARCH, role1, twoGroups, grantor);
- sentryStore.alterRoleAddGroups(SEARCH, role2, twoGroups, grantor);
-
- assertEquals(twoGroups, sentryStore.getGroupsByRoles(SEARCH, Sets.newHashSet(role1)));
- assertEquals(twoGroups, sentryStore.getGroupsByRoles(SEARCH, Sets.newHashSet(role2)));
- assertEquals(twoGroups, sentryStore.getGroupsByRoles(SEARCH, Sets.newHashSet(role1,role2)));
- }
-
- @Test
- public void testGetAllRoles() throws Exception {
- String role1 = "r1", role2 = "r2";
- Set<String> twoGroups = Sets.newHashSet("g1", "g2");
- String grantor = "grantor";
-
- sentryStore.createRole(SEARCH, role1, grantor);
- sentryStore.createRole(SEARCH, role2, grantor);
-
- sentryStore.alterRoleAddGroups(SEARCH, role1, twoGroups, grantor);
- sentryStore.alterRoleAddGroups(SEARCH, role2, twoGroups, grantor);
-
- //test get all roles by groupName=null
- String groupName = null;
- Set<String> groups = Sets.newHashSet(groupName);
- assertEquals(Sets.newHashSet(role1,role2), sentryStore.getRolesByGroups(SEARCH, groups));
-
- groups.clear();
- assertEquals(0, sentryStore.getRolesByGroups(SEARCH, groups).size());
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java
deleted file mode 100644
index 799d5ef..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java
+++ /dev/null
@@ -1,1139 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
-
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.List;
-
-import com.google.common.collect.Lists;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.BitFieldAction;
-import org.apache.sentry.core.common.BitFieldActionFactory;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
-import org.apache.sentry.core.model.sqoop.SqoopActionConstant;
-import org.apache.sentry.core.common.exception.SentryGrantDeniedException;
-import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
-import org.apache.sentry.provider.file.PolicyFile;
-import org.apache.sentry.service.thrift.ServiceConstants;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-/**
- * The test cases are used for search component The authorizables are COLLECTION and Field
- * The actions of search privilege are ALL,QUERY and UPDATE
- */
-public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase {
- private static final String SEARCH = "solr";
- private static final String ADMIN_USER = "solr";
- private static final String GRANT_OPTION_USER = "user_grant_option";
- private static final String[] GRANT_OPTION_GROUP = { "group_grant_option" };
- private static final String NO_GRANT_OPTION_USER = "user_no_grant_option";
- private static final String[] NO_GRANT_OPTION_GROUP = { "group_no_grant_option" };
-
- private static final String SERVICE = "service";
- private static final String COLLECTION_NAME = "collection1";
- private static final String NOT_COLLECTION_NAME = "not_collection1";
- private static final String FIELD_NAME = "field1";
- private static final String NOT_FIELD_NAME = "not_field1";
-
- @Before
- public void configure() throws Exception {
- /**
- * add the solr user to admin groups
- */
- policyFile = new PolicyFile();
- addGroupsToUser(ADMIN_USER, getAdminGroups());
- writePolicyFile();
- }
-
- /**
- * Grant query privilege to role r1
- */
- @Test
- public void testGrantPrivilege() throws Exception {
- testGrantPrivilege(sentryStore, SEARCH);
- }
-
- @Test
- public void testGrantPrivilegeTwice() throws Exception {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- sentryStore.createRole(SEARCH, roleName, grantor);
-
- PrivilegeObject queryPrivilegeWithOption = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .withGrantOption(true)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilegeWithOption, grantor);
- assertEquals(1,sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)).size());
- //grant again
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilegeWithOption, grantor);
- assertEquals(1,sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)).size());
-
- PrivilegeObject queryPrivilegeWithNoOption = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .withGrantOption(false)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilegeWithNoOption, grantor);
- assertEquals(2,sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)).size());
- //grant again
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilegeWithNoOption, grantor);
- assertEquals(2,sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)).size());
-
- PrivilegeObject queryPrivilegeWithNullGrant = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .withGrantOption(null)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilegeWithNullGrant, grantor);
-
- assertEquals(3,sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)).size());
- //grant again
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilegeWithNullGrant, grantor);
- assertEquals(3,sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)).size());
-
- }
-
- /**
- * Grant query privilege to role r1 and there is ALL privilege related this
- * collection existed
- */
- @Test
- public void testGrantPrivilegeWithAllPrivilegeExist() throws Exception {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- PrivilegeObject allPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- sentryStore.createRole(SEARCH, roleName, grantor);
- /**
- * grant all privilege to role r1
- */
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, allPrivilege, grantor);
- /**
- * check role r1 truly has the privilege been granted
- */
- assertEquals(Sets.newHashSet(allPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
-
- PrivilegeObject queryPrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.QUERY)
- .build();
-
- /**
- * grant query privilege to role r1
- */
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilege, grantor);
- /**
- * all privilege has been existed, the query privilege will not persistent
- */
- assertEquals(Sets.newHashSet(allPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- }
-
- /**
- * Grant query privilege to role r1 and there are query and update privileges
- * related this collection existed
- */
- @Test
- public void testGrantALLPrivilegeWithOtherPrivilegesExist() throws Exception {
- String roleName1 = "r1";
- String roleName2 = "r2";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
-
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- sentryStore.createRole(SEARCH, roleName1, grantor);
- sentryStore.createRole(SEARCH, roleName2, grantor);
- /**
- * grant query and update privilege to role r1 and role r2
- */
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, updatePrivilege,grantor);
- assertEquals(Sets.newHashSet(queryPrivilege, updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, queryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, updatePrivilege,grantor);
- assertEquals(Sets.newHashSet(queryPrivilege, updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
-
- PrivilegeObject allPrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.ALL)
- .build();
-
- /**
- * grant all privilege to role r1
- */
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, allPrivilege, grantor);
-
- /**
- * check the query and update privileges of roleName1 will be removed because of ALl privilege
- * granted
- */
- assertEquals(Sets.newHashSet(allPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- /**
- * check the query and update privileges of roleName2 will not affected and exist
- */
- assertEquals(Sets.newHashSet(queryPrivilege, updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
- }
-
- @Test
- public void testGrantRevokeCheckWithGrantOption() throws Exception {
-
- addGroupsToUser(GRANT_OPTION_USER, GRANT_OPTION_GROUP);
- addGroupsToUser(NO_GRANT_OPTION_USER, NO_GRANT_OPTION_GROUP);
- writePolicyFile();
-
- String roleName1 = "r1";
- String roleName2 = "r2";
- String grantor = "g1";
- sentryStore.createRole(SEARCH, roleName1, grantor);
- sentryStore.createRole(SEARCH, roleName2, grantor);
- /**
- * grant query privilege to role r1 with grant option
- */
- PrivilegeObject queryPrivilege1 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .withGrantOption(true)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege1,
- ADMIN_USER);
- assertEquals(Sets.newHashSet(queryPrivilege1),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
- /**
- * grant query privilege to role r2 no grant option
- */
- PrivilegeObject queryPrivilege2 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .withGrantOption(false).build();
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, queryPrivilege2,
- ADMIN_USER);
- assertEquals(Sets.newHashSet(queryPrivilege2),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
-
- sentryStore.alterRoleAddGroups(SEARCH, roleName1,
- Sets.newHashSet(GRANT_OPTION_GROUP), grantor);
- sentryStore.alterRoleAddGroups(SEARCH, roleName2,
- Sets.newHashSet(NO_GRANT_OPTION_GROUP), grantor);
-
- String roleName3 = "r3";
- sentryStore.createRole(SEARCH, roleName3, grantor);
- /**
- * the user with grant option grant query privilege to rolr r3
- */
- try{
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName3, queryPrivilege1,
- GRANT_OPTION_USER);
- } catch (SentryGrantDeniedException e) {
- fail("SentryGrantDeniedException shouldn't have been thrown");
- }
-
- /**
- * the user with grant option revoke query privilege to rolr r3
- */
- try{
- sentryStore.alterRoleRevokePrivilege(SEARCH, roleName3, queryPrivilege1,
- GRANT_OPTION_USER);
- } catch (SentryGrantDeniedException e) {
- fail("SentryGrantDeniedException shouldn't have been thrown");
- }
-
- /**
- * the user with no grant option grant query privilege to rolr r3, it will
- * throw SentryGrantDeniedException
- */
- try {
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName3, queryPrivilege2,
- NO_GRANT_OPTION_USER);
- fail("SentryGrantDeniedException should have been thrown");
- } catch (SentryGrantDeniedException e) {
- //ignore the exception
- }
-
- /**
- * the user with no grant option revoke query privilege to rolr r3, it will
- * throw SentryGrantDeniedException
- */
- try {
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName3, queryPrivilege2,
- NO_GRANT_OPTION_USER);
- fail("SentryGrantDeniedException should have been thrown");
- } catch (SentryGrantDeniedException e) {
- //ignore the exception
- }
- }
-
- @Test
- public void testGrantWithGrantOption() throws Exception {
-
- addGroupsToUser(GRANT_OPTION_USER, GRANT_OPTION_GROUP);
- addGroupsToUser(NO_GRANT_OPTION_USER, NO_GRANT_OPTION_GROUP);
- writePolicyFile();
-
- String roleName1 = "r1";
- String grantor = "g1";
- sentryStore.createRole(SEARCH, roleName1, grantor);
- /**
- * grant query privilege to role r1 with grant option
- */
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .withGrantOption(true)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege,ADMIN_USER);
- sentryStore.alterRoleAddGroups(SEARCH, roleName1,
- Sets.newHashSet(GRANT_OPTION_GROUP), grantor);
-
- /**
- * the user with grant option grant query privilege to rolr r2
- */
- String roleName2 = "r2";
- sentryStore.createRole(SEARCH, roleName2, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, queryPrivilege, GRANT_OPTION_USER);
-
- assertEquals(Sets.newHashSet(queryPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
-
- }
-
-
- /**
- * Grant query and update privileges to role r1 and revoke query privilege
- * there is left update privilege related to role r1
- */
- @Test
- public void testRevokePrivilege() throws Exception {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- sentryStore.createRole(SEARCH, roleName, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, updatePrivilege, grantor);
-
- assertEquals(Sets.newHashSet(queryPrivilege,updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- /**
- * revoke query privilege
- */
- sentryStore.alterRoleRevokePrivilege(SEARCH, roleName, queryPrivilege, grantor);
- assertEquals(Sets.newHashSet(updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- }
-
- /**
- * Grant query and update privileges to role r1 and revoke all privilege,
- * there is no privilege related to role r1
- */
- @Test
- public void testRevokeAllPrivilege() throws Exception {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME),new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- sentryStore.createRole(SEARCH, roleName, grantor);
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, updatePrivilege, grantor);
-
- assertEquals(Sets.newHashSet(queryPrivilege,updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- /**
- * revoke all privilege
- */
- PrivilegeObject allPrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.ALL)
- .build();
-
- sentryStore.alterRoleRevokePrivilege(SEARCH, roleName, allPrivilege, grantor);
-
- assertEquals(Sets.newHashSet(),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- }
-
- /**
- * Grant all privilege to role r1 and revoke query privilege
- * there is update privilege related to role r1
- */
- @Test
- public void testRevokePrivilegeWithAllPrivilegeExist() throws Exception {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- PrivilegeObject allPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- sentryStore.createRole(SEARCH, roleName, grantor);
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, allPrivilege, grantor);
-
- assertEquals(Sets.newHashSet(allPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- /**
- * revoke update privilege
- */
- PrivilegeObject updatePrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- PrivilegeObject queryPrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.QUERY)
- .build();
-
- sentryStore.alterRoleRevokePrivilege(SEARCH, roleName, updatePrivilege, grantor);
-
- assertEquals(Sets.newHashSet(queryPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- }
-
- /**
- * Grant update, query and all privilege to role r1
- * Revoke query privilege from role r1
- * there is update privilege related to role r1
- */
- @Test
- public void testRevokePrivilegeWithAllPrivilegesGranted() throws Exception {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- PrivilegeObject allPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- PrivilegeObject queryPrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.QUERY)
- .build();
-
- sentryStore.createRole(SEARCH, roleName, grantor);
- //grant query to role r1
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilege, grantor);
- assertEquals(Sets.newHashSet(queryPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
-
- //grant update to role r1
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, updatePrivilege, grantor);
- assertEquals(Sets.newHashSet(queryPrivilege, updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- /**
- * grant all action privilege to role r1, because all action includes query and update action,
- * The role r1 only has the action all privilege
- */
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, allPrivilege, grantor);
- assertEquals(Sets.newHashSet(allPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- /**
- * revoke update privilege from role r1, the query privilege has been left
- */
- sentryStore.alterRoleRevokePrivilege(SEARCH, roleName, updatePrivilege, grantor);
- assertEquals(Sets.newHashSet(queryPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- }
-
- @Test
- public void testRevokeParentPrivilegeWithChildsExist() throws Exception {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- PrivilegeObject updatePrivilege1 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject queryPrivilege1 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME),new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject queryPrivilege2 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(NOT_COLLECTION_NAME)))
- .build();
-
- sentryStore.createRole(SEARCH, roleName, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, updatePrivilege1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilege1, grantor);
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName, queryPrivilege2, grantor);
-
- /**
- * revoke all privilege with collection[COLLECTION_NAME=collection1] and its child privileges
- */
- PrivilegeObject allPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- sentryStore.alterRoleRevokePrivilege(SEARCH, roleName, allPrivilege, grantor);
- assertEquals(Sets.newHashSet(queryPrivilege2),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
- }
-
- @Test
- public void testRevokeWithGrantOption() throws Exception {
-
- addGroupsToUser(GRANT_OPTION_USER, GRANT_OPTION_GROUP);
- addGroupsToUser(NO_GRANT_OPTION_USER, NO_GRANT_OPTION_GROUP);
- writePolicyFile();
-
- String roleName1 = "r1";
- String grantor = "g1";
- sentryStore.createRole(SEARCH, roleName1, grantor);
- /**
- * grant query privilege to role r1 with grant option
- */
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .withGrantOption(true)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege,
- ADMIN_USER);
- assertEquals(Sets.newHashSet(queryPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- sentryStore.alterRoleAddGroups(SEARCH, roleName1,
- Sets.newHashSet(GRANT_OPTION_GROUP), grantor);
-
- String roleName2 = "r2";
- sentryStore.createRole(SEARCH, roleName2, grantor);
- /**
- * the user with grant option grant query privilege to rolr r2
- */
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, queryPrivilege,
- GRANT_OPTION_USER);
- assertEquals(Sets.newHashSet(queryPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
-
- /**
- * the user with grant option revoke query privilege to rolr r3
- */
- sentryStore.alterRoleRevokePrivilege(SEARCH, roleName2, queryPrivilege, GRANT_OPTION_USER);
- assertEquals(Sets.newHashSet(),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
- }
-
- @Test
- public void testDropPrivilege() throws Exception{
- String roleName1 = "r1";
- String roleName2 = "r2";
- String grantor = ADMIN_USER;
-
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- /**
- * grant query and update privilege to role r1 and r2
- */
- sentryStore.createRole(SEARCH, roleName1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, updatePrivilege, grantor);
-
- sentryStore.createRole(SEARCH, roleName2, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, queryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, updatePrivilege, grantor);
-
- assertEquals(Sets.newHashSet(queryPrivilege,updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- assertEquals(Sets.newHashSet(queryPrivilege,updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
- /**
- * drop query privilege
- */
- sentryStore.dropPrivilege(SEARCH, queryPrivilege, grantor);
-
- assertEquals(Sets.newHashSet(updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- assertEquals(Sets.newHashSet(updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
-
- /**
- * drop ALL privilege
- */
- PrivilegeObject allPrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.ALL)
- .build();
-
- sentryStore.dropPrivilege(SEARCH, allPrivilege, grantor);
-
- assertEquals(Sets.newHashSet(),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- assertEquals(Sets.newHashSet(),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
-
- /**
- * grant query and update field scope[collection1,field1] privilege to role r1
- * drop collection scope[collection1] privilege
- * there is no privilege
- */
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, updatePrivilege, grantor);
-
- PrivilegeObject parentPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- sentryStore.dropPrivilege(SEARCH, parentPrivilege, grantor);
- assertEquals(Sets.newHashSet(),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
- }
-
- @Test
- public void testRenamePrivilege() throws Exception{
- String roleName1 = "r1";
- String roleName2 = "r2";
- String grantor = ADMIN_USER;
-
- List<? extends Authorizable> oldAuthoriables = Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME));
- List<? extends Authorizable> newAuthoriables = Arrays.asList(new Collection(COLLECTION_NAME), new Field(NOT_FIELD_NAME));
-
- PrivilegeObject oldQueryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(oldAuthoriables)
- .build();
-
- PrivilegeObject oldUpdatePrivilege = new Builder(oldQueryPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- PrivilegeObject oldALLPrivilege = new Builder(oldQueryPrivilege)
- .setAction(SearchConstants.ALL)
- .build();
-
-
- PrivilegeObject newQueryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(newAuthoriables)
- .build();
-
- PrivilegeObject newUpdatePrivilege = new Builder(newQueryPrivilege)
- .setAction(SearchConstants.UPDATE)
- .build();
-
- PrivilegeObject newALLPrivilege = new Builder(newQueryPrivilege)
- .setAction(SearchConstants.ALL)
- .build();
-
-
- /**
- * grant query and update privilege to role r1
- * grant all privilege to role r2
- */
- sentryStore.createRole(SEARCH, roleName1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, oldQueryPrivilege, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, oldUpdatePrivilege, grantor);
-
- sentryStore.createRole(SEARCH, roleName2, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, oldALLPrivilege, grantor);
-
- assertEquals(Sets.newHashSet(oldQueryPrivilege,oldUpdatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- assertEquals(Sets.newHashSet(oldALLPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
- /**
- * rename old query privilege to new query privilege
- */
- sentryStore.renamePrivilege(SEARCH, SERVICE,
- oldAuthoriables,
- newAuthoriables,
- grantor);
-
- assertEquals(Sets.newHashSet(newQueryPrivilege,newUpdatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- assertEquals(Sets.newHashSet(newALLPrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
- /**
- * rename collection scope[collection=collection1] privilege to [collection=not_collection1]
- * These privileges belong to collection scope[collection=collection1] will change to
- * [collection=not_collection1]
- */
-
- List<? extends Authorizable> newAuthoriables1 = Arrays.asList(new Collection(NOT_COLLECTION_NAME),new Field(NOT_FIELD_NAME));
-
- PrivilegeObject newQueryPrivilege1 = new Builder(newQueryPrivilege)
- .setAuthorizables(newAuthoriables1)
- .build();
-
- PrivilegeObject newUpdatePrivilege1 = new Builder(newUpdatePrivilege)
- .setAuthorizables(newAuthoriables1)
- .build();
-
- PrivilegeObject newALLPrivilege1 = new Builder(newALLPrivilege)
- .setAuthorizables(newAuthoriables1)
- .build();
-
- sentryStore.renamePrivilege(SEARCH, SERVICE,
- Arrays.asList(new Collection(COLLECTION_NAME)),
- Arrays.asList(new Collection(NOT_COLLECTION_NAME)),
- grantor);
-
- assertEquals(Sets.newHashSet(newQueryPrivilege1,newUpdatePrivilege1),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1)));
-
- assertEquals(Sets.newHashSet(newALLPrivilege1),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
- }
-
- @Test
- public void testGetPrivilegesByRoleName() throws Exception {
- String roleName1 = "r1";
- String roleName2 = "r2";
- String grantor = "g1";
-
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- sentryStore.createRole(SEARCH, roleName1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege,
- ADMIN_USER);
-
- PrivilegeObject updatePrivilege = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- sentryStore.createRole(SEARCH, roleName2, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, updatePrivilege,
- ADMIN_USER);
-
- assertEquals(Sets.newHashSet(queryPrivilege,updatePrivilege),
- sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName1,roleName2)));
-
- }
-
- @Test
- public void testGetPrivilegesByProvider() throws Exception {
- String roleName1 = "r1";
- String roleName2 = "r2";
- String roleName3 = "r3";
- String group = "g3";
- String grantor = ADMIN_USER;
-
- String service1 = "service1";
-
- PrivilegeObject queryPrivilege1 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege1 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject queryPrivilege2 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege2 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- sentryStore.createRole(SEARCH, roleName1, grantor);
- sentryStore.createRole(SEARCH, roleName2, grantor);
- sentryStore.createRole(SEARCH, roleName3, grantor);
-
- sentryStore.alterRoleAddGroups(SEARCH, roleName3, Sets.newHashSet(group), grantor);
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, updatePrivilege1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, queryPrivilege2, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName3, updatePrivilege2, grantor);
-
- assertEquals(Sets.newHashSet(updatePrivilege1, queryPrivilege1),
- sentryStore.getPrivilegesByProvider(SEARCH, service1, Sets.newHashSet(roleName1), null, null));
-
- assertEquals(Sets.newHashSet(updatePrivilege1, queryPrivilege1, queryPrivilege2),
- sentryStore.getPrivilegesByProvider(SEARCH, service1, Sets.newHashSet(roleName1,roleName2),
- null, null));
-
- assertEquals(Sets.newHashSet(updatePrivilege1, queryPrivilege1, queryPrivilege2, updatePrivilege2),
- sentryStore.getPrivilegesByProvider(SEARCH, service1, Sets.newHashSet(roleName1,roleName2),
- Sets.newHashSet(group), null));
-
- List<? extends Authorizable> authorizables = Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME));
- assertEquals(Sets.newHashSet(updatePrivilege1, updatePrivilege2),
- sentryStore.getPrivilegesByProvider(SEARCH, service1, Sets.newHashSet(roleName1,roleName2),
- Sets.newHashSet(group), authorizables));
- }
-
- @Test
- public void testGetPrivilegesByAuthorizable() throws Exception {
- String roleName1 = "r1";
- String roleName2 = "r2";
- String roleName3 = "r3";
- String grantor = ADMIN_USER;
-
- String service1 = "service1";
-
- PrivilegeObject queryPrivilege1 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege1 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- PrivilegeObject queryPrivilege2 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
- .build();
-
- PrivilegeObject updatePrivilege2 = new Builder()
- .setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
- .setService(service1)
- .setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
- .build();
-
- sentryStore.createRole(SEARCH, roleName1, grantor);
- sentryStore.createRole(SEARCH, roleName2, grantor);
- sentryStore.createRole(SEARCH, roleName3, grantor);
-
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, queryPrivilege1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName1, updatePrivilege1, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName2, queryPrivilege2, grantor);
- sentryStore.alterRoleGrantPrivilege(SEARCH, roleName3, updatePrivilege2, grantor);
-
- assertEquals(0, sentryStore.getPrivilegesByAuthorizable(SEARCH, service1, null,
- Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME))).size());
- assertEquals(1, sentryStore.getPrivilegesByAuthorizable(SEARCH, service1, Sets.newHashSet(roleName1),
- Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME))).size());
- assertEquals(2, sentryStore.getPrivilegesByAuthorizable(SEARCH, service1,
- Sets.newHashSet(roleName1), null).size());
- assertEquals(2, sentryStore.getPrivilegesByAuthorizable(SEARCH, service1,
- Sets.newHashSet(roleName1,roleName2), null).size());
- assertEquals(2, sentryStore.getPrivilegesByAuthorizable(SEARCH, service1,
- Sets.newHashSet(roleName1,roleName2, roleName3), null).size());
- }
-
- @Test(expected = RuntimeException.class)
- public void testGrantPrivilegeExternalComponentMissingConf() throws SentryUserException {
- testGrantPrivilege(sentryStore, "externalComponent");
- }
-
- @Test(expected = RuntimeException.class)
- public void testGrantPrivilegeExternalComponentInvalidConf() throws Exception {
- String externalComponent = "mycomponent";
- Configuration confCopy = new Configuration(conf);
- confCopy.set(String.format(ServiceConstants.ServerConfig.SENTRY_COMPONENT_ACTION_FACTORY_FORMAT, externalComponent),
- InvalidActionFactory.class.getName());
- SentryStoreLayer store = new DelegateSentryStore(confCopy);
- testGrantPrivilege(store, externalComponent);
- }
-
- @Test
- public void testGrantPrivilegeExternalComponent() throws Exception {
- String externalComponent = "mycomponent";
- Configuration confCopy = new Configuration(conf);
- confCopy.set(String.format(ServiceConstants.ServerConfig.SENTRY_COMPONENT_ACTION_FACTORY_FORMAT, externalComponent),
- MyComponentActionFactory.class.getName());
- SentryStoreLayer store = new DelegateSentryStore(confCopy);
- testGrantPrivilege(store, externalComponent);
- }
-
- @Test
- public void testGrantPrivilegeExternalComponentCaseInsensitivity() throws Exception {
- String externalComponent = "MyCoMpOnEnT";
- Configuration confCopy = new Configuration(conf);
- confCopy.set(String.format(ServiceConstants.ServerConfig.SENTRY_COMPONENT_ACTION_FACTORY_FORMAT, "mycomponent"),
- MyComponentActionFactory.class.getName());
- SentryStoreLayer store = new DelegateSentryStore(confCopy);
- testGrantPrivilege(store, externalComponent);
- }
-
- private void testGrantPrivilege(SentryStoreLayer sentryStore, String component) throws SentryUserException {
- String roleName = "r1";
- /**
- * grantor is admin, there is no need to check grant option
- */
- String grantor = ADMIN_USER;
- PrivilegeObject queryPrivilege = new Builder()
- .setComponent(component)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Collections.singletonList(new Collection(COLLECTION_NAME)))
- .withGrantOption(null)
- .build();
-
- sentryStore.createRole(component, roleName, grantor);
- sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilege, grantor);
-
- assertEquals(Sets.newHashSet(queryPrivilege),
- sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
-
- PrivilegeObject queryPrivilegeWithOption = new Builder()
- .setComponent(component)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Collections.singletonList(new Collection(COLLECTION_NAME)))
- .withGrantOption(true)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithOption, grantor);
-
- assertEquals(Sets.newHashSet(queryPrivilege, queryPrivilegeWithOption),
- sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
-
- PrivilegeObject queryPrivilegeWithNoOption = new Builder()
- .setComponent(component)
- .setAction(SearchConstants.QUERY)
- .setService(SERVICE)
- .setAuthorizables(Collections.singletonList(new Collection(COLLECTION_NAME)))
- .withGrantOption(false)
- .build();
-
- sentryStore.alterRoleGrantPrivilege(component, roleName, queryPrivilegeWithNoOption, grantor);
-
- assertEquals(Sets.newHashSet(queryPrivilege, queryPrivilegeWithOption, queryPrivilegeWithNoOption),
- sentryStore.getPrivilegesByRole(component, Sets.newHashSet(roleName)));
- }
-
- public static final class InvalidActionFactory {
-
- }
-
- public static final class MyComponentActionFactory extends BitFieldActionFactory {
-
- public enum MyComponentActionType {
- FOO("foo", 1),
- BAR("bar", 2),
- QUERY(SearchConstants.QUERY, 4),
- ALL("*", FOO.getCode() | BAR.getCode() | QUERY.getCode());
-
- private String name;
- private int code;
- MyComponentActionType(String name, int code) {
- this.name = name;
- this.code = code;
- }
-
- public int getCode() {
- return code;
- }
-
- public String getName() {
- return name;
- }
-
- static MyComponentActionType getActionByName(String name) {
- for (MyComponentActionType action : MyComponentActionType.values()) {
- if (action.name.equalsIgnoreCase(name)) {
- return action;
- }
- }
- throw new RuntimeException("can't get MyComponentActionType by name:" + name);
- }
-
- static List<MyComponentActionType> getActionByCode(int code) {
- List<MyComponentActionType> actions = Lists.newArrayList();
- for (MyComponentActionType action : MyComponentActionType.values()) {
- if ((action.code & code) == action.code && action != MyComponentActionType.ALL) {
- //MyComponentActionType.ALL action should not return in the list
- actions.add(action);
- }
- }
- if (actions.isEmpty()) {
- throw new RuntimeException("can't get sqoopActionType by code:" + code);
- }
- return actions;
- }
- }
-
- public static class MyComponentAction extends BitFieldAction {
- public MyComponentAction(String name) {
- this(MyComponentActionType.getActionByName(name));
- }
- public MyComponentAction(MyComponentActionType myComponentActionType) {
- super(myComponentActionType.name, myComponentActionType.code);
- }
- }
-
- @Override
- public List<? extends BitFieldAction> getActionsByCode(int actionCode) {
- List<MyComponentAction> actions = Lists.newArrayList();
- for (MyComponentActionType action : MyComponentActionType.getActionByCode(actionCode)) {
- actions.add(new MyComponentAction(action));
- }
- return actions;
- }
-
- @Override
- public BitFieldAction getActionByName(String name) {
- // Check the name is All
- if (SqoopActionConstant.ALL_NAME.equalsIgnoreCase(name)) {
- return new MyComponentAction(MyComponentActionType.ALL);
- }
- return new MyComponentAction(name);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java
deleted file mode 100644
index 258721e..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java
+++ /dev/null
@@ -1,207 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.fail;
-
-import java.util.Arrays;
-
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
-import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.junit.Test;
-
-public class TestSentryGMPrivilege {
-
- @Test
- public void testValidateAuthorizables() throws Exception {
- try {
- new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f1")),SearchConstants.QUERY, false);
- } catch (IllegalStateException e) {
- fail("unexpect happend: it is a validated privilege");
- }
-
- try {
- new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection(""), new Field("f1")),SearchConstants.QUERY, false);
- fail("unexpect happend: it is not a validated privilege, The empty name of authorizable can't be empty");
- } catch (IllegalStateException e) {
- }
-
- try {
- new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(null, new Field("f1")),SearchConstants.QUERY, false);
- fail("unexpect happend: it is not a validated privilege, The authorizable can't be null");
- } catch (IllegalStateException e) {
- }
- }
-
- @Test
- public void testImpliesWithServerScope() throws Exception {
- //The persistent privilege is server scope
- MSentryGMPrivilege serverPrivilege = new MSentryGMPrivilege("solr",
- "service1", null,SearchConstants.QUERY, false);
-
- MSentryGMPrivilege collectionPrivilege = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1")),
- SearchConstants.QUERY, false);
- assertTrue(serverPrivilege.implies(collectionPrivilege));
-
- MSentryGMPrivilege fieldPrivilege = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
- assertTrue(serverPrivilege.implies(fieldPrivilege));
- assertTrue(collectionPrivilege.implies(fieldPrivilege));
-
- serverPrivilege.setAction(SearchConstants.UPDATE);
- assertFalse(serverPrivilege.implies(collectionPrivilege));
- assertFalse(serverPrivilege.implies(fieldPrivilege));
-
- serverPrivilege.setAction(SearchConstants.ALL);
- assertTrue(serverPrivilege.implies(collectionPrivilege));
- assertTrue(serverPrivilege.implies(fieldPrivilege));
- }
- /**
- * The requested privilege has the different authorizable size with the persistent privilege
- * @throws Exception
- */
- @Test
- public void testImpliesDifferentAuthorizable() throws Exception {
- /**
- * Test the scope of persistent privilege is the larger than the requested privilege
- */
- MSentryGMPrivilege serverPrivilege = new MSentryGMPrivilege("solr",
- "service1", null, SearchConstants.QUERY, false);
-
- MSentryGMPrivilege collectionPrivilege = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1")),
- SearchConstants.QUERY, false);
-
- MSentryGMPrivilege fieldPrivilege = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
- assertTrue(serverPrivilege.implies(collectionPrivilege));
- assertTrue(serverPrivilege.implies(fieldPrivilege));
- assertTrue(collectionPrivilege.implies(fieldPrivilege));
- /**
- * Test the scope of persistent privilege is less than the request privilege
- */
- assertFalse(fieldPrivilege.implies(collectionPrivilege));
- assertFalse(fieldPrivilege.implies(serverPrivilege));
- assertFalse(collectionPrivilege.implies(serverPrivilege));
-
- /**
- * Test the scope of persistent privilege is less than the request privilege,
- * but the name of left authorizable is ALL
- */
- MSentryGMPrivilege fieldAllPrivilege = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field(AccessConstants.ALL)),
- SearchConstants.QUERY, false);
-
- assertTrue(fieldAllPrivilege.implies(collectionPrivilege));
-
- /**
- * Test the scope of persistent privilege has the same scope as request privilege
- */
- MSentryGMPrivilege fieldPrivilege1 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
-
- MSentryGMPrivilege fieldPrivilege2 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c2"), new Field("f2")),
- SearchConstants.QUERY, false);
- assertFalse(fieldPrivilege1.implies(fieldPrivilege2));
- }
-
- /**
- * The requested privilege has the same authorizable size as with the persistent privilege
- * @throws Exception
- */
- @Test
- public void testSearchImpliesEqualAuthorizable() throws Exception {
-
- MSentryGMPrivilege serverPrivilege1 = new MSentryGMPrivilege("solr",
- "service1", null,SearchConstants.QUERY, false);
-
- MSentryGMPrivilege serverPrivilege2 = new MSentryGMPrivilege("solr",
- "service2", null,SearchConstants.QUERY, false);
-
- assertFalse(serverPrivilege1.implies(serverPrivilege2));
-
- MSentryGMPrivilege collectionPrivilege1 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1")),
- SearchConstants.QUERY, false);
-
- MSentryGMPrivilege collectionPrivilege2 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c2")),
- SearchConstants.QUERY, false);
-
- assertFalse(collectionPrivilege1.implies(collectionPrivilege2));
-
- MSentryGMPrivilege fieldPrivilege1 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
-
- MSentryGMPrivilege fieldPrivilege2 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f2")),
- SearchConstants.QUERY, false);
-
- assertFalse(fieldPrivilege1.implies(fieldPrivilege2));
-
- /**
- * The authorizables aren't equal,but the persistent privilege has the ALL name
- */
- collectionPrivilege2.setAuthorizables(Arrays.asList(new Collection(AccessConstants.ALL)));
- collectionPrivilege2.implies(collectionPrivilege1);
-
- fieldPrivilege2.setAuthorizables(Arrays.asList(new Collection("c1"), new Field(AccessConstants.ALL)));
- fieldPrivilege2.implies(fieldPrivilege1);
- }
-
- @Test
- public void testSearchImpliesAction() throws Exception {
- /**
- * action is equal
- */
- MSentryGMPrivilege fieldPrivilege1 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f2")),
- SearchConstants.QUERY, false);
-
- MSentryGMPrivilege fieldPrivilege2 = new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f2")),
- SearchConstants.QUERY, false);
-
- assertTrue(fieldPrivilege1.implies(fieldPrivilege2));
-
- /**
- * action isn't equal
- */
- fieldPrivilege2.setAction(SearchConstants.UPDATE);
- assertFalse(fieldPrivilege1.implies(fieldPrivilege2));
- /**
- * action isn't equal,but the persistent privilege has the ALL action
- */
- fieldPrivilege1.setAction(SearchConstants.ALL);
- assertTrue(fieldPrivilege1.implies(fieldPrivilege2));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java
deleted file mode 100644
index 29134fe..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java
+++ /dev/null
@@ -1,372 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.persistent;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.io.File;
-import java.util.Arrays;
-import java.util.Properties;
-
-import javax.jdo.JDOHelper;
-import javax.jdo.PersistenceManager;
-import javax.jdo.PersistenceManagerFactory;
-import javax.jdo.Query;
-import javax.jdo.Transaction;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.provider.db.service.persistent.SentryStore;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.common.base.Preconditions;
-import com.google.common.io.Files;
-/**
- * The class tests that the new feature SENTRY-398 generic model adds the new field in the MSentryRole
- * will not affect the functionality of the origin hive/impala authorization model
- */
-public class TestSentryRole {
- private static PersistenceManagerFactory pmf;
- private static File dataDir;
-
- @Before
- public void setup() throws Exception {
- dataDir = new File(Files.createTempDir(), "sentry_policy_db");
- Properties prop = new Properties();
- prop.setProperty(ServerConfig.JAVAX_JDO_URL, "jdbc:derby:;databaseName=" + dataDir.getPath() + ";create=true");
- prop.setProperty(ServerConfig.JAVAX_JDO_USER, "Sentry");
- prop.setProperty(ServerConfig.JAVAX_JDO_PASS, "Sentry");
- prop.setProperty(ServerConfig.JAVAX_JDO_DRIVER_NAME, "org.apache.derby.jdbc.EmbeddedDriver");
- prop.setProperty("datanucleus.schema.autoCreateAll", "true");
- prop.setProperty("datanucleus.autoCreateSchema", "true");
- prop.setProperty("datanucleus.fixedDatastore", "false");
- prop.setProperty("datanucleus.NontransactionalRead", "false");
- prop.setProperty("datanucleus.NontransactionalWrite", "false");
- pmf = JDOHelper.getPersistenceManagerFactory(prop);
- }
-
- @After
- public void tearDown() throws Exception {
- pmf.close();
- FileUtils.deleteQuietly(dataDir);
- }
-
- @Test
- public void grantMixedPrivilegeTest() throws Exception {
- String roleName = "r1";
- //hive/impala privilege
- MSentryPrivilege hivePrivilege = new MSentryPrivilege();
- hivePrivilege.setServerName("hive.server1");
- hivePrivilege.setDbName("db1");
- hivePrivilege.setTableName("tb1");
- hivePrivilege.setPrivilegeScope("table");
- hivePrivilege.setAction("select");
- hivePrivilege.setGrantOption(true);
- //solr privilege
- MSentryGMPrivilege solrPrivilege = new MSentryGMPrivilege();
- solrPrivilege.setComponentName("solr");
- solrPrivilege.setServiceName("solr.server1");
- solrPrivilege.setAuthorizables(Arrays.asList(new Collection("c1")));
- solrPrivilege.setAction("query");
- solrPrivilege.setGrantOption(true);
-
- PersistenceManager pm = null;
- //create role
- pm = openTransaction();
- pm.makePersistent(new MSentryRole(roleName, System.currentTimeMillis()));
- commitTransaction(pm);
- //add hivePrivilege to role
- pm = openTransaction();
- MSentryRole role = getMSentryRole(pm, roleName);
- hivePrivilege.appendRole(role);
- pm.makePersistent(hivePrivilege);
- commitTransaction(pm);
- //check hivePrivlege and solrPrivilege
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(1, role.getPrivileges().size());
- assertEquals(0, role.getGmPrivileges().size());
- commitTransaction(pm);
- //add solrPrivilege to role
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- solrPrivilege.appendRole(role);
- pm.makePersistent(solrPrivilege);
- commitTransaction(pm);
- //check hivePrivlege and solrPrivilege
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(1, role.getPrivileges().size());
- assertEquals(1, role.getGmPrivileges().size());
- commitTransaction(pm);
- }
-
- @Test
- public void testWantGrantPrivilegeTwice() throws Exception {
- String roleName = "r1";
- //hive/impala privilege
- MSentryPrivilege hivePrivilege = new MSentryPrivilege();
- hivePrivilege.setServerName("hive.server1");
- hivePrivilege.setDbName("db1");
- hivePrivilege.setTableName("tb1");
- hivePrivilege.setPrivilegeScope("table");
- hivePrivilege.setAction("select");
- hivePrivilege.setURI(SentryStore.NULL_COL);
- hivePrivilege.setColumnName(SentryStore.NULL_COL);
- hivePrivilege.setGrantOption(true);
- //The same hivePrivilege
- MSentryPrivilege hivePrivilege2 = new MSentryPrivilege(hivePrivilege);
- //solr privilege
- MSentryGMPrivilege solrPrivilege = new MSentryGMPrivilege();
- solrPrivilege.setComponentName("solr");
- solrPrivilege.setServiceName("solr.server1");
- solrPrivilege.setAuthorizables(Arrays.asList(new Collection("c1")));
- solrPrivilege.setAction("query");
- solrPrivilege.setGrantOption(true);
- //The same solrPrivilege
- MSentryGMPrivilege solrPrivilege2 = new MSentryGMPrivilege(solrPrivilege);
-
- PersistenceManager pm = null;
- //create role
- pm = openTransaction();
- pm.makePersistent(new MSentryRole(roleName, System.currentTimeMillis()));
- commitTransaction(pm);
-
- //grant hivePrivilege and solrPrivilege to role
- pm = openTransaction();
- MSentryRole role = getMSentryRole(pm, roleName);
- solrPrivilege.appendRole(role);
- hivePrivilege.appendRole(role);
- pm.makePersistent(solrPrivilege);
- pm.makePersistent(hivePrivilege);
- commitTransaction(pm);
- //check
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(1, role.getPrivileges().size());
- assertEquals(1, role.getGmPrivileges().size());
- commitTransaction(pm);
-
- //want to grant the same hivePrivilege and solrPrivilege to role again
- //hivePrivilege2 is equal to hivePrivilege
- //solrPrivilege2 is equal to solrPrivilege
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- if (!role.getGmPrivileges().contains(solrPrivilege2)) {
- fail("unexpect happend: the MSentryGMPrivilege:" + solrPrivilege2 + " already be granted");
- }
- if (!role.getPrivileges().contains(hivePrivilege2)) {
- fail("unexpect happend: the MSentryPrivilege:" + hivePrivilege2 + " already be granted");
- }
- commitTransaction(pm);
- }
-
- @Test
- public void testMixedRevokePrivilege() throws Exception {
- String roleName = "r1";
- //hive/impala privilege
- MSentryPrivilege hivePrivilege = new MSentryPrivilege();
- hivePrivilege.setServerName("hive.server1");
- hivePrivilege.setDbName("db1");
- hivePrivilege.setTableName("tb1");
- hivePrivilege.setPrivilegeScope("table");
- hivePrivilege.setAction("select");
- hivePrivilege.setURI(SentryStore.NULL_COL);
- hivePrivilege.setColumnName(SentryStore.NULL_COL);
- hivePrivilege.setGrantOption(true);
-
- //solr privilege
- MSentryGMPrivilege solrPrivilege = new MSentryGMPrivilege();
- solrPrivilege.setComponentName("solr");
- solrPrivilege.setServiceName("solr.server1");
- solrPrivilege.setAuthorizables(Arrays.asList(new Collection("c1")));
- solrPrivilege.setAction("query");
- solrPrivilege.setGrantOption(true);
-
- PersistenceManager pm = null;
- //create role
- pm = openTransaction();
- pm.makePersistent(new MSentryRole(roleName, System.currentTimeMillis()));
- commitTransaction(pm);
-
- //grant hivePrivilege and solrPrivilege to role
- pm = openTransaction();
- MSentryRole role = getMSentryRole(pm, roleName);
- hivePrivilege.appendRole(role);
- solrPrivilege.appendRole(role);
- pm.makePersistent(hivePrivilege);
- pm.makePersistent(solrPrivilege);
- commitTransaction(pm);
-
- //check
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(1, role.getPrivileges().size());
- assertEquals(1, role.getGmPrivileges().size());
- commitTransaction(pm);
-
- //revoke solrPrivilege from role
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- solrPrivilege = (MSentryGMPrivilege)role.getGmPrivileges().toArray()[0];
- solrPrivilege.removeRole(role);
- pm.makePersistent(solrPrivilege);
- commitTransaction(pm);
-
- //check
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(1, role.getPrivileges().size());
- assertEquals(0, role.getGmPrivileges().size());
- commitTransaction(pm);
-
- //revoke hivePrivilege from role
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- hivePrivilege = (MSentryPrivilege)role.getPrivileges().toArray()[0];
- hivePrivilege.removeRole(role);
- pm.makePersistent(hivePrivilege);
- commitTransaction(pm);
-
- //check
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(0, role.getPrivileges().size());
- assertEquals(0, role.getGmPrivileges().size());
- commitTransaction(pm);
- }
-
- @Test
- public void testDeletePrivilegeAndRole() throws Exception {
- String roleName = "r1";
- //hive/impala privilege
- MSentryPrivilege hivePrivilege = new MSentryPrivilege();
- hivePrivilege.setServerName("hive.server1");
- hivePrivilege.setDbName("db1");
- hivePrivilege.setTableName("tb1");
- hivePrivilege.setPrivilegeScope("table");
- hivePrivilege.setAction("select");
- hivePrivilege.setURI(SentryStore.NULL_COL);
- hivePrivilege.setColumnName(SentryStore.NULL_COL);
- hivePrivilege.setGrantOption(true);
-
- //solr privilege
- MSentryGMPrivilege solrPrivilege = new MSentryGMPrivilege();
- solrPrivilege.setComponentName("solr");
- solrPrivilege.setServiceName("solr.server1");
- solrPrivilege.setAuthorizables(Arrays.asList(new Collection("c1")));
- solrPrivilege.setAction("query");
- solrPrivilege.setGrantOption(true);
-
- PersistenceManager pm = null;
- //create role
- pm = openTransaction();
- pm.makePersistent(new MSentryRole(roleName, System.currentTimeMillis()));
- commitTransaction(pm);
-
- //grant hivePrivilege and solrPrivilege to role
- pm = openTransaction();
- MSentryRole role = getMSentryRole(pm, roleName);
- hivePrivilege.appendRole(role);
- solrPrivilege.appendRole(role);
- pm.makePersistent(hivePrivilege);
- pm.makePersistent(solrPrivilege);
- commitTransaction(pm);
-
- //check
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(1, role.getPrivileges().size());
- assertEquals(1, role.getGmPrivileges().size());
- commitTransaction(pm);
-
- //remove all privileges
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- role.removeGMPrivileges();
- role.removePrivileges();
- pm.makePersistent(role);
- commitTransaction(pm);
-
- //check
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.retrieve(role);
- assertEquals(0, role.getPrivileges().size());
- assertEquals(0, role.getGmPrivileges().size());
- commitTransaction(pm);
-
- //delete role
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- pm.deletePersistent(role);
- commitTransaction(pm);
-
- //check
- pm = openTransaction();
- role = getMSentryRole(pm, roleName);
- assertTrue(role == null);
- commitTransaction(pm);
- }
-
- private PersistenceManager openTransaction() {
- PersistenceManager pm = pmf.getPersistenceManager();
- Transaction currentTransaction = pm.currentTransaction();
- currentTransaction.begin();
- return pm;
- }
-
- private void commitTransaction(PersistenceManager pm) {
- Transaction currentTransaction = pm.currentTransaction();
- try {
- Preconditions.checkState(currentTransaction.isActive(), "Transaction is not active");
- currentTransaction.commit();
- } finally {
- pm.close();
- }
- }
-
- private MSentryRole getMSentryRole(PersistenceManager pm, String roleName) {
- Query query = pm.newQuery(MSentryRole.class);
- query.setFilter("this.roleName == t");
- query.declareParameters("java.lang.String t");
- query.setUnique(true);
- MSentryRole sentryRole = (MSentryRole) query.execute(roleName);
- return sentryRole;
- }
-
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceIntegrationBase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceIntegrationBase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceIntegrationBase.java
deleted file mode 100644
index 94cade1..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceIntegrationBase.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import java.security.PrivilegedExceptionAction;
-import java.util.Set;
-
-import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
-import org.junit.After;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class SentryGenericServiceIntegrationBase extends SentryServiceIntegrationBase {
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryGenericServiceIntegrationBase.class);
- protected static final String SOLR = "SOLR";
- protected SentryGenericServiceClient client;
-
- /**
- * use the generic client to connect sentry service
- */
- @Override
- public void connectToSentryService() throws Exception {
- // The client should already be logged in when running in solr
- // therefore we must manually login in the integration tests
- if (kerberos) {
- this.client = clientUgi.doAs( new PrivilegedExceptionAction<SentryGenericServiceClient>() {
- @Override
- public SentryGenericServiceClient run() throws Exception {
- return SentryGenericServiceClientFactory.create(conf);
- }
- });
- } else {
- this.client = SentryGenericServiceClientFactory.create(conf);
- }
- }
-
- @After
- public void after() {
- try {
- runTestAsSubject(new TestOperation(){
- @Override
- public void runTestAsSubject() throws Exception {
- Set<TSentryRole> tRoles = client.listAllRoles(ADMIN_USER, SOLR);
- for (TSentryRole tRole : tRoles) {
- client.dropRole(ADMIN_USER, tRole.getRoleName(), SOLR);
- }
- if(client != null) {
- client.close();
- }
- }
- });
- } catch (Exception e) {
- LOGGER.error(e.getMessage(), e);
- } finally {
- policyFilePath.delete();
- }
- }
-}
[09/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
deleted file mode 100644
index 7db5426..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellKafka.java
+++ /dev/null
@@ -1,542 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import com.google.common.collect.Sets;
-import com.google.common.io.Files;
-import org.apache.commons.io.FileUtils;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.model.kafka.validator.KafkaPrivilegeValidator;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceIntegrationBase;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
-import org.apache.sentry.provider.db.tools.SentryShellCommon;
-import org.apache.shiro.config.ConfigurationException;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.PrintStream;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import static org.junit.Assert.*;
-
-public class TestSentryShellKafka extends SentryGenericServiceIntegrationBase {
- private File confDir;
- private File confPath;
- private static String TEST_ROLE_NAME_1 = "testRole1";
- private static String TEST_ROLE_NAME_2 = "testRole2";
- private static String KAFKA = "kafka";
- private String requestorName = "";
- private String service = "kafka1";
-
- @Before
- public void prepareForTest() throws Exception {
- confDir = Files.createTempDir();
- confPath = new File(confDir, "sentry-site.xml");
- if (confPath.createNewFile()) {
- FileOutputStream to = new FileOutputStream(confPath);
- conf.writeXml(to);
- to.close();
- }
- requestorName = clientUgi.getShortUserName();//.getProperty("user.name", "");
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorName, requestorUserGroupNames);
- // add ADMIN_USER for the after() in SentryServiceIntegrationBase
- setLocalGroupMapping(ADMIN_USER, requestorUserGroupNames);
- writePolicyFile();
- }
-
- @After
- public void clearTestData() throws Exception {
- FileUtils.deleteQuietly(confDir);
- }
-
- @Test
- public void testCreateDropRole() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // test: create role with -cr
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- // test: create role with --create_role
- args = new String[] { "--create_role", "-r", TEST_ROLE_NAME_2, "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
-
- // validate the result, list roles with -lr
- args = new String[] { "-lr", "-conf", confPath.getAbsolutePath() };
- SentryShellKafka sentryShell = new SentryShellKafka();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // validate the result, list roles with --list_role
- args = new String[] { "--list_role", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // test: drop role with -dr
- args = new String[] { "-dr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- // test: drop role with --drop_role
- args = new String[] { "--drop_role", "-r", TEST_ROLE_NAME_2, "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
-
- // validate the result
- Set<TSentryRole> roles = client.listAllRoles(requestorName, KAFKA);
- assertEquals("Incorrect number of roles", 0, roles.size());
- }
- });
- }
-
- @Test
- public void testAddDeleteRoleForGroup() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // Group names are case sensitive - mixed case names should work
- String TEST_GROUP_1 = "testGroup1";
- String TEST_GROUP_2 = "testGroup2";
- String TEST_GROUP_3 = "testGroup3";
-
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- client.createRole(requestorName, TEST_ROLE_NAME_2, KAFKA);
- // test: add role to group with -arg
- String[] args = { "-arg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_1, "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- // test: add role to multiple groups
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_2 + "," + TEST_GROUP_3,
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- // test: add role to group with --add_role_group
- args = new String[] { "--add_role_group", "-r", TEST_ROLE_NAME_2, "-g", TEST_GROUP_1,
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
-
- // validate the result list roles with -lr and -g
- args = new String[] { "-lr", "-g", TEST_GROUP_1, "-conf", confPath.getAbsolutePath() };
- SentryShellKafka sentryShell = new SentryShellKafka();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // list roles with --list_role and -g
- args = new String[] { "--list_role", "-g", TEST_GROUP_2, "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- args = new String[] { "--list_role", "-g", TEST_GROUP_3, "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- // test: delete role from group with -drg
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_1, "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- // test: delete role to multiple groups
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_2 + "," + TEST_GROUP_3,
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- // test: delete role from group with --delete_role_group
- args = new String[] { "--delete_role_group", "-r", TEST_ROLE_NAME_2, "-g", TEST_GROUP_1,
- "-conf", confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
-
- // validate the result
- Set<TSentryRole> roles = client.listRolesByGroupName(requestorName, TEST_GROUP_1, KAFKA);
- assertEquals("Incorrect number of roles", 0, roles.size());
- roles = client.listRolesByGroupName(requestorName, TEST_GROUP_2, KAFKA);
- assertEquals("Incorrect number of roles", 0, roles.size());
- roles = client.listRolesByGroupName(requestorName, TEST_GROUP_3, KAFKA);
- assertEquals("Incorrect number of roles", 0, roles.size());
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- client.dropRole(requestorName, TEST_ROLE_NAME_2, KAFKA);
- }
- });
- }
-
- @Test
- public void testCaseSensitiveGroupName() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
-
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- // add role to a group (lower case)
- String[] args = {"-arg", "-r", TEST_ROLE_NAME_1, "-g", "group1", "-conf",
- confPath.getAbsolutePath()};
- SentryShellKafka.main(args);
-
- // validate the roles when group name is same case as above
- args = new String[]{"-lr", "-g", "group1", "-conf", confPath.getAbsolutePath()};
- SentryShellKafka sentryShell = new SentryShellKafka();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- // roles should be empty when group name is different case than above
- args = new String[]{"-lr", "-g", "GROUP1", "-conf", confPath.getAbsolutePath()};
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames);
- }
- });
- }
-
- public static String grant(boolean shortOption) {
- return shortOption ? "-gpr" : "--grant_privilege_role";
- }
-
- public static String revoke(boolean shortOption) {
- return shortOption ? "-rpr" : "--revoke_privilege_role";
- }
-
- public static String list(boolean shortOption) {
- return shortOption ? "-lp" : "--list_privilege";
- }
-
- private void assertGrantRevokePrivilege(final boolean shortOption) throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- client.createRole(requestorName, TEST_ROLE_NAME_2, KAFKA);
-
- String [] privs = {
- "HOST=*->CLUSTER=kafka-cluster->action=read",
- "HOST=h1->TOPIC=t1->action=write",
- "HOST=*->CONSUMERGROUP=cg1->action=read",
- "CLUSTER=kafka-cluster->action=write",
- "CONSUMERGROUP=cg2->action=write"
- };
- for (int i = 0; i < privs.length; ++i) {
- // test: grant privilege to role
- String [] args = new String [] { grant(shortOption), "-r", TEST_ROLE_NAME_1, "-p",
- privs[ i ],
- "-conf", confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- }
-
- // test the list privilege
- String [] args = new String[] { list(shortOption), "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellKafka sentryShell = new SentryShellKafka();
- Set<String> privilegeStrs = getShellResultWithOSRedirect(sentryShell, args, true);
-
- assertEquals("Incorrect number of privileges", privs.length, privilegeStrs.size());
- for (int i = 0; i < privs.length; ++i) {
- assertTrue("Expected privilege: " + privs[i] + " in " + Arrays.toString(privilegeStrs.toArray()), privilegeStrs.contains(privs[i].startsWith("HOST=") ? privs[i] : "HOST=*->" + privs[i]));
- }
-
- for (int i = 0; i < privs.length; ++i) {
- args = new String[] { revoke(shortOption), "-r", TEST_ROLE_NAME_1, "-p",
- privs[ i ], "-conf",
- confPath.getAbsolutePath() };
- SentryShellKafka.main(args);
- Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(requestorName,
- TEST_ROLE_NAME_1, KAFKA, service);
- assertEquals("Incorrect number of privileges. Received privileges: " + Arrays.toString(privileges.toArray()), privs.length - (i + 1), privileges.size());
- }
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- client.dropRole(requestorName, TEST_ROLE_NAME_2, KAFKA);
- }
- });
- }
-
-
- @Test
- public void testGrantRevokePrivilegeWithShortOption() throws Exception {
- assertGrantRevokePrivilege(true);
- }
-
- @Test
- public void testGrantRevokePrivilegeWithLongOption() throws Exception {
- assertGrantRevokePrivilege(false);
- }
-
-
- @Test
- public void testNegativeCaseWithInvalidArgument() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- client.createRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- // test: create duplicate role with -cr
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellKafka sentryShell = new SentryShellKafka();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for creating duplicate role");
- } catch (SentryUserException e) {
- // expected exception
- } catch (Exception e) {
- fail ("Unexpected exception received. " + e);
- }
-
- // test: drop non-exist role with -dr
- args = new String[] { "-dr", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for dropping non-exist role");
- } catch (SentryUserException e) {
- // excepted exception
- } catch (Exception e) {
- fail ("Unexpected exception received. " + e);
- }
-
- // test: add non-exist role to group with -arg
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for granting non-exist role to group");
- } catch (SentryUserException e) {
- // excepted exception
- } catch (Exception e) {
- fail ("Unexpected exception received. " + e);
- }
-
- // test: drop group from non-exist role with -drg
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for drop group from non-exist role");
- } catch (SentryUserException e) {
- // excepted exception
- } catch (Exception e) {
- fail ("Unexpected exception received. " + e);
- }
-
- // test: grant privilege to role with the error privilege format
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p", "serverserver1->action=all",
- "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for the error privilege format, invalid key value.");
- } catch (IllegalArgumentException e) {
- // excepted exception
- } catch (Exception e) {
- fail ("Unexpected exception received. " + e);
- }
-
- // test: grant privilege to role with the error privilege hierarchy
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "consumergroup=cg1->host=h1->action=create", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for the error privilege format, invalid key value.");
- } catch (ConfigurationException e) {
- // expected exception
- } catch (Exception e) {
- fail ("Unexpected exception received. " + e);
- }
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- }
- });
- }
-
- @Test
- public void testNegativeCaseWithoutRequiredArgument() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String strOptionConf = "conf";
- client.createRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- // test: the conf is required argument
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1 };
- SentryShellKafka sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + strOptionConf);
-
- // test: -r is required when create role
- args = new String[] { "-cr", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -r is required when drop role
- args = new String[] { "-dr", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -r is required when add role to group
- args = new String[] { "-arg", "-g", "testGroup1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -g is required when add role to group
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_GROUP_NAME);
-
- // test: -r is required when delete role from group
- args = new String[] { "-drg", "-g", "testGroup1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -g is required when delete role from group
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_GROUP_NAME);
-
- // test: -r is required when grant privilege to role
- args = new String[] { "-gpr", "-p", "server=server1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -p is required when grant privilege to role
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_PRIVILEGE);
-
- // test: action is required in privilege
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath(), "-p", "host=*->topic=t1" };
- sentryShell = new SentryShellKafka();
- try {
- getShellResultWithOSRedirect(sentryShell, args, false);
- fail("Expected IllegalArgumentException");
- } catch (ConfigurationException e) {
- assert(("Kafka privilege must end with a valid action.\n" + KafkaPrivilegeValidator.KafkaPrivilegeHelpMsg).equals(e.getMessage()));
- } catch (Exception e) {
- fail ("Unexpected exception received. " + e);
- }
-
- // test: -r is required when revoke privilege from role
- args = new String[] { "-rpr", "-p", "host=h1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -p is required when revoke privilege from role
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_PRIVILEGE);
-
- // test: command option is required for shell
- args = new String[] {"-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellKafka();
- validateMissingParameterMsgsContains(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + "[",
- "-arg Add role to group",
- "-cr Create role",
- "-rpr Revoke privilege from role",
- "-drg Delete role from group",
- "-lr List role",
- "-lp List privilege",
- "-gpr Grant privilege to role",
- "-dr Drop role");
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, KAFKA);
- }
- });
- }
-
- // redirect the System.out to ByteArrayOutputStream, then execute the command and parse the result.
- private Set<String> getShellResultWithOSRedirect(SentryShellKafka sentryShell,
- String[] args, boolean expectedExecuteResult) throws Exception {
- PrintStream oldOut = System.out;
- ByteArrayOutputStream outContent = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outContent));
- assertEquals(expectedExecuteResult, sentryShell.executeShell(args));
- Set<String> resultSet = Sets.newHashSet(outContent.toString().split("\n"));
- System.setOut(oldOut);
- return resultSet;
- }
-
- private void validateRoleNames(Set<String> roleNames, String ... expectedRoleNames) {
- if (expectedRoleNames != null && expectedRoleNames.length > 0) {
- assertEquals("Found: " + roleNames.size() + " roles, expected: " + expectedRoleNames.length,
- expectedRoleNames.length, roleNames.size());
- Set<String> lowerCaseRoles = new HashSet<String>();
- for (String role : roleNames) {
- lowerCaseRoles.add(role.toLowerCase());
- }
-
- for (String expectedRole : expectedRoleNames) {
- assertTrue("Expected role: " + expectedRole,
- lowerCaseRoles.contains(expectedRole.toLowerCase()));
- }
- }
- }
-
- private void validateMissingParameterMsg(SentryShellKafka sentryShell, String[] args,
- String expectedErrorMsg) throws Exception {
- Set<String> errorMsgs = getShellResultWithOSRedirect(sentryShell, args, false);
- assertTrue("Expected error message: " + expectedErrorMsg, errorMsgs.contains(expectedErrorMsg));
- }
-
- private void validateMissingParameterMsgsContains(SentryShellKafka sentryShell, String[] args,
- String ... expectedErrorMsgsContains) throws Exception {
- Set<String> errorMsgs = getShellResultWithOSRedirect(sentryShell, args, false);
- boolean foundAllMessages = false;
- Iterator<String> it = errorMsgs.iterator();
- while (it.hasNext()) {
- String errorMessage = it.next();
- boolean missingExpected = false;
- for (String expectedContains : expectedErrorMsgsContains) {
- if (!errorMessage.contains(expectedContains)) {
- missingExpected = true;
- break;
- }
- }
- if (!missingExpected) {
- foundAllMessages = true;
- break;
- }
- }
- assertTrue(foundAllMessages);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java
deleted file mode 100644
index d4e26e8..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java
+++ /dev/null
@@ -1,525 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.generic.tools;
-
-import com.google.common.io.Files;
-import com.google.common.collect.Sets;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileOutputStream;
-import java.io.PrintStream;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceIntegrationBase;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.tools.SentryShellCommon;
-
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-public class TestSentryShellSolr extends SentryGenericServiceIntegrationBase {
- private File confDir;
- private File confPath;
- private static String TEST_ROLE_NAME_1 = "testRole1";
- private static String TEST_ROLE_NAME_2 = "testRole2";
- private String requestorName = "";
- private String service = "service1";
-
- @Before
- public void prepareForTest() throws Exception {
- confDir = Files.createTempDir();
- confPath = new File(confDir, "sentry-site.xml");
- if (confPath.createNewFile()) {
- FileOutputStream to = new FileOutputStream(confPath);
- conf.writeXml(to);
- to.close();
- }
- requestorName = clientUgi.getShortUserName();//System.getProperty("user.name", "");
- Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
- setLocalGroupMapping(requestorName, requestorUserGroupNames);
- // add ADMIN_USER for the after() in SentryServiceIntegrationBase
- setLocalGroupMapping(ADMIN_USER, requestorUserGroupNames);
- writePolicyFile();
- }
-
- @After
- public void clearTestData() throws Exception {
- FileUtils.deleteQuietly(confDir);
- }
-
- @Test
- public void testCreateDropRole() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // test: create role with -cr
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- // test: create role with --create_role
- args = new String[] { "--create_role", "-r", TEST_ROLE_NAME_2, "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
-
- // validate the result, list roles with -lr
- args = new String[] { "-lr", "-conf", confPath.getAbsolutePath() };
- SentryShellSolr sentryShell = new SentryShellSolr();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // validate the result, list roles with --list_role
- args = new String[] { "--list_role", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // test: drop role with -dr
- args = new String[] { "-dr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- // test: drop role with --drop_role
- args = new String[] { "--drop_role", "-r", TEST_ROLE_NAME_2, "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
-
- // validate the result
- Set<TSentryRole> roles = client.listAllRoles(requestorName, SOLR);
- assertEquals("Incorrect number of roles", 0, roles.size());
- }
- });
- }
-
- @Test
- public void testAddDeleteRoleForGroup() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // Group names are case sensitive - mixed case names should work
- String TEST_GROUP_1 = "testGroup1";
- String TEST_GROUP_2 = "testGroup2";
- String TEST_GROUP_3 = "testGroup3";
-
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- client.createRole(requestorName, TEST_ROLE_NAME_2, SOLR);
- // test: add role to group with -arg
- String[] args = { "-arg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_1, "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- // test: add role to multiple groups
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_2 + "," + TEST_GROUP_3,
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- // test: add role to group with --add_role_group
- args = new String[] { "--add_role_group", "-r", TEST_ROLE_NAME_2, "-g", TEST_GROUP_1,
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
-
- // validate the result list roles with -lr and -g
- args = new String[] { "-lr", "-g", TEST_GROUP_1, "-conf", confPath.getAbsolutePath() };
- SentryShellSolr sentryShell = new SentryShellSolr();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1, TEST_ROLE_NAME_2);
-
- // list roles with --list_role and -g
- args = new String[] { "--list_role", "-g", TEST_GROUP_2, "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- args = new String[] { "--list_role", "-g", TEST_GROUP_3, "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- // test: delete role from group with -drg
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_1, "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- // test: delete role to multiple groups
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_1, "-g", TEST_GROUP_2 + "," + TEST_GROUP_3,
- "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- // test: delete role from group with --delete_role_group
- args = new String[] { "--delete_role_group", "-r", TEST_ROLE_NAME_2, "-g", TEST_GROUP_1,
- "-conf", confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
-
- // validate the result
- Set<TSentryRole> roles = client.listRolesByGroupName(requestorName, TEST_GROUP_1, SOLR);
- assertEquals("Incorrect number of roles", 0, roles.size());
- roles = client.listRolesByGroupName(requestorName, TEST_GROUP_2, SOLR);
- assertEquals("Incorrect number of roles", 0, roles.size());
- roles = client.listRolesByGroupName(requestorName, TEST_GROUP_3, SOLR);
- assertEquals("Incorrect number of roles", 0, roles.size());
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- client.dropRole(requestorName, TEST_ROLE_NAME_2, SOLR);
- }
- });
- }
-
- @Test
- public void testCaseSensitiveGroupName() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
-
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- // add role to a group (lower case)
- String[] args = { "-arg", "-r", TEST_ROLE_NAME_1, "-g", "group1", "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
-
- // validate the roles when group name is same case as above
- args = new String[] { "-lr", "-g", "group1", "-conf", confPath.getAbsolutePath() };
- SentryShellSolr sentryShell = new SentryShellSolr();
- Set<String> roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames, TEST_ROLE_NAME_1);
-
- // roles should be empty when group name is different case than above
- args = new String[] { "-lr", "-g", "GROUP1", "-conf", confPath.getAbsolutePath() };
- roleNames = getShellResultWithOSRedirect(sentryShell, args, true);
- validateRoleNames(roleNames);
- }
- });
- }
-
- public static String grant(boolean shortOption) {
- return shortOption ? "-gpr" : "--grant_privilege_role";
- }
-
- public static String revoke(boolean shortOption) {
- return shortOption ? "-rpr" : "--revoke_privilege_role";
- }
-
- public static String list(boolean shortOption) {
- return shortOption ? "-lp" : "--list_privilege";
- }
-
- private void assertGrantRevokePrivilege(final boolean shortOption) throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- // create the role for test
- client.createRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- client.createRole(requestorName, TEST_ROLE_NAME_2, SOLR);
-
- String [] privs = {
- "Collection=*->action=*",
- "Collection=collection2->action=update",
- "Collection=collection3->action=query",
- };
- for (int i = 0; i < privs.length; ++i) {
- // test: grant privilege to role
- String [] args = new String [] { grant(shortOption), "-r", TEST_ROLE_NAME_1, "-p",
- privs[ i ],
- "-conf", confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- }
-
- // test the list privilege
- String [] args = new String[] { list(shortOption), "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellSolr sentryShell = new SentryShellSolr();
- Set<String> privilegeStrs = getShellResultWithOSRedirect(sentryShell, args, true);
- assertEquals("Incorrect number of privileges", privs.length, privilegeStrs.size());
- for (int i = 0; i < privs.length; ++i) {
- assertTrue("Expected privilege: " + privs[ i ], privilegeStrs.contains(privs[ i ]));
- }
-
- for (int i = 0; i < privs.length; ++i) {
- args = new String[] { revoke(shortOption), "-r", TEST_ROLE_NAME_1, "-p",
- privs[ i ], "-conf",
- confPath.getAbsolutePath() };
- SentryShellSolr.main(args);
- Set<TSentryPrivilege> privileges = client.listPrivilegesByRoleName(requestorName,
- TEST_ROLE_NAME_1, SOLR, service);
- assertEquals("Incorrect number of privileges", privs.length - (i + 1), privileges.size());
- }
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- client.dropRole(requestorName, TEST_ROLE_NAME_2, SOLR);
- }
- });
- }
-
-
- @Test
- public void testGrantRevokePrivilegeWithShortOption() throws Exception {
- assertGrantRevokePrivilege(true);
- }
-
- @Test
- public void testGrantRevokePrivilegeWithLongOption() throws Exception {
- assertGrantRevokePrivilege(false);
- }
-
-
- @Test
- public void testNegativeCaseWithInvalidArgument() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- client.createRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- // test: create duplicate role with -cr
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- SentryShellSolr sentryShell = new SentryShellSolr();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for creating duplicate role");
- } catch (SentryUserException e) {
- // expected exception
- }
-
- // test: drop non-exist role with -dr
- args = new String[] { "-dr", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for dropping non-exist role");
- } catch (SentryUserException e) {
- // excepted exception
- }
-
- // test: add non-exist role to group with -arg
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for granting non-exist role to group");
- } catch (SentryUserException e) {
- // excepted exception
- }
-
- // test: drop group from non-exist role with -drg
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_2, "-g", "testGroup1", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for drop group from non-exist role");
- } catch (SentryUserException e) {
- // excepted exception
- }
-
- // test: grant privilege to role with the error privilege format
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p", "serverserver1->action=*",
- "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for the error privilege format, invalid key value.");
- } catch (IllegalArgumentException e) {
- // excepted exception
- }
-
- // test: grant privilege to role with the error privilege hierarchy
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-p",
- "server=server1->table=tbl1->column=col2->action=insert", "-conf",
- confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- try {
- sentryShell.executeShell(args);
- fail("Exception should be thrown for the error privilege format, invalid key value.");
- } catch (IllegalArgumentException e) {
- // expected exception
- }
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- }
- });
- }
-
- @Test
- public void testNegativeCaseWithoutRequiredArgument() throws Exception {
- runTestAsSubject(new TestOperation() {
- @Override
- public void runTestAsSubject() throws Exception {
- String strOptionConf = "conf";
- client.createRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- // test: the conf is required argument
- String[] args = { "-cr", "-r", TEST_ROLE_NAME_1 };
- SentryShellSolr sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + strOptionConf);
-
- // test: -r is required when create role
- args = new String[] { "-cr", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -r is required when drop role
- args = new String[] { "-dr", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -r is required when add role to group
- args = new String[] { "-arg", "-g", "testGroup1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -g is required when add role to group
- args = new String[] { "-arg", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_GROUP_NAME);
-
- // test: -r is required when delete role from group
- args = new String[] { "-drg", "-g", "testGroup1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -g is required when delete role from group
- args = new String[] { "-drg", "-r", TEST_ROLE_NAME_2, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_GROUP_NAME);
-
- // test: -r is required when grant privilege to role
- args = new String[] { "-gpr", "-p", "server=server1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -p is required when grant privilege to role
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_PRIVILEGE);
-
- // test: action is required in privilege
- args = new String[] { "-gpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath(), "-p", "collection=collection1" };
- sentryShell = new SentryShellSolr();
- try {
- getShellResultWithOSRedirect(sentryShell, args, false);
- fail("Expected IllegalArgumentException");
- } catch (IllegalArgumentException e) {
- assert("Privilege is invalid: action required but not specified.".equals(e.getMessage()));
- }
-
- // test: -r is required when revoke privilege from role
- args = new String[] { "-rpr", "-p", "server=server1", "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_ROLE_NAME);
-
- // test: -p is required when revoke privilege from role
- args = new String[] { "-rpr", "-r", TEST_ROLE_NAME_1, "-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsg(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + SentryShellCommon.OPTION_DESC_PRIVILEGE);
-
- // test: command option is required for shell
- args = new String[] {"-conf", confPath.getAbsolutePath() };
- sentryShell = new SentryShellSolr();
- validateMissingParameterMsgsContains(sentryShell, args,
- SentryShellCommon.PREFIX_MESSAGE_MISSING_OPTION + "[",
- "-arg Add role to group",
- "-cr Create role",
- "-rpr Revoke privilege from role",
- "-drg Delete role from group",
- "-lr List role",
- "-lp List privilege",
- "-gpr Grant privilege to role",
- "-dr Drop role");
-
- // clear the test data
- client.dropRole(requestorName, TEST_ROLE_NAME_1, SOLR);
- }
- });
- }
-
- // redirect the System.out to ByteArrayOutputStream, then execute the command and parse the result.
- private Set<String> getShellResultWithOSRedirect(SentryShellSolr sentryShell,
- String[] args, boolean expectedExecuteResult) throws Exception {
- PrintStream oldOut = System.out;
- ByteArrayOutputStream outContent = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outContent));
- assertEquals(expectedExecuteResult, sentryShell.executeShell(args));
- Set<String> resultSet = Sets.newHashSet(outContent.toString().split("\n"));
- System.setOut(oldOut);
- return resultSet;
- }
-
- private void validateRoleNames(Set<String> roleNames, String ... expectedRoleNames) {
- if (expectedRoleNames != null && expectedRoleNames.length > 0) {
- assertEquals("Found: " + roleNames.size() + " roles, expected: " + expectedRoleNames.length,
- expectedRoleNames.length, roleNames.size());
- Set<String> lowerCaseRoles = new HashSet<String>();
- for (String role : roleNames) {
- lowerCaseRoles.add(role.toLowerCase());
- }
-
- for (String expectedRole : expectedRoleNames) {
- assertTrue("Expected role: " + expectedRole,
- lowerCaseRoles.contains(expectedRole.toLowerCase()));
- }
- }
- }
-
- private void validateMissingParameterMsg(SentryShellSolr sentryShell, String[] args,
- String expectedErrorMsg) throws Exception {
- Set<String> errorMsgs = getShellResultWithOSRedirect(sentryShell, args, false);
- assertTrue("Expected error message: " + expectedErrorMsg, errorMsgs.contains(expectedErrorMsg));
- }
-
- private void validateMissingParameterMsgsContains(SentryShellSolr sentryShell, String[] args,
- String ... expectedErrorMsgsContains) throws Exception {
- Set<String> errorMsgs = getShellResultWithOSRedirect(sentryShell, args, false);
- boolean foundAllMessages = false;
- Iterator<String> it = errorMsgs.iterator();
- while (it.hasNext()) {
- String errorMessage = it.next();
- boolean missingExpected = false;
- for (String expectedContains : expectedErrorMsgsContains) {
- if (!errorMessage.contains(expectedContains)) {
- missingExpected = true;
- break;
- }
- }
- if (!missingExpected) {
- foundAllMessages = true;
- break;
- }
- }
- assertTrue(foundAllMessages);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/appender/TestRollingFileWithoutDeleteAppender.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/appender/TestRollingFileWithoutDeleteAppender.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/appender/TestRollingFileWithoutDeleteAppender.java
deleted file mode 100644
index ca9062b..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/appender/TestRollingFileWithoutDeleteAppender.java
+++ /dev/null
@@ -1,106 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.appender;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
-import static org.junit.Assert.assertTrue;
-
-import java.io.File;
-
-import org.apache.commons.io.FileUtils;
-import org.apache.log4j.Logger;
-import org.apache.log4j.PatternLayout;
-import org.junit.After;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.common.io.Files;
-
-public class TestRollingFileWithoutDeleteAppender {
- private Logger sentryLogger = Logger.getRootLogger();
- private File dataDir;
-
- @Before
- public void init() {
- dataDir = Files.createTempDir();
- }
-
- @Test
- public void testRollOver() throws Throwable {
- if (dataDir == null) {
- fail("Excepted temp folder for audit log is created.");
- }
- RollingFileWithoutDeleteAppender appender = new RollingFileWithoutDeleteAppender(
- new PatternLayout("%m%n"), dataDir.getPath() + "/auditLog.log");
- appender.setMaximumFileSize(100);
- sentryLogger.addAppender(appender);
- // Write exactly 10 bytes with each log
- for (int i = 0; i < 99; i++) {
- if (i < 10) {
- sentryLogger.debug("Hello---" + i);
- } else if (i < 100) {
- sentryLogger.debug("Hello--" + i);
- }
- }
-
- if (dataDir != null) {
- File[] files = dataDir.listFiles();
- if (files != null) {
- assertEquals(files.length, 10);
- } else {
- fail("Excepted 10 log files.");
- }
- } else {
- fail("Excepted 10 log files.");
- }
-
- }
-
- /***
- * Generate log enough to cause a single rollover. Verify the file name format
- * @throws Throwable
- */
- @Test
- public void testFileNamePattern() throws Throwable {
- if (dataDir == null) {
- fail("Excepted temp folder for audit log is created.");
- }
- RollingFileWithoutDeleteAppender appender = new RollingFileWithoutDeleteAppender(
- new PatternLayout("%m%n"), dataDir.getPath() + "/auditLog.log");
- appender.setMaximumFileSize(10);
- sentryLogger.addAppender(appender);
- sentryLogger.debug("123456789012345");
- File[] files = dataDir.listFiles();
- if (files != null) {
- assertEquals(files.length, 2);
- assertTrue(files[0].getName().contains("auditLog.log."));
- assertTrue(files[1].getName().contains("auditLog.log."));
- } else {
- fail("Excepted 2 log files.");
- }
- }
-
- @After
- public void destroy() {
- if (dataDir != null) {
- FileUtils.deleteQuietly(dataDir);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestDbAuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestDbAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestDbAuditMetadataLogEntity.java
deleted file mode 100644
index 3d336af..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestDbAuditMetadataLogEntity.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
-
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.codehaus.jackson.JsonNode;
-import org.codehaus.jackson.node.ContainerNode;
-import org.junit.Test;
-
-public class TestDbAuditMetadataLogEntity {
-
- @Test
- public void testToJsonFormatLog() throws Throwable {
- DBAuditMetadataLogEntity amle = new DBAuditMetadataLogEntity("serviceName", "userName",
- "impersonator", "ipAddress", "operation", "eventTime", "operationText", "allowed",
- "objectType", "component", "databaseName", "tableName", "columnName", "resourcePath");
- String jsonAuditLog = amle.toJsonFormatLog();
- ContainerNode rootNode = AuditMetadataLogEntity.parse(jsonAuditLog);
- assertEntryEquals(rootNode, Constants.LOG_FIELD_SERVICE_NAME, "serviceName");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_USER_NAME, "userName");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_IMPERSONATOR,
- "impersonator");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_IP_ADDRESS, "ipAddress");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_OPERATION, "operation");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_EVENT_TIME, "eventTime");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_OPERATION_TEXT,
- "operationText");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_ALLOWED, "allowed");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_DATABASE_NAME,
- "databaseName");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_TABLE_NAME, "tableName");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_COLUMN_NAME, "columnName");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_RESOURCE_PATH,
- "resourcePath");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_OBJECT_TYPE, "objectType");
- }
-
- void assertEntryEquals(ContainerNode rootNode, String key, String value) {
- JsonNode node = assertNodeContains(rootNode, key);
- assertEquals(value, node.getTextValue());
- }
-
- private JsonNode assertNodeContains(ContainerNode rootNode, String key) {
- JsonNode node = rootNode.get(key);
- if (node == null) {
- fail("No entry of name \"" + key + "\" found in " + rootNode.toString());
- }
- return node;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestGMAuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestGMAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestGMAuditMetadataLogEntity.java
deleted file mode 100644
index bbee1b4..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestGMAuditMetadataLogEntity.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.fail;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.codehaus.jackson.JsonNode;
-import org.codehaus.jackson.node.ContainerNode;
-import org.junit.Test;
-
-public class TestGMAuditMetadataLogEntity {
- @Test
- public void testToJsonFormatLog() throws Throwable {
-
- Map<String, String> privilegesMap = new HashMap<String, String>();
- privilegesMap.put("resourceType1", "resourceName1");
- privilegesMap.put("resourceType2", "resourceName2");
- privilegesMap.put("resourceType3", "resourceName3");
- privilegesMap.put("resourceType4", "resourceName4");
- GMAuditMetadataLogEntity gmamle = new GMAuditMetadataLogEntity("serviceName", "userName",
- "impersonator", "ipAddress", "operation", "eventTime", "operationText", "allowed",
- "objectType", "component", privilegesMap);
- String jsonAuditLog = gmamle.toJsonFormatLog();
- ContainerNode rootNode = AuditMetadataLogEntity.parse(jsonAuditLog);
- assertEntryEquals(rootNode, Constants.LOG_FIELD_SERVICE_NAME, "serviceName");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_USER_NAME, "userName");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_IMPERSONATOR, "impersonator");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_IP_ADDRESS, "ipAddress");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_OPERATION, "operation");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_EVENT_TIME, "eventTime");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_OPERATION_TEXT, "operationText");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_ALLOWED, "allowed");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_OBJECT_TYPE, "objectType");
- assertEntryEquals(rootNode, Constants.LOG_FIELD_COMPONENT, "component");
- assertEntryEquals(rootNode, "resourceType1", "resourceName1");
- assertEntryEquals(rootNode, "resourceType2", "resourceName2");
- assertEntryEquals(rootNode, "resourceType3", "resourceName3");
- assertEntryEquals(rootNode, "resourceType4", "resourceName4");
- }
-
- void assertEntryEquals(ContainerNode rootNode, String key, String value) {
- JsonNode node = assertNodeContains(rootNode, key);
- assertEquals(value, node.getTextValue());
- }
-
- private JsonNode assertNodeContains(ContainerNode rootNode, String key) {
- JsonNode node = rootNode.get(key);
- if (node == null) {
- fail("No entry of name \"" + key + "\" found in " + rootNode.toString());
- }
- return node;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
deleted file mode 100644
index 1ec8840..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactory.java
+++ /dev/null
@@ -1,272 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import static org.junit.Assert.assertEquals;
-
-import java.util.LinkedHashSet;
-import java.util.Set;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.Status;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-import com.google.common.collect.Sets;
-
-public class TestJsonLogEntityFactory {
-
- private static Configuration conf;
-
- private static String TEST_IP = "localhost/127.0.0.1";
- private static String TEST_IMPERSONATOR = "impersonator";
- private static String TEST_ROLE_NAME = "testRole";
- private static String TEST_USER_NAME = "requestUser";
- private static String TEST_DATABASE_NAME = "testDB";
- private static String TEST_TABLE_NAME = "testTable";
- private static String TEST_GROUP = "testGroup";
-
- @BeforeClass
- public static void init() {
- conf = new Configuration();
- conf.set(ServerConfig.SENTRY_SERVICE_NAME,
- ServerConfig.SENTRY_SERVICE_NAME_DEFAULT);
- ThriftUtil.setIpAddress(TEST_IP);
- ThriftUtil.setImpersonator(TEST_IMPERSONATOR);
- }
-
- @Test
- public void testCreateRole() {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- TCreateSentryRoleResponse response = new TCreateSentryRoleResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- response.setStatus(Status.OK());
- DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory
- .getInstance().createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_CREATE_ROLE,
- "CREATE ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE);
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_CREATE_ROLE,
- "CREATE ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE);
- }
-
- @Test
- public void testDropRole() {
- TDropSentryRoleRequest request = new TDropSentryRoleRequest();
- TDropSentryRoleResponse response = new TDropSentryRoleResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- response.setStatus(Status.OK());
- DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory
- .getInstance().createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_DROP_ROLE,
- "DROP ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE);
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_DROP_ROLE,
- "DROP ROLE testRole", null, null, null, Constants.OBJECT_TYPE_ROLE);
- }
-
- @Test
- public void testGrantRole() {
- TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
-
- TAlterSentryRoleGrantPrivilegeResponse response = new TAlterSentryRoleGrantPrivilegeResponse();
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.ALL,
- PrivilegeScope.DATABASE.name(), TEST_DATABASE_NAME, null, null, null);
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- request.setPrivileges(privileges);
- response.setStatus(Status.OK());
- DBAuditMetadataLogEntity amle = new DBAuditMetadataLogEntity();
- Set<JsonLogEntity> amles = JsonLogEntityFactory
- .getInstance().createJsonLogEntitys(request, response, conf);
- assertEquals(amles.size(),1);
- amle = (DBAuditMetadataLogEntity) amles.iterator().next();
-
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_GRANT_PRIVILEGE,
- "GRANT ALL ON DATABASE testDB TO ROLE testRole", TEST_DATABASE_NAME,
- null, null, Constants.OBJECT_TYPE_PRINCIPAL);
-
- privilege = getPrivilege(AccessConstants.ALL, PrivilegeScope.TABLE.name(),
- null, TEST_TABLE_NAME, null, null);
- privileges = Sets.newHashSet();
- privileges.add(privilege);
- request.setPrivileges(privileges);
- response.setStatus(Status.InvalidInput("", null));
- amles = JsonLogEntityFactory.getInstance()
- .createJsonLogEntitys(request, response, conf);
- assertEquals(amles.size(),1);
- amle = (DBAuditMetadataLogEntity) amles.iterator().next();
-
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_GRANT_PRIVILEGE,
- "GRANT ALL ON TABLE testTable TO ROLE testRole", null, TEST_TABLE_NAME,
- null, Constants.OBJECT_TYPE_PRINCIPAL);
- }
-
- @Test
- public void testRevokeRole() {
- TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeResponse response = new TAlterSentryRoleRevokePrivilegeResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
-
- TSentryPrivilege privilege = getPrivilege(AccessConstants.ALL,
- PrivilegeScope.DATABASE.name(), TEST_DATABASE_NAME, null, null, null);
- Set<TSentryPrivilege> privileges = Sets.newHashSet();
- privileges.add(privilege);
- request.setPrivileges(privileges);
- response.setStatus(Status.OK());
- DBAuditMetadataLogEntity amle = new DBAuditMetadataLogEntity();
- Set<JsonLogEntity> amles = JsonLogEntityFactory
- .getInstance().createJsonLogEntitys(request, response, conf);
- assertEquals(amles.size(),1);
- amle = (DBAuditMetadataLogEntity) amles.iterator().next();
-
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_REVOKE_PRIVILEGE,
- "REVOKE ALL ON DATABASE testDB FROM ROLE testRole", TEST_DATABASE_NAME,
- null, null, Constants.OBJECT_TYPE_PRINCIPAL);
-
- privilege = getPrivilege(AccessConstants.ALL, PrivilegeScope.TABLE.name(),
- null, TEST_TABLE_NAME, null, null);
- privileges = Sets.newHashSet();
- privileges.add(privilege);
- request.setPrivileges(privileges);
- response.setStatus(Status.InvalidInput("", null));
- amles = JsonLogEntityFactory.getInstance()
- .createJsonLogEntitys(request, response, conf);
- assertEquals(amles.size(),1);
- amle = (DBAuditMetadataLogEntity) amles.iterator().next();
-
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_REVOKE_PRIVILEGE,
- "REVOKE ALL ON TABLE testTable FROM ROLE testRole", null,
- TEST_TABLE_NAME, null, Constants.OBJECT_TYPE_PRINCIPAL);
- }
-
- @Test
- public void testAddRole() {
- TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
- TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- request.setGroups(getGroups());
- response.setStatus(Status.OK());
- DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory
- .getInstance().createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_ADD_ROLE,
- "GRANT ROLE testRole TO GROUP testGroup", null, null, null,
- Constants.OBJECT_TYPE_ROLE);
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_ADD_ROLE,
- "GRANT ROLE testRole TO GROUP testGroup", null, null, null,
- Constants.OBJECT_TYPE_ROLE);
- }
-
- @Test
- public void testDeleteRole() {
- TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
- TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- request.setGroups(getGroups());
- response.setStatus(Status.OK());
- DBAuditMetadataLogEntity amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory
- .getInstance().createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_DELETE_ROLE,
- "REVOKE ROLE testRole FROM GROUP testGroup", null, null, null,
- Constants.OBJECT_TYPE_ROLE);
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (DBAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_DELETE_ROLE,
- "REVOKE ROLE testRole FROM GROUP testGroup", null, null, null,
- Constants.OBJECT_TYPE_ROLE);
- }
-
- private void assertCommon(DBAuditMetadataLogEntity amle,
- String allowedExcepted, String operationExcepted,
- String operationTextExcepted, String databaseNameExcepted,
- String tableNameExcepted, String resourcePathExcepted,
- String objectTypeExcepted) {
- assertEquals(ServerConfig.SENTRY_SERVICE_NAME_DEFAULT,
- amle.getServiceName());
- assertEquals(TEST_IP, amle.getIpAddress());
- assertEquals(TEST_USER_NAME, amle.getUserName());
- assertEquals(TEST_IMPERSONATOR, amle.getImpersonator());
- assertEquals(allowedExcepted, amle.getAllowed());
- assertEquals(operationExcepted, amle.getOperation());
- assertEquals(operationTextExcepted, amle.getOperationText());
- assertEquals(tableNameExcepted, amle.getTableName());
- assertEquals(databaseNameExcepted, amle.getDatabaseName());
- assertEquals(resourcePathExcepted, amle.getResourcePath());
- assertEquals(objectTypeExcepted, amle.getObjectType());
- }
-
- private TSentryPrivilege getPrivilege(String action, String privilegeScope,
- String dbName, String tableName, String serverName, String URI) {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setAction(action);
- privilege.setPrivilegeScope(privilegeScope);
- privilege.setDbName(dbName);
- privilege.setTableName(tableName);
- privilege.setServerName(serverName);
- privilege.setURI(URI);
- return privilege;
- }
-
- private Set<TSentryGroup> getGroups() {
- Set<TSentryGroup> groups = new LinkedHashSet<TSentryGroup>();
- TSentryGroup group = new TSentryGroup();
- group.setGroupName(TEST_GROUP);
- groups.add(group);
- return groups;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
deleted file mode 100644
index dfae5ab..0000000
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/log/entity/TestJsonLogEntityFactoryGM.java
+++ /dev/null
@@ -1,259 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import static org.junit.Assert.assertEquals;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.Status;
-import org.junit.BeforeClass;
-import org.junit.Test;
-
-public class TestJsonLogEntityFactoryGM {
-
- private static Configuration conf;
- private static String TEST_IP = "localhost/127.0.0.1";
- private static String TEST_IMPERSONATOR = "impersonator";
- private static String TEST_ROLE_NAME = "testRole";
- private static String TEST_USER_NAME = "requestUser";
- private static String TEST_GROUP = "testGroup";
- private static String TEST_ACTION = "action";
- private static String TEST_COMPONENT = "component";
- private static Map<String, String> TEST_PRIVILEGES_MAP = new HashMap<String, String>();
-
- @BeforeClass
- public static void init() {
- conf = new Configuration();
- conf.set(ServerConfig.SENTRY_SERVICE_NAME, ServerConfig.SENTRY_SERVICE_NAME_DEFAULT);
- ThriftUtil.setIpAddress(TEST_IP);
- ThriftUtil.setImpersonator(TEST_IMPERSONATOR);
- TEST_PRIVILEGES_MAP.put("resourceType1", "resourceName1");
- TEST_PRIVILEGES_MAP.put("resourceType2", "resourceName2");
- TEST_PRIVILEGES_MAP.put("resourceType3", "resourceName3");
- }
-
- @Test
- public void testCreateRole() {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- TCreateSentryRoleResponse response = new TCreateSentryRoleResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- response.setStatus(Status.OK());
- GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole",
- Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>());
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity(
- request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_CREATE_ROLE, "CREATE ROLE testRole",
- Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>());
- }
-
- @Test
- public void testDropRole() {
- TDropSentryRoleRequest request = new TDropSentryRoleRequest();
- TDropSentryRoleResponse response = new TDropSentryRoleResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- response.setStatus(Status.OK());
- GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory
- .getInstance().createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole",
- Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>());
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity(
- request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_DROP_ROLE, "DROP ROLE testRole",
- Constants.OBJECT_TYPE_ROLE, new HashMap<String, String>());
- }
-
- @Test
- public void testGrantRole() {
- TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
-
- TAlterSentryRoleGrantPrivilegeResponse response = new TAlterSentryRoleGrantPrivilegeResponse();
-
- TSentryPrivilege privilege = getPrivilege();
- request.setPrivilege(privilege);
- response.setStatus(Status.OK());
- GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(
- request, response, conf);
- assertCommon(
- amle,
- Constants.TRUE,
- Constants.OPERATION_GRANT_PRIVILEGE,
- "GRANT ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 resourceType3 resourceName3 TO ROLE testRole",
- Constants.OBJECT_TYPE_PRINCIPAL, TEST_PRIVILEGES_MAP);
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity(
- request, response, conf);
- assertCommon(
- amle,
- Constants.FALSE,
- Constants.OPERATION_GRANT_PRIVILEGE,
- "GRANT ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 resourceType3 resourceName3 TO ROLE testRole",
- Constants.OBJECT_TYPE_PRINCIPAL, TEST_PRIVILEGES_MAP);
- }
-
- @Test
- public void testRevokeRole() {
- TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
- TAlterSentryRoleRevokePrivilegeResponse response = new TAlterSentryRoleRevokePrivilegeResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
-
- TSentryPrivilege privilege = getPrivilege();
- request.setPrivilege(privilege);
- response.setStatus(Status.OK());
- GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf);
- assertCommon(
- amle,
- Constants.TRUE,
- Constants.OPERATION_REVOKE_PRIVILEGE,
- "REVOKE ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 resourceType3 resourceName3 FROM ROLE testRole",
- Constants.OBJECT_TYPE_PRINCIPAL, TEST_PRIVILEGES_MAP);
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity(
- request, response, conf);
-
- assertCommon(
- amle,
- Constants.FALSE,
- Constants.OPERATION_REVOKE_PRIVILEGE,
- "REVOKE ACTION ON resourceType1 resourceName1 resourceType2 resourceName2 resourceType3 resourceName3 FROM ROLE testRole",
- Constants.OBJECT_TYPE_PRINCIPAL, TEST_PRIVILEGES_MAP);
- }
-
- @Test
- public void testAddRole() {
- TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
- TAlterSentryRoleAddGroupsResponse response = new TAlterSentryRoleAddGroupsResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- request.setGroups(getGroups());
- response.setStatus(Status.OK());
- GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance()
- .createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_ADD_ROLE,
- "GRANT ROLE testRole TO GROUP testGroup", Constants.OBJECT_TYPE_ROLE,
- new HashMap<String, String>());
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity(
- request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_ADD_ROLE,
- "GRANT ROLE testRole TO GROUP testGroup", Constants.OBJECT_TYPE_ROLE,
- new HashMap<String, String>());
- }
-
- @Test
- public void testDeleteRole() {
- TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
- TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse();
- request.setRequestorUserName(TEST_USER_NAME);
- request.setRoleName(TEST_ROLE_NAME);
- request.setGroups(getGroups());
- response.setStatus(Status.OK());
- GMAuditMetadataLogEntity amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory
- .getInstance().createJsonLogEntity(request, response, conf);
- assertCommon(amle, Constants.TRUE, Constants.OPERATION_DELETE_ROLE,
- "REVOKE ROLE testRole FROM GROUP testGroup", Constants.OBJECT_TYPE_ROLE,
- new HashMap<String, String>());
-
- response.setStatus(Status.InvalidInput("", null));
- amle = (GMAuditMetadataLogEntity) JsonLogEntityFactory.getInstance().createJsonLogEntity(
- request, response, conf);
- assertCommon(amle, Constants.FALSE, Constants.OPERATION_DELETE_ROLE,
- "REVOKE ROLE testRole FROM GROUP testGroup", Constants.OBJECT_TYPE_ROLE,
- new HashMap<String, String>());
- }
-
- private void assertCommon(GMAuditMetadataLogEntity amle, String allowedExcepted,
- String operationExcepted, String operationTextExcepted, String objectTypeExcepted,
- Map<String, String> privilegesExcepted) {
- assertEquals(ServerConfig.SENTRY_SERVICE_NAME_DEFAULT, amle.getServiceName());
- assertEquals(TEST_IP, amle.getIpAddress());
- assertEquals(TEST_USER_NAME, amle.getUserName());
- assertEquals(TEST_IMPERSONATOR, amle.getImpersonator());
- assertEquals(allowedExcepted, amle.getAllowed());
- assertEquals(operationExcepted, amle.getOperation());
- assertEquals(operationTextExcepted, amle.getOperationText());
- assertEquals(objectTypeExcepted, amle.getObjectType());
- assertPrivilegesMap(privilegesExcepted, amle.getPrivilegesMap());
- }
-
- private void assertPrivilegesMap(Map<String, String> privilegesExcepted,
- Map<String, String> privilegesActual) {
- assertEquals(privilegesExcepted.size(), privilegesActual.size());
- for (Map.Entry<String, String> privilege : privilegesExcepted.entrySet()) {
- assertEquals(privilege.getValue(), privilegesActual.get(privilege.getKey()));
- }
- }
-
- private TSentryPrivilege getPrivilege() {
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setAction(TEST_ACTION);
- privilege.setComponent(TEST_COMPONENT);
- List<TAuthorizable> authorizables = new ArrayList<TAuthorizable>();
- authorizables.add(new TAuthorizable("resourceType1", "resourceName1"));
- authorizables.add(new TAuthorizable("resourceType2", "resourceName2"));
- authorizables.add(new TAuthorizable("resourceType3", "resourceName3"));
- privilege.setAuthorizables(authorizables);
- return privilege;
- }
-
- private Set<String> getGroups() {
- Set<String> groups = new HashSet<String>();
- groups.add(TEST_GROUP);
- return groups;
- }
-}
[30/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryAuthorizable.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryAuthorizable.java
deleted file mode 100644
index 2174b42..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryAuthorizable.java
+++ /dev/null
@@ -1,817 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryAuthorizable implements org.apache.thrift.TBase<TSentryAuthorizable, TSentryAuthorizable._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryAuthorizable> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryAuthorizable");
-
- private static final org.apache.thrift.protocol.TField SERVER_FIELD_DESC = new org.apache.thrift.protocol.TField("server", org.apache.thrift.protocol.TType.STRING, (short)1);
- private static final org.apache.thrift.protocol.TField URI_FIELD_DESC = new org.apache.thrift.protocol.TField("uri", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField DB_FIELD_DESC = new org.apache.thrift.protocol.TField("db", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField TABLE_FIELD_DESC = new org.apache.thrift.protocol.TField("table", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField COLUMN_FIELD_DESC = new org.apache.thrift.protocol.TField("column", org.apache.thrift.protocol.TType.STRING, (short)5);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryAuthorizableStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryAuthorizableTupleSchemeFactory());
- }
-
- private String server; // required
- private String uri; // optional
- private String db; // optional
- private String table; // optional
- private String column; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- SERVER((short)1, "server"),
- URI((short)2, "uri"),
- DB((short)3, "db"),
- TABLE((short)4, "table"),
- COLUMN((short)5, "column");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // SERVER
- return SERVER;
- case 2: // URI
- return URI;
- case 3: // DB
- return DB;
- case 4: // TABLE
- return TABLE;
- case 5: // COLUMN
- return COLUMN;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.URI,_Fields.DB,_Fields.TABLE,_Fields.COLUMN};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.SERVER, new org.apache.thrift.meta_data.FieldMetaData("server", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.URI, new org.apache.thrift.meta_data.FieldMetaData("uri", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.DB, new org.apache.thrift.meta_data.FieldMetaData("db", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.TABLE, new org.apache.thrift.meta_data.FieldMetaData("table", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.COLUMN, new org.apache.thrift.meta_data.FieldMetaData("column", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryAuthorizable.class, metaDataMap);
- }
-
- public TSentryAuthorizable() {
- }
-
- public TSentryAuthorizable(
- String server)
- {
- this();
- this.server = server;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryAuthorizable(TSentryAuthorizable other) {
- if (other.isSetServer()) {
- this.server = other.server;
- }
- if (other.isSetUri()) {
- this.uri = other.uri;
- }
- if (other.isSetDb()) {
- this.db = other.db;
- }
- if (other.isSetTable()) {
- this.table = other.table;
- }
- if (other.isSetColumn()) {
- this.column = other.column;
- }
- }
-
- public TSentryAuthorizable deepCopy() {
- return new TSentryAuthorizable(this);
- }
-
- @Override
- public void clear() {
- this.server = null;
- this.uri = null;
- this.db = null;
- this.table = null;
- this.column = null;
- }
-
- public String getServer() {
- return this.server;
- }
-
- public void setServer(String server) {
- this.server = server;
- }
-
- public void unsetServer() {
- this.server = null;
- }
-
- /** Returns true if field server is set (has been assigned a value) and false otherwise */
- public boolean isSetServer() {
- return this.server != null;
- }
-
- public void setServerIsSet(boolean value) {
- if (!value) {
- this.server = null;
- }
- }
-
- public String getUri() {
- return this.uri;
- }
-
- public void setUri(String uri) {
- this.uri = uri;
- }
-
- public void unsetUri() {
- this.uri = null;
- }
-
- /** Returns true if field uri is set (has been assigned a value) and false otherwise */
- public boolean isSetUri() {
- return this.uri != null;
- }
-
- public void setUriIsSet(boolean value) {
- if (!value) {
- this.uri = null;
- }
- }
-
- public String getDb() {
- return this.db;
- }
-
- public void setDb(String db) {
- this.db = db;
- }
-
- public void unsetDb() {
- this.db = null;
- }
-
- /** Returns true if field db is set (has been assigned a value) and false otherwise */
- public boolean isSetDb() {
- return this.db != null;
- }
-
- public void setDbIsSet(boolean value) {
- if (!value) {
- this.db = null;
- }
- }
-
- public String getTable() {
- return this.table;
- }
-
- public void setTable(String table) {
- this.table = table;
- }
-
- public void unsetTable() {
- this.table = null;
- }
-
- /** Returns true if field table is set (has been assigned a value) and false otherwise */
- public boolean isSetTable() {
- return this.table != null;
- }
-
- public void setTableIsSet(boolean value) {
- if (!value) {
- this.table = null;
- }
- }
-
- public String getColumn() {
- return this.column;
- }
-
- public void setColumn(String column) {
- this.column = column;
- }
-
- public void unsetColumn() {
- this.column = null;
- }
-
- /** Returns true if field column is set (has been assigned a value) and false otherwise */
- public boolean isSetColumn() {
- return this.column != null;
- }
-
- public void setColumnIsSet(boolean value) {
- if (!value) {
- this.column = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case SERVER:
- if (value == null) {
- unsetServer();
- } else {
- setServer((String)value);
- }
- break;
-
- case URI:
- if (value == null) {
- unsetUri();
- } else {
- setUri((String)value);
- }
- break;
-
- case DB:
- if (value == null) {
- unsetDb();
- } else {
- setDb((String)value);
- }
- break;
-
- case TABLE:
- if (value == null) {
- unsetTable();
- } else {
- setTable((String)value);
- }
- break;
-
- case COLUMN:
- if (value == null) {
- unsetColumn();
- } else {
- setColumn((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case SERVER:
- return getServer();
-
- case URI:
- return getUri();
-
- case DB:
- return getDb();
-
- case TABLE:
- return getTable();
-
- case COLUMN:
- return getColumn();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case SERVER:
- return isSetServer();
- case URI:
- return isSetUri();
- case DB:
- return isSetDb();
- case TABLE:
- return isSetTable();
- case COLUMN:
- return isSetColumn();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryAuthorizable)
- return this.equals((TSentryAuthorizable)that);
- return false;
- }
-
- public boolean equals(TSentryAuthorizable that) {
- if (that == null)
- return false;
-
- boolean this_present_server = true && this.isSetServer();
- boolean that_present_server = true && that.isSetServer();
- if (this_present_server || that_present_server) {
- if (!(this_present_server && that_present_server))
- return false;
- if (!this.server.equals(that.server))
- return false;
- }
-
- boolean this_present_uri = true && this.isSetUri();
- boolean that_present_uri = true && that.isSetUri();
- if (this_present_uri || that_present_uri) {
- if (!(this_present_uri && that_present_uri))
- return false;
- if (!this.uri.equals(that.uri))
- return false;
- }
-
- boolean this_present_db = true && this.isSetDb();
- boolean that_present_db = true && that.isSetDb();
- if (this_present_db || that_present_db) {
- if (!(this_present_db && that_present_db))
- return false;
- if (!this.db.equals(that.db))
- return false;
- }
-
- boolean this_present_table = true && this.isSetTable();
- boolean that_present_table = true && that.isSetTable();
- if (this_present_table || that_present_table) {
- if (!(this_present_table && that_present_table))
- return false;
- if (!this.table.equals(that.table))
- return false;
- }
-
- boolean this_present_column = true && this.isSetColumn();
- boolean that_present_column = true && that.isSetColumn();
- if (this_present_column || that_present_column) {
- if (!(this_present_column && that_present_column))
- return false;
- if (!this.column.equals(that.column))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_server = true && (isSetServer());
- list.add(present_server);
- if (present_server)
- list.add(server);
-
- boolean present_uri = true && (isSetUri());
- list.add(present_uri);
- if (present_uri)
- list.add(uri);
-
- boolean present_db = true && (isSetDb());
- list.add(present_db);
- if (present_db)
- list.add(db);
-
- boolean present_table = true && (isSetTable());
- list.add(present_table);
- if (present_table)
- list.add(table);
-
- boolean present_column = true && (isSetColumn());
- list.add(present_column);
- if (present_column)
- list.add(column);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryAuthorizable other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetServer()).compareTo(other.isSetServer());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetServer()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.server, other.server);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetUri()).compareTo(other.isSetUri());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetUri()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.uri, other.uri);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetDb()).compareTo(other.isSetDb());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetDb()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.db, other.db);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetTable()).compareTo(other.isSetTable());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetTable()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.table, other.table);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetColumn()).compareTo(other.isSetColumn());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetColumn()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.column, other.column);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryAuthorizable(");
- boolean first = true;
-
- sb.append("server:");
- if (this.server == null) {
- sb.append("null");
- } else {
- sb.append(this.server);
- }
- first = false;
- if (isSetUri()) {
- if (!first) sb.append(", ");
- sb.append("uri:");
- if (this.uri == null) {
- sb.append("null");
- } else {
- sb.append(this.uri);
- }
- first = false;
- }
- if (isSetDb()) {
- if (!first) sb.append(", ");
- sb.append("db:");
- if (this.db == null) {
- sb.append("null");
- } else {
- sb.append(this.db);
- }
- first = false;
- }
- if (isSetTable()) {
- if (!first) sb.append(", ");
- sb.append("table:");
- if (this.table == null) {
- sb.append("null");
- } else {
- sb.append(this.table);
- }
- first = false;
- }
- if (isSetColumn()) {
- if (!first) sb.append(", ");
- sb.append("column:");
- if (this.column == null) {
- sb.append("null");
- } else {
- sb.append(this.column);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetServer()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'server' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryAuthorizableStandardSchemeFactory implements SchemeFactory {
- public TSentryAuthorizableStandardScheme getScheme() {
- return new TSentryAuthorizableStandardScheme();
- }
- }
-
- private static class TSentryAuthorizableStandardScheme extends StandardScheme<TSentryAuthorizable> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryAuthorizable struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // SERVER
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.server = iprot.readString();
- struct.setServerIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // URI
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.uri = iprot.readString();
- struct.setUriIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // DB
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.db = iprot.readString();
- struct.setDbIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // TABLE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.table = iprot.readString();
- struct.setTableIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 5: // COLUMN
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.column = iprot.readString();
- struct.setColumnIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryAuthorizable struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.server != null) {
- oprot.writeFieldBegin(SERVER_FIELD_DESC);
- oprot.writeString(struct.server);
- oprot.writeFieldEnd();
- }
- if (struct.uri != null) {
- if (struct.isSetUri()) {
- oprot.writeFieldBegin(URI_FIELD_DESC);
- oprot.writeString(struct.uri);
- oprot.writeFieldEnd();
- }
- }
- if (struct.db != null) {
- if (struct.isSetDb()) {
- oprot.writeFieldBegin(DB_FIELD_DESC);
- oprot.writeString(struct.db);
- oprot.writeFieldEnd();
- }
- }
- if (struct.table != null) {
- if (struct.isSetTable()) {
- oprot.writeFieldBegin(TABLE_FIELD_DESC);
- oprot.writeString(struct.table);
- oprot.writeFieldEnd();
- }
- }
- if (struct.column != null) {
- if (struct.isSetColumn()) {
- oprot.writeFieldBegin(COLUMN_FIELD_DESC);
- oprot.writeString(struct.column);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryAuthorizableTupleSchemeFactory implements SchemeFactory {
- public TSentryAuthorizableTupleScheme getScheme() {
- return new TSentryAuthorizableTupleScheme();
- }
- }
-
- private static class TSentryAuthorizableTupleScheme extends TupleScheme<TSentryAuthorizable> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryAuthorizable struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeString(struct.server);
- BitSet optionals = new BitSet();
- if (struct.isSetUri()) {
- optionals.set(0);
- }
- if (struct.isSetDb()) {
- optionals.set(1);
- }
- if (struct.isSetTable()) {
- optionals.set(2);
- }
- if (struct.isSetColumn()) {
- optionals.set(3);
- }
- oprot.writeBitSet(optionals, 4);
- if (struct.isSetUri()) {
- oprot.writeString(struct.uri);
- }
- if (struct.isSetDb()) {
- oprot.writeString(struct.db);
- }
- if (struct.isSetTable()) {
- oprot.writeString(struct.table);
- }
- if (struct.isSetColumn()) {
- oprot.writeString(struct.column);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryAuthorizable struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.server = iprot.readString();
- struct.setServerIsSet(true);
- BitSet incoming = iprot.readBitSet(4);
- if (incoming.get(0)) {
- struct.uri = iprot.readString();
- struct.setUriIsSet(true);
- }
- if (incoming.get(1)) {
- struct.db = iprot.readString();
- struct.setDbIsSet(true);
- }
- if (incoming.get(2)) {
- struct.table = iprot.readString();
- struct.setTableIsSet(true);
- }
- if (incoming.get(3)) {
- struct.column = iprot.readString();
- struct.setColumnIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueRequest.java
deleted file mode 100644
index 11cd83a..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueRequest.java
+++ /dev/null
@@ -1,600 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryConfigValueRequest implements org.apache.thrift.TBase<TSentryConfigValueRequest, TSentryConfigValueRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryConfigValueRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryConfigValueRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField PROPERTY_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("propertyName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField DEFAULT_VALUE_FIELD_DESC = new org.apache.thrift.protocol.TField("defaultValue", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryConfigValueRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryConfigValueRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String propertyName; // required
- private String defaultValue; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- PROPERTY_NAME((short)2, "propertyName"),
- DEFAULT_VALUE((short)3, "defaultValue");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // PROPERTY_NAME
- return PROPERTY_NAME;
- case 3: // DEFAULT_VALUE
- return DEFAULT_VALUE;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.DEFAULT_VALUE};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.PROPERTY_NAME, new org.apache.thrift.meta_data.FieldMetaData("propertyName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.DEFAULT_VALUE, new org.apache.thrift.meta_data.FieldMetaData("defaultValue", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryConfigValueRequest.class, metaDataMap);
- }
-
- public TSentryConfigValueRequest() {
- this.protocol_version = 2;
-
- }
-
- public TSentryConfigValueRequest(
- int protocol_version,
- String propertyName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.propertyName = propertyName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryConfigValueRequest(TSentryConfigValueRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetPropertyName()) {
- this.propertyName = other.propertyName;
- }
- if (other.isSetDefaultValue()) {
- this.defaultValue = other.defaultValue;
- }
- }
-
- public TSentryConfigValueRequest deepCopy() {
- return new TSentryConfigValueRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 2;
-
- this.propertyName = null;
- this.defaultValue = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getPropertyName() {
- return this.propertyName;
- }
-
- public void setPropertyName(String propertyName) {
- this.propertyName = propertyName;
- }
-
- public void unsetPropertyName() {
- this.propertyName = null;
- }
-
- /** Returns true if field propertyName is set (has been assigned a value) and false otherwise */
- public boolean isSetPropertyName() {
- return this.propertyName != null;
- }
-
- public void setPropertyNameIsSet(boolean value) {
- if (!value) {
- this.propertyName = null;
- }
- }
-
- public String getDefaultValue() {
- return this.defaultValue;
- }
-
- public void setDefaultValue(String defaultValue) {
- this.defaultValue = defaultValue;
- }
-
- public void unsetDefaultValue() {
- this.defaultValue = null;
- }
-
- /** Returns true if field defaultValue is set (has been assigned a value) and false otherwise */
- public boolean isSetDefaultValue() {
- return this.defaultValue != null;
- }
-
- public void setDefaultValueIsSet(boolean value) {
- if (!value) {
- this.defaultValue = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case PROPERTY_NAME:
- if (value == null) {
- unsetPropertyName();
- } else {
- setPropertyName((String)value);
- }
- break;
-
- case DEFAULT_VALUE:
- if (value == null) {
- unsetDefaultValue();
- } else {
- setDefaultValue((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case PROPERTY_NAME:
- return getPropertyName();
-
- case DEFAULT_VALUE:
- return getDefaultValue();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case PROPERTY_NAME:
- return isSetPropertyName();
- case DEFAULT_VALUE:
- return isSetDefaultValue();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryConfigValueRequest)
- return this.equals((TSentryConfigValueRequest)that);
- return false;
- }
-
- public boolean equals(TSentryConfigValueRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_propertyName = true && this.isSetPropertyName();
- boolean that_present_propertyName = true && that.isSetPropertyName();
- if (this_present_propertyName || that_present_propertyName) {
- if (!(this_present_propertyName && that_present_propertyName))
- return false;
- if (!this.propertyName.equals(that.propertyName))
- return false;
- }
-
- boolean this_present_defaultValue = true && this.isSetDefaultValue();
- boolean that_present_defaultValue = true && that.isSetDefaultValue();
- if (this_present_defaultValue || that_present_defaultValue) {
- if (!(this_present_defaultValue && that_present_defaultValue))
- return false;
- if (!this.defaultValue.equals(that.defaultValue))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_propertyName = true && (isSetPropertyName());
- list.add(present_propertyName);
- if (present_propertyName)
- list.add(propertyName);
-
- boolean present_defaultValue = true && (isSetDefaultValue());
- list.add(present_defaultValue);
- if (present_defaultValue)
- list.add(defaultValue);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryConfigValueRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetPropertyName()).compareTo(other.isSetPropertyName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetPropertyName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.propertyName, other.propertyName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetDefaultValue()).compareTo(other.isSetDefaultValue());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetDefaultValue()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.defaultValue, other.defaultValue);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryConfigValueRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("propertyName:");
- if (this.propertyName == null) {
- sb.append("null");
- } else {
- sb.append(this.propertyName);
- }
- first = false;
- if (isSetDefaultValue()) {
- if (!first) sb.append(", ");
- sb.append("defaultValue:");
- if (this.defaultValue == null) {
- sb.append("null");
- } else {
- sb.append(this.defaultValue);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetPropertyName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'propertyName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryConfigValueRequestStandardSchemeFactory implements SchemeFactory {
- public TSentryConfigValueRequestStandardScheme getScheme() {
- return new TSentryConfigValueRequestStandardScheme();
- }
- }
-
- private static class TSentryConfigValueRequestStandardScheme extends StandardScheme<TSentryConfigValueRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryConfigValueRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // PROPERTY_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.propertyName = iprot.readString();
- struct.setPropertyNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // DEFAULT_VALUE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.defaultValue = iprot.readString();
- struct.setDefaultValueIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryConfigValueRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.propertyName != null) {
- oprot.writeFieldBegin(PROPERTY_NAME_FIELD_DESC);
- oprot.writeString(struct.propertyName);
- oprot.writeFieldEnd();
- }
- if (struct.defaultValue != null) {
- if (struct.isSetDefaultValue()) {
- oprot.writeFieldBegin(DEFAULT_VALUE_FIELD_DESC);
- oprot.writeString(struct.defaultValue);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryConfigValueRequestTupleSchemeFactory implements SchemeFactory {
- public TSentryConfigValueRequestTupleScheme getScheme() {
- return new TSentryConfigValueRequestTupleScheme();
- }
- }
-
- private static class TSentryConfigValueRequestTupleScheme extends TupleScheme<TSentryConfigValueRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryConfigValueRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.propertyName);
- BitSet optionals = new BitSet();
- if (struct.isSetDefaultValue()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetDefaultValue()) {
- oprot.writeString(struct.defaultValue);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryConfigValueRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.propertyName = iprot.readString();
- struct.setPropertyNameIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- struct.defaultValue = iprot.readString();
- struct.setDefaultValueIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueResponse.java
deleted file mode 100644
index 441f61e..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryConfigValueResponse.java
+++ /dev/null
@@ -1,504 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryConfigValueResponse implements org.apache.thrift.TBase<TSentryConfigValueResponse, TSentryConfigValueResponse._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryConfigValueResponse> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryConfigValueResponse");
-
- private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
- private static final org.apache.thrift.protocol.TField VALUE_FIELD_DESC = new org.apache.thrift.protocol.TField("value", org.apache.thrift.protocol.TType.STRING, (short)2);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryConfigValueResponseStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryConfigValueResponseTupleSchemeFactory());
- }
-
- private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
- private String value; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status"),
- VALUE((short)2, "value");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // STATUS
- return STATUS;
- case 2: // VALUE
- return VALUE;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final _Fields optionals[] = {_Fields.VALUE};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
- tmpMap.put(_Fields.VALUE, new org.apache.thrift.meta_data.FieldMetaData("value", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryConfigValueResponse.class, metaDataMap);
- }
-
- public TSentryConfigValueResponse() {
- }
-
- public TSentryConfigValueResponse(
- org.apache.sentry.service.thrift.TSentryResponseStatus status)
- {
- this();
- this.status = status;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryConfigValueResponse(TSentryConfigValueResponse other) {
- if (other.isSetStatus()) {
- this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
- }
- if (other.isSetValue()) {
- this.value = other.value;
- }
- }
-
- public TSentryConfigValueResponse deepCopy() {
- return new TSentryConfigValueResponse(this);
- }
-
- @Override
- public void clear() {
- this.status = null;
- this.value = null;
- }
-
- public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
- return this.status;
- }
-
- public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
- this.status = status;
- }
-
- public void unsetStatus() {
- this.status = null;
- }
-
- /** Returns true if field status is set (has been assigned a value) and false otherwise */
- public boolean isSetStatus() {
- return this.status != null;
- }
-
- public void setStatusIsSet(boolean value) {
- if (!value) {
- this.status = null;
- }
- }
-
- public String getValue() {
- return this.value;
- }
-
- public void setValue(String value) {
- this.value = value;
- }
-
- public void unsetValue() {
- this.value = null;
- }
-
- /** Returns true if field value is set (has been assigned a value) and false otherwise */
- public boolean isSetValue() {
- return this.value != null;
- }
-
- public void setValueIsSet(boolean value) {
- if (!value) {
- this.value = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case STATUS:
- if (value == null) {
- unsetStatus();
- } else {
- setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
- }
- break;
-
- case VALUE:
- if (value == null) {
- unsetValue();
- } else {
- setValue((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case STATUS:
- return getStatus();
-
- case VALUE:
- return getValue();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case STATUS:
- return isSetStatus();
- case VALUE:
- return isSetValue();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryConfigValueResponse)
- return this.equals((TSentryConfigValueResponse)that);
- return false;
- }
-
- public boolean equals(TSentryConfigValueResponse that) {
- if (that == null)
- return false;
-
- boolean this_present_status = true && this.isSetStatus();
- boolean that_present_status = true && that.isSetStatus();
- if (this_present_status || that_present_status) {
- if (!(this_present_status && that_present_status))
- return false;
- if (!this.status.equals(that.status))
- return false;
- }
-
- boolean this_present_value = true && this.isSetValue();
- boolean that_present_value = true && that.isSetValue();
- if (this_present_value || that_present_value) {
- if (!(this_present_value && that_present_value))
- return false;
- if (!this.value.equals(that.value))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_status = true && (isSetStatus());
- list.add(present_status);
- if (present_status)
- list.add(status);
-
- boolean present_value = true && (isSetValue());
- list.add(present_value);
- if (present_value)
- list.add(value);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryConfigValueResponse other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetStatus()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetValue()).compareTo(other.isSetValue());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetValue()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.value, other.value);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryConfigValueResponse(");
- boolean first = true;
-
- sb.append("status:");
- if (this.status == null) {
- sb.append("null");
- } else {
- sb.append(this.status);
- }
- first = false;
- if (isSetValue()) {
- if (!first) sb.append(", ");
- sb.append("value:");
- if (this.value == null) {
- sb.append("null");
- } else {
- sb.append(this.value);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetStatus()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- if (status != null) {
- status.validate();
- }
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryConfigValueResponseStandardSchemeFactory implements SchemeFactory {
- public TSentryConfigValueResponseStandardScheme getScheme() {
- return new TSentryConfigValueResponseStandardScheme();
- }
- }
-
- private static class TSentryConfigValueResponseStandardScheme extends StandardScheme<TSentryConfigValueResponse> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryConfigValueResponse struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // STATUS
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // VALUE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.value = iprot.readString();
- struct.setValueIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryConfigValueResponse struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- if (struct.status != null) {
- oprot.writeFieldBegin(STATUS_FIELD_DESC);
- struct.status.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.value != null) {
- if (struct.isSetValue()) {
- oprot.writeFieldBegin(VALUE_FIELD_DESC);
- oprot.writeString(struct.value);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryConfigValueResponseTupleSchemeFactory implements SchemeFactory {
- public TSentryConfigValueResponseTupleScheme getScheme() {
- return new TSentryConfigValueResponseTupleScheme();
- }
- }
-
- private static class TSentryConfigValueResponseTupleScheme extends TupleScheme<TSentryConfigValueResponse> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryConfigValueResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- struct.status.write(oprot);
- BitSet optionals = new BitSet();
- if (struct.isSetValue()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetValue()) {
- oprot.writeString(struct.value);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryConfigValueResponse struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
- struct.status.read(iprot);
- struct.setStatusIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- struct.value = iprot.readString();
- struct.setValueIsSet(true);
- }
- }
- }
-
-}
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataRequest.java
deleted file mode 100644
index e276b27..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryExportMappingDataRequest.java
+++ /dev/null
@@ -1,600 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.3)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import org.apache.thrift.async.AsyncMethodCallback;
-import org.apache.thrift.server.AbstractNonblockingServer.*;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import javax.annotation.Generated;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"})
-@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)", date = "2016-05-05")
-public class TSentryExportMappingDataRequest implements org.apache.thrift.TBase<TSentryExportMappingDataRequest, TSentryExportMappingDataRequest._Fields>, java.io.Serializable, Cloneable, Comparable<TSentryExportMappingDataRequest> {
- private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryExportMappingDataRequest");
-
- private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
- private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField OBJECT_PATH_FIELD_DESC = new org.apache.thrift.protocol.TField("objectPath", org.apache.thrift.protocol.TType.STRING, (short)3);
-
- private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
- static {
- schemes.put(StandardScheme.class, new TSentryExportMappingDataRequestStandardSchemeFactory());
- schemes.put(TupleScheme.class, new TSentryExportMappingDataRequestTupleSchemeFactory());
- }
-
- private int protocol_version; // required
- private String requestorUserName; // required
- private String objectPath; // optional
-
- /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
- public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- PROTOCOL_VERSION((short)1, "protocol_version"),
- REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- OBJECT_PATH((short)3, "objectPath");
-
- private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
-
- static {
- for (_Fields field : EnumSet.allOf(_Fields.class)) {
- byName.put(field.getFieldName(), field);
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, or null if its not found.
- */
- public static _Fields findByThriftId(int fieldId) {
- switch(fieldId) {
- case 1: // PROTOCOL_VERSION
- return PROTOCOL_VERSION;
- case 2: // REQUESTOR_USER_NAME
- return REQUESTOR_USER_NAME;
- case 3: // OBJECT_PATH
- return OBJECT_PATH;
- default:
- return null;
- }
- }
-
- /**
- * Find the _Fields constant that matches fieldId, throwing an exception
- * if it is not found.
- */
- public static _Fields findByThriftIdOrThrow(int fieldId) {
- _Fields fields = findByThriftId(fieldId);
- if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
- return fields;
- }
-
- /**
- * Find the _Fields constant that matches name, or null if its not found.
- */
- public static _Fields findByName(String name) {
- return byName.get(name);
- }
-
- private final short _thriftId;
- private final String _fieldName;
-
- _Fields(short thriftId, String fieldName) {
- _thriftId = thriftId;
- _fieldName = fieldName;
- }
-
- public short getThriftFieldId() {
- return _thriftId;
- }
-
- public String getFieldName() {
- return _fieldName;
- }
- }
-
- // isset id assignments
- private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
- private static final _Fields optionals[] = {_Fields.OBJECT_PATH};
- public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
- static {
- Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
- tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
- tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.OBJECT_PATH, new org.apache.thrift.meta_data.FieldMetaData("objectPath", org.apache.thrift.TFieldRequirementType.OPTIONAL,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- metaDataMap = Collections.unmodifiableMap(tmpMap);
- org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryExportMappingDataRequest.class, metaDataMap);
- }
-
- public TSentryExportMappingDataRequest() {
- this.protocol_version = 1;
-
- }
-
- public TSentryExportMappingDataRequest(
- int protocol_version,
- String requestorUserName)
- {
- this();
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- this.requestorUserName = requestorUserName;
- }
-
- /**
- * Performs a deep copy on <i>other</i>.
- */
- public TSentryExportMappingDataRequest(TSentryExportMappingDataRequest other) {
- __isset_bitfield = other.__isset_bitfield;
- this.protocol_version = other.protocol_version;
- if (other.isSetRequestorUserName()) {
- this.requestorUserName = other.requestorUserName;
- }
- if (other.isSetObjectPath()) {
- this.objectPath = other.objectPath;
- }
- }
-
- public TSentryExportMappingDataRequest deepCopy() {
- return new TSentryExportMappingDataRequest(this);
- }
-
- @Override
- public void clear() {
- this.protocol_version = 1;
-
- this.requestorUserName = null;
- this.objectPath = null;
- }
-
- public int getProtocol_version() {
- return this.protocol_version;
- }
-
- public void setProtocol_version(int protocol_version) {
- this.protocol_version = protocol_version;
- setProtocol_versionIsSet(true);
- }
-
- public void unsetProtocol_version() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
- public boolean isSetProtocol_version() {
- return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
- }
-
- public void setProtocol_versionIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
- }
-
- public String getRequestorUserName() {
- return this.requestorUserName;
- }
-
- public void setRequestorUserName(String requestorUserName) {
- this.requestorUserName = requestorUserName;
- }
-
- public void unsetRequestorUserName() {
- this.requestorUserName = null;
- }
-
- /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorUserName() {
- return this.requestorUserName != null;
- }
-
- public void setRequestorUserNameIsSet(boolean value) {
- if (!value) {
- this.requestorUserName = null;
- }
- }
-
- public String getObjectPath() {
- return this.objectPath;
- }
-
- public void setObjectPath(String objectPath) {
- this.objectPath = objectPath;
- }
-
- public void unsetObjectPath() {
- this.objectPath = null;
- }
-
- /** Returns true if field objectPath is set (has been assigned a value) and false otherwise */
- public boolean isSetObjectPath() {
- return this.objectPath != null;
- }
-
- public void setObjectPathIsSet(boolean value) {
- if (!value) {
- this.objectPath = null;
- }
- }
-
- public void setFieldValue(_Fields field, Object value) {
- switch (field) {
- case PROTOCOL_VERSION:
- if (value == null) {
- unsetProtocol_version();
- } else {
- setProtocol_version((Integer)value);
- }
- break;
-
- case REQUESTOR_USER_NAME:
- if (value == null) {
- unsetRequestorUserName();
- } else {
- setRequestorUserName((String)value);
- }
- break;
-
- case OBJECT_PATH:
- if (value == null) {
- unsetObjectPath();
- } else {
- setObjectPath((String)value);
- }
- break;
-
- }
- }
-
- public Object getFieldValue(_Fields field) {
- switch (field) {
- case PROTOCOL_VERSION:
- return getProtocol_version();
-
- case REQUESTOR_USER_NAME:
- return getRequestorUserName();
-
- case OBJECT_PATH:
- return getObjectPath();
-
- }
- throw new IllegalStateException();
- }
-
- /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
- public boolean isSet(_Fields field) {
- if (field == null) {
- throw new IllegalArgumentException();
- }
-
- switch (field) {
- case PROTOCOL_VERSION:
- return isSetProtocol_version();
- case REQUESTOR_USER_NAME:
- return isSetRequestorUserName();
- case OBJECT_PATH:
- return isSetObjectPath();
- }
- throw new IllegalStateException();
- }
-
- @Override
- public boolean equals(Object that) {
- if (that == null)
- return false;
- if (that instanceof TSentryExportMappingDataRequest)
- return this.equals((TSentryExportMappingDataRequest)that);
- return false;
- }
-
- public boolean equals(TSentryExportMappingDataRequest that) {
- if (that == null)
- return false;
-
- boolean this_present_protocol_version = true;
- boolean that_present_protocol_version = true;
- if (this_present_protocol_version || that_present_protocol_version) {
- if (!(this_present_protocol_version && that_present_protocol_version))
- return false;
- if (this.protocol_version != that.protocol_version)
- return false;
- }
-
- boolean this_present_requestorUserName = true && this.isSetRequestorUserName();
- boolean that_present_requestorUserName = true && that.isSetRequestorUserName();
- if (this_present_requestorUserName || that_present_requestorUserName) {
- if (!(this_present_requestorUserName && that_present_requestorUserName))
- return false;
- if (!this.requestorUserName.equals(that.requestorUserName))
- return false;
- }
-
- boolean this_present_objectPath = true && this.isSetObjectPath();
- boolean that_present_objectPath = true && that.isSetObjectPath();
- if (this_present_objectPath || that_present_objectPath) {
- if (!(this_present_objectPath && that_present_objectPath))
- return false;
- if (!this.objectPath.equals(that.objectPath))
- return false;
- }
-
- return true;
- }
-
- @Override
- public int hashCode() {
- List<Object> list = new ArrayList<Object>();
-
- boolean present_protocol_version = true;
- list.add(present_protocol_version);
- if (present_protocol_version)
- list.add(protocol_version);
-
- boolean present_requestorUserName = true && (isSetRequestorUserName());
- list.add(present_requestorUserName);
- if (present_requestorUserName)
- list.add(requestorUserName);
-
- boolean present_objectPath = true && (isSetObjectPath());
- list.add(present_objectPath);
- if (present_objectPath)
- list.add(objectPath);
-
- return list.hashCode();
- }
-
- @Override
- public int compareTo(TSentryExportMappingDataRequest other) {
- if (!getClass().equals(other.getClass())) {
- return getClass().getName().compareTo(other.getClass().getName());
- }
-
- int lastComparison = 0;
-
- lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetProtocol_version()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorUserName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- lastComparison = Boolean.valueOf(isSetObjectPath()).compareTo(other.isSetObjectPath());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetObjectPath()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.objectPath, other.objectPath);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
- return 0;
- }
-
- public _Fields fieldForId(int fieldId) {
- return _Fields.findByThriftId(fieldId);
- }
-
- public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
- schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
- schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
- }
-
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder("TSentryExportMappingDataRequest(");
- boolean first = true;
-
- sb.append("protocol_version:");
- sb.append(this.protocol_version);
- first = false;
- if (!first) sb.append(", ");
- sb.append("requestorUserName:");
- if (this.requestorUserName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorUserName);
- }
- first = false;
- if (isSetObjectPath()) {
- if (!first) sb.append(", ");
- sb.append("objectPath:");
- if (this.objectPath == null) {
- sb.append("null");
- } else {
- sb.append(this.objectPath);
- }
- first = false;
- }
- sb.append(")");
- return sb.toString();
- }
-
- public void validate() throws org.apache.thrift.TException {
- // check for required fields
- if (!isSetProtocol_version()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
- }
-
- if (!isSetRequestorUserName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
- }
-
- // check for sub-struct validity
- }
-
- private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
- try {
- write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
- try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
- read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
- } catch (org.apache.thrift.TException te) {
- throw new java.io.IOException(te);
- }
- }
-
- private static class TSentryExportMappingDataRequestStandardSchemeFactory implements SchemeFactory {
- public TSentryExportMappingDataRequestStandardScheme getScheme() {
- return new TSentryExportMappingDataRequestStandardScheme();
- }
- }
-
- private static class TSentryExportMappingDataRequestStandardScheme extends StandardScheme<TSentryExportMappingDataRequest> {
-
- public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryExportMappingDataRequest struct) throws org.apache.thrift.TException {
- org.apache.thrift.protocol.TField schemeField;
- iprot.readStructBegin();
- while (true)
- {
- schemeField = iprot.readFieldBegin();
- if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
- break;
- }
- switch (schemeField.id) {
- case 1: // PROTOCOL_VERSION
- if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 2: // REQUESTOR_USER_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 3: // OBJECT_PATH
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.objectPath = iprot.readString();
- struct.setObjectPathIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- default:
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- iprot.readFieldEnd();
- }
- iprot.readStructEnd();
- struct.validate();
- }
-
- public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryExportMappingDataRequest struct) throws org.apache.thrift.TException {
- struct.validate();
-
- oprot.writeStructBegin(STRUCT_DESC);
- oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
- oprot.writeI32(struct.protocol_version);
- oprot.writeFieldEnd();
- if (struct.requestorUserName != null) {
- oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC);
- oprot.writeString(struct.requestorUserName);
- oprot.writeFieldEnd();
- }
- if (struct.objectPath != null) {
- if (struct.isSetObjectPath()) {
- oprot.writeFieldBegin(OBJECT_PATH_FIELD_DESC);
- oprot.writeString(struct.objectPath);
- oprot.writeFieldEnd();
- }
- }
- oprot.writeFieldStop();
- oprot.writeStructEnd();
- }
-
- }
-
- private static class TSentryExportMappingDataRequestTupleSchemeFactory implements SchemeFactory {
- public TSentryExportMappingDataRequestTupleScheme getScheme() {
- return new TSentryExportMappingDataRequestTupleScheme();
- }
- }
-
- private static class TSentryExportMappingDataRequestTupleScheme extends TupleScheme<TSentryExportMappingDataRequest> {
-
- @Override
- public void write(org.apache.thrift.protocol.TProtocol prot, TSentryExportMappingDataRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol oprot = (TTupleProtocol) prot;
- oprot.writeI32(struct.protocol_version);
- oprot.writeString(struct.requestorUserName);
- BitSet optionals = new BitSet();
- if (struct.isSetObjectPath()) {
- optionals.set(0);
- }
- oprot.writeBitSet(optionals, 1);
- if (struct.isSetObjectPath()) {
- oprot.writeString(struct.objectPath);
- }
- }
-
- @Override
- public void read(org.apache.thrift.protocol.TProtocol prot, TSentryExportMappingDataRequest struct) throws org.apache.thrift.TException {
- TTupleProtocol iprot = (TTupleProtocol) prot;
- struct.protocol_version = iprot.readI32();
- struct.setProtocol_versionIsSet(true);
- struct.requestorUserName = iprot.readString();
- struct.setRequestorUserNameIsSet(true);
- BitSet incoming = iprot.readBitSet(1);
- if (incoming.get(0)) {
- struct.objectPath = iprot.readString();
- struct.setObjectPathIsSet(true);
- }
- }
- }
-
-}
-
[17/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
deleted file mode 100644
index a35bf1d..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
+++ /dev/null
@@ -1,154 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-
-import org.apache.commons.pool2.PooledObjectFactory;
-import org.apache.commons.pool2.impl.AbandonedConfig;
-import org.apache.commons.pool2.impl.GenericObjectPool;
-import org.apache.commons.pool2.impl.GenericObjectPoolConfig;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.thrift.transport.TTransportException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * The PoolClientInvocationHandler is a proxy class for handling thrift call. For every thrift call,
- * get the instance of SentryPolicyServiceBaseClient from the commons-pool, and return the instance
- * to the commons-pool after complete the call. For any exception with the call, discard the
- * instance and create a new one added to the commons-pool. Then, get the instance and do the call
- * again. For the thread safe, the commons-pool will manage the connection pool, and every thread
- * can get the connection by borrowObject() and return the connection to the pool by returnObject().
- */
-
-public class PoolClientInvocationHandler extends SentryClientInvocationHandler {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(PoolClientInvocationHandler.class);
-
- private final Configuration conf;
- private PooledObjectFactory<SentryPolicyServiceClient> poolFactory;
- private GenericObjectPool<SentryPolicyServiceClient> pool;
- private GenericObjectPoolConfig poolConfig;
- private int connectionRetryTotal;
-
- private static final String POOL_EXCEPTION_MESSAGE = "Pool exception occured ";
-
- public PoolClientInvocationHandler(Configuration conf) throws Exception {
- this.conf = conf;
- readConfiguration();
- poolFactory = new SentryServiceClientPoolFactory(conf);
- pool = new GenericObjectPool<SentryPolicyServiceClient>(poolFactory, poolConfig, new AbandonedConfig());
- }
-
- @Override
- public Object invokeImpl(Object proxy, Method method, Object[] args) throws Exception {
- int retryCount = 0;
- Object result = null;
- while (retryCount < connectionRetryTotal) {
- try {
- // The wapper here is for the retry of thrift call, the default retry number is 3.
- result = invokeFromPool(method, args);
- break;
- } catch (TTransportException e) {
- // TTransportException means there has connection problem, create a new connection and try
- // again. Get the lock of pool and add new connection.
- synchronized (pool) {
- // If there has room, create new instance and add it to the commons-pool, this instance
- // will be back first from the commons-pool because the configuration is LIFO.
- if (pool.getNumIdle() + pool.getNumActive() < pool.getMaxTotal()) {
- pool.addObject();
- }
- }
- // Increase the retry num, and throw the exception if can't retry again.
- retryCount++;
- if (retryCount == connectionRetryTotal) {
- throw new SentryUserException(e.getMessage(), e);
- }
- }
- }
- return result;
- }
-
- private Object invokeFromPool(Method method, Object[] args) throws Exception {
- Object result = null;
- SentryPolicyServiceClient client;
- try {
- // get the connection from the pool, don't know if the connection is broken.
- client = pool.borrowObject();
- } catch (Exception e) {
- LOGGER.debug(POOL_EXCEPTION_MESSAGE, e);
- throw new SentryUserException(e.getMessage(), e);
- }
- try {
- // do the thrift call
- result = method.invoke(client, args);
- } catch (InvocationTargetException e) {
- // Get the target exception, check if SentryUserException or TTransportException is wrapped.
- // TTransportException means there has connection problem with the pool.
- Throwable targetException = e.getCause();
- if (targetException instanceof SentryUserException) {
- Throwable sentryTargetException = targetException.getCause();
- // If there has connection problem, eg, invalid connection if the service restarted,
- // sentryTargetException instanceof TTransportException = true.
- if (sentryTargetException instanceof TTransportException) {
- // If the exception is caused by connection problem, destroy the instance and
- // remove it from the commons-pool. Throw the TTransportException for reconnect.
- pool.invalidateObject(client);
- throw new TTransportException(sentryTargetException);
- }
- // The exception is thrown by thrift call, eg, SentryAccessDeniedException.
- throw (SentryUserException) targetException;
- }
- throw e;
- } finally{
- try {
- // return the instance to commons-pool
- pool.returnObject(client);
- } catch (Exception e) {
- LOGGER.error(POOL_EXCEPTION_MESSAGE, e);
- throw e;
- }
- }
- return result;
- }
-
- @Override
- public void close() {
- try {
- pool.close();
- } catch (Exception e) {
- LOGGER.debug(POOL_EXCEPTION_MESSAGE, e);
- }
- }
-
- private void readConfiguration() {
- poolConfig = new GenericObjectPoolConfig();
- // config the pool size for commons-pool
- poolConfig.setMaxTotal(conf.getInt(ClientConfig.SENTRY_POOL_MAX_TOTAL, ClientConfig.SENTRY_POOL_MAX_TOTAL_DEFAULT));
- poolConfig.setMinIdle(conf.getInt(ClientConfig.SENTRY_POOL_MIN_IDLE, ClientConfig.SENTRY_POOL_MIN_IDLE_DEFAULT));
- poolConfig.setMaxIdle(conf.getInt(ClientConfig.SENTRY_POOL_MAX_IDLE, ClientConfig.SENTRY_POOL_MAX_IDLE_DEFAULT));
- // get the retry number for reconnecting service
- connectionRetryTotal = conf.getInt(ClientConfig.SENTRY_POOL_RETRY_TOTAL,
- ClientConfig.SENTRY_POOL_RETRY_TOTAL_DEFAULT);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ProcessorFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ProcessorFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ProcessorFactory.java
deleted file mode 100644
index a3bb6ab..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ProcessorFactory.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.thrift.TMultiplexedProcessor;
-
-public abstract class ProcessorFactory {
- protected final Configuration conf;
-
- public ProcessorFactory(Configuration conf) {
- this.conf = conf;
- }
-
- public abstract boolean register(TMultiplexedProcessor processor) throws Exception;
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java
deleted file mode 100644
index a41be7f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryClientInvocationHandler.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.lang.reflect.InvocationHandler;
-import java.lang.reflect.Method;
-
-/**
- * SentryClientInvocationHandler is the base interface for all the InvocationHandler in SENTRY
- */
-public abstract class SentryClientInvocationHandler implements InvocationHandler {
-
- /**
- * Close the InvocationHandler: An InvocationHandler may create some contexts,
- * these contexts should be close when the method "close()" of client be called.
- */
- @Override
- public final Object invoke(Object proxy, Method method, Object[] args) throws Exception {
- // close() doesn't throw exception we supress that in case of connection
- // loss. Changing SentryPolicyServiceClient#close() to throw an
- // exception would be a backward incompatible change for Sentry clients.
- if ("close".equals(method.getName()) && null == args) {
- close();
- return null;
- }
- return invokeImpl(proxy, method, args);
- }
-
- /**
- * Subclass should implement this method for special function
- */
- public abstract Object invokeImpl(Object proxy, Method method, Object[] args) throws Exception;
-
- /**
- * An abstract method "close", an invocationHandler should close its contexts at here.
- */
- public abstract void close();
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryKerberosContext.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryKerberosContext.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryKerberosContext.java
deleted file mode 100644
index f54f161..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryKerberosContext.java
+++ /dev/null
@@ -1,157 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.service.thrift;
-
-import java.io.File;
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.security.auth.Subject;
-import javax.security.auth.kerberos.KerberosPrincipal;
-import javax.security.auth.kerberos.KerberosTicket;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.Sets;
-
-public class SentryKerberosContext implements Runnable {
- private static final float TICKET_RENEW_WINDOW = 0.80f;
- private static final Logger LOGGER = LoggerFactory
- .getLogger(SentryKerberosContext.class);
- private LoginContext loginContext;
- private Subject subject;
- private final javax.security.auth.login.Configuration kerberosConfig;
- @Deprecated
- private Thread renewerThread;
- @Deprecated
- private boolean shutDownRenewer = false;
-
- public SentryKerberosContext(String principal, String keyTab, boolean autoRenewTicket)
- throws LoginException {
- subject = new Subject(false, Sets.newHashSet(new KerberosPrincipal(principal)),
- new HashSet<Object>(), new HashSet<Object>());
- kerberosConfig = KerberosConfiguration.createClientConfig(principal, new File(keyTab));
- loginWithNewContext();
- if (autoRenewTicket) {
- startRenewerThread();
- }
- }
-
- private void loginWithNewContext() throws LoginException {
- LOGGER.info("Logging in with new Context");
- logoutSubject();
- loginContext = new LoginContext("", subject, null, kerberosConfig);
- loginContext.login();
- subject = loginContext.getSubject();
- }
-
- private void logoutSubject() {
- if (loginContext != null) {
- try {
- loginContext.logout();
- } catch (LoginException e) {
- LOGGER.warn("Error logging out the subject", e);
- }
- }
- loginContext = null;
- }
-
- public Subject getSubject() {
- return subject;
- }
-
- /**
- * Get the Kerberos TGT
- * @return the user's TGT or null if none was found
- */
- @Deprecated
- private KerberosTicket getTGT() {
- Set<KerberosTicket> tickets = subject.getPrivateCredentials(KerberosTicket.class);
- for(KerberosTicket ticket: tickets) {
- KerberosPrincipal server = ticket.getServer();
- if (server.getName().equals("krbtgt/" + server.getRealm() +
- "@" + server.getRealm())) {
- return ticket;
- }
- }
- return null;
- }
-
- @Deprecated
- private long getRefreshTime(KerberosTicket tgt) {
- long start = tgt.getStartTime().getTime();
- long end = tgt.getEndTime().getTime();
- LOGGER.debug("Ticket start time: " + start);
- LOGGER.debug("Ticket End time: " + end);
- return start + (long) ((end - start) * TICKET_RENEW_WINDOW);
- }
-
- /***
- * Ticket renewer thread
- * wait till 80% time interval left on the ticket and then renew it
- */
- @Deprecated
- @Override
- public void run() {
- try {
- LOGGER.info("Sentry Ticket renewer thread started");
- while (!shutDownRenewer) {
- KerberosTicket tgt = getTGT();
- if (tgt == null) {
- LOGGER.warn("No ticket found in the cache");
- return;
- }
- long nextRefresh = getRefreshTime(tgt);
- while (System.currentTimeMillis() < nextRefresh) {
- Thread.sleep(1000);
- if (shutDownRenewer) {
- return;
- }
- }
- loginWithNewContext();
- LOGGER.debug("Renewed ticket");
- }
- } catch (InterruptedException e1) {
- LOGGER.warn("Sentry Ticket renewer thread interrupted", e1);
- return;
- } catch (LoginException e) {
- LOGGER.warn("Failed to renew ticket", e);
- } finally {
- logoutSubject();
- LOGGER.info("Sentry Ticket renewer thread finished");
- }
- }
-
- @Deprecated
- public void startRenewerThread() {
- renewerThread = new Thread(this);
- renewerThread.start();
- }
-
- public void shutDown() throws LoginException {
- if (renewerThread != null) {
- shutDownRenewer = true;
- } else {
- logoutSubject();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java
deleted file mode 100644
index 5783649..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java
+++ /dev/null
@@ -1,426 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.service.thrift;
-
-import java.io.File;
-import java.io.IOException;
-import java.lang.reflect.Constructor;
-import java.net.InetSocketAddress;
-import java.net.MalformedURLException;
-import java.net.ServerSocket;
-import java.security.PrivilegedExceptionAction;
-import java.util.ArrayList;
-import java.util.EventListener;
-import java.util.List;
-import java.util.concurrent.Callable;
-import java.util.concurrent.ExecutionException;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-import java.util.concurrent.ThreadFactory;
-
-import javax.security.auth.Subject;
-
-import org.apache.commons.cli.CommandLine;
-import org.apache.commons.cli.CommandLineParser;
-import org.apache.commons.cli.GnuParser;
-import org.apache.commons.cli.HelpFormatter;
-import org.apache.commons.cli.Options;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.net.NetUtils;
-import org.apache.hadoop.security.SaslRpcServer;
-import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.sentry.Command;
-import org.apache.sentry.provider.db.service.thrift.SentryHealthCheckServletContextListener;
-import org.apache.sentry.provider.db.service.thrift.SentryMetricsServletContextListener;
-import org.apache.sentry.provider.db.service.thrift.SentryWebServer;
-import org.apache.sentry.service.thrift.ServiceConstants.ConfUtilties;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.thrift.TMultiplexedProcessor;
-import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.server.TServer;
-import org.apache.thrift.server.TServerEventHandler;
-import org.apache.thrift.server.TThreadPoolServer;
-import org.apache.thrift.transport.TSaslServerTransport;
-import org.apache.thrift.transport.TServerSocket;
-import org.apache.thrift.transport.TServerTransport;
-import org.apache.thrift.transport.TTransportFactory;
-import org.eclipse.jetty.util.MultiException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Preconditions;
-
-public class SentryService implements Callable {
-
- private static final Logger LOGGER = LoggerFactory
- .getLogger(SentryService.class);
-
- private static enum Status {
- NOT_STARTED(), STARTED();
- }
-
- private final Configuration conf;
- private final InetSocketAddress address;
- private final int maxThreads;
- private final int minThreads;
- private boolean kerberos;
- private final String principal;
- private final String[] principalParts;
- private final String keytab;
- private final ExecutorService serviceExecutor;
- private Future serviceStatus;
- private TServer thriftServer;
- private Status status;
- private int webServerPort;
- private SentryWebServer sentryWebServer;
- private long maxMessageSize;
-
- public SentryService(Configuration conf) {
- this.conf = conf;
- int port = conf
- .getInt(ServerConfig.RPC_PORT, ServerConfig.RPC_PORT_DEFAULT);
- if (port == 0) {
- port = findFreePort();
- conf.setInt(ServerConfig.RPC_PORT, port);
- }
- this.address = NetUtils.createSocketAddr(
- conf.get(ServerConfig.RPC_ADDRESS, ServerConfig.RPC_ADDRESS_DEFAULT),
- port);
- LOGGER.info("Configured on address " + address);
- kerberos = ServerConfig.SECURITY_MODE_KERBEROS.equalsIgnoreCase(
- conf.get(ServerConfig.SECURITY_MODE, ServerConfig.SECURITY_MODE_KERBEROS).trim());
- maxThreads = conf.getInt(ServerConfig.RPC_MAX_THREADS,
- ServerConfig.RPC_MAX_THREADS_DEFAULT);
- minThreads = conf.getInt(ServerConfig.RPC_MIN_THREADS,
- ServerConfig.RPC_MIN_THREADS_DEFAULT);
- maxMessageSize = conf.getLong(ServerConfig.SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE,
- ServerConfig.SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE_DEFAULT);
- if (kerberos) {
- // Use Hadoop libraries to translate the _HOST placeholder with actual hostname
- try {
- String rawPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL), ServerConfig.PRINCIPAL + " is required");
- principal = SecurityUtil.getServerPrincipal(rawPrincipal, address.getAddress());
- } catch(IOException io) {
- throw new RuntimeException("Can't translate kerberos principal'", io);
- }
- LOGGER.info("Using kerberos principal: " + principal);
-
- principalParts = SaslRpcServer.splitKerberosName(principal);
- Preconditions.checkArgument(principalParts.length == 3,
- "Kerberos principal should have 3 parts: " + principal);
- keytab = Preconditions.checkNotNull(conf.get(ServerConfig.KEY_TAB),
- ServerConfig.KEY_TAB + " is required");
- File keytabFile = new File(keytab);
- Preconditions.checkState(keytabFile.isFile() && keytabFile.canRead(),
- "Keytab " + keytab + " does not exist or is not readable.");
- } else {
- principal = null;
- principalParts = null;
- keytab = null;
- }
- serviceExecutor = Executors.newSingleThreadExecutor(new ThreadFactory() {
- private int count = 0;
-
- @Override
- public Thread newThread(Runnable r) {
- return new Thread(r, SentryService.class.getSimpleName() + "-"
- + (count++));
- }
- });
- webServerPort = conf.getInt(ServerConfig.SENTRY_WEB_PORT, ServerConfig.SENTRY_WEB_PORT_DEFAULT);
- status = Status.NOT_STARTED;
- }
-
- @Override
- public String call() throws Exception {
- SentryKerberosContext kerberosContext = null;
- try {
- status = Status.STARTED;
- if (kerberos) {
- Boolean autoRenewTicket = conf.getBoolean(ServerConfig.SENTRY_KERBEROS_TGT_AUTORENEW, ServerConfig.SENTRY_KERBEROS_TGT_AUTORENEW_DEFAULT);
- kerberosContext = new SentryKerberosContext(principal, keytab, autoRenewTicket);
- Subject.doAs(kerberosContext.getSubject(), new PrivilegedExceptionAction<Void>() {
- @Override
- public Void run() throws Exception {
- runServer();
- return null;
- }
- });
- } else {
- runServer();
- }
- } catch (Exception t) {
- LOGGER.error("Error starting server", t);
- throw new Exception("Error starting server", t);
- } finally {
- if (kerberosContext != null) {
- kerberosContext.shutDown();
- }
- status = Status.NOT_STARTED;
- }
- return null;
- }
-
- private void runServer() throws Exception {
- Iterable<String> processorFactories = ConfUtilties.CLASS_SPLITTER
- .split(conf.get(ServerConfig.PROCESSOR_FACTORIES,
- ServerConfig.PROCESSOR_FACTORIES_DEFAULT).trim());
- TMultiplexedProcessor processor = new TMultiplexedProcessor();
- boolean registeredProcessor = false;
- for (String processorFactory : processorFactories) {
- Class<?> clazz = conf.getClassByName(processorFactory);
- if (!ProcessorFactory.class.isAssignableFrom(clazz)) {
- throw new IllegalArgumentException("Processor Factory "
- + processorFactory + " is not a "
- + ProcessorFactory.class.getName());
- }
- try {
- Constructor<?> constructor = clazz
- .getConstructor(Configuration.class);
- LOGGER.info("ProcessorFactory being used: " + clazz.getCanonicalName());
- ProcessorFactory factory = (ProcessorFactory) constructor
- .newInstance(conf);
- boolean registerStatus = factory.register(processor);
- if (!registerStatus) {
- LOGGER.error("Failed to register " + clazz.getCanonicalName());
- }
- registeredProcessor = registerStatus || registeredProcessor;
- } catch (Exception e) {
- throw new IllegalStateException("Could not create "
- + processorFactory, e);
- }
- }
- if (!registeredProcessor) {
- throw new IllegalStateException(
- "Failed to register any processors from " + processorFactories);
- }
- TServerTransport serverTransport = new TServerSocket(address);
- TTransportFactory transportFactory = null;
- if (kerberos) {
- TSaslServerTransport.Factory saslTransportFactory = new TSaslServerTransport.Factory();
- saslTransportFactory.addServerDefinition(AuthMethod.KERBEROS
- .getMechanismName(), principalParts[0], principalParts[1],
- ServerConfig.SASL_PROPERTIES, new GSSCallback(conf));
- transportFactory = saslTransportFactory;
- } else {
- transportFactory = new TTransportFactory();
- }
- TThreadPoolServer.Args args = new TThreadPoolServer.Args(
- serverTransport).processor(processor)
- .transportFactory(transportFactory)
- .protocolFactory(new TBinaryProtocol.Factory(true, true, maxMessageSize, maxMessageSize))
- .minWorkerThreads(minThreads).maxWorkerThreads(maxThreads);
- thriftServer = new TThreadPoolServer(args);
- LOGGER.info("Serving on " + address);
- startSentryWebServer();
- thriftServer.serve();
- }
-
- private void startSentryWebServer() throws Exception{
- Boolean sentryReportingEnable = conf.getBoolean(ServerConfig.SENTRY_WEB_ENABLE,
- ServerConfig.SENTRY_WEB_ENABLE_DEFAULT);
- if(sentryReportingEnable) {
- List<EventListener> listenerList = new ArrayList<EventListener>();
- listenerList.add(new SentryHealthCheckServletContextListener());
- listenerList.add(new SentryMetricsServletContextListener());
- sentryWebServer = new SentryWebServer(listenerList, webServerPort, conf);
- sentryWebServer.start();
- }
-
- }
-
- private void stopSentryWebServer() throws Exception{
- if( sentryWebServer != null) {
- sentryWebServer.stop();
- sentryWebServer = null;
- }
- }
-
- public InetSocketAddress getAddress() {
- return address;
- }
-
- public synchronized boolean isRunning() {
- return status == Status.STARTED && thriftServer != null
- && thriftServer.isServing();
- }
-
- public synchronized void start() throws Exception{
- if (status != Status.NOT_STARTED) {
- throw new IllegalStateException("Cannot start when " + status);
- }
- LOGGER.info("Attempting to start...");
- serviceStatus = serviceExecutor.submit(this);
- }
-
- public synchronized void stop() throws Exception{
- MultiException exception = null;
- LOGGER.info("Attempting to stop...");
- if (isRunning()) {
- LOGGER.info("Attempting to stop sentry thrift service...");
- try {
- thriftServer.stop();
- thriftServer = null;
- status = Status.NOT_STARTED;
- } catch (Exception e) {
- LOGGER.error("Error while stopping sentry thrift service", e);
- exception = addMultiException(exception,e);
- }
- } else {
- thriftServer = null;
- status = Status.NOT_STARTED;
- LOGGER.info("Sentry thrift service is already stopped...");
- }
- if (isWebServerRunning()) {
- try {
- LOGGER.info("Attempting to stop sentry web service...");
- stopSentryWebServer();
- } catch (Exception e) {
- LOGGER.error("Error while stopping sentry web service", e);
- exception = addMultiException(exception,e);
- }
- } else {
- LOGGER.info("Sentry web service is already stopped...");
- }
- if (exception != null) {
- exception.ifExceptionThrow();
- }
- LOGGER.info("Stopped...");
- }
-
- // wait for the service thread to finish execution
- public synchronized void waitOnFuture() throws ExecutionException, InterruptedException {
- LOGGER.info("Waiting on future.get()");
- serviceStatus.get();
- }
-
- private MultiException addMultiException(MultiException exception, Exception e) {
- MultiException newException = exception;
- if (newException == null) {
- newException = new MultiException();
- }
- newException.add(e);
- return newException;
- }
-
- private boolean isWebServerRunning() {
- return sentryWebServer != null
- && sentryWebServer.isAlive();
- }
-
- private static int findFreePort() {
- int attempts = 0;
- while (attempts++ <= 1000) {
- try {
- ServerSocket s = new ServerSocket(0);
- int port = s.getLocalPort();
- s.close();
- return port;
- } catch (IOException e) {
- // ignore and retry
- }
- }
- throw new IllegalStateException("Unable to find a port after 1000 attempts");
- }
-
- public static Configuration loadConfig(String configFileName)
- throws MalformedURLException {
- File configFile = null;
- if (configFileName == null) {
- throw new IllegalArgumentException("Usage: "
- + ServiceConstants.ServiceArgs.CONFIG_FILE_LONG
- + " path/to/sentry-service.xml");
- } else if (!((configFile = new File(configFileName)).isFile() && configFile
- .canRead())) {
- throw new IllegalArgumentException("Cannot read configuration file "
- + configFile);
- }
- Configuration conf = new Configuration(false);
- conf.addResource(configFile.toURI().toURL());
- return conf;
- }
-
- public static class CommandImpl implements Command {
- @Override
- public void run(String[] args) throws Exception {
- CommandLineParser parser = new GnuParser();
- Options options = new Options();
- options.addOption(ServiceConstants.ServiceArgs.CONFIG_FILE_SHORT,
- ServiceConstants.ServiceArgs.CONFIG_FILE_LONG,
- true, "Sentry Service configuration file");
- CommandLine commandLine = parser.parse(options, args);
- String configFileName = commandLine.getOptionValue(ServiceConstants.
- ServiceArgs.CONFIG_FILE_LONG);
- File configFile = null;
- if (configFileName == null || commandLine.hasOption("h") || commandLine.hasOption("help")) {
- // print usage
- HelpFormatter formatter = new HelpFormatter();
- formatter.printHelp("sentry --command service", options);
- System.exit(-1);
- } else if(!((configFile = new File(configFileName)).isFile() && configFile.canRead())) {
- throw new IllegalArgumentException("Cannot read configuration file " + configFile);
- }
- Configuration serverConf = loadConfig(configFileName);
- final SentryService server = new SentryService(serverConf);
- server.start();
- Runtime.getRuntime().addShutdownHook(new Thread() {
- @Override
- public void run() {
- LOGGER.info("ShutdownHook shutting down server");
- try {
- server.stop();
- } catch (Throwable t) {
- LOGGER.error("Error stopping SentryService", t);
- }
- }
- });
-
- // Let's wait on the service to stop
- try {
- server.waitOnFuture();
- } finally {
- server.serviceExecutor.shutdown();
- }
- }
- }
-
- public Configuration getConf() {
- return conf;
- }
-
- /**
- * Add Thrift event handler to underlying thrift threadpool server
- * @param eventHandler
- */
- public void setThriftEventHandler(TServerEventHandler eventHandler) throws IllegalStateException {
- if (thriftServer == null) {
- throw new IllegalStateException("Server is not initialized or stopped");
- }
- thriftServer.setServerEventHandler(eventHandler);
- }
-
- public TServerEventHandler getThriftEventHandler() throws IllegalStateException {
- if (thriftServer == null) {
- throw new IllegalStateException("Server is not initialized or stopped");
- }
- return thriftServer.getEventHandler();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
deleted file mode 100644
index 48ee66a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientFactory.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.service.thrift;
-
-import java.lang.reflect.Proxy;
-
-import org.apache.hadoop.conf.Configuration;
-
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-
-public final class SentryServiceClientFactory {
-
- private SentryServiceClientFactory() {
- }
-
- public static SentryPolicyServiceClient create(Configuration conf) throws Exception {
- boolean haEnabled = conf.getBoolean(ClientConfig.SERVER_HA_ENABLED, false);
- boolean pooled = conf.getBoolean(ClientConfig.SENTRY_POOL_ENABLED, false);
- if (pooled) {
- return (SentryPolicyServiceClient) Proxy
- .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(),
- SentryPolicyServiceClientDefaultImpl.class.getInterfaces(),
- new PoolClientInvocationHandler(conf));
- } else if (haEnabled) {
- return (SentryPolicyServiceClient) Proxy
- .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(),
- SentryPolicyServiceClientDefaultImpl.class.getInterfaces(),
- new HAClientInvocationHandler(conf));
- } else {
- return new SentryPolicyServiceClientDefaultImpl(conf);
- }
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientPoolFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientPoolFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientPoolFactory.java
deleted file mode 100644
index 3a38b24..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceClientPoolFactory.java
+++ /dev/null
@@ -1,78 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.service.thrift;
-
-import java.lang.reflect.Proxy;
-
-import org.apache.commons.pool2.BasePooledObjectFactory;
-import org.apache.commons.pool2.PooledObject;
-import org.apache.commons.pool2.impl.DefaultPooledObject;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClientDefaultImpl;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * SentryServiceClientPoolFactory is for connection pool to manage the object. Implement the related
- * method to create object, destroy object and wrap object.
- */
-
-public class SentryServiceClientPoolFactory extends BasePooledObjectFactory<SentryPolicyServiceClient> {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryServiceClientPoolFactory.class);
-
- private Configuration conf;
-
- public SentryServiceClientPoolFactory(Configuration conf) {
- this.conf = conf;
- }
-
- @Override
- public SentryPolicyServiceClient create() throws Exception {
- LOGGER.debug("Creating Sentry Service Client...");
- boolean haEnabled = conf.getBoolean(ClientConfig.SERVER_HA_ENABLED, false);
- if (haEnabled) {
- return (SentryPolicyServiceClient) Proxy
- .newProxyInstance(SentryPolicyServiceClientDefaultImpl.class.getClassLoader(),
- SentryPolicyServiceClientDefaultImpl.class.getInterfaces(),
- new HAClientInvocationHandler(conf));
- } else {
- return new SentryPolicyServiceClientDefaultImpl(conf);
- }
- }
-
- @Override
- public PooledObject<SentryPolicyServiceClient> wrap(SentryPolicyServiceClient client) {
- return new DefaultPooledObject<SentryPolicyServiceClient>(client);
- }
-
- @Override
- public void destroyObject(PooledObject<SentryPolicyServiceClient> pooledObject) {
- SentryPolicyServiceClient client = pooledObject.getObject();
- LOGGER.debug("Destroying Sentry Service Client: " + client);
- if (client != null) {
- // The close() of TSocket or TSaslClientTransport is called actually, and there has no
- // exception even there has some problems, eg, the client is closed already.
- // The close here is just try to close the socket and the client will be destroyed soon.
- client.close();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java
deleted file mode 100644
index 1685702..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java
+++ /dev/null
@@ -1,28 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.service.thrift;
-import org.apache.hadoop.conf.Configuration;
-
-public class SentryServiceFactory {
-
- public SentryService create(Configuration conf) throws Exception {
- return new SentryService(conf);
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java
deleted file mode 100644
index ce73358..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceUtil.java
+++ /dev/null
@@ -1,158 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.service.thrift;
-
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.common.utils.KeyValue;
-import org.apache.sentry.core.common.utils.PolicyFileConstants;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-
-import com.google.common.collect.Lists;
-
-public final class SentryServiceUtil {
-
- // parse the privilege in String and get the TSentryPrivilege as result
- public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) {
- TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
- for (String authorizable : SentryConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
- KeyValue tempKV = new KeyValue(authorizable);
- String key = tempKV.getKey();
- String value = tempKV.getValue();
-
- if (PolicyFileConstants.PRIVILEGE_SERVER_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setServerName(value);
- } else if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setDbName(value);
- } else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setTableName(value);
- } else if (PolicyFileConstants.PRIVILEGE_COLUMN_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setColumnName(value);
- } else if (PolicyFileConstants.PRIVILEGE_URI_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setURI(value);
- } else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) {
- tSentryPrivilege.setAction(value);
- } else if (PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME.equalsIgnoreCase(key)) {
- TSentryGrantOption grantOption = "true".equalsIgnoreCase(value) ? TSentryGrantOption.TRUE
- : TSentryGrantOption.FALSE;
- tSentryPrivilege.setGrantOption(grantOption);
- }
- }
- tSentryPrivilege.setPrivilegeScope(getPrivilegeScope(tSentryPrivilege));
- return tSentryPrivilege;
- }
-
- /**
- * Parse the object path from string to map.
- * @param objectPath the string format as db=db1->table=tbl1
- * @return Map
- */
- public static Map<String, String> parseObjectPath(String objectPath) {
- Map<String, String> objectMap = new HashMap<String, String>();
- if (StringUtils.isEmpty(objectPath)) {
- return objectMap;
- }
- for (String kvStr : SentryConstants.AUTHORIZABLE_SPLITTER.split(objectPath)) {
- KeyValue kv = new KeyValue(kvStr);
- String key = kv.getKey();
- String value = kv.getValue();
-
- if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) {
- objectMap.put(PolicyFileConstants.PRIVILEGE_DATABASE_NAME, value);
- } else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) {
- objectMap.put(PolicyFileConstants.PRIVILEGE_TABLE_NAME, value);
- }
- }
- return objectMap;
- }
-
- // for the different hierarchy for hive:
- // 1: server->url
- // 2: server->database->table->column
- // if both of them are found in the privilege string, the privilege scope will be set as
- // PrivilegeScope.URI
- public static String getPrivilegeScope(TSentryPrivilege tSentryPrivilege) {
- PrivilegeScope privilegeScope = PrivilegeScope.SERVER;
- if (!StringUtils.isEmpty(tSentryPrivilege.getURI())) {
- privilegeScope = PrivilegeScope.URI;
- } else if (!StringUtils.isEmpty(tSentryPrivilege.getColumnName())) {
- privilegeScope = PrivilegeScope.COLUMN;
- } else if (!StringUtils.isEmpty(tSentryPrivilege.getTableName())) {
- privilegeScope = PrivilegeScope.TABLE;
- } else if (!StringUtils.isEmpty(tSentryPrivilege.getDbName())) {
- privilegeScope = PrivilegeScope.DATABASE;
- }
- return privilegeScope.toString();
- }
-
- // convert TSentryPrivilege to privilege in string
- public static String convertTSentryPrivilegeToStr(TSentryPrivilege tSentryPrivilege) {
- List<String> privileges = Lists.newArrayList();
- if (tSentryPrivilege != null) {
- String serverName = tSentryPrivilege.getServerName();
- String dbName = tSentryPrivilege.getDbName();
- String tableName = tSentryPrivilege.getTableName();
- String columnName = tSentryPrivilege.getColumnName();
- String uri = tSentryPrivilege.getURI();
- String action = tSentryPrivilege.getAction();
- String grantOption = (tSentryPrivilege.getGrantOption() == TSentryGrantOption.TRUE ? "true"
- : "false");
- if (!StringUtils.isEmpty(serverName)) {
- privileges.add(SentryConstants.KV_JOINER.join(PolicyFileConstants.PRIVILEGE_SERVER_NAME,
- serverName));
- if (!StringUtils.isEmpty(uri)) {
- privileges.add(SentryConstants.KV_JOINER.join(PolicyFileConstants.PRIVILEGE_URI_NAME,
- uri));
- } else if (!StringUtils.isEmpty(dbName)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_DATABASE_NAME, dbName));
- if (!StringUtils.isEmpty(tableName)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_TABLE_NAME, tableName));
- if (!StringUtils.isEmpty(columnName)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_COLUMN_NAME, columnName));
- }
- }
- }
- if (!StringUtils.isEmpty(action)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_ACTION_NAME, action));
- }
- }
- // only append the grant option to privilege string if it's true
- if ("true".equals(grantOption)) {
- privileges.add(SentryConstants.KV_JOINER.join(
- PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME, grantOption));
- }
- }
- return SentryConstants.AUTHORIZABLE_JOINER.join(privileges);
- }
-
- private SentryServiceUtil() {
- // Make constructor private to avoid instantiation
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
deleted file mode 100644
index 32a4044..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
+++ /dev/null
@@ -1,261 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.sasl.Sasl;
-
-import org.apache.sentry.provider.db.service.thrift.SentryMetrics;
-
-import com.google.common.base.Splitter;
-import com.google.common.collect.ImmutableMap;
-
-public class ServiceConstants {
-
- private static final ImmutableMap<String, String> SASL_PROPERTIES;
-
- static {
- Map<String, String> saslProps = new HashMap<String, String>();
- saslProps.put(Sasl.SERVER_AUTH, "true");
- saslProps.put(Sasl.QOP, "auth-conf");
- SASL_PROPERTIES = ImmutableMap.copyOf(saslProps);
- }
-
- public static class ConfUtilties {
- public static final Splitter CLASS_SPLITTER = Splitter.onPattern("[\\s,]")
- .trimResults().omitEmptyStrings();
- }
- public static class ServiceArgs {
- public static final String CONFIG_FILE_SHORT = "c";
- public static final String CONFIG_FILE_LONG = "conffile";
- }
-
- public static class ServerConfig {
- public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES;
- /**
- * This configuration parameter is only meant to be used for testing purposes.
- */
- public static final String SECURITY_MODE = "sentry.service.security.mode";
- public static final String SECURITY_MODE_KERBEROS = "kerberos";
- public static final String SECURITY_MODE_NONE = "none";
- public static final String SECURITY_USE_UGI_TRANSPORT = "sentry.service.security.use.ugi";
- public static final String ADMIN_GROUPS = "sentry.service.admin.group";
- public static final String PRINCIPAL = "sentry.service.server.principal";
- public static final String KEY_TAB = "sentry.service.server.keytab";
- public static final String RPC_PORT = "sentry.service.server.rpc-port";
- public static final int RPC_PORT_DEFAULT = 8038;
- public static final String RPC_ADDRESS = "sentry.service.server.rpc-address";
- public static final String RPC_ADDRESS_DEFAULT = "0.0.0.0"; //NOPMD
- public static final String RPC_MAX_THREADS = "sentry.service.server-max-threads";
- public static final int RPC_MAX_THREADS_DEFAULT = 500;
- public static final String RPC_MIN_THREADS = "sentry.service.server-min-threads";
- public static final int RPC_MIN_THREADS_DEFAULT = 10;
- public static final String ALLOW_CONNECT = "sentry.service.allow.connect";
-
- public static final String SENTRY_POLICY_STORE_PLUGINS = "sentry.policy.store.plugins";
- public static final String SENTRY_POLICY_STORE_PLUGINS_DEFAULT = "";
-
- public static final String SENTRY_METASTORE_PLUGINS = "sentry.metastore.plugins";
- public static final String SENTRY_METASTORE_PLUGINS_DEFAULT = "";
-
- public static final String PROCESSOR_FACTORIES = "sentry.service.processor.factories";
- public static final String PROCESSOR_FACTORIES_DEFAULT =
- "org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessorFactory" +
- ",org.apache.sentry.provider.db.generic.service.thrift.SentryGenericPolicyProcessorFactory";
- public static final String SENTRY_STORE_JDBC_URL = "sentry.store.jdbc.url";
- public static final String SENTRY_STORE_JDBC_USER = "sentry.store.jdbc.user";
- public static final String SENTRY_STORE_JDBC_USER_DEFAULT = "Sentry";
- public static final String SENTRY_STORE_JDBC_PASS = "sentry.store.jdbc.password";
- public static final String SENTRY_STORE_JDBC_DRIVER = "sentry.store.jdbc.driver";
- public static final String SENTRY_STORE_JDBC_DRIVER_DEFAULT = "org.apache.derby.jdbc.EmbeddedDriver";
-
- public static final String JAVAX_JDO_URL = "javax.jdo.option.ConnectionURL";
- public static final String JAVAX_JDO_USER = "javax.jdo.option.ConnectionUserName";
- public static final String JAVAX_JDO_PASS = "javax.jdo.option.ConnectionPassword";
- public static final String JAVAX_JDO_DRIVER_NAME = "javax.jdo.option.ConnectionDriverName";
-
- public static final String SENTRY_DB_PROPERTY_PREFIX = "sentry.";
- public static final String SENTRY_JAVAX_JDO_PROPERTY_PREFIX = SENTRY_DB_PROPERTY_PREFIX + "javax.jdo";
- public static final String SENTRY_DATANUCLEUS_PROPERTY_PREFIX = SENTRY_DB_PROPERTY_PREFIX + "datanucleus";
-
- public static final String SENTRY_VERIFY_SCHEM_VERSION = "sentry.verify.schema.version";
- public static final String SENTRY_VERIFY_SCHEM_VERSION_DEFAULT = "true";
-
- public static final String SENTRY_SERVICE_NAME = "sentry.service.name";
- public static final String SENTRY_SERVICE_NAME_DEFAULT = "Sentry-Service";
-
- public static final String SENTRY_STORE_GROUP_MAPPING = "sentry.store.group.mapping";
- public static final String SENTRY_STORE_GROUP_MAPPING_RESOURCE = "sentry.store.group.mapping.resource";
- public static final String SENTRY_STORE_HADOOP_GROUP_MAPPING = "org.apache.sentry.provider.common.HadoopGroupMappingService";
- public static final String SENTRY_STORE_LOCAL_GROUP_MAPPING = "org.apache.sentry.provider.file.LocalGroupMappingService";
- public static final String SENTRY_STORE_GROUP_MAPPING_DEFAULT = SENTRY_STORE_HADOOP_GROUP_MAPPING;
-
- public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL = "sentry.store.orphaned.privilege.removal";
- public static final String SENTRY_STORE_ORPHANED_PRIVILEGE_REMOVAL_DEFAULT = "false";
- public static final String SENTRY_HA_ENABLED = "sentry.ha.enabled";
- public static final boolean SENTRY_HA_ENABLED_DEFAULT = false;
- public static final String SENTRY_HA_ZK_PROPERTY_PREFIX = "sentry.ha.zookeeper.";
- public static final String SENTRY_HA_ZOOKEEPER_SECURITY = SENTRY_HA_ZK_PROPERTY_PREFIX + "security";
- public static final boolean SENTRY_HA_ZOOKEEPER_SECURITY_DEFAULT = false;
- public static final String SENTRY_HA_ZOOKEEPER_QUORUM = SENTRY_HA_ZK_PROPERTY_PREFIX + "quorum";
- public static final String SENTRY_HA_ZOOKEEPER_QUORUM_DEFAULT = "localhost:2181";
- public static final String SENTRY_HA_ZOOKEEPER_RETRIES_MAX_COUNT = SENTRY_HA_ZK_PROPERTY_PREFIX + "session.retries.max.count";
- public static final int SENTRY_HA_ZOOKEEPER_RETRIES_MAX_COUNT_DEFAULT = 3;
- public static final String SENTRY_HA_ZOOKEEPER_SLEEP_BETWEEN_RETRIES_MS = SENTRY_HA_ZK_PROPERTY_PREFIX + "session.sleep.between.retries.ms";
- public static final int SENTRY_HA_ZOOKEEPER_SLEEP_BETWEEN_RETRIES_MS_DEFAULT = 100;
- public static final String SENTRY_HA_ZOOKEEPER_NAMESPACE = SENTRY_HA_ZK_PROPERTY_PREFIX + "namespace";
- public static final String SENTRY_HA_ZOOKEEPER_NAMESPACE_DEFAULT = "sentry";
- // principal and keytab for client to be able to connect to secure ZK. Needed for Sentry HA with secure ZK
- public static final String SERVER_HA_ZOOKEEPER_CLIENT_PRINCIPAL = "sentry.zookeeper.client.principal";
- public static final String SERVER_HA_ZOOKEEPER_CLIENT_KEYTAB = "sentry.zookeeper.client.keytab";
- public static final String SERVER_HA_ZOOKEEPER_CLIENT_TICKET_CACHE = "sentry.zookeeper.client.ticketcache";
- public static final String SERVER_HA_ZOOKEEPER_CLIENT_TICKET_CACHE_DEFAULT = "false";
- public static final ImmutableMap<String, String> SENTRY_STORE_DEFAULTS =
- ImmutableMap.<String, String>builder()
- .put("datanucleus.connectionPoolingType", "BoneCP")
- .put("datanucleus.validateTables", "false")
- .put("datanucleus.validateColumns", "false")
- .put("datanucleus.validateConstraints", "false")
- .put("datanucleus.storeManagerType", "rdbms")
- .put("datanucleus.schema.autoCreateAll", "true")
- .put("datanucleus.autoCreateSchema", "false")
- .put("datanucleus.fixedDatastore", "true")
- .put("datanucleus.autoStartMechanismMode", "checked")
- .put("datanucleus.transactionIsolation", "read-committed")
- .put("datanucleus.cache.level2", "false")
- .put("datanucleus.cache.level2.type", "none")
- .put("datanucleus.identifierFactory", "datanucleus1")
- .put("datanucleus.rdbms.useLegacyNativeValueStrategy", "true")
- .put("datanucleus.plugin.pluginRegistryBundleCheck", "LOG")
- .put("javax.jdo.PersistenceManagerFactoryClass",
- "org.datanucleus.api.jdo.JDOPersistenceManagerFactory")
- .put("javax.jdo.option.DetachAllOnCommit", "true")
- .put("javax.jdo.option.NonTransactionalRead", "false")
- .put("javax.jdo.option.NonTransactionalWrite", "false")
- .put("javax.jdo.option.Multithreaded", "true")
- .build();
-
- public static final String SENTRY_WEB_ENABLE = "sentry.service.web.enable";
- public static final Boolean SENTRY_WEB_ENABLE_DEFAULT = false;
- public static final String SENTRY_WEB_PORT = "sentry.service.web.port";
- public static final int SENTRY_WEB_PORT_DEFAULT = 29000;
- public static final String SENTRY_REPORTER = "sentry.service.reporter";
- public static final String SENTRY_REPORTER_JMX = SentryMetrics.Reporting.JMX.name(); //case insensitive
- public static final String SENTRY_REPORTER_CONSOLE = SentryMetrics.Reporting.CONSOLE.name();//case insensitive
-
- // Web SSL
- public static final String SENTRY_WEB_USE_SSL = "sentry.web.use.ssl";
- public static final String SENTRY_WEB_SSL_KEYSTORE_PATH = "sentry.web.ssl.keystore.path";
- public static final String SENTRY_WEB_SSL_KEYSTORE_PASSWORD = "sentry.web.ssl.keystore.password";
- public static final String SENTRY_SSL_PROTOCOL_BLACKLIST = "sentry.ssl.protocol.blacklist";
- // Blacklist SSL protocols that are not secure (e.g., POODLE vulnerability)
- public static final String[] SENTRY_SSL_PROTOCOL_BLACKLIST_DEFAULT = {"SSLv2", "SSLv2Hello", "SSLv3"};
-
- // Web Security
- public static final String SENTRY_WEB_SECURITY_PREFIX = "sentry.service.web.authentication";
- public static final String SENTRY_WEB_SECURITY_TYPE = SENTRY_WEB_SECURITY_PREFIX + ".type";
- public static final String SENTRY_WEB_SECURITY_TYPE_NONE = "NONE";
- public static final String SENTRY_WEB_SECURITY_TYPE_KERBEROS = "KERBEROS";
- public static final String SENTRY_WEB_SECURITY_PRINCIPAL = SENTRY_WEB_SECURITY_PREFIX + ".kerberos.principal";
- public static final String SENTRY_WEB_SECURITY_KEYTAB = SENTRY_WEB_SECURITY_PREFIX + ".kerberos.keytab";
- public static final String SENTRY_WEB_SECURITY_ALLOW_CONNECT_USERS = SENTRY_WEB_SECURITY_PREFIX + ".allow.connect.users";
-
- // max message size for thrift messages
- public static final String SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.server.thrift.max.message.size";
- public static final long SENTRY_POLICY_SERVER_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024;
-
- // action factories for external components
- public static final String SENTRY_COMPONENT_ACTION_FACTORY_FORMAT = "sentry.%s.action.factory";
-
- // Sentry is never a client to other Kerberos Services, it should not be required to renew the TGT
- @Deprecated
- public static final String SENTRY_KERBEROS_TGT_AUTORENEW = "sentry.service.kerberos.tgt.autorenew";
- @Deprecated
- public static final Boolean SENTRY_KERBEROS_TGT_AUTORENEW_DEFAULT = false;
- }
-
- public static class ClientConfig {
- public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES;
- public static final String SERVER_RPC_PORT = "sentry.service.client.server.rpc-port";
- public static final int SERVER_RPC_PORT_DEFAULT = ServerConfig.RPC_PORT_DEFAULT;
- public static final String SERVER_RPC_ADDRESS = "sentry.service.client.server.rpc-address";
- public static final String SERVER_RPC_CONN_TIMEOUT = "sentry.service.client.server.rpc-connection-timeout";
- public static final int SERVER_RPC_CONN_TIMEOUT_DEFAULT = 200000;
-
- // HA configuration
- public static final String SERVER_HA_ENABLED = "sentry.ha.enabled";
- public static final boolean SERVER_HA_ENABLED_DEFAULT = ServerConfig.SENTRY_HA_ENABLED_DEFAULT;
- public static final String SENTRY_HA_ZOOKEEPER_QUORUM = ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM;
- public static final String SERVER_HA_ZOOKEEPER_QUORUM_DEFAULT = ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM_DEFAULT;
- public static final String SENTRY_HA_ZOOKEEPER_NAMESPACE = ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE;
- public static final String SERVER_HA_ZOOKEEPER_NAMESPACE_DEFAULT = ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE_DEFAULT;
-
- // connection pool configuration
- public static final String SENTRY_POOL_ENABLED = "sentry.service.client.connection.pool.enabled";
- public static final boolean SENTRY_POOL_ENABLED_DEFAULT = false;
-
- // commons-pool configuration for pool size
- public static final String SENTRY_POOL_MAX_TOTAL = "sentry.service.client.connection.pool.max-total";
- public static final int SENTRY_POOL_MAX_TOTAL_DEFAULT = 8;
- public static final String SENTRY_POOL_MAX_IDLE = "sentry.service.client.connection.pool.max-idle";
- public static final int SENTRY_POOL_MAX_IDLE_DEFAULT = 8;
- public static final String SENTRY_POOL_MIN_IDLE = "sentry.service.client.connection.pool.min-idle";
- public static final int SENTRY_POOL_MIN_IDLE_DEFAULT = 0;
-
- // retry num for getting the connection from connection pool
- public static final String SENTRY_POOL_RETRY_TOTAL = "sentry.service.client.connection.pool.retry-total";
- public static final int SENTRY_POOL_RETRY_TOTAL_DEFAULT = 3;
-
- // max message size for thrift messages
- public static final String SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE = "sentry.policy.client.thrift.max.message.size";
- public static final long SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024;
-
- // client retry settings
- public static final String RETRY_COUNT_CONF = "sentry.provider.backend.db.retry.count";
- public static final int RETRY_COUNT_DEFAULT = 3;
- public static final String RETRY_INTERVAL_SEC_CONF = "sentry.provider.backend.db.retry.interval.seconds";
- public static final int RETRY_INTERVAL_SEC_DEFAULT = 30;
-
- // provider backend cache settings
- public static final String ENABLE_CACHING = "sentry.provider.backend.generic.cache.enabled";
- public static final boolean ENABLE_CACHING_DEFAULT = false;
- public static final String CACHE_TTL_MS = "sentry.provider.backend.generic.cache.ttl.ms";
- public static final long CACHING_TTL_MS_DEFAULT = 30000;
- public static final String CACHE_UPDATE_FAILURES_BEFORE_PRIV_REVOKE = "sentry.provider.backend.generic.cache.update.failures.count";
- public static final int CACHE_UPDATE_FAILURES_BEFORE_PRIV_REVOKE_DEFAULT = 3;
- public static final String PRIVILEGE_CONVERTER = "sentry.provider.backend.generic.privilege.converter";
- }
-
- /**
- * Thrift generates terrible constant class names
- */
- public static class ThriftConstants extends org.apache.sentry.service.thrift.sentry_common_serviceConstants {
- public static final int TSENTRY_SERVICE_VERSION_CURRENT = TSENTRY_SERVICE_V2;
- }
-
- /* Privilege operation scope */
- public static enum PrivilegeScope {
- SERVER,
- URI,
- DATABASE,
- TABLE,
- COLUMN
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java
deleted file mode 100644
index e9cc411..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java
+++ /dev/null
@@ -1,132 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.service.thrift;
-
-import java.io.PrintWriter;
-import java.io.StringWriter;
-
-import javax.annotation.Nullable;
-
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.exception.SentryAccessDeniedException;
-import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
-import org.apache.sentry.core.common.exception.SentryInvalidInputException;
-import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
-import org.apache.sentry.core.common.exception.SentryThriftAPIMismatchException;
-import org.apache.sentry.service.thrift.ServiceConstants.ThriftConstants;
-
-/**
- * Simple factory to make returning TSentryStatus objects easy
- */
-public enum Status {
- OK(ThriftConstants.TSENTRY_STATUS_OK),
- ALREADY_EXISTS(ThriftConstants.TSENTRY_STATUS_ALREADY_EXISTS),
- NO_SUCH_OBJECT(ThriftConstants.TSENTRY_STATUS_NO_SUCH_OBJECT),
- RUNTIME_ERROR(ThriftConstants.TSENTRY_STATUS_RUNTIME_ERROR),
- INVALID_INPUT(ThriftConstants.TSENTRY_STATUS_INVALID_INPUT),
- ACCESS_DENIED(ThriftConstants.TSENTRY_STATUS_ACCESS_DENIED),
- THRIFT_VERSION_MISMATCH(ThriftConstants.TSENTRY_STATUS_THRIFT_VERSION_MISMATCH),
- UNKNOWN(-1)
- ;
- private int code;
- private Status(int code) {
- this.code = code;
- }
- public int getCode() {
- return code;
- }
- public static Status fromCode(int code) {
- for (Status status : Status.values()) {
- if (status.getCode() == code) {
- return status;
- }
- }
- return Status.UNKNOWN;
- }
- public static TSentryResponseStatus OK() {
- return Create(Status.OK, "");
- }
- public static TSentryResponseStatus AccessDenied(String message, Throwable t) {
- return Create(Status.ACCESS_DENIED, message, t);
- }
- public static TSentryResponseStatus AlreadyExists(String message, Throwable t) {
- return Create(Status.ALREADY_EXISTS, message, t);
- }
- public static TSentryResponseStatus NoSuchObject(String message, Throwable t) {
- return Create(Status.NO_SUCH_OBJECT, message, t);
- }
- public static TSentryResponseStatus RuntimeError(String message, Throwable t) {
- return Create(Status.RUNTIME_ERROR, message, t);
- }
- public static TSentryResponseStatus Create(Status value, String message) {
- return Create(value, message, null);
- }
- public static TSentryResponseStatus InvalidInput(String message, Throwable t) {
- return Create(Status.INVALID_INPUT, message, t);
- }
- public static TSentryResponseStatus THRIFT_VERSION_MISMATCH(String message, Throwable t) {
- return Create(Status.THRIFT_VERSION_MISMATCH, message, t);
- }
- public static TSentryResponseStatus Create(Status value, String message, @Nullable Throwable t) {
- TSentryResponseStatus status = new TSentryResponseStatus();
- status.setValue(value.getCode());
- status.setMessage(message);
- if (t != null) {
- StringWriter stringWriter = new StringWriter();
- PrintWriter printWriter = new PrintWriter(stringWriter);
- t.printStackTrace(printWriter);
- printWriter.close();
- status.setStack(stringWriter.toString());
- }
- return status;
- }
- public static void throwIfNotOk(TSentryResponseStatus thriftStatus)
- throws SentryUserException {
- Status status = Status.fromCode(thriftStatus.getValue());
- switch(status) {
- case OK:
- break;
- case ALREADY_EXISTS:
- throw new SentryAlreadyExistsException(serverErrorToString(thriftStatus), thriftStatus.getMessage());
- case NO_SUCH_OBJECT:
- throw new SentryNoSuchObjectException(serverErrorToString(thriftStatus), thriftStatus.getMessage());
- case RUNTIME_ERROR:
- throw new RuntimeException(serverErrorToString(thriftStatus));
- case INVALID_INPUT:
- throw new SentryInvalidInputException(serverErrorToString(thriftStatus), thriftStatus.getMessage());
- case ACCESS_DENIED:
- throw new SentryAccessDeniedException(serverErrorToString(thriftStatus), thriftStatus.getMessage());
- case THRIFT_VERSION_MISMATCH:
- throw new SentryThriftAPIMismatchException(serverErrorToString(thriftStatus), thriftStatus.getMessage());
- case UNKNOWN:
- throw new AssertionError(serverErrorToString(thriftStatus));
- default:
- throw new AssertionError("Unknown status code: " + status + ". Msg: " +
- serverErrorToString(thriftStatus));
- }
- }
-
- private static String serverErrorToString(TSentryResponseStatus thriftStatus) {
- String msg = thriftStatus.getMessage();
- String stack = thriftStatus.getStack();
- if (stack == null) {
- return msg;
- }
- return msg + ". Server Stacktrace: " + stack;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.derby.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.derby.sql b/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.derby.sql
deleted file mode 100644
index 04353d1..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.derby.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- SENTRY-327
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN WITH_GRANT_OPTION CHAR(1) NOT NULL DEFAULT 'N';
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.mysql.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.mysql.sql b/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.mysql.sql
deleted file mode 100644
index 7d96bc0..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.mysql.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- SENTRY-327
-ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD `WITH_GRANT_OPTION` CHAR(1) NOT NULL DEFAULT 'N';
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.oracle.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.oracle.sql b/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.oracle.sql
deleted file mode 100644
index f42ccdf..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.oracle.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- SENTRY-327
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD WITH_GRANT_OPTION CHAR(1) DEFAULT 'N' NOT NULL;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.postgres.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.postgres.sql b/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.postgres.sql
deleted file mode 100644
index 1b670ec..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.postgres.sql
+++ /dev/null
@@ -1,2 +0,0 @@
--- SENTRY-327
-ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD COLUMN "WITH_GRANT_OPTION" CHAR(1) NOT NULL DEFAULT 'N';
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.derby.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.derby.sql b/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.derby.sql
deleted file mode 100644
index 647e9e2..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.derby.sql
+++ /dev/null
@@ -1,13 +0,0 @@
--- SENTRY-339
-DROP INDEX SENTRYPRIVILEGENAME;
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME",URI,"ACTION",WITH_GRANT_OPTION);
-
-ALTER TABLE SENTRY_DB_PRIVILEGE DROP COLUMN PRIVILEGE_NAME;
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN DB_NAME SET DEFAULT '__NULL__';
-ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN TABLE_NAME SET DEFAULT '__NULL__';
-ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN URI SET DEFAULT '__NULL__';
-
-UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null;
-UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null;
-UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.mysql.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.mysql.sql b/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.mysql.sql
deleted file mode 100644
index cd4ec7c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.mysql.sql
+++ /dev/null
@@ -1,13 +0,0 @@
--- SENTRY-339
-ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP INDEX `SENTRY_DB_PRIV_PRIV_NAME_UNIQ`;
-ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`);
-ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP `PRIVILEGE_NAME`;
-
-ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN DB_NAME SET DEFAULT '__NULL__';
-ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN TABLE_NAME SET DEFAULT '__NULL__';
-ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN URI SET DEFAULT '__NULL__';
-
-UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null;
-UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null;
-UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null;
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.oracle.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.oracle.sql b/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.oracle.sql
deleted file mode 100644
index f5f596d..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.oracle.sql
+++ /dev/null
@@ -1,13 +0,0 @@
--- SENTRY-339
-ALTER TABLE SENTRY_DB_PRIVILEGE DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" DROP INDEX;
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","URI","ACTION","WITH_GRANT_OPTION");
-ALTER TABLE SENTRY_DB_PRIVILEGE DROP COLUMN PRIVILEGE_NAME;
-
-ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY DB_NAME DEFAULT '__NULL__';
-ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY TABLE_NAME DEFAULT '__NULL__';
-ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY URI DEFAULT '__NULL__';
-
-UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null;
-UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null;
-UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null;
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.postgres.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.postgres.sql b/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.postgres.sql
deleted file mode 100644
index 458e447..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.postgres.sql
+++ /dev/null
@@ -1,13 +0,0 @@
--- SENTRY-339
-ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ";
-ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","URI", "ACTION","WITH_GRANT_OPTION");
-ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP COLUMN "PRIVILEGE_NAME";
-
-ALTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "DB_NAME" SET DEFAULT '__NULL__';
-AlTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "TABLE_NAME" SET DEFAULT '__NULL__';
-ALTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "URI" SET DEFAULT '__NULL__';
-
-UPDATE "SENTRY_DB_PRIVILEGE" SET "DB_NAME" = DEFAULT where "DB_NAME" is null;
-UPDATE "SENTRY_DB_PRIVILEGE" SET "TABLE_NAME" = DEFAULT where "TABLE_NAME" is null;
-UPDATE "SENTRY_DB_PRIVILEGE" SET "URI" = DEFAULT where "URI" is null;
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.derby.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.derby.sql b/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.derby.sql
deleted file mode 100644
index f27b358..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.derby.sql
+++ /dev/null
@@ -1,7 +0,0 @@
--- SENTRY-380
-ALTER TABLE SENTRY_DB_PRIVILEGE DROP GRANTOR_PRINCIPAL;
-ALTER TABLE SENTRY_ROLE DROP GRANTOR_PRINCIPAL;
-ALTER TABLE SENTRY_GROUP DROP GRANTOR_PRINCIPAL;
-
-ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD GRANTOR_PRINCIPAL VARCHAR(128);
-ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD GRANTOR_PRINCIPAL VARCHAR(128);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.mysql.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.mysql.sql b/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.mysql.sql
deleted file mode 100644
index 8e0a633..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.mysql.sql
+++ /dev/null
@@ -1,7 +0,0 @@
--- SENTRY-380
-ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP `GRANTOR_PRINCIPAL`;
-ALTER TABLE `SENTRY_ROLE` DROP `GRANTOR_PRINCIPAL`;
-ALTER TABLE `SENTRY_GROUP` DROP `GRANTOR_PRINCIPAL`;
-
-ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin;
-ALTER TABLE `SENTRY_ROLE_GROUP_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin;
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.oracle.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.oracle.sql b/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.oracle.sql
deleted file mode 100644
index d07d20e..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.oracle.sql
+++ /dev/null
@@ -1,7 +0,0 @@
--- SENTRY-380
-ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP COLUMN "GRANTOR_PRINCIPAL";
-ALTER TABLE "SENTRY_ROLE" DROP COLUMN "GRANTOR_PRINCIPAL";
-ALTER TABLE "SENTRY_GROUP" DROP COLUMN "GRANTOR_PRINCIPAL";
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" ADD "GRANTOR_PRINCIPAL" VARCHAR2(128);
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP" ADD "GRANTOR_PRINCIPAL" VARCHAR2(128);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.postgres.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.postgres.sql b/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.postgres.sql
deleted file mode 100644
index 95a2ef1..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.postgres.sql
+++ /dev/null
@@ -1,7 +0,0 @@
--- SENTRY-380
-ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP "GRANTOR_PRINCIPAL";
-ALTER TABLE "SENTRY_ROLE" DROP "GRANTOR_PRINCIPAL";
-ALTER TABLE "SENTRY_GROUP" DROP "GRANTOR_PRINCIPAL";
-
-ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" ADD "GRANTOR_PRINCIPAL" character varying(128);
-ALTER TABLE "SENTRY_ROLE_GROUP_MAP" ADD "GRANTOR_PRINCIPAL" character varying(128);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.derby.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.derby.sql b/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.derby.sql
deleted file mode 100644
index da1f4d6..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.derby.sql
+++ /dev/null
@@ -1,4 +0,0 @@
--- SENTRY-74
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN COLUMN_NAME VARCHAR(4000) DEFAULT '__NULL__';
-DROP INDEX SENTRYPRIVILEGENAME;
-CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.mysql.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.mysql.sql b/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.mysql.sql
deleted file mode 100644
index 1419ca3..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.mysql.sql
+++ /dev/null
@@ -1,4 +0,0 @@
--- SENTRY-74
-ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD `COLUMN_NAME` VARCHAR(128) DEFAULT '__NULL__';
-ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP INDEX `SENTRY_DB_PRIV_PRIV_NAME_UNIQ`;
-ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`COLUMN_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`);
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.oracle.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.oracle.sql b/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.oracle.sql
deleted file mode 100644
index a70ae0a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.oracle.sql
+++ /dev/null
@@ -1,4 +0,0 @@
--- SENTRY-74
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN_NAME VARCHAR2(128) DEFAULT '__NULL__';
-ALTER TABLE SENTRY_DB_PRIVILEGE DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" DROP INDEX;
-ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI","ACTION","WITH_GRANT_OPTION");
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.postgres.sql
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.postgres.sql b/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.postgres.sql
deleted file mode 100644
index 81bdfa3..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.postgres.sql
+++ /dev/null
@@ -1,4 +0,0 @@
--- SENTRY-74
-ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD COLUMN "COLUMN_NAME" character varying(128) DEFAULT '__NULL__';
-ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ";
-ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI", "ACTION","WITH_GRANT_OPTION");
[51/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
SENTRY-1205: Refactor the code for sentry-provider-db and create sentry-service module(Colin Ma, reviewed by Dapeng Sun)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/f1332300
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/f1332300
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/f1332300
Branch: refs/heads/master
Commit: f13323008c46283796952fe8b71bc40ed4dc6523
Parents: 170c2a1
Author: Colin Ma <co...@apache.org>
Authored: Thu Jul 21 13:55:58 2016 +0800
Committer: Colin Ma <co...@apache.org>
Committed: Thu Jul 21 13:55:58 2016 +0800
----------------------------------------------------------------------
pom.xml | 30 +-
.../sentry-binding-hive-common/pom.xml | 12 +-
sentry-binding/sentry-binding-hive-v2/pom.xml | 20 -
.../v2/metastore/MetastoreAuthzBindingV2.java | 2 +-
sentry-binding/sentry-binding-hive/pom.xml | 29 -
.../binding/hive/MockUserToGroupMapping.java | 2 +-
.../policy/hive/TestPolicyParsingNegative.java | 2 +-
...sourceAuthorizationProviderGeneralCases.java | 2 +-
...sourceAuthorizationProviderSpecialCases.java | 2 +-
.../hive/TestSimpleDBPolicyEngineDFS.java | 2 +-
sentry-binding/sentry-binding-kafka/pom.xml | 14 +-
.../sentry/kafka/binding/KafkaAuthBinding.java | 2 +-
.../kafka/MockGroupMappingServiceProvider.java | 2 +-
...tKafkaAuthorizationProviderSpecialCases.java | 2 +-
sentry-binding/sentry-binding-solr/pom.xml | 12 +-
.../binding/solr/authz/SolrAuthzBinding.java | 4 +-
...SearchAuthorizationProviderGeneralCases.java | 2 +-
...SearchAuthorizationProviderSpecialCases.java | 2 +-
sentry-binding/sentry-binding-sqoop/pom.xml | 10 +-
.../sentry/sqoop/binding/SqoopAuthBinding.java | 2 +-
...tSqoopAuthorizationProviderGeneralCases.java | 2 +-
...tSqoopAuthorizationProviderSpecialCases.java | 2 +-
.../common/service/GroupMappingService.java | 35 +
.../service/HadoopGroupMappingService.java | 69 +
.../MockGroupMappingServiceProvider.java | 44 +
.../common/service/NoGroupMappingService.java | 33 +
.../common/utils/AuthorizationComponent.java | 30 +
.../sentry/core/common/utils/PolicyFile.java | 202 +
sentry-dist/pom.xml | 12 +
sentry-dist/src/main/assembly/bin.xml | 5 +-
sentry-dist/src/main/assembly/src.xml | 1 +
sentry-hdfs/sentry-hdfs-common/pom.xml | 19 +-
...ndexerAuthorizationProviderGeneralCases.java | 2 +-
...ndexerAuthorizationProviderSpecialCases.java | 2 +-
sentry-provider/sentry-provider-cache/pom.xml | 4 -
sentry-provider/sentry-provider-common/pom.xml | 5 -
.../provider/common/AuthorizationComponent.java | 30 -
.../provider/common/AuthorizationProvider.java | 1 +
.../provider/common/GroupMappingService.java | 35 -
.../common/HadoopGroupMappingService.java | 69 -
...adoopGroupResourceAuthorizationProvider.java | 2 +
.../common/NoAuthorizationProvider.java | 2 +
.../provider/common/NoGroupMappingService.java | 33 -
.../common/ResourceAuthorizationProvider.java | 1 +
...adoopGroupResourceAuthorizationProvider.java | 2 +-
.../common/MockGroupMappingServiceProvider.java | 44 -
.../provider/common/TestGetGroupMapping.java | 1 +
.../common/TestNoAuthorizationProvider.java | 1 +
sentry-provider/sentry-provider-db/pom.xml | 354 +-
.../thrift/SentryGenericPolicyService.java | 10416 -----------
.../TAlterSentryRoleAddGroupsRequest.java | 842 -
.../TAlterSentryRoleAddGroupsResponse.java | 391 -
.../TAlterSentryRoleDeleteGroupsRequest.java | 842 -
.../TAlterSentryRoleDeleteGroupsResponse.java | 391 -
.../TAlterSentryRoleGrantPrivilegeRequest.java | 798 -
.../TAlterSentryRoleGrantPrivilegeResponse.java | 391 -
.../TAlterSentryRoleRevokePrivilegeRequest.java | 798 -
...TAlterSentryRoleRevokePrivilegeResponse.java | 391 -
.../generic/service/thrift/TAuthorizable.java | 490 -
.../thrift/TCreateSentryRoleRequest.java | 692 -
.../thrift/TCreateSentryRoleResponse.java | 391 -
.../service/thrift/TDropPrivilegesRequest.java | 697 -
.../service/thrift/TDropPrivilegesResponse.java | 391 -
.../service/thrift/TDropSentryRoleRequest.java | 692 -
.../service/thrift/TDropSentryRoleResponse.java | 391 -
.../TListSentryPrivilegesByAuthRequest.java | 1112 --
.../TListSentryPrivilegesByAuthResponse.java | 569 -
...TListSentryPrivilegesForProviderRequest.java | 1011 --
...ListSentryPrivilegesForProviderResponse.java | 541 -
.../thrift/TListSentryPrivilegesRequest.java | 957 -
.../thrift/TListSentryPrivilegesResponse.java | 555 -
.../service/thrift/TListSentryRolesRequest.java | 701 -
.../thrift/TListSentryRolesResponse.java | 555 -
.../thrift/TRenamePrivilegesRequest.java | 1002 --
.../thrift/TRenamePrivilegesResponse.java | 391 -
.../service/thrift/TSentryActiveRoleSet.java | 537 -
.../service/thrift/TSentryGrantOption.java | 48 -
.../service/thrift/TSentryPrivilege.java | 1080 --
.../service/thrift/TSentryPrivilegeMap.java | 490 -
.../db/generic/service/thrift/TSentryRole.java | 539 -
.../db/service/thrift/SentryPolicyService.java | 15564 -----------------
.../TAlterSentryRoleAddGroupsRequest.java | 746 -
.../TAlterSentryRoleAddGroupsResponse.java | 394 -
.../thrift/TAlterSentryRoleAddUsersRequest.java | 741 -
.../TAlterSentryRoleAddUsersResponse.java | 394 -
.../TAlterSentryRoleDeleteGroupsRequest.java | 746 -
.../TAlterSentryRoleDeleteGroupsResponse.java | 394 -
.../TAlterSentryRoleDeleteUsersRequest.java | 741 -
.../TAlterSentryRoleDeleteUsersResponse.java | 394 -
.../TAlterSentryRoleGrantPrivilegeRequest.java | 866 -
.../TAlterSentryRoleGrantPrivilegeResponse.java | 669 -
.../TAlterSentryRoleRevokePrivilegeRequest.java | 866 -
...TAlterSentryRoleRevokePrivilegeResponse.java | 394 -
.../thrift/TCreateSentryRoleRequest.java | 591 -
.../thrift/TCreateSentryRoleResponse.java | 394 -
.../service/thrift/TDropPrivilegesRequest.java | 596 -
.../service/thrift/TDropPrivilegesResponse.java | 394 -
.../service/thrift/TDropSentryRoleRequest.java | 591 -
.../service/thrift/TDropSentryRoleResponse.java | 394 -
.../TListSentryPrivilegesByAuthRequest.java | 915 -
.../TListSentryPrivilegesByAuthResponse.java | 571 -
...TListSentryPrivilegesForProviderRequest.java | 915 -
...ListSentryPrivilegesForProviderResponse.java | 544 -
.../thrift/TListSentryPrivilegesRequest.java | 706 -
.../thrift/TListSentryPrivilegesResponse.java | 558 -
.../thrift/TListSentryRolesForUserRequest.java | 591 -
.../service/thrift/TListSentryRolesRequest.java | 600 -
.../thrift/TListSentryRolesResponse.java | 558 -
.../thrift/TRenamePrivilegesRequest.java | 702 -
.../thrift/TRenamePrivilegesResponse.java | 394 -
.../db/service/thrift/TSentryActiveRoleSet.java | 537 -
.../db/service/thrift/TSentryAuthorizable.java | 817 -
.../thrift/TSentryConfigValueRequest.java | 600 -
.../thrift/TSentryConfigValueResponse.java | 504 -
.../thrift/TSentryExportMappingDataRequest.java | 600 -
.../TSentryExportMappingDataResponse.java | 500 -
.../db/service/thrift/TSentryGrantOption.java | 48 -
.../db/service/thrift/TSentryGroup.java | 389 -
.../thrift/TSentryImportMappingDataRequest.java | 693 -
.../TSentryImportMappingDataResponse.java | 394 -
.../db/service/thrift/TSentryMappingData.java | 898 -
.../db/service/thrift/TSentryPrivilege.java | 1258 --
.../db/service/thrift/TSentryPrivilegeMap.java | 490 -
.../provider/db/service/thrift/TSentryRole.java | 645 -
.../service/thrift/TSentryResponseStatus.java | 598 -
.../thrift/sentry_common_serviceConstants.java | 57 -
.../provider/db/SentryPolicyStorePlugin.java | 60 -
.../service/persistent/DelegateSentryStore.java | 542 -
.../service/persistent/PrivilegeObject.java | 231 -
.../persistent/PrivilegeOperatePersistence.java | 485 -
.../service/persistent/SentryStoreLayer.java | 198 -
.../service/thrift/NotificationHandler.java | 47 -
.../thrift/NotificationHandlerInvoker.java | 164 -
.../thrift/SentryGenericPolicyProcessor.java | 836 -
.../SentryGenericPolicyProcessorFactory.java | 40 -
.../SentryGenericPolicyProcessorWrapper.java | 39 -
.../thrift/SentryGenericServiceClient.java | 196 -
.../SentryGenericServiceClientDefaultImpl.java | 591 -
.../SentryGenericServiceClientFactory.java | 34 -
.../tools/KafkaTSentryPrivilegeConverter.java | 118 -
.../generic/tools/SentryConfigToolCommon.java | 152 -
.../db/generic/tools/SentryConfigToolSolr.java | 262 -
.../db/generic/tools/SentryShellKafka.java | 113 -
.../db/generic/tools/SentryShellSolr.java | 112 -
.../tools/SolrTSentryPrivilegeConverter.java | 137 -
.../tools/command/AddRoleToGroupCmd.java | 46 -
.../db/generic/tools/command/Command.java | 27 -
.../db/generic/tools/command/CreateRoleCmd.java | 39 -
.../tools/command/DeleteRoleFromGroupCmd.java | 46 -
.../db/generic/tools/command/DropRoleCmd.java | 39 -
.../tools/command/GrantPrivilegeToRoleCmd.java | 47 -
.../tools/command/ListPrivilegesByRoleCmd.java | 54 -
.../db/generic/tools/command/ListRolesCmd.java | 53 -
.../command/RevokePrivilegeFromRoleCmd.java | 47 -
.../command/TSentryPrivilegeConverter.java | 33 -
.../log/appender/AuditLoggerTestAppender.java | 52 -
.../RollingFileWithoutDeleteAppender.java | 175 -
.../db/log/entity/AuditMetadataLogEntity.java | 155 -
.../db/log/entity/DBAuditMetadataLogEntity.java | 124 -
.../db/log/entity/GMAuditMetadataLogEntity.java | 97 -
.../provider/db/log/entity/JsonLogEntity.java | 25 -
.../db/log/entity/JsonLogEntityFactory.java | 351 -
.../provider/db/log/util/CommandUtil.java | 233 -
.../sentry/provider/db/log/util/Constants.java | 162 -
.../db/service/model/MSentryGMPrivilege.java | 497 -
.../provider/db/service/model/MSentryGroup.java | 116 -
.../db/service/model/MSentryPrivilege.java | 332 -
.../provider/db/service/model/MSentryRole.java | 216 -
.../provider/db/service/model/MSentryUser.java | 116 -
.../db/service/model/MSentryVersion.java | 66 -
.../provider/db/service/model/package.jdo | 242 -
.../db/service/persistent/CommitContext.java | 42 -
.../persistent/FixedJsonInstanceSerializer.java | 163 -
.../db/service/persistent/HAContext.java | 262 -
.../db/service/persistent/SentryStore.java | 2672 ---
.../persistent/SentryStoreSchemaInfo.java | 143 -
.../db/service/persistent/ServiceManager.java | 97 -
.../db/service/persistent/ServiceRegister.java | 52 -
.../provider/db/service/thrift/ConfServlet.java | 69 -
.../db/service/thrift/NotificationHandler.java | 79 -
.../thrift/NotificationHandlerInvoker.java | 176 -
.../db/service/thrift/PolicyStoreConstants.java | 32 -
.../db/service/thrift/SentryAuthFilter.java | 92 -
...SentryHealthCheckServletContextListener.java | 35 -
.../db/service/thrift/SentryMetrics.java | 162 -
.../SentryMetricsServletContextListener.java | 32 -
.../thrift/SentryPolicyServiceClient.java | 220 -
.../SentryPolicyServiceClientDefaultImpl.java | 1084 --
.../thrift/SentryPolicyStoreProcessor.java | 1113 --
.../SentryPolicyStoreProcessorFactory.java | 39 -
.../service/thrift/SentryProcessorWrapper.java | 37 -
.../db/service/thrift/SentryWebServer.java | 184 -
.../provider/db/service/thrift/ThriftUtil.java | 112 -
.../provider/db/tools/SentrySchemaHelper.java | 315 -
.../provider/db/tools/SentrySchemaTool.java | 595 -
.../provider/db/tools/SentryShellCommon.java | 247 -
.../provider/db/tools/SentryShellHive.java | 98 -
.../provider/db/tools/command/hive/Command.java | 27 -
.../db/tools/command/hive/CommandUtil.java | 119 -
.../db/tools/command/hive/CreateRoleCmd.java | 37 -
.../db/tools/command/hive/DropRoleCmd.java | 37 -
.../command/hive/GrantPrivilegeToRoleCmd.java | 41 -
.../command/hive/GrantRoleToGroupsCmd.java | 44 -
.../tools/command/hive/ListPrivilegesCmd.java | 97 -
.../db/tools/command/hive/ListRolesCmd.java | 51 -
.../hive/RevokePrivilegeFromRoleCmd.java | 42 -
.../command/hive/RevokeRoleFromGroupsCmd.java | 43 -
.../sentry/service/thrift/GSSCallback.java | 110 -
.../thrift/HAClientInvocationHandler.java | 139 -
.../service/thrift/JaasConfiguration.java | 133 -
.../service/thrift/KerberosConfiguration.java | 107 -
.../thrift/PoolClientInvocationHandler.java | 154 -
.../sentry/service/thrift/ProcessorFactory.java | 31 -
.../thrift/SentryClientInvocationHandler.java | 54 -
.../service/thrift/SentryKerberosContext.java | 157 -
.../sentry/service/thrift/SentryService.java | 426 -
.../thrift/SentryServiceClientFactory.java | 52 -
.../thrift/SentryServiceClientPoolFactory.java | 78 -
.../service/thrift/SentryServiceFactory.java | 28 -
.../service/thrift/SentryServiceUtil.java | 158 -
.../sentry/service/thrift/ServiceConstants.java | 261 -
.../apache/sentry/service/thrift/Status.java | 132 -
.../src/main/resources/001-SENTRY-327.derby.sql | 2 -
.../src/main/resources/001-SENTRY-327.mysql.sql | 2 -
.../main/resources/001-SENTRY-327.oracle.sql | 2 -
.../main/resources/001-SENTRY-327.postgres.sql | 2 -
.../src/main/resources/002-SENTRY-339.derby.sql | 13 -
.../src/main/resources/002-SENTRY-339.mysql.sql | 13 -
.../main/resources/002-SENTRY-339.oracle.sql | 13 -
.../main/resources/002-SENTRY-339.postgres.sql | 13 -
.../src/main/resources/003-SENTRY-380.derby.sql | 7 -
.../src/main/resources/003-SENTRY-380.mysql.sql | 7 -
.../main/resources/003-SENTRY-380.oracle.sql | 7 -
.../main/resources/003-SENTRY-380.postgres.sql | 7 -
.../src/main/resources/004-SENTRY-74.derby.sql | 4 -
.../src/main/resources/004-SENTRY-74.mysql.sql | 4 -
.../src/main/resources/004-SENTRY-74.oracle.sql | 4 -
.../main/resources/004-SENTRY-74.postgres.sql | 4 -
.../src/main/resources/005-SENTRY-398.derby.sql | 43 -
.../src/main/resources/005-SENTRY-398.mysql.sql | 62 -
.../main/resources/005-SENTRY-398.oracle.sql | 55 -
.../main/resources/005-SENTRY-398.postgres.sql | 54 -
.../src/main/resources/006-SENTRY-711.derby.sql | 27 -
.../src/main/resources/006-SENTRY-711.mysql.sql | 28 -
.../main/resources/006-SENTRY-711.oracle.sql | 28 -
.../main/resources/006-SENTRY-711.postgres.sql | 28 -
.../src/main/resources/sentry-db2-1.4.0.sql | 112 -
.../src/main/resources/sentry-db2-1.5.0.sql | 155 -
.../src/main/resources/sentry-db2-1.6.0.sql | 155 -
.../src/main/resources/sentry-db2-1.7.0.sql | 155 -
.../src/main/resources/sentry-db2-1.8.0.sql | 183 -
.../src/main/resources/sentry-derby-1.4.0.sql | 112 -
.../src/main/resources/sentry-derby-1.5.0.sql | 155 -
.../src/main/resources/sentry-derby-1.6.0.sql | 155 -
.../src/main/resources/sentry-derby-1.7.0.sql | 155 -
.../src/main/resources/sentry-derby-1.8.0.sql | 184 -
.../src/main/resources/sentry-mysql-1.4.0.sql | 126 -
.../src/main/resources/sentry-mysql-1.5.0.sql | 192 -
.../src/main/resources/sentry-mysql-1.6.0.sql | 193 -
.../src/main/resources/sentry-mysql-1.7.0.sql | 193 -
.../src/main/resources/sentry-mysql-1.8.0.sql | 223 -
.../src/main/resources/sentry-oracle-1.4.0.sql | 110 -
.../src/main/resources/sentry-oracle-1.5.0.sql | 168 -
.../src/main/resources/sentry-oracle-1.6.0.sql | 168 -
.../src/main/resources/sentry-oracle-1.7.0.sql | 168 -
.../src/main/resources/sentry-oracle-1.8.0.sql | 197 -
.../main/resources/sentry-postgres-1.4.0.sql | 124 -
.../main/resources/sentry-postgres-1.5.0.sql | 182 -
.../main/resources/sentry-postgres-1.6.0.sql | 182 -
.../main/resources/sentry-postgres-1.7.0.sql | 182 -
.../main/resources/sentry-postgres-1.8.0.sql | 211 -
.../sentry-upgrade-db2-1.4.0-to-1.5.0.sql | 61 -
.../sentry-upgrade-db2-1.5.0-to-1.6.0.sql | 2 -
.../sentry-upgrade-db2-1.6.0-to-1.7.0.sql | 2 -
.../sentry-upgrade-db2-1.7.0-to-1.8.0.sql | 31 -
.../sentry-upgrade-derby-1.4.0-to-1.5.0.sql | 8 -
.../sentry-upgrade-derby-1.5.0-to-1.6.0.sql | 2 -
.../sentry-upgrade-derby-1.6.0-to-1.7.0.sql | 2 -
.../sentry-upgrade-derby-1.7.0-to-1.8.0.sql | 4 -
.../sentry-upgrade-mysql-1.4.0-to-1.5.0.sql | 10 -
.../sentry-upgrade-mysql-1.5.0-to-1.6.0.sql | 5 -
.../sentry-upgrade-mysql-1.6.0-to-1.7.0.sql | 5 -
.../sentry-upgrade-mysql-1.7.0-to-1.8.0.sql | 6 -
.../sentry-upgrade-oracle-1.4.0-to-1.5.0.sql | 9 -
.../sentry-upgrade-oracle-1.5.0-to-1.6.0.sql | 5 -
.../sentry-upgrade-oracle-1.6.0-to-1.7.0.sql | 5 -
.../sentry-upgrade-oracle-1.7.0-to-1.8.0.sql | 6 -
.../sentry-upgrade-postgres-1.4.0-to-1.5.0.sql | 9 -
.../sentry-upgrade-postgres-1.5.0-to-1.6.0.sql | 5 -
.../sentry-upgrade-postgres-1.6.0-to-1.7.0.sql | 5 -
.../sentry-upgrade-postgres-1.7.0-to-1.8.0.sql | 6 -
.../main/resources/sentry_common_service.thrift | 46 -
.../sentry_generic_policy_service.thrift | 279 -
.../main/resources/sentry_policy_service.thrift | 330 -
.../src/main/resources/upgrade.order.db2 | 4 -
.../src/main/resources/upgrade.order.derby | 4 -
.../src/main/resources/upgrade.order.mysql | 4 -
.../src/main/resources/upgrade.order.oracle | 4 -
.../src/main/resources/upgrade.order.postgres | 4 -
.../src/main/webapp/SentryService.html | 61 -
.../src/main/webapp/css/bootstrap-theme.min.css | 10 -
.../src/main/webapp/css/bootstrap.min.css | 9 -
.../src/main/webapp/css/sentry.css | 52 -
.../src/main/webapp/sentry.png | Bin 3223 -> 0 bytes
.../persistent/SentryStoreIntegrationBase.java | 91 -
.../persistent/TestDelegateSentryStore.java | 182 -
.../TestPrivilegeOperatePersistence.java | 1139 --
.../persistent/TestSentryGMPrivilege.java | 207 -
.../service/persistent/TestSentryRole.java | 372 -
.../SentryGenericServiceIntegrationBase.java | 73 -
.../TestAuditLogForSentryGenericService.java | 296 -
.../TestSentryGenericPolicyProcessor.java | 353 -
.../TestSentryGenericServiceIntegration.java | 503 -
.../generic/tools/TestSentryConfigToolSolr.java | 261 -
.../db/generic/tools/TestSentryShellKafka.java | 542 -
.../db/generic/tools/TestSentryShellSolr.java | 525 -
.../TestRollingFileWithoutDeleteAppender.java | 106 -
.../entity/TestDbAuditMetadataLogEntity.java | 69 -
.../entity/TestGMAuditMetadataLogEntity.java | 74 -
.../db/log/entity/TestJsonLogEntityFactory.java | 272 -
.../log/entity/TestJsonLogEntityFactoryGM.java | 259 -
.../provider/db/log/util/TestCommandUtil.java | 416 -
.../service/persistent/TestSentryPrivilege.java | 245 -
.../persistent/TestSentryServiceDiscovery.java | 123 -
.../db/service/persistent/TestSentryStore.java | 2090 ---
.../persistent/TestSentryStoreImportExport.java | 1164 --
.../TestSentryStoreToAuthorizable.java | 86 -
.../service/persistent/TestSentryVersion.java | 85 -
.../service/thrift/SentryMiniKdcTestcase.java | 68 -
.../TestAuthorizingDDLAuditLogWithKerberos.java | 295 -
.../thrift/TestConnectionWithTicketTimeout.java | 57 -
.../thrift/TestNotificationHandlerInvoker.java | 112 -
.../thrift/TestSentryPolicyStoreProcessor.java | 81 -
.../TestSentryServerForHaWithoutKerberos.java | 219 -
...estSentryServerForPoolHAWithoutKerberos.java | 36 -
.../TestSentryServerForPoolWithoutKerberos.java | 36 -
.../thrift/TestSentryServerWithoutKerberos.java | 214 -
.../thrift/TestSentryServiceClientPool.java | 111 -
.../thrift/TestSentryServiceFailureCase.java | 74 -
.../TestSentryServiceForHAWithKerberos.java | 75 -
.../TestSentryServiceForPoolHAWithKerberos.java | 36 -
.../TestSentryServiceForPoolWithKerberos.java | 36 -
.../thrift/TestSentryServiceImportExport.java | 751 -
.../thrift/TestSentryServiceIntegration.java | 1102 --
.../TestSentryServiceWithInvalidMsgSize.java | 119 -
.../thrift/TestSentryServiceWithKerberos.java | 58 -
.../thrift/TestSentryWebServerWithKerberos.java | 136 -
.../thrift/TestSentryWebServerWithSSL.java | 52 -
.../TestSentryWebServerWithoutSecurity.java | 87 -
.../provider/db/tools/TestSentrySchemaTool.java | 94 -
.../provider/db/tools/TestSentryShellHive.java | 608 -
.../thrift/SentryServiceIntegrationBase.java | 355 -
.../src/test/resources/cacerts.jks | Bin 954 -> 0 bytes
.../src/test/resources/keystore.jks | Bin 2245 -> 0 bytes
.../src/test/resources/log4j.properties | 34 -
.../src/test/resources/solr_case.ini | 26 -
.../test/resources/solr_config_import_tool.ini | 29 -
.../src/test/resources/solr_invalid.ini | 21 -
sentry-provider/sentry-provider-file/pom.xml | 17 -
.../provider/file/LocalGroupMappingService.java | 2 +-
.../apache/sentry/provider/file/PolicyFile.java | 202 -
sentry-service/pom.xml | 38 +
sentry-service/sentry-service-client/pom.xml | 57 +
.../thrift/SentryGenericServiceClient.java | 196 +
.../SentryGenericServiceClientDefaultImpl.java | 591 +
.../SentryGenericServiceClientFactory.java | 34 +
.../tools/KafkaTSentryPrivilegeConverter.java | 118 +
.../generic/tools/SentryConfigToolCommon.java | 152 +
.../db/generic/tools/SentryConfigToolSolr.java | 262 +
.../db/generic/tools/SentryShellKafka.java | 113 +
.../db/generic/tools/SentryShellSolr.java | 112 +
.../tools/SolrTSentryPrivilegeConverter.java | 137 +
.../tools/command/AddRoleToGroupCmd.java | 46 +
.../db/generic/tools/command/Command.java | 27 +
.../db/generic/tools/command/CreateRoleCmd.java | 39 +
.../tools/command/DeleteRoleFromGroupCmd.java | 46 +
.../db/generic/tools/command/DropRoleCmd.java | 39 +
.../tools/command/GrantPrivilegeToRoleCmd.java | 47 +
.../tools/command/ListPrivilegesByRoleCmd.java | 54 +
.../db/generic/tools/command/ListRolesCmd.java | 53 +
.../command/RevokePrivilegeFromRoleCmd.java | 47 +
.../command/TSentryPrivilegeConverter.java | 33 +
.../db/service/persistent/ServiceManager.java | 97 +
.../thrift/SentryPolicyServiceClient.java | 220 +
.../SentryPolicyServiceClientDefaultImpl.java | 1087 ++
.../provider/db/tools/SentryShellCommon.java | 247 +
.../provider/db/tools/SentryShellHive.java | 98 +
.../provider/db/tools/command/hive/Command.java | 27 +
.../db/tools/command/hive/CommandUtil.java | 119 +
.../db/tools/command/hive/CreateRoleCmd.java | 37 +
.../db/tools/command/hive/DropRoleCmd.java | 37 +
.../command/hive/GrantPrivilegeToRoleCmd.java | 41 +
.../command/hive/GrantRoleToGroupsCmd.java | 44 +
.../tools/command/hive/ListPrivilegesCmd.java | 97 +
.../db/tools/command/hive/ListRolesCmd.java | 51 +
.../hive/RevokePrivilegeFromRoleCmd.java | 42 +
.../command/hive/RevokeRoleFromGroupsCmd.java | 43 +
.../thrift/HAClientInvocationHandler.java | 139 +
.../thrift/PoolClientInvocationHandler.java | 154 +
.../thrift/SentryClientInvocationHandler.java | 54 +
.../thrift/SentryServiceClientFactory.java | 52 +
.../thrift/SentryServiceClientPoolFactory.java | 78 +
sentry-service/sentry-service-common/pom.xml | 159 +
.../thrift/SentryGenericPolicyService.java | 10416 +++++++++++
.../TAlterSentryRoleAddGroupsRequest.java | 842 +
.../TAlterSentryRoleAddGroupsResponse.java | 391 +
.../TAlterSentryRoleDeleteGroupsRequest.java | 842 +
.../TAlterSentryRoleDeleteGroupsResponse.java | 391 +
.../TAlterSentryRoleGrantPrivilegeRequest.java | 798 +
.../TAlterSentryRoleGrantPrivilegeResponse.java | 391 +
.../TAlterSentryRoleRevokePrivilegeRequest.java | 798 +
...TAlterSentryRoleRevokePrivilegeResponse.java | 391 +
.../generic/service/thrift/TAuthorizable.java | 490 +
.../thrift/TCreateSentryRoleRequest.java | 692 +
.../thrift/TCreateSentryRoleResponse.java | 391 +
.../service/thrift/TDropPrivilegesRequest.java | 697 +
.../service/thrift/TDropPrivilegesResponse.java | 391 +
.../service/thrift/TDropSentryRoleRequest.java | 692 +
.../service/thrift/TDropSentryRoleResponse.java | 391 +
.../TListSentryPrivilegesByAuthRequest.java | 1112 ++
.../TListSentryPrivilegesByAuthResponse.java | 569 +
...TListSentryPrivilegesForProviderRequest.java | 1011 ++
...ListSentryPrivilegesForProviderResponse.java | 541 +
.../thrift/TListSentryPrivilegesRequest.java | 957 +
.../thrift/TListSentryPrivilegesResponse.java | 555 +
.../service/thrift/TListSentryRolesRequest.java | 701 +
.../thrift/TListSentryRolesResponse.java | 555 +
.../thrift/TRenamePrivilegesRequest.java | 1002 ++
.../thrift/TRenamePrivilegesResponse.java | 391 +
.../service/thrift/TSentryActiveRoleSet.java | 537 +
.../service/thrift/TSentryGrantOption.java | 48 +
.../service/thrift/TSentryPrivilege.java | 1080 ++
.../service/thrift/TSentryPrivilegeMap.java | 490 +
.../db/generic/service/thrift/TSentryRole.java | 539 +
.../db/service/thrift/SentryPolicyService.java | 15564 +++++++++++++++++
.../TAlterSentryRoleAddGroupsRequest.java | 746 +
.../TAlterSentryRoleAddGroupsResponse.java | 394 +
.../thrift/TAlterSentryRoleAddUsersRequest.java | 741 +
.../TAlterSentryRoleAddUsersResponse.java | 394 +
.../TAlterSentryRoleDeleteGroupsRequest.java | 746 +
.../TAlterSentryRoleDeleteGroupsResponse.java | 394 +
.../TAlterSentryRoleDeleteUsersRequest.java | 741 +
.../TAlterSentryRoleDeleteUsersResponse.java | 394 +
.../TAlterSentryRoleGrantPrivilegeRequest.java | 866 +
.../TAlterSentryRoleGrantPrivilegeResponse.java | 669 +
.../TAlterSentryRoleRevokePrivilegeRequest.java | 866 +
...TAlterSentryRoleRevokePrivilegeResponse.java | 394 +
.../thrift/TCreateSentryRoleRequest.java | 591 +
.../thrift/TCreateSentryRoleResponse.java | 394 +
.../service/thrift/TDropPrivilegesRequest.java | 596 +
.../service/thrift/TDropPrivilegesResponse.java | 394 +
.../service/thrift/TDropSentryRoleRequest.java | 591 +
.../service/thrift/TDropSentryRoleResponse.java | 394 +
.../TListSentryPrivilegesByAuthRequest.java | 915 +
.../TListSentryPrivilegesByAuthResponse.java | 571 +
...TListSentryPrivilegesForProviderRequest.java | 915 +
...ListSentryPrivilegesForProviderResponse.java | 544 +
.../thrift/TListSentryPrivilegesRequest.java | 706 +
.../thrift/TListSentryPrivilegesResponse.java | 558 +
.../thrift/TListSentryRolesForUserRequest.java | 591 +
.../service/thrift/TListSentryRolesRequest.java | 600 +
.../thrift/TListSentryRolesResponse.java | 558 +
.../thrift/TRenamePrivilegesRequest.java | 702 +
.../thrift/TRenamePrivilegesResponse.java | 394 +
.../db/service/thrift/TSentryActiveRoleSet.java | 537 +
.../db/service/thrift/TSentryAuthorizable.java | 817 +
.../thrift/TSentryConfigValueRequest.java | 600 +
.../thrift/TSentryConfigValueResponse.java | 504 +
.../thrift/TSentryExportMappingDataRequest.java | 600 +
.../TSentryExportMappingDataResponse.java | 500 +
.../db/service/thrift/TSentryGrantOption.java | 48 +
.../db/service/thrift/TSentryGroup.java | 389 +
.../thrift/TSentryImportMappingDataRequest.java | 693 +
.../TSentryImportMappingDataResponse.java | 394 +
.../db/service/thrift/TSentryMappingData.java | 898 +
.../db/service/thrift/TSentryPrivilege.java | 1258 ++
.../db/service/thrift/TSentryPrivilegeMap.java | 490 +
.../provider/db/service/thrift/TSentryRole.java | 645 +
.../service/thrift/TSentryResponseStatus.java | 598 +
.../thrift/sentry_common_serviceConstants.java | 57 +
.../persistent/FixedJsonInstanceSerializer.java | 163 +
.../db/service/persistent/HAContext.java | 262 +
.../service/thrift/JaasConfiguration.java | 133 +
.../service/thrift/SentryServiceUtil.java | 158 +
.../sentry/service/thrift/ServiceConstants.java | 259 +
.../apache/sentry/service/thrift/Status.java | 132 +
.../main/resources/sentry_common_service.thrift | 46 +
.../sentry_generic_policy_service.thrift | 279 +
.../main/resources/sentry_policy_service.thrift | 330 +
sentry-service/sentry-service-server/pom.xml | 279 +
.../provider/db/SentryPolicyStorePlugin.java | 60 +
.../service/persistent/DelegateSentryStore.java | 542 +
.../service/persistent/PrivilegeObject.java | 231 +
.../persistent/PrivilegeOperatePersistence.java | 485 +
.../service/persistent/SentryStoreLayer.java | 198 +
.../service/thrift/NotificationHandler.java | 47 +
.../thrift/NotificationHandlerInvoker.java | 164 +
.../thrift/SentryGenericPolicyProcessor.java | 835 +
.../SentryGenericPolicyProcessorFactory.java | 41 +
.../SentryGenericPolicyProcessorWrapper.java | 39 +
.../log/appender/AuditLoggerTestAppender.java | 52 +
.../RollingFileWithoutDeleteAppender.java | 175 +
.../db/log/entity/AuditMetadataLogEntity.java | 155 +
.../db/log/entity/DBAuditMetadataLogEntity.java | 124 +
.../db/log/entity/GMAuditMetadataLogEntity.java | 97 +
.../provider/db/log/entity/JsonLogEntity.java | 25 +
.../db/log/entity/JsonLogEntityFactory.java | 351 +
.../provider/db/log/util/CommandUtil.java | 233 +
.../sentry/provider/db/log/util/Constants.java | 162 +
.../db/service/model/MSentryGMPrivilege.java | 497 +
.../provider/db/service/model/MSentryGroup.java | 116 +
.../db/service/model/MSentryPrivilege.java | 332 +
.../provider/db/service/model/MSentryRole.java | 216 +
.../provider/db/service/model/MSentryUser.java | 116 +
.../db/service/model/MSentryVersion.java | 66 +
.../provider/db/service/model/package.jdo | 242 +
.../db/service/persistent/CommitContext.java | 42 +
.../db/service/persistent/SentryStore.java | 2672 +++
.../persistent/SentryStoreSchemaInfo.java | 143 +
.../db/service/persistent/ServiceRegister.java | 52 +
.../provider/db/service/thrift/ConfServlet.java | 69 +
.../db/service/thrift/NotificationHandler.java | 79 +
.../thrift/NotificationHandlerInvoker.java | 176 +
.../db/service/thrift/PolicyStoreConstants.java | 32 +
.../db/service/thrift/SentryAuthFilter.java | 92 +
...SentryHealthCheckServletContextListener.java | 35 +
.../db/service/thrift/SentryMetrics.java | 162 +
.../SentryMetricsServletContextListener.java | 32 +
.../thrift/SentryPolicyStoreProcessor.java | 1111 ++
.../SentryPolicyStoreProcessorFactory.java | 40 +
.../service/thrift/SentryProcessorWrapper.java | 37 +
.../db/service/thrift/SentryWebServer.java | 184 +
.../provider/db/service/thrift/ThriftUtil.java | 112 +
.../provider/db/tools/SentrySchemaHelper.java | 315 +
.../provider/db/tools/SentrySchemaTool.java | 595 +
.../sentry/service/thrift/GSSCallback.java | 110 +
.../service/thrift/KerberosConfiguration.java | 107 +
.../sentry/service/thrift/ProcessorFactory.java | 31 +
.../service/thrift/SentryKerberosContext.java | 157 +
.../sentry/service/thrift/SentryService.java | 426 +
.../service/thrift/SentryServiceFactory.java | 28 +
.../src/main/resources/001-SENTRY-327.derby.sql | 2 +
.../src/main/resources/001-SENTRY-327.mysql.sql | 2 +
.../main/resources/001-SENTRY-327.oracle.sql | 2 +
.../main/resources/001-SENTRY-327.postgres.sql | 2 +
.../src/main/resources/002-SENTRY-339.derby.sql | 13 +
.../src/main/resources/002-SENTRY-339.mysql.sql | 13 +
.../main/resources/002-SENTRY-339.oracle.sql | 13 +
.../main/resources/002-SENTRY-339.postgres.sql | 13 +
.../src/main/resources/003-SENTRY-380.derby.sql | 7 +
.../src/main/resources/003-SENTRY-380.mysql.sql | 7 +
.../main/resources/003-SENTRY-380.oracle.sql | 7 +
.../main/resources/003-SENTRY-380.postgres.sql | 7 +
.../src/main/resources/004-SENTRY-74.derby.sql | 4 +
.../src/main/resources/004-SENTRY-74.mysql.sql | 4 +
.../src/main/resources/004-SENTRY-74.oracle.sql | 4 +
.../main/resources/004-SENTRY-74.postgres.sql | 4 +
.../src/main/resources/005-SENTRY-398.derby.sql | 43 +
.../src/main/resources/005-SENTRY-398.mysql.sql | 62 +
.../main/resources/005-SENTRY-398.oracle.sql | 55 +
.../main/resources/005-SENTRY-398.postgres.sql | 54 +
.../src/main/resources/006-SENTRY-711.derby.sql | 27 +
.../src/main/resources/006-SENTRY-711.mysql.sql | 28 +
.../main/resources/006-SENTRY-711.oracle.sql | 28 +
.../main/resources/006-SENTRY-711.postgres.sql | 28 +
.../src/main/resources/sentry-db2-1.4.0.sql | 112 +
.../src/main/resources/sentry-db2-1.5.0.sql | 155 +
.../src/main/resources/sentry-db2-1.6.0.sql | 155 +
.../src/main/resources/sentry-db2-1.7.0.sql | 155 +
.../src/main/resources/sentry-db2-1.8.0.sql | 183 +
.../src/main/resources/sentry-derby-1.4.0.sql | 112 +
.../src/main/resources/sentry-derby-1.5.0.sql | 155 +
.../src/main/resources/sentry-derby-1.6.0.sql | 155 +
.../src/main/resources/sentry-derby-1.7.0.sql | 155 +
.../src/main/resources/sentry-derby-1.8.0.sql | 184 +
.../src/main/resources/sentry-mysql-1.4.0.sql | 126 +
.../src/main/resources/sentry-mysql-1.5.0.sql | 192 +
.../src/main/resources/sentry-mysql-1.6.0.sql | 193 +
.../src/main/resources/sentry-mysql-1.7.0.sql | 193 +
.../src/main/resources/sentry-mysql-1.8.0.sql | 223 +
.../src/main/resources/sentry-oracle-1.4.0.sql | 110 +
.../src/main/resources/sentry-oracle-1.5.0.sql | 168 +
.../src/main/resources/sentry-oracle-1.6.0.sql | 168 +
.../src/main/resources/sentry-oracle-1.7.0.sql | 168 +
.../src/main/resources/sentry-oracle-1.8.0.sql | 197 +
.../main/resources/sentry-postgres-1.4.0.sql | 124 +
.../main/resources/sentry-postgres-1.5.0.sql | 182 +
.../main/resources/sentry-postgres-1.6.0.sql | 182 +
.../main/resources/sentry-postgres-1.7.0.sql | 182 +
.../main/resources/sentry-postgres-1.8.0.sql | 211 +
.../sentry-upgrade-db2-1.4.0-to-1.5.0.sql | 61 +
.../sentry-upgrade-db2-1.5.0-to-1.6.0.sql | 2 +
.../sentry-upgrade-db2-1.6.0-to-1.7.0.sql | 2 +
.../sentry-upgrade-db2-1.7.0-to-1.8.0.sql | 31 +
.../sentry-upgrade-derby-1.4.0-to-1.5.0.sql | 8 +
.../sentry-upgrade-derby-1.5.0-to-1.6.0.sql | 2 +
.../sentry-upgrade-derby-1.6.0-to-1.7.0.sql | 2 +
.../sentry-upgrade-derby-1.7.0-to-1.8.0.sql | 4 +
.../sentry-upgrade-mysql-1.4.0-to-1.5.0.sql | 10 +
.../sentry-upgrade-mysql-1.5.0-to-1.6.0.sql | 5 +
.../sentry-upgrade-mysql-1.6.0-to-1.7.0.sql | 5 +
.../sentry-upgrade-mysql-1.7.0-to-1.8.0.sql | 6 +
.../sentry-upgrade-oracle-1.4.0-to-1.5.0.sql | 9 +
.../sentry-upgrade-oracle-1.5.0-to-1.6.0.sql | 5 +
.../sentry-upgrade-oracle-1.6.0-to-1.7.0.sql | 5 +
.../sentry-upgrade-oracle-1.7.0-to-1.8.0.sql | 6 +
.../sentry-upgrade-postgres-1.4.0-to-1.5.0.sql | 9 +
.../sentry-upgrade-postgres-1.5.0-to-1.6.0.sql | 5 +
.../sentry-upgrade-postgres-1.6.0-to-1.7.0.sql | 5 +
.../sentry-upgrade-postgres-1.7.0-to-1.8.0.sql | 6 +
.../src/main/resources/upgrade.order.db2 | 4 +
.../src/main/resources/upgrade.order.derby | 4 +
.../src/main/resources/upgrade.order.mysql | 4 +
.../src/main/resources/upgrade.order.oracle | 4 +
.../src/main/resources/upgrade.order.postgres | 4 +
.../src/main/webapp/SentryService.html | 61 +
.../src/main/webapp/css/bootstrap-theme.min.css | 10 +
.../src/main/webapp/css/bootstrap.min.css | 9 +
.../src/main/webapp/css/sentry.css | 52 +
.../src/main/webapp/sentry.png | Bin 0 -> 3223 bytes
.../persistent/SentryStoreIntegrationBase.java | 91 +
.../persistent/TestDelegateSentryStore.java | 182 +
.../TestPrivilegeOperatePersistence.java | 1139 ++
.../persistent/TestSentryGMPrivilege.java | 207 +
.../service/persistent/TestSentryRole.java | 372 +
.../SentryGenericServiceIntegrationBase.java | 73 +
.../TestAuditLogForSentryGenericService.java | 296 +
.../TestSentryGenericPolicyProcessor.java | 349 +
.../TestSentryGenericServiceIntegration.java | 503 +
.../generic/tools/TestSentryConfigToolSolr.java | 261 +
.../db/generic/tools/TestSentryShellKafka.java | 542 +
.../db/generic/tools/TestSentryShellSolr.java | 525 +
.../TestRollingFileWithoutDeleteAppender.java | 103 +
.../entity/TestDbAuditMetadataLogEntity.java | 67 +
.../entity/TestGMAuditMetadataLogEntity.java | 72 +
.../db/log/entity/TestJsonLogEntityFactory.java | 272 +
.../log/entity/TestJsonLogEntityFactoryGM.java | 259 +
.../provider/db/log/util/TestCommandUtil.java | 416 +
.../service/persistent/TestSentryPrivilege.java | 245 +
.../persistent/TestSentryServiceDiscovery.java | 123 +
.../db/service/persistent/TestSentryStore.java | 2090 +++
.../persistent/TestSentryStoreImportExport.java | 1164 ++
.../TestSentryStoreToAuthorizable.java | 86 +
.../service/persistent/TestSentryVersion.java | 84 +
.../service/thrift/SentryMiniKdcTestcase.java | 68 +
.../TestAuthorizingDDLAuditLogWithKerberos.java | 295 +
.../thrift/TestConnectionWithTicketTimeout.java | 57 +
.../thrift/TestNotificationHandlerInvoker.java | 112 +
.../thrift/TestSentryPolicyStoreProcessor.java | 81 +
.../TestSentryServerForHaWithoutKerberos.java | 219 +
...estSentryServerForPoolHAWithoutKerberos.java | 36 +
.../TestSentryServerForPoolWithoutKerberos.java | 37 +
.../thrift/TestSentryServerWithoutKerberos.java | 214 +
.../thrift/TestSentryServiceClientPool.java | 111 +
.../thrift/TestSentryServiceFailureCase.java | 74 +
.../TestSentryServiceForHAWithKerberos.java | 75 +
.../TestSentryServiceForPoolHAWithKerberos.java | 39 +
.../TestSentryServiceForPoolWithKerberos.java | 37 +
.../thrift/TestSentryServiceImportExport.java | 751 +
.../thrift/TestSentryServiceIntegration.java | 1102 ++
.../TestSentryServiceWithInvalidMsgSize.java | 119 +
.../thrift/TestSentryServiceWithKerberos.java | 58 +
.../thrift/TestSentryWebServerWithKerberos.java | 136 +
.../thrift/TestSentryWebServerWithSSL.java | 52 +
.../TestSentryWebServerWithoutSecurity.java | 87 +
.../provider/db/tools/TestSentrySchemaTool.java | 94 +
.../provider/db/tools/TestSentryShellHive.java | 608 +
.../thrift/SentryServiceIntegrationBase.java | 355 +
.../src/test/resources/cacerts.jks | Bin 0 -> 954 bytes
.../src/test/resources/keystore.jks | Bin 0 -> 2245 bytes
.../src/test/resources/log4j.properties | 34 +
.../src/test/resources/solr_case.ini | 26 +
.../test/resources/solr_config_import_tool.ini | 29 +
.../src/test/resources/solr_invalid.ini | 21 +
sentry-solr/solr-sentry-core/pom.xml | 4 -
sentry-solr/solr-sentry-handlers/pom.xml | 4 -
.../dbprovider/AbstractTestWithDbProvider.java | 2 +-
.../e2e/dbprovider/TestConcurrentClients.java | 2 +-
.../tests/e2e/dbprovider/TestDbComplexView.java | 2 +-
.../tests/e2e/dbprovider/TestDbConnections.java | 2 +-
.../tests/e2e/dbprovider/TestDbEndToEnd.java | 2 +-
.../TestDbSentryOnFailureHookLoading.java | 4 +-
.../TestPrivilegeWithGrantOption.java | 3 +-
.../TestPrivilegeWithHAGrantOption.java | 3 +-
.../sentry/tests/e2e/ha/TestHaEnd2End.java | 2 +-
.../tests/e2e/hdfs/TestHDFSIntegration.java | 5 +-
.../AbstractTestWithStaticConfiguration.java | 3 +-
.../sentry/tests/e2e/hive/TestConfigTool.java | 2 +-
.../sentry/tests/e2e/hive/TestCrossDbOps.java | 2 +-
.../e2e/hive/TestCustomSerdePrivileges.java | 2 +-
.../sentry/tests/e2e/hive/TestEndToEnd.java | 2 +-
.../e2e/hive/TestExportImportPrivileges.java | 2 +-
.../tests/e2e/hive/TestJDBCInterface.java | 2 +-
.../tests/e2e/hive/TestLockPrivileges.java | 2 +-
.../e2e/hive/TestMetadataObjectRetrieval.java | 2 +-
.../tests/e2e/hive/TestMetadataPermissions.java | 2 +-
.../tests/e2e/hive/TestMovingToProduction.java | 2 +-
.../sentry/tests/e2e/hive/TestOperations.java | 2 +-
.../tests/e2e/hive/TestPerDBConfiguration.java | 2 +-
.../e2e/hive/TestPerDatabasePolicyFile.java | 2 +-
.../e2e/hive/TestPrivilegeAtTransform.java | 2 +-
.../e2e/hive/TestPrivilegesAtColumnScope.java | 2 +-
.../e2e/hive/TestPrivilegesAtDatabaseScope.java | 2 +-
.../e2e/hive/TestPrivilegesAtFunctionScope.java | 2 +-
.../e2e/hive/TestPrivilegesAtTableScope.java | 2 +-
.../tests/e2e/hive/TestReloadPrivileges.java | 2 +-
.../e2e/hive/TestRuntimeMetadataRetrieval.java | 2 +-
.../sentry/tests/e2e/hive/TestSandboxOps.java | 2 +-
.../hive/TestSentryOnFailureHookLoading.java | 2 +-
.../tests/e2e/hive/TestServerConfiguration.java | 2 +-
.../tests/e2e/hive/TestUriPermissions.java | 2 +-
.../tests/e2e/hive/TestUserManagement.java | 2 +-
.../tests/e2e/hive/TestViewPrivileges.java | 2 +-
...actMetastoreTestWithStaticConfiguration.java | 2 +-
.../metastore/SentryPolicyProviderForDb.java | 2 +-
.../metastore/TestAuthorizingObjectStore.java | 2 +-
.../e2e/metastore/TestMetaStoreWithPigHCat.java | 2 +-
.../e2e/metastore/TestMetastoreEndToEnd.java | 2 +-
sentry-tests/sentry-tests-hive/pom.xml | 2 +-
.../dbprovider/AbstractTestWithDbProvider.java | 2 +-
.../e2e/dbprovider/TestConcurrentClients.java | 2 +-
.../tests/e2e/dbprovider/TestDbComplexView.java | 2 +-
.../tests/e2e/dbprovider/TestDbConnections.java | 2 +-
.../tests/e2e/dbprovider/TestDbEndToEnd.java | 2 +-
.../sentry/tests/e2e/ha/TestHaEnd2End.java | 2 +-
.../tests/e2e/hdfs/TestHDFSIntegration.java | 2 +-
.../AbstractTestWithStaticConfiguration.java | 2 +-
.../sentry/tests/e2e/hive/TestConfigTool.java | 2 +-
.../sentry/tests/e2e/hive/TestCrossDbOps.java | 2 +-
.../e2e/hive/TestCustomSerdePrivileges.java | 2 +-
.../sentry/tests/e2e/hive/TestEndToEnd.java | 2 +-
.../e2e/hive/TestExportImportPrivileges.java | 2 +-
.../tests/e2e/hive/TestJDBCInterface.java | 2 +-
.../tests/e2e/hive/TestLockPrivileges.java | 2 +-
.../e2e/hive/TestMetadataObjectRetrieval.java | 2 +-
.../tests/e2e/hive/TestMetadataPermissions.java | 2 +-
.../tests/e2e/hive/TestMovingToProduction.java | 2 +-
.../tests/e2e/hive/TestOperationsPart1.java | 2 +-
.../tests/e2e/hive/TestOperationsPart2.java | 2 +-
.../tests/e2e/hive/TestPerDBConfiguration.java | 2 +-
.../e2e/hive/TestPerDatabasePolicyFile.java | 2 +-
.../e2e/hive/TestPrivilegeAtTransform.java | 2 +-
.../e2e/hive/TestPrivilegesAtColumnScope.java | 2 +-
.../e2e/hive/TestPrivilegesAtDatabaseScope.java | 2 +-
.../e2e/hive/TestPrivilegesAtFunctionScope.java | 2 +-
.../hive/TestPrivilegesAtTableScopePart1.java | 2 +-
.../hive/TestPrivilegesAtTableScopePart2.java | 2 +-
.../tests/e2e/hive/TestReloadPrivileges.java | 2 +-
.../e2e/hive/TestRuntimeMetadataRetrieval.java | 2 +-
.../sentry/tests/e2e/hive/TestSandboxOps.java | 2 +-
.../hive/TestSentryOnFailureHookLoading.java | 2 +-
.../tests/e2e/hive/TestServerConfiguration.java | 2 +-
.../tests/e2e/hive/TestUriPermissions.java | 2 +-
.../tests/e2e/hive/TestUserManagement.java | 2 +-
.../tests/e2e/hive/TestViewPrivileges.java | 2 +-
...actMetastoreTestWithStaticConfiguration.java | 2 +-
.../metastore/SentryPolicyProviderForDb.java | 2 +-
.../metastore/TestAuthorizingObjectStore.java | 2 +-
.../e2e/metastore/TestMetaStoreWithPigHCat.java | 2 +-
.../e2e/metastore/TestMetastoreEndToEnd.java | 2 +-
.../tests/e2e/metastore/TestURIMetastore.java | 2 +-
sentry-tests/sentry-tests-kafka/pom.xml | 3 +-
.../e2e/kafka/AbstractKafkaSentryTestBase.java | 2 +-
sentry-tests/sentry-tests-solr/pom.xml | 2 +-
.../AbstractSolrSentryTestWithDbProvider.java | 2 +-
sentry-tests/sentry-tests-sqoop/pom.xml | 2 +-
.../e2e/sqoop/AbstractSqoopSentryTestBase.java | 2 +-
767 files changed, 110640 insertions(+), 110541 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 2ea4735..a4f2bcc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -55,7 +55,6 @@ limitations under the License.
<maven.compile.target>1.7</maven.compile.target>
<!-- versions are in alphabetical order -->
<ant.contrib.version>1.0b3</ant.contrib.version>
- <bonecp.version>0.7.1.RELEASE</bonecp.version>
<build.helper.maven.plugin.version>1.8</build.helper.maven.plugin.version>
<cglib.version>2.2</cglib.version>
<commons-cli.version>1.2</commons-cli.version>
@@ -75,6 +74,7 @@ limitations under the License.
<jackson.version>1.8.8</jackson.version>
<jdo-api.version>3.0.1</jdo-api.version>
<jettyVersion>8.1.19.v20160209</jettyVersion>
+ <jetty.aggregate>7.6.0.v20120127</jetty.aggregate>
<joda-time.version>2.5</joda-time.version>
<junit.version>4.10</junit.version>
<libfb303.version>0.9.3</libfb303.version>
@@ -121,11 +121,6 @@ limitations under the License.
<version>${commons.logging.version}</version>
</dependency>
<dependency>
- <groupId>com.jolbox</groupId>
- <artifactId>bonecp</artifactId>
- <version>${bonecp.version}</version>
- </dependency>
- <dependency>
<groupId>org.apache.derby</groupId>
<artifactId>derby</artifactId>
<version>${derby.version}</version>
@@ -425,6 +420,21 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-common</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-server</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-service-client</artifactId>
+ <version>${project.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-common</artifactId>
<version>${project.version}</version>
</dependency>
@@ -465,7 +475,7 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-db</artifactId>
+ <artifactId>sentry-service-server</artifactId>
<version>${project.version}</version>
<type>test-jar</type>
</dependency>
@@ -615,11 +625,17 @@ limitations under the License.
<artifactId>jetty-servlet</artifactId>
<version>${jettyVersion}</version>
</dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty.aggregate</groupId>
+ <artifactId>jetty-all</artifactId>
+ <version>${jetty.aggregate}</version>
+ </dependency>
</dependencies>
</dependencyManagement>
<modules>
<module>sentry-core</module>
+ <module>sentry-service</module>
<module>sentry-binding</module>
<module>sentry-provider</module>
<module>sentry-policy</module>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive-common/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/pom.xml b/sentry-binding/sentry-binding-hive-common/pom.xml
index 18b422d..685df0c 100644
--- a/sentry-binding/sentry-binding-hive-common/pom.xml
+++ b/sentry-binding/sentry-binding-hive-common/pom.xml
@@ -54,23 +54,19 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
+ <artifactId>sentry-core-model-db</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-db</artifactId>
+ <artifactId>sentry-service-client</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-common</artifactId>
+ <artifactId>sentry-policy-engine</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-file</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-cache</artifactId>
+ <artifactId>sentry-provider-cache</artifactId>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive-v2/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/pom.xml b/sentry-binding/sentry-binding-hive-v2/pom.xml
index cb1b026..e6df18a 100644
--- a/sentry-binding/sentry-binding-hive-v2/pom.xml
+++ b/sentry-binding/sentry-binding-hive-v2/pom.xml
@@ -110,26 +110,6 @@ limitations under the License.
<scope>provided</scope>
</dependency>
<dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-db</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-file</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-policy-engine</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
<scope>provided</scope>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/MetastoreAuthzBindingV2.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/MetastoreAuthzBindingV2.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/MetastoreAuthzBindingV2.java
index cfef1a7..7c1de14 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/MetastoreAuthzBindingV2.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/MetastoreAuthzBindingV2.java
@@ -28,11 +28,11 @@ import org.apache.hadoop.hive.metastore.api.MetaException;
import org.apache.hadoop.hive.metastore.events.PreDropPartitionEvent;
import org.apache.hadoop.hive.ql.metadata.AuthorizationException;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
+import org.apache.sentry.core.common.exception.SentryUserException;
import org.apache.sentry.binding.hive.authz.HiveAuthzBinding;
import org.apache.sentry.binding.hive.v2.HiveAuthzPrivilegesMapV2;
import org.apache.sentry.binding.metastore.MetastoreAuthzBindingBase;
import org.apache.sentry.core.common.Subject;
-import org.apache.sentry.core.common.exception.SentryUserException;
import org.apache.sentry.core.model.db.DBModelAuthorizable;
/**
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/pom.xml b/sentry-binding/sentry-binding-hive/pom.xml
index 07aaae3..fa1c44c 100644
--- a/sentry-binding/sentry-binding-hive/pom.xml
+++ b/sentry-binding/sentry-binding-hive/pom.xml
@@ -70,31 +70,6 @@ limitations under the License.
<artifactId>sentry-binding-hive-common</artifactId>
</dependency>
<dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-db</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-common</artifactId>
- </dependency>
- <!-- required for SentryGrantRevokeTask -->
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-db</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-file</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-cache</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
<scope>provided</scope>
@@ -112,10 +87,6 @@ limitations under the License.
</dependency>
<!-- required for SentryGrantRevokeTask -->
<dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-db</artifactId>
- </dependency>
- <dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-minicluster</artifactId>
<scope>test</scope>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/MockUserToGroupMapping.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/MockUserToGroupMapping.java b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/MockUserToGroupMapping.java
index c095603..8ea8e1b 100644
--- a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/MockUserToGroupMapping.java
+++ b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/MockUserToGroupMapping.java
@@ -19,7 +19,7 @@ package org.apache.sentry.binding.hive;
import java.util.Set;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.common.service.GroupMappingService;
import com.google.common.collect.Sets;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestPolicyParsingNegative.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestPolicyParsingNegative.java b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestPolicyParsingNegative.java
index 4dc8812..0a53088 100644
--- a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestPolicyParsingNegative.java
+++ b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestPolicyParsingNegative.java
@@ -24,7 +24,7 @@ import org.junit.Assert;
import org.apache.commons.io.FileUtils;
import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.file.PolicyFile;
+import org.apache.sentry.core.common.utils.PolicyFile;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderGeneralCases.java b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderGeneralCases.java
index 403eb6a..2ace656 100644
--- a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderGeneralCases.java
+++ b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderGeneralCases.java
@@ -37,7 +37,7 @@ import org.apache.sentry.core.model.db.Database;
import org.apache.sentry.core.model.db.HivePrivilegeModel;
import org.apache.sentry.core.model.db.Server;
import org.apache.sentry.core.model.db.Table;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
import org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider;
import org.apache.sentry.provider.file.PolicyFiles;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderSpecialCases.java b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderSpecialCases.java
index 6fe9e6b..040f467 100644
--- a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderSpecialCases.java
+++ b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestResourceAuthorizationProviderSpecialCases.java
@@ -36,7 +36,7 @@ import org.apache.sentry.core.model.db.Server;
import org.apache.sentry.policy.common.PolicyEngine;
import org.apache.sentry.provider.common.AuthorizationProvider;
import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
-import org.apache.sentry.provider.file.PolicyFile;
+import org.apache.sentry.core.common.utils.PolicyFile;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestSimpleDBPolicyEngineDFS.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestSimpleDBPolicyEngineDFS.java b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestSimpleDBPolicyEngineDFS.java
index 97cf615..f86516f 100644
--- a/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestSimpleDBPolicyEngineDFS.java
+++ b/sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/policy/hive/TestSimpleDBPolicyEngineDFS.java
@@ -28,7 +28,7 @@ import org.apache.hadoop.fs.Path;
import org.apache.hadoop.hdfs.MiniDFSCluster;
import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.file.PolicyFile;
+import org.apache.sentry.core.common.utils.PolicyFile;
import org.apache.sentry.provider.file.PolicyFiles;
import org.junit.AfterClass;
import org.junit.BeforeClass;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-kafka/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/pom.xml b/sentry-binding/sentry-binding-kafka/pom.xml
index f6f212b..f868786 100644
--- a/sentry-binding/sentry-binding-kafka/pom.xml
+++ b/sentry-binding/sentry-binding-kafka/pom.xml
@@ -37,27 +37,15 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-core-model-kafka</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-file</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-db</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-policy-common</artifactId>
+ <artifactId>sentry-policy-engine</artifactId>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
index cc5194b..53e7a3c 100644
--- a/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
+++ b/sentry-binding/sentry-binding-kafka/src/main/java/org/apache/sentry/kafka/binding/KafkaAuthBinding.java
@@ -51,7 +51,7 @@ import org.apache.sentry.core.model.kafka.KafkaPrivilegeModel;
import org.apache.sentry.kafka.ConvertUtil;
import org.apache.sentry.kafka.conf.KafkaAuthConf.AuthzConfVars;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.AuthorizationComponent;
+import org.apache.sentry.core.common.utils.AuthorizationComponent;
import org.apache.sentry.provider.common.AuthorizationProvider;
import org.apache.sentry.provider.common.ProviderBackend;
import org.apache.sentry.provider.common.ProviderBackendContext;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/MockGroupMappingServiceProvider.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/MockGroupMappingServiceProvider.java b/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/MockGroupMappingServiceProvider.java
index 572c74d..1329520 100644
--- a/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/MockGroupMappingServiceProvider.java
+++ b/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/MockGroupMappingServiceProvider.java
@@ -20,7 +20,7 @@ package org.apache.sentry.policy.kafka;
import java.util.Set;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.common.service.GroupMappingService;
import com.google.common.collect.Multimap;
import com.google.common.collect.Sets;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/TestKafkaAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/TestKafkaAuthorizationProviderSpecialCases.java b/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/TestKafkaAuthorizationProviderSpecialCases.java
index 63d2f30..6109059 100644
--- a/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/TestKafkaAuthorizationProviderSpecialCases.java
+++ b/sentry-binding/sentry-binding-kafka/src/test/java/org/apache/sentry/policy/kafka/TestKafkaAuthorizationProviderSpecialCases.java
@@ -38,7 +38,7 @@ import org.apache.sentry.core.model.kafka.Topic;
import org.apache.sentry.policy.common.PolicyEngine;
import org.apache.sentry.provider.common.AuthorizationProvider;
import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
-import org.apache.sentry.provider.file.PolicyFile;
+import org.apache.sentry.core.common.utils.PolicyFile;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-solr/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-solr/pom.xml b/sentry-binding/sentry-binding-solr/pom.xml
index a63a600..8b94c87 100644
--- a/sentry-binding/sentry-binding-solr/pom.xml
+++ b/sentry-binding/sentry-binding-solr/pom.xml
@@ -36,18 +36,10 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-core-model-search</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-db</artifactId>
</dependency>
<dependency>
@@ -56,6 +48,10 @@ limitations under the License.
<scope>test</scope>
</dependency>
<dependency>
+ <groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-policy-engine</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.hadoop</groupId>
<artifactId>hadoop-common</artifactId>
<scope>provided</scope>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
index 2400673..3bc5b82 100644
--- a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
+++ b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
@@ -42,9 +42,9 @@ import org.apache.sentry.core.model.search.Collection;
import org.apache.sentry.core.model.search.SearchModelAction;
import org.apache.sentry.core.model.search.SearchPrivilegeModel;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.AuthorizationComponent;
+import org.apache.sentry.core.common.utils.AuthorizationComponent;
import org.apache.sentry.provider.common.AuthorizationProvider;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.provider.common.HadoopGroupResourceAuthorizationProvider;
import org.apache.sentry.provider.common.ProviderBackend;
import org.apache.sentry.provider.common.ProviderBackendContext;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderGeneralCases.java b/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderGeneralCases.java
index 6f7f07a..2c82dc7 100644
--- a/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderGeneralCases.java
+++ b/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderGeneralCases.java
@@ -34,7 +34,7 @@ import org.apache.sentry.core.common.Subject;
import org.apache.sentry.core.model.search.Collection;
import org.apache.sentry.core.model.search.SearchModelAction;
import org.apache.sentry.core.model.search.SearchPrivilegeModel;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
import org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider;
import org.apache.sentry.provider.file.PolicyFiles;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderSpecialCases.java b/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderSpecialCases.java
index 371f361..80e3f4a 100644
--- a/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderSpecialCases.java
+++ b/sentry-binding/sentry-binding-solr/src/test/java/org/apache/sentry/policy/solr/TestSearchAuthorizationProviderSpecialCases.java
@@ -35,7 +35,7 @@ import org.apache.sentry.core.model.search.SearchPrivilegeModel;
import org.apache.sentry.policy.common.PolicyEngine;
import org.apache.sentry.provider.common.AuthorizationProvider;
import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
-import org.apache.sentry.provider.file.PolicyFile;
+import org.apache.sentry.core.common.utils.PolicyFile;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-sqoop/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/pom.xml b/sentry-binding/sentry-binding-sqoop/pom.xml
index 732da26..e96802f 100644
--- a/sentry-binding/sentry-binding-sqoop/pom.xml
+++ b/sentry-binding/sentry-binding-sqoop/pom.xml
@@ -36,18 +36,10 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-core-model-sqoop</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-provider-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-file</artifactId>
</dependency>
<dependency>
@@ -56,7 +48,7 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-policy-common</artifactId>
+ <artifactId>sentry-policy-engine</artifactId>
</dependency>
<dependency>
<groupId>org.apache.hadoop</groupId>
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
index 84a61cc..0a2e0b5 100644
--- a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
+++ b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
@@ -32,7 +32,7 @@ import org.apache.sentry.core.model.sqoop.SqoopActionConstant;
import org.apache.sentry.core.model.sqoop.SqoopActionFactory;
import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.AuthorizationComponent;
+import org.apache.sentry.core.common.utils.AuthorizationComponent;
import org.apache.sentry.provider.common.AuthorizationProvider;
import org.apache.sentry.provider.common.ProviderBackend;
import org.apache.sentry.provider.common.ProviderBackendContext;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java b/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
index 7ce8881..a3d96fe 100644
--- a/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
+++ b/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderGeneralCases.java
@@ -38,7 +38,7 @@ import org.apache.sentry.core.model.sqoop.Server;
import org.apache.sentry.core.model.sqoop.SqoopActionConstant;
import org.apache.sentry.core.model.sqoop.SqoopActionFactory.SqoopAction;
import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.common.service.GroupMappingService;
import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
import org.apache.sentry.provider.common.HadoopGroupResourceAuthorizationProvider;
import org.apache.sentry.provider.file.PolicyFiles;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java b/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
index 8d69402..4bcf3b1 100644
--- a/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
+++ b/sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/policy/sqoop/TestSqoopAuthorizationProviderSpecialCases.java
@@ -38,7 +38,7 @@ import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
import org.apache.sentry.policy.common.PolicyEngine;
import org.apache.sentry.provider.common.AuthorizationProvider;
import org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider;
-import org.apache.sentry.provider.file.PolicyFile;
+import org.apache.sentry.core.common.utils.PolicyFile;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/GroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/GroupMappingService.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/GroupMappingService.java
new file mode 100644
index 0000000..6af6ac5
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/GroupMappingService.java
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.common.service;
+
+import java.util.Set;
+
+import javax.annotation.concurrent.ThreadSafe;
+
+/**
+ * Interface so the Groups class is easier to unit test with.
+ * Implementations of this class are expected to be thread safe
+ * after construction.
+ */
+@ThreadSafe
+public interface GroupMappingService {
+
+ /**
+ * @return non-null list of groups for user
+ */
+ Set<String> getGroups(String user);
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/HadoopGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/HadoopGroupMappingService.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/HadoopGroupMappingService.java
new file mode 100644
index 0000000..2b10ae1
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/HadoopGroupMappingService.java
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.common.service;
+
+import java.io.IOException;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.apache.commons.lang.StringUtils;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.security.Groups;
+
+import com.google.common.collect.Lists;
+import org.apache.sentry.core.common.exception.SentryGroupNotFoundException;
+
+public class HadoopGroupMappingService implements GroupMappingService {
+
+ private static Configuration hadoopConf;
+ private final Groups groups;
+
+ public HadoopGroupMappingService(Groups groups) {
+ this.groups = groups;
+ }
+
+ public HadoopGroupMappingService(Configuration conf, String resource) {
+ if (hadoopConf == null) {
+ synchronized (HadoopGroupMappingService.class) {
+ if (hadoopConf == null) {
+ // clone the current config and add resource path
+ hadoopConf = new Configuration();
+ hadoopConf.addResource(conf);
+ if (!StringUtils.isEmpty(resource)) {
+ hadoopConf.addResource(resource);
+ }
+ }
+ }
+ }
+ this.groups = Groups.getUserToGroupsMappingService(hadoopConf);
+ }
+
+ @Override
+ public Set<String> getGroups(String user) {
+ List<String> groupList = Lists.newArrayList();
+ try {
+ groupList = groups.getGroups(user);
+ } catch (IOException e) {
+ throw new SentryGroupNotFoundException("Unable to obtain groups for " + user, e);
+ }
+ if (groupList == null || groupList.isEmpty()) {
+ throw new SentryGroupNotFoundException("Unable to obtain groups for " + user);
+ }
+ return new HashSet<String>(groupList);
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/MockGroupMappingServiceProvider.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/MockGroupMappingServiceProvider.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/MockGroupMappingServiceProvider.java
new file mode 100644
index 0000000..55010de
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/MockGroupMappingServiceProvider.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.common.service;
+
+import java.util.Collection;
+import java.util.Set;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.collect.Multimap;
+import com.google.common.collect.Sets;
+
+public class MockGroupMappingServiceProvider implements GroupMappingService {
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(MockGroupMappingServiceProvider.class);
+ private final Multimap<String, String> userToGroupMap;
+
+ public MockGroupMappingServiceProvider(Multimap<String, String> userToGroupMap) {
+ this.userToGroupMap = userToGroupMap;
+ }
+
+ @Override
+ public Set<String> getGroups(String user) {
+ Collection<String> groups = userToGroupMap.get(user);
+ LOGGER.info("Mapping " + user + " to " + groups);
+ return Sets.newHashSet(groups);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/NoGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/NoGroupMappingService.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/NoGroupMappingService.java
new file mode 100644
index 0000000..db48788
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/service/NoGroupMappingService.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.common.service;
+
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * GroupMappingService that always returns an empty list of groups
+ */
+public class NoGroupMappingService implements GroupMappingService {
+
+ /**
+ * @return empty list of groups for every user
+ */
+ public Set<String> getGroups(String user) {
+ return new HashSet<String>();
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/AuthorizationComponent.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/AuthorizationComponent.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/AuthorizationComponent.java
new file mode 100644
index 0000000..e3f1f15
--- /dev/null
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/AuthorizationComponent.java
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.common.utils;
+/**
+ * Represent which component being authorized by Sentry
+ * using generic model
+ */
+public class AuthorizationComponent{
+ public static final String Search = "solr";
+ public static final String SQOOP = "sqoop";
+ public static final String KAFKA = "kafka";
+
+ private AuthorizationComponent() {
+ // Make constructor private to avoid instantiation
+ }
+}
[23/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java
deleted file mode 100644
index 55b61ac..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java
+++ /dev/null
@@ -1,497 +0,0 @@
-/**
-vim * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.model;
-
-import static org.apache.sentry.core.common.utils.SentryConstants.AUTHORIZABLE_JOINER;
-import static org.apache.sentry.core.common.utils.SentryConstants.KV_JOINER;
-
-import java.lang.reflect.Field;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import javax.jdo.annotations.PersistenceCapable;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.model.db.AccessConstants;
-
-import com.google.common.base.Strings;
-import com.google.common.collect.Lists;
-
-/**
- * Database backed Sentry Generic Privilege for new authorization Model
- * Any changes to this object
- * require re-running the maven build so DN an re-enhance.
- */
-@PersistenceCapable
-public class MSentryGMPrivilege {
- private static final String PREFIX_RESOURCE_NAME = "resourceName";
- private static final String PREFIX_RESOURCE_TYPE = "resourceType";
- private static final String NULL_COL = "__NULL__";
- private static final String SERVICE_SCOPE = "Server";
- private static final int AUTHORIZABLE_LEVEL = 4;
- /**
- * The authorizable List has been stored into resourceName and resourceField columns
- * We assume that the generic model privilege for any component(hive/impala or solr) doesn't exceed four level.
- * This generic model privilege currently can support maximum 4 level.
- **/
- private String resourceName0 = NULL_COL; //NOPMD
- private String resourceType0 = NULL_COL; //NOPMD
- private String resourceName1 = NULL_COL; //NOPMD
- private String resourceType1 = NULL_COL; //NOPMD
- private String resourceName2 = NULL_COL; //NOPMD
- private String resourceType2 = NULL_COL; //NOPMD
- private String resourceName3 = NULL_COL; //NOPMD
- private String resourceType3 = NULL_COL; //NOPMD
-
-
- private String serviceName;
- private String componentName;
- private String action;
- private String scope;
-
- private Boolean grantOption = false;
- // roles this privilege is a part of
- private Set<MSentryRole> roles;
- private long createTime;
-
- public MSentryGMPrivilege() {
- this.roles = new HashSet<MSentryRole>();
- }
-
- public MSentryGMPrivilege(String componentName, String serviceName,
- List<? extends Authorizable> authorizables,
- String action, Boolean grantOption) {
- this.componentName = componentName;
- this.serviceName = serviceName;
- this.action = action;
- this.grantOption = grantOption;
- this.roles = new HashSet<MSentryRole>();
- this.createTime = System.currentTimeMillis();
- setAuthorizables(authorizables);
- }
-
- public MSentryGMPrivilege(MSentryGMPrivilege copy) {
- this.action = copy.action;
- this.componentName = copy.componentName;
- this.serviceName = copy.serviceName;
- this.grantOption = copy.grantOption;
- this.scope = copy.scope;
- this.createTime = copy.createTime;
- setAuthorizables(copy.getAuthorizables());
- this.roles = new HashSet<MSentryRole>();
- for (MSentryRole role : copy.roles) {
- roles.add(role);
- }
- }
-
- public String getServiceName() {
- return serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public String getComponentName() {
- return componentName;
- }
-
- public void setComponentName(String componentName) {
- this.componentName = componentName;
- }
-
- public String getAction() {
- return action;
- }
-
- public void setAction(String action) {
- this.action = action;
- }
-
- public Boolean getGrantOption() {
- return grantOption;
- }
-
- public void setGrantOption(Boolean grantOption) {
- this.grantOption = grantOption;
- }
-
- public Set<MSentryRole> getRoles() {
- return roles;
- }
-
- public void setRoles(Set<MSentryRole> roles) {
- this.roles = roles;
- }
-
- public long getCreateTime() {
- return createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- }
-
- public String getScope() {
- return scope;
- }
-
- public List<? extends Authorizable> getAuthorizables() {
- List<Authorizable> authorizables = Lists.newArrayList();
- //construct atuhorizable lists
- for (int i = 0; i < AUTHORIZABLE_LEVEL; i++) {
- final String resourceName = (String) getField(this, PREFIX_RESOURCE_NAME + String.valueOf(i));
- final String resourceTYpe = (String) getField(this, PREFIX_RESOURCE_TYPE + String.valueOf(i));
-
- if (notNULL(resourceName) && notNULL(resourceTYpe)) {
- authorizables.add(new Authorizable() {
- @Override
- public String getTypeName() {
- return resourceTYpe;
- }
- @Override
- public String getName() {
- return resourceName;
- }
- });
- }
- }
- return authorizables;
- }
-
- /**
- * Only allow strict hierarchies. That is, can level =1 be not null when level = 0 is null
- * @param authorizables
- */
- public void setAuthorizables(List<? extends Authorizable> authorizables) {
- if (authorizables == null || authorizables.isEmpty()) {
- //service scope
- scope = SERVICE_SCOPE;
- return;
- }
- if (authorizables.size() > AUTHORIZABLE_LEVEL) {
- throw new IllegalStateException("This generic privilege model only supports maximum 4 level.");
- }
-
- for (int i = 0; i < authorizables.size(); i++) {
- Authorizable authorizable = authorizables.get(i);
- if (authorizable == null) {
- String msg = String.format("The authorizable can't be null. Please check authorizables[%d]:", i);
- throw new IllegalStateException(msg);
- }
- String resourceName = authorizable.getName();
- String resourceTYpe = authorizable.getTypeName();
- if (isNULL(resourceName) || isNULL(resourceTYpe)) {
- String msg = String.format("The name and type of authorizable can't be empty or null.Please check authorizables[%d]", i);
- throw new IllegalStateException(msg);
- }
- setField(this, PREFIX_RESOURCE_NAME + String.valueOf(i), toNULLCol(resourceName));
- setField(this, PREFIX_RESOURCE_TYPE + String.valueOf(i), toNULLCol(resourceTYpe));
- scope = resourceTYpe;
- }
- }
-
- public void appendRole(MSentryRole role) {
- if (roles.add(role)) {
- role.appendGMPrivilege(this);
- }
- }
-
- public void removeRole(MSentryRole role) {
- if(roles.remove(role)) {
- role.removeGMPrivilege(this);
- }
- }
-
- @Override
- public int hashCode() {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((action == null) ? 0 : action.hashCode());
- result = prime * result + ((componentName == null) ? 0 : componentName.hashCode());
- result = prime * result + ((serviceName == null) ? 0 : serviceName.hashCode());
- result = prime * result + ((grantOption == null) ? 0 : grantOption.hashCode());
- result = prime * result + ((scope == null) ? 0 : scope.hashCode());
-
- for (Authorizable authorizable : getAuthorizables()) {
- result = prime * result + authorizable.getName().hashCode();
- result = prime * result + authorizable.getTypeName().hashCode();
- }
-
- return result;
- }
-
- @Override
- public String toString() {
- List<String> unifiedNames = Lists.newArrayList();
- for (Authorizable auth : getAuthorizables()) {
- unifiedNames.add(KV_JOINER.join(auth.getTypeName(),auth.getName()));
- }
-
- return "MSentryGMPrivilege ["
- + "serverName=" + serviceName + ", componentName=" + componentName
- + ", authorizables=" + AUTHORIZABLE_JOINER.join(unifiedNames)+ ", scope=" + scope
- + ", action=" + action + ", roles=[...]" + ", createTime="
- + createTime + ", grantOption=" + grantOption +"]";
- }
-
- @Override
- public boolean equals(Object obj) {
- if (this == obj) {
- return true;
- }
- if (obj == null) {
- return false;
- }
- if (getClass() != obj.getClass()) {
- return false;
- }
- MSentryGMPrivilege other = (MSentryGMPrivilege) obj;
- if (action == null) {
- if (other.action != null) {
- return false;
- }
- } else if (!action.equalsIgnoreCase(other.action)) {
- return false;
- }
- if (scope == null) {
- if (other.scope != null) {
- return false;
- }
- } else if (!scope.equals(other.scope)) {
- return false;
- }
- if (serviceName == null) {
- if (other.serviceName != null) {
- return false;
- }
- } else if (!serviceName.equals(other.serviceName)) {
- return false;
- }
- if (componentName == null) {
- if (other.componentName != null) {
- return false;
- }
- } else if (!componentName.equals(other.componentName)) {
- return false;
- }
- if (grantOption == null) {
- if (other.grantOption != null) {
- return false;
- }
- } else if (!grantOption.equals(other.grantOption)) {
- return false;
- }
-
- List<? extends Authorizable> authorizables = getAuthorizables();
- List<? extends Authorizable> otherAuthorizables = other.getAuthorizables();
-
- if (authorizables.size() != otherAuthorizables.size()) {
- return false;
- }
- for (int i = 0; i < authorizables.size(); i++) {
- String o1 = KV_JOINER.join(authorizables.get(i).getTypeName(),
- authorizables.get(i).getName());
- String o2 = KV_JOINER.join(otherAuthorizables.get(i).getTypeName(),
- otherAuthorizables.get(i).getName());
- if (!o1.equals(o2)) {
- return false;
- }
- }
- return true;
- }
-
- /**
- * Return true if this privilege implies request privilege
- * Otherwise, return false
- * @param other, other privilege
- */
- public boolean implies(MSentryGMPrivilege request) {
- //component check
- if (!componentName.equals(request.getComponentName())) {
- return false;
- }
- //service check
- if (!serviceName.equals(request.getServiceName())) {
- return false;
- }
- // check action implies
- if (!action.equalsIgnoreCase(AccessConstants.ALL)
- && !action.equalsIgnoreCase(request.getAction())
- && !action.equalsIgnoreCase(AccessConstants.ACTION_ALL)) {
- return false;
- }
- //check authorizable list implies
- Iterator<? extends Authorizable> existIterator = getAuthorizables().iterator();
- Iterator<? extends Authorizable> requestIterator = request.getAuthorizables().iterator();
- while (existIterator.hasNext() && requestIterator.hasNext()) {
- Authorizable existAuth = existIterator.next();
- Authorizable requestAuth = requestIterator.next();
- //check authorizable type
- if (!existAuth.getTypeName().equals(requestAuth.getTypeName())) {
- return false;
- }
- //check authorizable name
- if (!existAuth.getName().equals(requestAuth.getName())) {
- /**The persistent authorizable isn't equal the request authorizable
- * but the following situations are pass check
- * The name of persistent authorizable is ALL or "*"
- */
- if (existAuth.getName().equalsIgnoreCase(AccessConstants.ACTION_ALL)
- || existAuth.getName().equalsIgnoreCase(AccessConstants.ALL)) {
- continue;
- } else {
- return false;
- }
- }
- }
-
- if ( !existIterator.hasNext() && !requestIterator.hasNext() ){
- /**
- * The persistent privilege has the same authorizables size as the requested privilege
- * The check is pass
- */
- return true;
-
- } else if (existIterator.hasNext()) {
- /**
- * The persistent privilege has much more authorizables than request privilege,so its scope is less
- * than the requested privilege.
- * There is a situation that the check is pass, the name of the exceeding authorizables is ALL or "*".
- * Take the Solr for example,the exist privilege is collection=c1->field=*->action=query
- * the request privilege is collection=c1->action=query, the check is pass
- */
- while (existIterator.hasNext()) {
- Authorizable existAuthorizable = existIterator.next();
- if (existAuthorizable.getName().equalsIgnoreCase(AccessConstants.ALL)
- || existAuthorizable.getName().equalsIgnoreCase(AccessConstants.ACTION_ALL)) {
- continue;
- } else {
- return false;
- }
- }
- } else {
- /**
- * The requested privilege has much more authorizables than persistent privilege, so its scope is less
- * than the persistent privilege
- * The check is pass
- */
- return true;
- }
-
- return true;
- }
-
- public static String toNULLCol(String col) {
- return Strings.isNullOrEmpty(col) ? NULL_COL : col;
- }
-
- public static boolean notNULL(String s) {
- return !(Strings.isNullOrEmpty(s) || NULL_COL.equals(s));
- }
-
- public static boolean isNULL(String s) {
- return !notNULL(s);
- }
-
- public static <T> void setField(Object obj, String fieldName, T fieldValue) {
- try {
- Class<?> clazz = obj.getClass();
- Field field=clazz.getDeclaredField(fieldName);
- field.setAccessible(true);
- field.set(obj, fieldValue);
- } catch (Exception e) {
- throw new RuntimeException("setField error: " + e.getMessage(), e);
- }
- }
-
- @SuppressWarnings("unchecked")
- public static <T> T getField(Object obj, String fieldName) {
- try {
- Class<?> clazz = obj.getClass();
- Field field=clazz.getDeclaredField(fieldName);
- field.setAccessible(true);
- return (T)field.get(obj);
- } catch (Exception e) {
- throw new RuntimeException("getField error: " + e.getMessage(), e);
- }
- }
-
- /**
- * return the query to execute in JDO for search the given privilege
- * @param privilege
- * @return query
- */
- public static String toQuery(MSentryGMPrivilege privilege) {
- StringBuilder query = new StringBuilder();
- query.append("serviceName == \"" + toNULLCol(privilege.getServiceName()) + "\" ");
- query.append("&& componentName == \"" + toNULLCol(privilege.getComponentName()) + "\" ");
- query.append("&& scope == \"" + toNULLCol(privilege.getScope()) + "\" ");
- query.append("&& action == \"" + toNULLCol(privilege.getAction()) + "\"");
- if (privilege.getGrantOption() == null) {
- query.append("&& this.grantOption == null ");
- } else if (privilege.getGrantOption()) {
- query.append("&& grantOption ");
- } else {
- query.append("&& !grantOption ");
- }
- List<? extends Authorizable> authorizables = privilege.getAuthorizables();
- for (int i = 0; i < AUTHORIZABLE_LEVEL; i++) {
- String resourceName = PREFIX_RESOURCE_NAME + String.valueOf(i);
- String resourceType = PREFIX_RESOURCE_TYPE + String.valueOf(i);
-
- if (i >= authorizables.size()) {
- query.append("&& " + resourceName + " == \"" + NULL_COL + "\" ");
- query.append("&& " + resourceType + " == \"" + NULL_COL + "\" ");
- } else {
- query.append("&& " + resourceName + " == \"" + authorizables.get(i).getName() + "\" ");
- query.append("&& " + resourceType + " == \"" + authorizables.get(i).getTypeName() + "\" ");
- }
- }
- return query.toString();
- }
-
- /**
- * Get the query to execute in the JDO deducing privileges include the scope of according to the given privilege
- * The query was used in three privilege operations:
- * 1.revoking privilege
- * 2.renaming privilege
- * 3.dropping privilege
- * Take the Solr for example, if there exists three privileges such as p1:Collection=c1->action=query,
- * p2:Collection=c1->Field=f1->action=query and p3:Collection=c1->Field=f2->action=query.
- * When the revoking operation happens, the request privilege is p4:Collection=c1->action=query.
- * The result is that not only p1 should be revoked, but also p2 and p3 should be revoked together.
- * So the populateIncludePrivilegesQuery should be Collection=c1
- * @param privilege
- * @return query
- */
- public static String populateIncludePrivilegesQuery(MSentryGMPrivilege privilege) {
- StringBuilder query = new StringBuilder();
- query.append("serviceName == \"" + toNULLCol(privilege.getServiceName()) + "\" ");
- query.append("&& componentName == \"" + toNULLCol(privilege.getComponentName()) + "\" ");
- List<? extends Authorizable> authorizables = privilege.getAuthorizables();
- for (int i= 0 ; i < authorizables.size(); i++) {
- String resourceName = PREFIX_RESOURCE_NAME + String.valueOf(i);
- String resourceType = PREFIX_RESOURCE_TYPE + String.valueOf(i);
- query.append("&& " + resourceName + " == \"" + authorizables.get(i).getName() + "\" ");
- query.append("&& " + resourceType + " == \"" + authorizables.get(i).getTypeName() + "\" ");
- }
- return query.toString();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
deleted file mode 100644
index 7e41c93..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.model;
-
-import java.util.Set;
-
-import javax.jdo.annotations.PersistenceCapable;
-
-/**
- * Database backed Sentry Group. Any changes to this object
- * require re-running the maven build so DN an re-enhance.
- */
-@PersistenceCapable
-public class MSentryGroup {
-
- /**
- * Group name is unique
- */
- private String groupName;
- // set of roles granted to this group
- private Set<MSentryRole> roles;
- private long createTime;
-
- public MSentryGroup(String groupName, long createTime, Set<MSentryRole> roles) {
- this.setGroupName(groupName);
- this.createTime = createTime;
- this.roles = roles;
- }
-
- public long getCreateTime() {
- return createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- }
-
- public Set<MSentryRole> getRoles() {
- return roles;
- }
-
- public String getGroupName() {
- return groupName;
- }
-
- public void setGroupName(String groupName) {
- this.groupName = groupName;
- }
-
- public void appendRole(MSentryRole role) {
- if (roles.add(role)) {
- role.appendGroup(this);
- }
- }
-
- public void removeRole(MSentryRole role) {
- if (roles.remove(role)) {
- role.removeGroup(this);
- }
- }
-
- @Override
- public String toString() {
- return "MSentryGroup [groupName=" + groupName + ", roles=[...]"
- + ", createTime=" + createTime + "]";
- }
-
- @Override
- public int hashCode() {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((groupName == null) ? 0 : groupName.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj) {
- if (this == obj) {
- return true;
- }
- if (obj == null) {
- return false;
- }
- if (getClass() != obj.getClass()) {
- return false;
- }
- MSentryGroup other = (MSentryGroup) obj;
- if (createTime != other.createTime) {
- return false;
- }
- if (groupName == null) {
- if (other.groupName != null) {
- return false;
- }
- } else if (!groupName.equals(other.groupName)) {
- return false;
- }
- return true;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
deleted file mode 100644
index 4c3af79..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
+++ /dev/null
@@ -1,332 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.model;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.jdo.annotations.PersistenceCapable;
-
-import org.apache.sentry.core.common.utils.PathUtils;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.service.persistent.SentryStore;
-
-/**
- * Database backed Sentry Privilege. Any changes to this object
- * require re-running the maven build so DN an re-enhance.
- */
-@PersistenceCapable
-public class MSentryPrivilege {
-
- private String privilegeScope;
- /**
- * Privilege name is unique
- */
- private String serverName = "";
- private String dbName = "";
- private String tableName = "";
- private String columnName = "";
- private String URI = "";
- private String action = "";
- private Boolean grantOption = false;
- // roles this privilege is a part of
- private Set<MSentryRole> roles;
- private long createTime;
-
- public MSentryPrivilege() {
- this.roles = new HashSet<MSentryRole>();
- }
-
- public MSentryPrivilege(String privilegeScope,
- String serverName, String dbName, String tableName, String columnName,
- String URI, String action, Boolean grantOption) {
- this.privilegeScope = privilegeScope;
- this.serverName = serverName;
- this.dbName = SentryStore.toNULLCol(dbName);
- this.tableName = SentryStore.toNULLCol(tableName);
- this.columnName = SentryStore.toNULLCol(columnName);
- this.URI = SentryStore.toNULLCol(URI);
- this.action = SentryStore.toNULLCol(action);
- this.grantOption = grantOption;
- this.roles = new HashSet<MSentryRole>();
- }
-
- public MSentryPrivilege(String privilegeScope,
- String serverName, String dbName, String tableName, String columnName,
- String URI, String action) {
- this(privilegeScope, serverName, dbName, tableName,
- columnName, URI, action, false);
- }
-
- public MSentryPrivilege(MSentryPrivilege other) {
- this.privilegeScope = other.privilegeScope;
- this.serverName = other.serverName;
- this.dbName = SentryStore.toNULLCol(other.dbName);
- this.tableName = SentryStore.toNULLCol(other.tableName);
- this.columnName = SentryStore.toNULLCol(other.columnName);
- this.URI = SentryStore.toNULLCol(other.URI);
- this.action = SentryStore.toNULLCol(other.action);
- this.grantOption = other.grantOption;
- this.roles = new HashSet<MSentryRole>();
- for (MSentryRole role : other.roles) {
- roles.add(role);
- }
- }
-
- public String getServerName() {
- return serverName;
- }
-
- public void setServerName(String serverName) {
- this.serverName = (serverName == null) ? "" : serverName;
- }
-
- public String getDbName() {
- return dbName;
- }
-
- public void setDbName(String dbName) {
- this.dbName = (dbName == null) ? "" : dbName;
- }
-
- public String getTableName() {
- return tableName;
- }
-
- public void setTableName(String tableName) {
- this.tableName = (tableName == null) ? "" : tableName;
- }
-
- public String getColumnName() {
- return columnName;
- }
-
- public void setColumnName(String columnName) {
- this.columnName = (columnName == null) ? "" : columnName;
- }
-
- public String getURI() {
- return URI;
- }
-
- public void setURI(String uRI) {
- URI = (uRI == null) ? "" : uRI;
- }
-
- public String getAction() {
- return action;
- }
-
- public void setAction(String action) {
- this.action = (action == null) ? "" : action;
- }
-
- public long getCreateTime() {
- return createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- }
-
- public String getPrivilegeScope() {
- return privilegeScope;
- }
-
- public void setPrivilegeScope(String privilegeScope) {
- this.privilegeScope = privilegeScope;
- }
-
- public Boolean getGrantOption() {
- return grantOption;
- }
-
- public void setGrantOption(Boolean grantOption) {
- this.grantOption = grantOption;
- }
-
- public void appendRole(MSentryRole role) {
- roles.add(role);
- }
-
- public Set<MSentryRole> getRoles() {
- return roles;
- }
-
- public void removeRole(MSentryRole role) {
- roles.remove(role);
- role.removePrivilege(this);
- }
-
- @Override
- public String toString() {
- return "MSentryPrivilege [privilegeScope=" + privilegeScope
- + ", serverName=" + serverName + ", dbName=" + dbName
- + ", tableName=" + tableName + ", columnName=" + columnName
- + ", URI=" + URI + ", action=" + action + ", roles=[...]"
- + ", createTime=" + createTime + ", grantOption=" + grantOption +"]";
- }
-
- @Override
- public int hashCode() {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((URI == null) ? 0 : URI.hashCode());
- result = prime * result + ((action == null) ? 0 : action.hashCode());
- result = prime * result + ((dbName == null) ? 0 : dbName.hashCode());
- result = prime * result
- + ((serverName == null) ? 0 : serverName.hashCode());
- result = prime * result + ((tableName == null) ? 0 : tableName.hashCode());
- result = prime * result
- + ((columnName == null) ? 0 : columnName.hashCode());
- result = prime * result
- + ((grantOption == null) ? 0 : grantOption.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj) {
- if (this == obj) {
- return true;
- }
- if (obj == null) {
- return false;
- }
- if (getClass() != obj.getClass()) {
- return false;
- }
- MSentryPrivilege other = (MSentryPrivilege) obj;
- if (URI == null) {
- if (other.URI != null) {
- return false;
- }
- } else if (!URI.equals(other.URI)) {
- return false;
- }
- if (action == null) {
- if (other.action != null) {
- return false;
- }
- } else if (!action.equals(other.action)) {
- return false;
- }
- if (dbName == null) {
- if (other.dbName != null) {
- return false;
- }
- } else if (!dbName.equals(other.dbName)) {
- return false;
- }
- if (serverName == null) {
- if (other.serverName != null) {
- return false;
- }
- } else if (!serverName.equals(other.serverName)) {
- return false;
- }
- if (tableName == null) {
- if (other.tableName != null) {
- return false;
- }
- } else if (!tableName.equals(other.tableName)) {
- return false;
- }
- if (columnName == null) {
- if (other.columnName != null) {
- return false;
- }
- } else if (!columnName.equals(other.columnName)) {
- return false;
- }
- if (grantOption == null) {
- if (other.grantOption != null) {
- return false;
- }
- } else if (!grantOption.equals(other.grantOption)) {
- return false;
- }
- return true;
- }
-
- /**
- * Return true if this privilege implies other privilege
- * Otherwise, return false
- * @param other, other privilege
- */
- public boolean implies(MSentryPrivilege other) {
- // serverName never be null
- if (isNULL(serverName) || isNULL(other.serverName)) {
- return false;
- } else if (!serverName.equals(other.serverName)) {
- return false;
- }
-
- // check URI implies
- if (!isNULL(URI) && !isNULL(other.URI)) {
- if (!PathUtils.impliesURI(URI, other.URI)) {
- return false;
- }
- // if URI is NULL, check dbName and tableName
- } else if (isNULL(URI) && isNULL(other.URI)) {
- if (!isNULL(dbName)) {
- if (isNULL(other.dbName)) {
- return false;
- } else if (!dbName.equals(other.dbName)) {
- return false;
- }
- }
- if (!isNULL(tableName)) {
- if (isNULL(other.tableName)) {
- return false;
- } else if (!tableName.equals(other.tableName)) {
- return false;
- }
- }
- if (!isNULL(columnName)) {
- if (isNULL(other.columnName)) {
- return false;
- } else if (!columnName.equals(other.columnName)) {
- return false;
- }
- }
- // if URI is not NULL, but other's URI is NULL, return false
- } else if (!isNULL(URI) && isNULL(other.URI)){
- return false;
- }
-
- // check action implies
- if (!action.equalsIgnoreCase(AccessConstants.ALL)
- && !action.equalsIgnoreCase(other.action)
- && !action.equalsIgnoreCase(AccessConstants.ACTION_ALL)) {
- return false;
- }
-
- return true;
- }
-
- private boolean isNULL(String s) {
- return SentryStore.isNULL(s);
- }
-
- public boolean isActionALL() {
- return AccessConstants.ACTION_ALL.equalsIgnoreCase(action)
- || AccessConstants.ALL.equals(action);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
deleted file mode 100644
index 0484eaa..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
+++ /dev/null
@@ -1,216 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.model;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.jdo.annotations.PersistenceCapable;
-
-import com.google.common.base.Preconditions;
-import com.google.common.collect.ImmutableSet;
-
-/**
- * Database backed Sentry Role. Any changes to this object
- * require re-running the maven build so DN an re-enhance.
- */
-@PersistenceCapable
-public class MSentryRole {
-
- private String roleName;
- // set of privileges granted to this role
- private Set<MSentryPrivilege> privileges;
- // set of generic model privileges grant ro this role
- private Set<MSentryGMPrivilege> gmPrivileges;
-
- // set of groups this role belongs to
- private Set<MSentryGroup> groups;
- // set of users this role belongs to
- private Set<MSentryUser> users;
- private long createTime;
-
- public MSentryRole(String roleName, long createTime) {
- this.roleName = roleName;
- this.createTime = createTime;
- privileges = new HashSet<MSentryPrivilege>();
- gmPrivileges = new HashSet<MSentryGMPrivilege>();
- groups = new HashSet<MSentryGroup>();
- users = new HashSet<MSentryUser>();
- }
-
- public long getCreateTime() {
- return createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- }
-
- public String getRoleName() {
- return roleName;
- }
-
- public void setRoleName(String roleName) {
- this.roleName = roleName;
- }
-
- public void setPrivileges(Set<MSentryPrivilege> privileges) {
- this.privileges = privileges;
- }
-
- public Set<MSentryPrivilege> getPrivileges() {
- return privileges;
- }
-
- public Set<MSentryGMPrivilege> getGmPrivileges() {
- return gmPrivileges;
- }
-
- public void setGmPrivileges(Set<MSentryGMPrivilege> gmPrivileges) {
- this.gmPrivileges = gmPrivileges;
- }
-
- public void setGroups(Set<MSentryGroup> groups) {
- this.groups = groups;
- }
-
- public Set<MSentryGroup> getGroups() {
- return groups;
- }
-
- public Set<MSentryUser> getUsers() {
- return users;
- }
-
- public void setUsers(Set<MSentryUser> users) {
- this.users = users;
- }
-
- public void removePrivilege(MSentryPrivilege privilege) {
- if (privileges.remove(privilege)) {
- privilege.removeRole(this);
- }
- }
-
- public void appendPrivileges(Set<MSentryPrivilege> privileges) {
- this.privileges.addAll(privileges);
- }
-
- public void appendPrivilege(MSentryPrivilege privilege) {
- if (privileges.add(privilege)) {
- privilege.appendRole(this);
- }
- }
-
- public void removeGMPrivilege(MSentryGMPrivilege gmPrivilege) {
- if (gmPrivileges.remove(gmPrivilege)) {
- gmPrivilege.removeRole(this);
- }
- }
-
- public void appendGMPrivilege(MSentryGMPrivilege gmPrivilege) {
- if (gmPrivileges.add(gmPrivilege)) {
- gmPrivilege.appendRole(this);
- }
- }
-
- public void removeGMPrivileges() {
- for (MSentryGMPrivilege privilege : ImmutableSet.copyOf(gmPrivileges)) {
- privilege.removeRole(this);
- }
- Preconditions.checkState(gmPrivileges.isEmpty(), "gmPrivileges should be empty: " + gmPrivileges);
- }
-
- public void appendGroups(Set<MSentryGroup> groups) {
- this.groups.addAll(groups);
- }
-
- public void appendGroup(MSentryGroup group) {
- if (groups.add(group)) {
- group.appendRole(this);
- }
- }
-
- public void removeGroup(MSentryGroup group) {
- if (groups.remove(group)) {
- group.removeRole(this);
- }
- }
-
- public void appendUsers(Set<MSentryUser> users) {
- this.users.addAll(users);
- }
-
- public void appendUser(MSentryUser user) {
- if (users.add(user)) {
- user.appendRole(this);
- }
- }
-
- public void removeUser(MSentryUser user) {
- if (users.remove(user)) {
- user.removeRole(this);
- }
- }
-
- public void removePrivileges() {
- // copy is required since privilege.removeRole will call remotePrivilege
- for (MSentryPrivilege privilege : ImmutableSet.copyOf(privileges)) {
- privilege.removeRole(this);
- }
- Preconditions.checkState(privileges.isEmpty(), "Privileges should be empty: " + privileges);
- }
-
- @Override
- public String toString() {
- return "MSentryRole [roleName=" + roleName + ", privileges=[..]" + ", gmPrivileges=[..]"
- + ", groups=[...]" + ", users=[...]" + ", createTime=" + createTime + "]";
- }
-
- @Override
- public int hashCode() {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((roleName == null) ? 0 : roleName.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj) {
- if (this == obj) {
- return true;
- }
- if (obj == null) {
- return false;
- }
- if (getClass() != obj.getClass()) {
- return false;
- }
- MSentryRole other = (MSentryRole) obj;
- if (roleName == null) {
- if (other.roleName != null) {
- return false;
- }
- } else if (!roleName.equals(other.roleName)) {
- return false;
- }
- return true;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryUser.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryUser.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryUser.java
deleted file mode 100644
index ff57249..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryUser.java
+++ /dev/null
@@ -1,116 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.model;
-
-import java.util.Set;
-
-import javax.jdo.annotations.PersistenceCapable;
-
-/**
- * Database backed Sentry User. Any changes to this object
- * require re-running the maven build so DN an re-enhance.
- */
-@PersistenceCapable
-public class MSentryUser {
-
- /**
- * User name is unique
- */
- private String userName;
- // set of roles granted to this user
- private Set<MSentryRole> roles;
- private long createTime;
-
- public MSentryUser(String userName, long createTime, Set<MSentryRole> roles) {
- this.setUserName(userName);
- this.createTime = createTime;
- this.roles = roles;
- }
-
- public long getCreateTime() {
- return createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- }
-
- public Set<MSentryRole> getRoles() {
- return roles;
- }
-
- public String getUserName() {
- return userName;
- }
-
- public void setUserName(String userName) {
- this.userName = userName;
- }
-
- public void appendRole(MSentryRole role) {
- if (roles.add(role)) {
- role.appendUser(this);
- }
- }
-
- public void removeRole(MSentryRole role) {
- if (roles.remove(role)) {
- role.removeUser(this);
- }
- }
-
- @Override
- public String toString() {
- return "MSentryUser [userName=" + userName + ", roles=[...]" + ", createTime=" + createTime
- + "]";
- }
-
- @Override
- public int hashCode() {
- final int prime = 31;
- int result = 1;
- result = prime * result + ((userName == null) ? 0 : userName.hashCode());
- return result;
- }
-
- @Override
- public boolean equals(Object obj) {
- if (this == obj) {
- return true;
- }
- if (obj == null) {
- return false;
- }
- if (getClass() != obj.getClass()) {
- return false;
- }
- MSentryUser other = (MSentryUser) obj;
- if (createTime != other.createTime) {
- return false;
- }
- if (userName == null) {
- if (other.userName != null) {
- return false;
- }
- } else if (!userName.equals(other.userName)) {
- return false;
- }
- return true;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryVersion.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryVersion.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryVersion.java
deleted file mode 100644
index ff8830f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryVersion.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.model;
-
-import javax.jdo.annotations.PersistenceCapable;
-
-@PersistenceCapable
-public class MSentryVersion {
- private String schemaVersion;
- private String versionComment;
-
- public MSentryVersion() {
- }
-
- public MSentryVersion(String schemaVersion, String versionComment) {
- this.schemaVersion = schemaVersion;
- this.versionComment = versionComment;
- }
-
- /**
- * @return the versionComment
- */
- public String getVersionComment() {
- return versionComment;
- }
-
- /**
- * @param versionComment
- * the versionComment to set
- */
- public void setVersionComment(String versionComment) {
- this.versionComment = versionComment;
- }
-
- /**
- * @return the schemaVersion
- */
- public String getSchemaVersion() {
- return schemaVersion;
- }
-
- /**
- * @param schemaVersion
- * the schemaVersion to set
- */
- public void setSchemaVersion(String schemaVersion) {
- this.schemaVersion = schemaVersion;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
deleted file mode 100644
index b3b9494..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
+++ /dev/null
@@ -1,242 +0,0 @@
-<?xml version="1.0"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<!DOCTYPE jdo PUBLIC "-//Sun Microsystems, Inc.//DTD Java Data Objects Metadata 2.0//EN"
- "http://java.sun.com/dtd/jdo_2_0.dtd">
-<!--
- Size Limitations:
-
- Indexed VARCHAR: 767 bytes (MySQL running on InnoDB Engine http://bugs.mysql.com/bug.php?id=13315)
- Non-indexed VARCHAR: 4000 bytes (max length on Oracle 9i/10g/11g)
-
--->
-<jdo>
- <package name="org.apache.sentry.provider.db.service.model">
- <class name="MSentryGroup" identity-type="datastore" table="SENTRY_GROUP" detachable="true">
- <datastore-identity>
- <column name="GROUP_ID"/>
- </datastore-identity>
- <field name="groupName">
- <column name="GROUP_NAME" length="128" jdbc-type="VARCHAR"/>
- <index name="SentryGroupName" unique="true"/>
- </field>
- <field name = "createTime">
- <column name = "CREATE_TIME" jdbc-type="BIGINT"/>
- </field>
-
- <field name="roles" mapped-by="groups">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/>
- </field>
-
- </class>
-
- <class name="MSentryUser" identity-type="datastore" table="SENTRY_USER" detachable="true">
- <datastore-identity>
- <column name="USER_ID"/>
- </datastore-identity>
- <field name="userName">
- <column name="USER_NAME" length="128" jdbc-type="VARCHAR"/>
- <index name="SentryUserName" unique="true"/>
- </field>
- <field name = "createTime">
- <column name = "CREATE_TIME" jdbc-type="BIGINT"/>
- </field>
-
- <field name="roles" mapped-by="users">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/>
- </field>
-
- </class>
-
- <class name="MSentryRole" identity-type="datastore" table="SENTRY_ROLE" detachable="true">
- <datastore-identity>
- <column name="ROLE_ID"/>
- </datastore-identity>
- <field name="roleName">
- <column name="ROLE_NAME" length="128" jdbc-type="VARCHAR"/>
- <index name="SentryRoleName" unique="true"/>
- </field>
- <field name = "createTime">
- <column name = "CREATE_TIME" jdbc-type="BIGINT"/>
- </field>
- <field name = "privileges" table="SENTRY_ROLE_DB_PRIVILEGE_MAP" default-fetch-group="true">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryPrivilege"/>
- <join>
- <column name="ROLE_ID"/>
- </join>
- <element>
- <column name="DB_PRIVILEGE_ID"/>
- </element>
- </field>
-
- <field name = "gmPrivileges" table="SENTRY_ROLE_GM_PRIVILEGE_MAP" default-fetch-group="true">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryGMPrivilege"/>
- <join>
- <column name="ROLE_ID"/>
- </join>
- <element>
- <column name="GM_PRIVILEGE_ID"/>
- </element>
- </field>
-
- <field name = "groups" table="SENTRY_ROLE_GROUP_MAP" default-fetch-group="true">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryGroup"/>
- <join>
- <column name="ROLE_ID"/>
- </join>
- <element>
- <column name="GROUP_ID"/>
- </element>
- </field>
-
- <field name = "users" table="SENTRY_ROLE_USER_MAP" default-fetch-group="true">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryUser"/>
- <join>
- <column name="ROLE_ID"/>
- </join>
- <element>
- <column name="USER_ID"/>
- </element>
- </field>
- </class>
-
- <class name="MSentryPrivilege" identity-type="datastore" table="SENTRY_DB_PRIVILEGE" detachable="true">
- <datastore-identity>
- <column name="DB_PRIVILEGE_ID"/>
- </datastore-identity>
- <index name="PRIVILEGE_INDEX" unique="true">
- <field name="serverName"/>
- <field name="dbName"/>
- <field name="tableName"/>
- <field name="columnName"/>
- <field name="URI"/>
- <field name="action"/>
- <field name="grantOption"/>
- </index>
- <field name="privilegeScope">
- <column name="PRIVILEGE_SCOPE" length="40" jdbc-type="VARCHAR"/>
- </field>
- <field name="serverName">
- <column name="SERVER_NAME" length="4000" jdbc-type="VARCHAR"/>
- </field>
- <field name="dbName">
- <column name="DB_NAME" length="4000" jdbc-type="VARCHAR"/>
- </field>
- <field name="tableName">
- <column name="TABLE_NAME" length="4000" jdbc-type="VARCHAR"/>
- </field>
- <field name="columnName">
- <column name="COLUMN_NAME" length="4000" jdbc-type="VARCHAR"/>
- </field>
- <field name="URI">
- <column name="URI" length="4000" jdbc-type="VARCHAR"/>
- </field>
- <field name="action">
- <column name="ACTION" length="40" jdbc-type="VARCHAR"/>
- </field>
- <field name = "createTime">
- <column name = "CREATE_TIME" jdbc-type="BIGINT"/>
- </field>
- <field name="grantOption">
- <column name="WITH_GRANT_OPTION" length="1" jdbc-type="CHAR"/>
- </field>
- <field name="roles" mapped-by="privileges">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/>
- </field>
- </class>
-
- <class name="MSentryGMPrivilege" identity-type="datastore" table="SENTRY_GM_PRIVILEGE" detachable="true">
- <datastore-identity>
- <column name="GM_PRIVILEGE_ID"/>
- </datastore-identity>
- <index name="GM_PRIVILEGE_INDEX" unique="true">
- <field name="componentName"/>
- <field name="serviceName"/>
- <field name="resourceName0"/>
- <field name="resourceType0"/>
- <field name="resourceName1"/>
- <field name="resourceType1"/>
- <field name="resourceName2"/>
- <field name="resourceType2"/>
- <field name="resourceName3"/>
- <field name="resourceType3"/>
- <field name="action"/>
- <field name="grantOption"/>
- </index>
- <field name="componentName">
- <column name="COMPONENT_NAME" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="serviceName">
- <column name="SERVICE_NAME" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceName0">
- <column name="RESOURCE_NAME_0" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceType0">
- <column name="RESOURCE_TYPE_0" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceName1">
- <column name="RESOURCE_NAME_1" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceType1">
- <column name="RESOURCE_TYPE_1" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceName2">
- <column name="RESOURCE_NAME_2" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceType2">
- <column name="RESOURCE_TYPE_2" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceName3">
- <column name="RESOURCE_NAME_3" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="resourceType3">
- <column name="RESOURCE_TYPE_3" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="action">
- <column name="ACTION" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name="scope">
- <column name="SCOPE" length="100" jdbc-type="VARCHAR"/>
- </field>
- <field name = "createTime">
- <column name = "CREATE_TIME" jdbc-type="BIGINT"/>
- </field>
- <field name="grantOption">
- <column name="WITH_GRANT_OPTION" length="1" jdbc-type="CHAR"/>
- </field>
- <field name="roles" mapped-by="gmPrivileges">
- <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/>
- </field>
- </class>
-
- <class name="MSentryVersion" table="SENTRY_VERSION" identity-type="datastore" detachable="true">
- <datastore-identity>
- <column name="VER_ID"/>
- </datastore-identity>
- <field name ="schemaVersion">
- <column name="SCHEMA_VERSION" length="127" jdbc-type="VARCHAR" allows-null="false"/>
- </field>
- <field name ="versionComment">
- <column name="VERSION_COMMENT" length="255" jdbc-type="VARCHAR" allows-null="false"/>
- </field>
- </class>
-
- </package>
-</jdo>
-
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java
deleted file mode 100644
index c74dbf3..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/CommitContext.java
+++ /dev/null
@@ -1,42 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import java.util.UUID;
-
-/**
- * Stores the UUID associated with the server who processed
- * a commit and a commit order sequence id.
- */
-public class CommitContext {
-
- private final String serverUUID;
- private final long sequenceId;
-
- public CommitContext(UUID serverUUID, long sequenceId) {
- this.serverUUID = serverUUID.toString();
- this.sequenceId = sequenceId;
- }
- public String getServerUUID() {
- return serverUUID;
- }
- public long getSequenceId() {
- return sequenceId;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java
deleted file mode 100644
index 476bf6a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import org.codehaus.jackson.JsonNode;
-import org.codehaus.jackson.JsonParseException;
-import org.codehaus.jackson.map.DeserializationConfig;
-import org.codehaus.jackson.map.JsonMappingException;
-import org.codehaus.jackson.map.ObjectMapper;
-
-import com.google.common.base.Preconditions;
-import org.apache.curator.x.discovery.ServiceInstance;
-import org.apache.curator.x.discovery.ServiceInstanceBuilder;
-import org.apache.curator.x.discovery.ServiceType;
-import org.apache.curator.x.discovery.UriSpec;
-import org.apache.curator.x.discovery.details.InstanceSerializer;
-
-// TODO: Workaround for CURATOR-5 (https://issues.apache.org/jira/browse/CURATOR-5)
-// Remove this class (code from pull request listed on JIRA) and use regular JsonInstanceSerializer once fixed
-// (Otherwise we can't properly serialize objects for the ZK Service Discovery)
-public class FixedJsonInstanceSerializer<T> implements InstanceSerializer<T>
-{
-
- private final ObjectMapper mMapper;
- private final Class<T> mPayloadClass;
-
- /**
- * @param payloadClass
- * used to validate payloads when deserializing
- */
- public FixedJsonInstanceSerializer(final Class<T> payloadClass) {
- this(payloadClass, new ObjectMapper());
- }
-
- public FixedJsonInstanceSerializer(final Class<T> pPayloadClass, final ObjectMapper pMapper) {
- mPayloadClass = pPayloadClass;
- mMapper = pMapper;
- mMapper.configure(DeserializationConfig.Feature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- }
-
- @Override
- public byte[] serialize(final ServiceInstance<T> pInstance) throws Exception {
- final ByteArrayOutputStream out = new ByteArrayOutputStream();
- mMapper.writeValue(out, pInstance);
- return out.toByteArray();
-
- }
-
- private String getTextField(final JsonNode pNode, final String pFieldName) {
- Preconditions.checkNotNull(pNode);
- Preconditions.checkNotNull(pFieldName);
- return pNode.get(pFieldName) != null ? pNode.get(pFieldName).getTextValue() : null;
- }
-
- private Integer getIntegerField(final JsonNode pNode, final String pFieldName) {
- Preconditions.checkNotNull(pNode);
- Preconditions.checkNotNull(pFieldName);
- return pNode.get(pFieldName) != null && pNode.get(pFieldName).isNumber() ? pNode.get(pFieldName)
- .getIntValue() : null;
- }
-
- private Long getLongField(final JsonNode pNode, final String pFieldName) {
- Preconditions.checkNotNull(pNode);
- Preconditions.checkNotNull(pFieldName);
- return pNode.get(pFieldName) != null && pNode.get(pFieldName).isLong() ? pNode.get(pFieldName).getLongValue()
- : null;
- }
-
- private <O> O getObject(final JsonNode pNode, final String pFieldName, final Class<O> pObjectClass)
- throws JsonParseException, JsonMappingException, IOException {
- Preconditions.checkNotNull(pNode);
- Preconditions.checkNotNull(pFieldName);
- Preconditions.checkNotNull(pObjectClass);
- if (pNode.get(pFieldName) != null && pNode.get(pFieldName).isObject()) {
- return mMapper.readValue(pNode.get(pFieldName), pObjectClass);
- } else {
- return null;
- }
- }
-
- @Override
- public ServiceInstance<T> deserialize(final byte[] pBytes) throws Exception {
- final ByteArrayInputStream bais = new ByteArrayInputStream(pBytes);
- final JsonNode rootNode = mMapper.readTree(bais);
- final ServiceInstanceBuilder<T> builder = ServiceInstance.builder();
- {
- final String address = getTextField(rootNode, "address");
- if (address != null) {
- builder.address(address);
- }
- }
- {
- final String id = getTextField(rootNode, "id");
- if (id != null) {
- builder.id(id);
- }
- }
- {
- final String name = getTextField(rootNode, "name");
- if (name != null) {
- builder.name(name);
- }
- }
- {
- final Integer port = getIntegerField(rootNode, "port");
- if (port != null) {
- builder.port(port);
- }
- }
- {
- final Integer sslPort = getIntegerField(rootNode, "sslPort");
- if (sslPort != null) {
- builder.sslPort(sslPort);
- }
- }
- {
- final Long registrationTimeUTC = getLongField(rootNode, "registrationTimeUTC");
- if (registrationTimeUTC != null) {
- builder.registrationTimeUTC(registrationTimeUTC);
- }
- }
- {
- final T payload = getObject(rootNode, "payload", mPayloadClass);
- if (payload != null) {
- builder.payload(payload);
- }
- }
- {
- final ServiceType serviceType = getObject(rootNode, "serviceType", ServiceType.class);
- if (serviceType != null) {
- builder.serviceType(serviceType);
- }
- }
- {
- final UriSpec uriSpec = getObject(rootNode, "uriSpec", UriSpec.class);
- if (uriSpec != null) {
- builder.uriSpec(uriSpec);
- }
- }
- return builder.build();
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
deleted file mode 100644
index cacc29f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
+++ /dev/null
@@ -1,262 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.persistent;
-
-import java.io.IOException;
-import java.util.Arrays;
-import java.util.List;
-
-import org.apache.curator.RetryPolicy;
-import org.apache.curator.framework.CuratorFramework;
-import org.apache.curator.framework.CuratorFrameworkFactory;
-import org.apache.curator.framework.api.ACLProvider;
-import org.apache.curator.framework.imps.CuratorFrameworkState;
-import org.apache.curator.framework.imps.DefaultACLProvider;
-import org.apache.curator.retry.RetryNTimes;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.SecurityUtil;
-import org.apache.sentry.service.thrift.JaasConfiguration;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.zookeeper.ZooDefs.Perms;
-import org.apache.zookeeper.client.ZooKeeperSaslClient;
-import org.apache.zookeeper.data.ACL;
-import org.apache.zookeeper.data.Id;
-import org.apache.zookeeper.data.Stat;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.annotations.VisibleForTesting;
-import com.google.common.base.Preconditions;
-import com.google.common.base.Strings;
-import com.google.common.collect.Lists;
-
-/**
- * Stores the HA related context
- */
-public class HAContext {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(HAContext.class);
- private static volatile HAContext serverHAContext = null;
- private static boolean aclChecked = false;
-
- public final static String SENTRY_SERVICE_REGISTER_NAMESPACE = "sentry-service";
- public static final String SENTRY_ZK_JAAS_NAME = "SentryClient";
- private final String zookeeperQuorum;
- private final int retriesMaxCount;
- private final int sleepMsBetweenRetries;
- private final String namespace;
-
- private final boolean zkSecure;
- private List<ACL> saslACL;
-
- private final CuratorFramework curatorFramework;
- private final RetryPolicy retryPolicy;
-
- protected HAContext(Configuration conf) throws Exception {
- this.zookeeperQuorum = conf.get(ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM,
- ServerConfig.SENTRY_HA_ZOOKEEPER_QUORUM_DEFAULT);
- this.retriesMaxCount = conf.getInt(ServerConfig.SENTRY_HA_ZOOKEEPER_RETRIES_MAX_COUNT,
- ServerConfig.SENTRY_HA_ZOOKEEPER_RETRIES_MAX_COUNT_DEFAULT);
- this.sleepMsBetweenRetries = conf.getInt(ServerConfig.SENTRY_HA_ZOOKEEPER_SLEEP_BETWEEN_RETRIES_MS,
- ServerConfig.SENTRY_HA_ZOOKEEPER_SLEEP_BETWEEN_RETRIES_MS_DEFAULT);
- this.namespace = conf.get(ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE,
- ServerConfig.SENTRY_HA_ZOOKEEPER_NAMESPACE_DEFAULT);
- this.zkSecure = conf.getBoolean(ServerConfig.SENTRY_HA_ZOOKEEPER_SECURITY,
- ServerConfig.SENTRY_HA_ZOOKEEPER_SECURITY_DEFAULT);
- ACLProvider aclProvider;
- validateConf();
- if (zkSecure) {
- LOGGER.info("Connecting to ZooKeeper with SASL/Kerberos and using 'sasl' ACLs");
- setJaasConfiguration(conf);
- System.setProperty(ZooKeeperSaslClient.LOGIN_CONTEXT_NAME_KEY,
- SENTRY_ZK_JAAS_NAME);
- saslACL = Lists.newArrayList();
- saslACL.add(new ACL(Perms.ALL, new Id("sasl", getServicePrincipal(conf,
- ServerConfig.PRINCIPAL))));
- saslACL.add(new ACL(Perms.ALL, new Id("sasl", getServicePrincipal(conf,
- ServerConfig.SERVER_HA_ZOOKEEPER_CLIENT_PRINCIPAL))));
- aclProvider = new SASLOwnerACLProvider();
- String allowConnect = conf.get(ServerConfig.ALLOW_CONNECT);
-
- if (!Strings.isNullOrEmpty(allowConnect)) {
- for (String principal : Arrays.asList(allowConnect.split("\\s*,\\s*"))) {
- LOGGER.info("Adding acls for " + principal);
- saslACL.add(new ACL(Perms.ALL, new Id("sasl", principal)));
- }
- }
- } else {
- LOGGER.info("Connecting to ZooKeeper without authentication");
- aclProvider = new DefaultACLProvider();
- }
-
- retryPolicy = new RetryNTimes(retriesMaxCount, sleepMsBetweenRetries);
- this.curatorFramework = CuratorFrameworkFactory.builder()
- .namespace(this.namespace)
- .connectString(this.zookeeperQuorum)
- .retryPolicy(retryPolicy)
- .aclProvider(aclProvider)
- .build();
- startCuratorFramework();
- }
-
- /**
- * Use common HAContext (ie curator framework connection to ZK)
- *
- * @param conf
- * @throws Exception
- */
- public static HAContext getHAContext(Configuration conf) throws Exception {
- if (serverHAContext == null) {
- serverHAContext = new HAContext(conf);
- Runtime.getRuntime().addShutdownHook(new Thread() {
- @Override
- public void run() {
- LOGGER.info("ShutdownHook closing curator framework");
- try {
- clearServerContext();
- } catch (Throwable t) {
- LOGGER.error("Error stopping SentryService", t);
- }
- }
- });
-
- }
- return serverHAContext;
- }
-
- // HA context for server which verifies the ZK ACLs on namespace
- public static HAContext getHAServerContext(Configuration conf) throws Exception {
- HAContext serverContext = getHAContext(conf);
- serverContext.checkAndSetACLs();
- return serverContext;
- }
-
- @VisibleForTesting
- public static synchronized void clearServerContext() {
- if (serverHAContext != null) {
- serverHAContext.getCuratorFramework().close();
- serverHAContext = null;
- }
- }
-
- public void startCuratorFramework() {
- if (curatorFramework.getState() != CuratorFrameworkState.STARTED) {
- curatorFramework.start();
- }
- }
-
- public CuratorFramework getCuratorFramework() {
- return this.curatorFramework;
- }
-
- public String getZookeeperQuorum() {
- return zookeeperQuorum;
- }
-
- public static boolean isHaEnabled(Configuration conf) {
- return conf.getBoolean(ServerConfig.SENTRY_HA_ENABLED, ServerConfig.SENTRY_HA_ENABLED_DEFAULT);
- }
-
- public String getNamespace() {
- return namespace;
- }
-
- public RetryPolicy getRetryPolicy() {
- return retryPolicy;
- }
-
- private void validateConf() {
- Preconditions.checkNotNull(zookeeperQuorum, "Zookeeper Quorum should not be null.");
- Preconditions.checkNotNull(namespace, "Zookeeper namespace should not be null.");
- }
-
- protected String getServicePrincipal(Configuration conf, String confProperty)
- throws IOException {
- String principal = conf.get(confProperty);
- Preconditions.checkNotNull(principal);
- Preconditions.checkArgument(principal.length() != 0, "Server principal is not right.");
- return principal.split("[/@]")[0];
- }
-
- private void checkAndSetACLs() throws Exception {
- if (zkSecure && !aclChecked) {
- // If znodes were previously created without security enabled, and now it is, we need to go through all existing znodes
- // and set the ACLs for them. This is done just once at the startup
- // We can't get the namespace znode through curator; have to go through zk client
- startCuratorFramework();
- String newNamespace = "/" + curatorFramework.getNamespace();
- if (curatorFramework.getZookeeperClient().getZooKeeper().exists(newNamespace, null) != null) {
- List<ACL> acls = curatorFramework.getZookeeperClient().getZooKeeper().getACL(newNamespace, new Stat());
- if (acls.isEmpty() || !acls.get(0).getId().getScheme().equals("sasl")) {
- LOGGER.info("'sasl' ACLs not set; setting...");
- List<String> children = curatorFramework.getZookeeperClient().getZooKeeper().getChildren(newNamespace, null);
- for (String child : children) {
- checkAndSetACLs("/" + child);
- }
- curatorFramework.getZookeeperClient().getZooKeeper().setACL(newNamespace, saslACL, -1);
- }
- }
- aclChecked = true;
-
- }
- }
-
- private void checkAndSetACLs(String path) throws Exception {
- LOGGER.info("Setting acls on " + path);
- List<String> children = curatorFramework.getChildren().forPath(path);
- for (String child : children) {
- checkAndSetACLs(path + "/" + child);
- }
- curatorFramework.setACL().withACL(saslACL).forPath(path);
- }
-
- // This gets ignored during most tests, see ZKXTestCaseWithSecurity#setupZKServer()
- private void setJaasConfiguration(Configuration conf) throws IOException {
- if ("false".equalsIgnoreCase(conf.get(
- ServerConfig.SERVER_HA_ZOOKEEPER_CLIENT_TICKET_CACHE,
- ServerConfig.SERVER_HA_ZOOKEEPER_CLIENT_TICKET_CACHE_DEFAULT))) {
- String keytabFile = conf.get(ServerConfig.SERVER_HA_ZOOKEEPER_CLIENT_KEYTAB);
- Preconditions.checkArgument(keytabFile.length() != 0, "Keytab File is not right.");
- String principal = conf.get(ServerConfig.SERVER_HA_ZOOKEEPER_CLIENT_PRINCIPAL);
- principal = SecurityUtil.getServerPrincipal(principal,
- conf.get(ServerConfig.RPC_ADDRESS, ServerConfig.RPC_ADDRESS_DEFAULT));
- Preconditions.checkArgument(principal.length() != 0, "Kerberos principal is not right.");
-
- // This is equivalent to writing a jaas.conf file and setting the system property, "java.security.auth.login.config", to
- // point to it (but this way we don't have to write a file, and it works better for the tests)
- JaasConfiguration.addEntryForKeytab(SENTRY_ZK_JAAS_NAME, principal, keytabFile);
- } else {
- // Create jaas conf for ticket cache
- JaasConfiguration.addEntryForTicketCache(SENTRY_ZK_JAAS_NAME);
- }
- javax.security.auth.login.Configuration.setConfiguration(JaasConfiguration.getInstance());
- }
-
- public class SASLOwnerACLProvider implements ACLProvider {
- @Override
- public List<ACL> getDefaultAcl() {
- return saslACL;
- }
-
- @Override
- public List<ACL> getAclForPath(String path) {
- return saslACL;
- }
- }
-}
[24/51] [partial] sentry git commit: SENTRY-1205: Refactor the code
for sentry-provider-db and create sentry-service module(Colin Ma,
reviewed by Dapeng Sun)
Posted by co...@apache.org.
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java
deleted file mode 100644
index ac2a328..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/DropRoleCmd.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-
-/**
- * The class for admin command to drop role.
- */
-public class DropRoleCmd implements Command {
-
- private String roleName;
- private String component;
-
- public DropRoleCmd(String roleName, String component) {
- this.roleName = roleName;
- this.component = component;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- client.dropRole(requestorName, roleName, component);
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java
deleted file mode 100644
index 634bb42..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/GrantPrivilegeToRoleCmd.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-/**
- * The class for admin command to grant privilege to role.
- */
-public class GrantPrivilegeToRoleCmd implements Command {
-
- private String roleName;
- private String component;
- private String privilegeStr;
- private TSentryPrivilegeConverter converter;
-
- public GrantPrivilegeToRoleCmd(String roleName, String component, String privilegeStr,
- TSentryPrivilegeConverter converter) {
- this.roleName = roleName;
- this.component = component;
- this.privilegeStr = privilegeStr;
- this.converter = converter;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- TSentryPrivilege privilege = converter.fromString(privilegeStr);
- client.grantPrivilege(requestorName, roleName, component, privilege);
-
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java
deleted file mode 100644
index ce6db3a..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListPrivilegesByRoleCmd.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-import java.util.Set;
-
-/**
- * The class for admin command to list privileges by role.
- */
-public class ListPrivilegesByRoleCmd implements Command {
-
- private String roleName;
- private String component;
- private String serviceName;
- private TSentryPrivilegeConverter converter;
-
- public ListPrivilegesByRoleCmd(String roleName, String component, String serviceName,
- TSentryPrivilegeConverter converter) {
- this.roleName = roleName;
- this.component = component;
- this.serviceName = serviceName;
- this.converter = converter;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- Set<TSentryPrivilege> privileges = client
- .listPrivilegesByRoleName(requestorName, roleName, component, serviceName);
- if (privileges != null) {
- for (TSentryPrivilege privilege : privileges) {
- String privilegeStr = converter.toString(privilege);
- System.out.println(privilegeStr);
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java
deleted file mode 100644
index 6b68d06..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/ListRolesCmd.java
+++ /dev/null
@@ -1,53 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.commons.lang.StringUtils;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryRole;
-
-import java.util.Set;
-
-/**
- * The class for admin command to list roles.
- */
-public class ListRolesCmd implements Command {
-
- private String groupName;
- private String component;
-
- public ListRolesCmd(String groupName, String component) {
- this.groupName = groupName;
- this.component = component;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- Set<TSentryRole> roles;
- if (StringUtils.isEmpty(groupName)) {
- roles = client.listAllRoles(requestorName, component);
- } else {
- roles = client.listRolesByGroupName(requestorName, groupName, component);
- }
- if (roles != null) {
- for (TSentryRole role : roles) {
- System.out.println(role.getRoleName());
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java
deleted file mode 100644
index 3e42e60..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/RevokePrivilegeFromRoleCmd.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-/**
- * The class for admin command to revoke privileges from role.
- */
-public class RevokePrivilegeFromRoleCmd implements Command {
-
- private String roleName;
- private String component;
- private String privilegeStr;
- private TSentryPrivilegeConverter converter;
-
- public RevokePrivilegeFromRoleCmd(String roleName, String component, String privilegeStr,
- TSentryPrivilegeConverter converter) {
- this.roleName = roleName;
- this.component = component;
- this.privilegeStr = privilegeStr;
- this.converter = converter;
- }
-
- @Override
- public void execute(SentryGenericServiceClient client, String requestorName) throws Exception {
- TSentryPrivilege privilege = converter.fromString(privilegeStr);
- client.revokePrivilege(requestorName, roleName, component, privilege);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java
deleted file mode 100644
index ab44895..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConverter.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.tools.command;
-
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
-
-public interface TSentryPrivilegeConverter {
-
- /**
- * Convert string to privilege
- */
- TSentryPrivilege fromString(String privilegeStr) throws Exception;
-
- /**
- * Convert privilege to string
- */
- String toString(TSentryPrivilege tSentryPrivilege);
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java
deleted file mode 100644
index 8000ebd..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/AuditLoggerTestAppender.java
+++ /dev/null
@@ -1,52 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.appender;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.apache.log4j.AppenderSkeleton;
-import org.apache.log4j.Level;
-import org.apache.log4j.spi.LoggingEvent;
-
-import com.google.common.annotations.VisibleForTesting;
-
-@VisibleForTesting
-public class AuditLoggerTestAppender extends AppenderSkeleton {
- public static final List<LoggingEvent> events = new ArrayList<LoggingEvent>();
-
- public void close() {
- }
-
- public boolean requiresLayout() {
- return false;
- }
-
- @Override
- protected void append(LoggingEvent event) {
- events.add(event);
- }
-
- public static String getLastLogEvent() {
- return events.get(events.size() - 1).getMessage().toString();
- }
-
- public static Level getLastLogLevel() {
- return events.get(events.size() - 1).getLevel();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
deleted file mode 100644
index fd133f3..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.appender;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.InterruptedIOException;
-import java.io.Writer;
-
-import org.apache.log4j.FileAppender;
-import org.apache.log4j.Layout;
-import org.apache.log4j.helpers.CountingQuietWriter;
-import org.apache.log4j.helpers.LogLog;
-import org.apache.log4j.helpers.OptionConverter;
-import org.apache.log4j.spi.LoggingEvent;
-
-public class RollingFileWithoutDeleteAppender extends FileAppender {
- /**
- * The default maximum file size is 10MB.
- */
- protected long maxFileSize = 10 * 1024 * 1024;
-
- private long nextRollover = 0;
-
- /**
- * The default constructor simply calls its {@link FileAppender#FileAppender
- * parents constructor}.
- */
- public RollingFileWithoutDeleteAppender() {
- super();
- }
-
- /**
- * Instantiate a RollingFileAppender and open the file designated by
- * <code>filename</code>. The opened filename will become the ouput
- * destination for this appender.
- * <p>
- * If the <code>append</code> parameter is true, the file will be appended to.
- * Otherwise, the file desginated by <code>filename</code> will be truncated
- * before being opened.
- */
- public RollingFileWithoutDeleteAppender(Layout layout, String filename,
- boolean append) throws IOException {
- super(layout, getLogFileName(filename), append);
- }
-
- /**
- * Instantiate a FileAppender and open the file designated by
- * <code>filename</code>. The opened filename will become the output
- * destination for this appender.
- * <p>
- * The file will be appended to.
- */
- public RollingFileWithoutDeleteAppender(Layout layout, String filename)
- throws IOException {
- super(layout, getLogFileName(filename));
- }
-
- /**
- * Get the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- */
- public long getMaximumFileSize() {
- return maxFileSize;
- }
-
- /**
- * Implements the usual roll over behaviour.
- * <p>
- * <code>File</code> is renamed <code>File.yyyyMMddHHmmss</code> and closed. A
- * new <code>File</code> is created to receive further log output.
- */
- // synchronization not necessary since doAppend is alreasy synched
- public void rollOver() {
- if (qw != null) {
- long size = ((CountingQuietWriter) qw).getCount();
- LogLog.debug("rolling over count=" + size);
- // if operation fails, do not roll again until
- // maxFileSize more bytes are written
- nextRollover = size + maxFileSize;
- }
-
- this.closeFile(); // keep windows happy.
-
- String newFileName = getLogFileName(fileName);
- try {
- // This will also close the file. This is OK since multiple
- // close operations are safe.
- this.setFile(newFileName, false, bufferedIO, bufferSize);
- nextRollover = 0;
- } catch (IOException e) {
- if (e instanceof InterruptedIOException) {
- Thread.currentThread().interrupt();
- }
- LogLog.error("setFile(" + newFileName + ", false) call failed: " + e.getMessage(), e);
- }
- }
-
- public synchronized void setFile(String fileName, boolean append,
- boolean bufferedIO, int bufferSize) throws IOException {
- super.setFile(fileName, append, this.bufferedIO, this.bufferSize);
- if (append) {
- File f = new File(fileName);
- ((CountingQuietWriter) qw).setCount(f.length());
- }
- }
-
- /**
- * Set the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- * <p>
- * This method is equivalent to {@link #setMaxFileSize} except that it is
- * required for differentiating the setter taking a <code>long</code> argument
- * from the setter taking a <code>String</code> argument by the JavaBeans
- * {@link java.beans.Introspector Introspector}.
- *
- * @see #setMaxFileSize(String)
- */
- public void setMaximumFileSize(long maxFileSize) {
- this.maxFileSize = maxFileSize;
- }
-
- /**
- * Set the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- * <p>
- * In configuration files, the <b>MaxFileSize</b> option takes an long integer
- * in the range 0 - 2^63. You can specify the value with the suffixes "KB",
- * "MB" or "GB" so that the integer is interpreted being expressed
- * respectively in kilobytes, megabytes or gigabytes. For example, the value
- * "10KB" will be interpreted as 10240.
- */
- public void setMaxFileSize(String value) {
- maxFileSize = OptionConverter.toFileSize(value, maxFileSize + 1);
- }
-
- protected void setQWForFiles(Writer writer) {
- this.qw = new CountingQuietWriter(writer, errorHandler);
- }
-
- /**
- * This method differentiates RollingFileAppender from its super class.
- */
- protected void subAppend(LoggingEvent event) {
- super.subAppend(event);
-
- if (fileName != null && qw != null) {
- long size = ((CountingQuietWriter) qw).getCount();
- if (size >= maxFileSize && size >= nextRollover) {
- rollOver();
- }
- }
- }
-
- // Mangled file name. Append the current timestamp
- private static String getLogFileName(String oldFileName) {
- return oldFileName + "." + Long.toString(System.currentTimeMillis());
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java
deleted file mode 100644
index a5fe4ec..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/AuditMetadataLogEntity.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.io.IOException;
-
-import org.codehaus.jackson.JsonFactory;
-import org.codehaus.jackson.JsonNode;
-import org.codehaus.jackson.map.MappingJsonFactory;
-import org.codehaus.jackson.map.ObjectMapper;
-import org.codehaus.jackson.node.ContainerNode;
-
-abstract public class AuditMetadataLogEntity implements JsonLogEntity {
-
- static final JsonFactory factory = new MappingJsonFactory();
- private String serviceName;
- private String userName;
- private String impersonator;
- private String ipAddress;
- private String operation;
- private String eventTime;
- private String operationText;
- private String allowed;
- private String objectType;
- private String component;
-
- void setCommonAttr(String serviceName, String userName, String impersonator, String ipAddress,
- String operation, String eventTime, String operationText, String allowed, String objectType,
- String component) {
- this.serviceName = serviceName;
- this.userName = userName;
- this.impersonator = impersonator;
- this.ipAddress = ipAddress;
- this.operation = operation;
- this.eventTime = eventTime;
- this.operationText = operationText;
- this.allowed = allowed;
- this.objectType = objectType;
- this.component = component;
- }
-
- public String getServiceName() {
- return serviceName;
- }
-
- public void setServiceName(String serviceName) {
- this.serviceName = serviceName;
- }
-
- public String getUserName() {
- return userName;
- }
-
- public void setUserName(String userName) {
- this.userName = userName;
- }
-
- public String getImpersonator() {
- return impersonator;
- }
-
- public void setImpersonator(String impersonator) {
- this.impersonator = impersonator;
- }
-
- public String getIpAddress() {
- return ipAddress;
- }
-
- public void setIpAddress(String ipAddress) {
- this.ipAddress = ipAddress;
- }
-
- public String getOperation() {
- return operation;
- }
-
- public void setOperation(String operation) {
- this.operation = operation;
- }
-
- public String getEventTime() {
- return eventTime;
- }
-
- public void setEventTime(String eventTime) {
- this.eventTime = eventTime;
- }
-
- public String getOperationText() {
- return operationText;
- }
-
- public void setOperationText(String operationText) {
- this.operationText = operationText;
- }
-
- public String getAllowed() {
- return allowed;
- }
-
- public void setAllowed(String allowed) {
- this.allowed = allowed;
- }
-
- public String getObjectType() {
- return objectType;
- }
-
- public void setObjectType(String objectType) {
- this.objectType = objectType;
- }
-
- public String getComponent() {
- return component;
- }
-
- public void setComponent(String component) {
- this.component = component;
- }
-
- /**
- * For use in tests
- *
- * @param json
- * incoming JSON to parse
- * @return a node tree
- * @throws IOException
- * on any parsing problems
- */
- public static ContainerNode parse(String json) throws IOException {
- ObjectMapper mapper = new ObjectMapper(factory);
- JsonNode jsonNode = mapper.readTree(json);
- if (!(jsonNode instanceof ContainerNode)) {
- throw new IOException("Wrong JSON data: " + json);
- }
- return (ContainerNode) jsonNode;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java
deleted file mode 100644
index 4949ac7..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/DBAuditMetadataLogEntity.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.io.IOException;
-import java.io.StringWriter;
-
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.codehaus.jackson.JsonGenerator;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class DBAuditMetadataLogEntity extends AuditMetadataLogEntity {
- private static final Logger LOGGER = LoggerFactory.getLogger(DBAuditMetadataLogEntity.class);
-
- private String databaseName;
- private String tableName;
- private String columnName;
- private String resourcePath;
-
- public DBAuditMetadataLogEntity() {
- }
-
- public DBAuditMetadataLogEntity(String serviceName, String userName, String impersonator,
- String ipAddress, String operation, String eventTime, String operationText, String allowed,
- String objectType, String component, String databaseName, String tableName,
- String columnName, String resourcePath) {
- setCommonAttr(serviceName, userName, impersonator, ipAddress, operation, eventTime,
- operationText, allowed, objectType, component);
- this.databaseName = databaseName;
- this.tableName = tableName;
- this.columnName = columnName;
- this.resourcePath = resourcePath;
- }
-
- public String getDatabaseName() {
- return databaseName;
- }
-
- public void setDatabaseName(String databaseName) {
- this.databaseName = databaseName;
- }
-
- public String getTableName() {
- return tableName;
- }
-
- public void setTableName(String tableName) {
- this.tableName = tableName;
- }
-
- public String getColumnName() {
- return columnName;
- }
-
- public void setColumnName(String columnName) {
- this.columnName = columnName;
- }
-
- public String getResourcePath() {
- return resourcePath;
- }
-
- public void setResourcePath(String resourcePath) {
- this.resourcePath = resourcePath;
- }
-
- @Override
- public String toJsonFormatLog() throws Exception {
- StringWriter stringWriter = new StringWriter();
- JsonGenerator json = null;
- try {
- json = factory.createJsonGenerator(stringWriter);
- json.writeStartObject();
- json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, getServiceName());
- json.writeStringField(Constants.LOG_FIELD_USER_NAME, getUserName());
- json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, getImpersonator());
- json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, getIpAddress());
- json.writeStringField(Constants.LOG_FIELD_OPERATION, getOperation());
- json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, getEventTime());
- json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, getOperationText());
- json.writeStringField(Constants.LOG_FIELD_ALLOWED, getAllowed());
- json.writeStringField(Constants.LOG_FIELD_DATABASE_NAME, databaseName);
- json.writeStringField(Constants.LOG_FIELD_TABLE_NAME, tableName);
- json.writeStringField(Constants.LOG_FIELD_COLUMN_NAME, columnName);
- json.writeStringField(Constants.LOG_FIELD_RESOURCE_PATH, resourcePath);
- json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, getObjectType());
- json.writeEndObject();
- json.flush();
- } catch (IOException e) {
- String msg = "Error creating audit log in json format: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- } finally {
- try {
- if (json != null) {
- json.close();
- }
- } catch (IOException e) {
- String msg = "Error when close json object: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- }
- }
-
- return stringWriter.toString();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java
deleted file mode 100644
index 6911772..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/GMAuditMetadataLogEntity.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.io.IOException;
-import java.io.StringWriter;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.codehaus.jackson.JsonGenerator;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class GMAuditMetadataLogEntity extends AuditMetadataLogEntity {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(GMAuditMetadataLogEntity.class);
- private Map<String, String> privilegesMap;
-
- public GMAuditMetadataLogEntity() {
- privilegesMap = new LinkedHashMap<String, String>();
- }
-
- public GMAuditMetadataLogEntity(String serviceName, String userName, String impersonator,
- String ipAddress, String operation, String eventTime, String operationText, String allowed,
- String objectType, String component, Map<String, String> privilegesMap) {
- setCommonAttr(serviceName, userName, impersonator, ipAddress, operation, eventTime,
- operationText, allowed, objectType, component);
- this.privilegesMap = privilegesMap;
- }
-
- @Override
- public String toJsonFormatLog() throws Exception {
- StringWriter stringWriter = new StringWriter();
- JsonGenerator json = null;
- try {
- json = factory.createJsonGenerator(stringWriter);
- json.writeStartObject();
- json.writeStringField(Constants.LOG_FIELD_SERVICE_NAME, getServiceName());
- json.writeStringField(Constants.LOG_FIELD_USER_NAME, getUserName());
- json.writeStringField(Constants.LOG_FIELD_IMPERSONATOR, getImpersonator());
- json.writeStringField(Constants.LOG_FIELD_IP_ADDRESS, getIpAddress());
- json.writeStringField(Constants.LOG_FIELD_OPERATION, getOperation());
- json.writeStringField(Constants.LOG_FIELD_EVENT_TIME, getEventTime());
- json.writeStringField(Constants.LOG_FIELD_OPERATION_TEXT, getOperationText());
- json.writeStringField(Constants.LOG_FIELD_ALLOWED, getAllowed());
- for (Map.Entry<String, String> entry : privilegesMap.entrySet()) {
- json.writeStringField(entry.getKey(), entry.getValue());
- }
- json.writeStringField(Constants.LOG_FIELD_OBJECT_TYPE, getObjectType());
- json.writeStringField(Constants.LOG_FIELD_COMPONENT, getComponent());
- json.writeEndObject();
- json.flush();
- } catch (IOException e) {
- String msg = "Error creating audit log in json format: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- } finally {
- try {
- if (json != null) {
- json.close();
- }
- } catch (IOException e) {
- String msg = "Error when close json object: " + e.getMessage();
- LOGGER.error(msg, e);
- throw e;
- }
- }
-
- return stringWriter.toString();
- }
-
- public Map<String, String> getPrivilegesMap() {
- return privilegesMap;
- }
-
- public void setPrivilegesMap(Map<String, String> privilegesMap) {
- this.privilegesMap = privilegesMap;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
deleted file mode 100644
index 913f125..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-public interface JsonLogEntity {
-
- String toJsonFormatLog() throws Exception;
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
deleted file mode 100644
index f6bb8a5..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
+++ /dev/null
@@ -1,351 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.entity;
-
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.log.util.CommandUtil;
-import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddUsersRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddUsersResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteUsersRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteUsersResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.ThriftUtil;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.sentry.service.thrift.TSentryResponseStatus;
-
-import com.google.common.base.Joiner;
-import com.google.common.collect.ImmutableSet;
-
-public final class JsonLogEntityFactory {
-
- private static JsonLogEntityFactory factory = new JsonLogEntityFactory();
-
- private JsonLogEntityFactory() {
- }
-
- public static JsonLogEntityFactory getInstance() {
- return factory;
- }
-
- // log entity for hive/impala create role
- public JsonLogEntity createJsonLogEntity(TCreateSentryRoleRequest request,
- TCreateSentryRoleResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(
- request.getRoleName(), true));
-
- return hamle;
- }
-
- // log entity for hive/impala drop role
- public JsonLogEntity createJsonLogEntity(TDropSentryRoleRequest request,
- TDropSentryRoleResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(
- request.getRoleName(), false));
-
- return hamle;
- }
-
- // log entity for hive/impala grant privilege
- public Set<JsonLogEntity> createJsonLogEntitys(
- TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) {
- ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder();
- if (request.isSetPrivileges()) {
- for (TSentryPrivilege privilege : request.getPrivileges()) {
- JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf);
- setBuilder.add(logEntity);
- }
- }
- return setBuilder.build();
- }
-
- private JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleGrantPrivilegeRequest request, TSentryPrivilege privilege,
- TAlterSentryRoleGrantPrivilegeResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForGrantPrivilege(request));
- hamle.setDatabaseName(privilege.getDbName());
- hamle.setTableName(privilege.getTableName());
- hamle.setResourcePath(privilege.getURI());
- return hamle;
- }
-
- // log entity for hive/impala revoke privilege
- public Set<JsonLogEntity> createJsonLogEntitys(
- TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) {
- ImmutableSet.Builder<JsonLogEntity> setBuilder = ImmutableSet.builder();
- if (request.isSetPrivileges()) {
- for (TSentryPrivilege privilege : request.getPrivileges()) {
- JsonLogEntity logEntity = createJsonLogEntity(request, privilege, response, conf);
- setBuilder.add(logEntity);
- }
- }
- return setBuilder.build();
- }
-
- private JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleRevokePrivilegeRequest request, TSentryPrivilege privilege,
- TAlterSentryRoleRevokePrivilegeResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- hamle.setOperationText(CommandUtil.createCmdForRevokePrivilege(request));
- hamle.setDatabaseName(privilege.getDbName());
- hamle.setTableName(privilege.getTableName());
- hamle.setResourcePath(privilege.getURI());
-
- return hamle;
- }
-
- // log entity for hive/impala add role to group
- public JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String groups = getGroupsStr(request.getGroupsIterator());
- hamle.setOperationText(CommandUtil.createCmdForRoleAddGroup(request.getRoleName(), groups));
-
- return hamle;
- }
-
- // log entity for hive/impala delete role from group
- public JsonLogEntity createJsonLogEntity(
- TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response, Configuration conf) {
- DBAuditMetadataLogEntity hamle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String groups = getGroupsStr(request.getGroupsIterator());
- hamle.setOperationText(CommandUtil.createCmdForRoleDeleteGroup(request.getRoleName(), groups));
-
- return hamle;
- }
-
- private String getGroupsStr(Iterator<TSentryGroup> iter) {
- StringBuilder groups = new StringBuilder("");
- if (iter != null) {
- boolean commaFlg = false;
- while (iter.hasNext()) {
- if (commaFlg) {
- groups.append(", ");
- } else {
- commaFlg = true;
- }
- groups.append(iter.next().getGroupName());
- }
- }
- return groups.toString();
- }
-
- public JsonLogEntity createJsonLogEntity(TAlterSentryRoleAddUsersRequest request,
- TAlterSentryRoleAddUsersResponse response, Configuration conf) {
- AuditMetadataLogEntity amle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String users = getUsersStr(request.getUsersIterator());
- amle.setOperationText(CommandUtil.createCmdForRoleAddUser(request.getRoleName(), users));
-
- return amle;
- }
-
- public JsonLogEntity createJsonLogEntity(TAlterSentryRoleDeleteUsersRequest request,
- TAlterSentryRoleDeleteUsersResponse response, Configuration conf) {
- AuditMetadataLogEntity amle = createCommonHAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName());
- String users = getUsersStr(request.getUsersIterator());
- amle.setOperationText(CommandUtil.createCmdForRoleDeleteUser(request.getRoleName(), users));
-
- return amle;
- }
-
- private String getUsersStr(Iterator<String> iter) {
- StringBuilder users = new StringBuilder("");
- if (iter != null) {
- boolean commaFlg = false;
- while (iter.hasNext()) {
- if (commaFlg) {
- users.append(", ");
- } else {
- commaFlg = true;
- }
- users.append(iter.next());
- }
- }
- return users.toString();
- }
-
- public String isAllowed(TSentryResponseStatus status) {
- if (status.equals(Status.OK())) {
- return Constants.TRUE;
- }
- return Constants.FALSE;
- }
-
- // log entity for generic model create role
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- gmamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(request.getRoleName(), true));
-
- return gmamle;
- }
-
- // log entity for generic model drop role
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- gmamle.setOperationText(CommandUtil.createCmdForCreateOrDropRole(request.getRoleName(), false));
-
- return gmamle;
- }
-
- // log entity for generic model grant privilege
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- if (request.getPrivilege() != null) {
- List<TAuthorizable> authorizables = request.getPrivilege().getAuthorizables();
- Map<String, String> privilegesMap = new LinkedHashMap<String, String>();
- if (authorizables != null) {
- for (TAuthorizable authorizable : authorizables) {
- privilegesMap.put(authorizable.getType(), authorizable.getName());
- }
- }
- gmamle.setPrivilegesMap(privilegesMap);
- }
- gmamle.setOperationText(CommandUtil.createCmdForGrantGMPrivilege(request));
-
- return gmamle;
- }
-
- // log entity for generic model revoke privilege
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- if (request.getPrivilege() != null) {
- List<TAuthorizable> authorizables = request.getPrivilege().getAuthorizables();
- Map<String, String> privilegesMap = new LinkedHashMap<String, String>();
- if (authorizables != null) {
- for (TAuthorizable authorizable : authorizables) {
- privilegesMap.put(authorizable.getType(), authorizable.getName());
- }
- }
- gmamle.setPrivilegesMap(privilegesMap);
- }
- gmamle.setOperationText(CommandUtil.createCmdForRevokeGMPrivilege(request));
-
- return gmamle;
- }
-
- // log entity for generic model add role to group
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- Joiner joiner = Joiner.on(",");
- String groups = joiner.join(request.getGroupsIterator());
- gmamle.setOperationText(CommandUtil.createCmdForRoleAddGroup(request.getRoleName(), groups));
-
- return gmamle;
- }
-
- // log entity for hive delete role from group
- public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse response,
- Configuration conf) {
- GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
- request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
- Joiner joiner = Joiner.on(",");
- String groups = joiner.join(request.getGroupsIterator());
- gmamle.setOperationText(CommandUtil.createCmdForRoleDeleteGroup(request.getRoleName(), groups));
-
- return gmamle;
- }
-
- private DBAuditMetadataLogEntity createCommonHAMLE(Configuration conf,
- TSentryResponseStatus responseStatus, String userName, String requestClassName) {
- DBAuditMetadataLogEntity hamle = new DBAuditMetadataLogEntity();
- setCommAttrForAMLE(hamle, conf, responseStatus, userName, requestClassName);
- return hamle;
- }
-
- private GMAuditMetadataLogEntity createCommonGMAMLE(Configuration conf,
- TSentryResponseStatus responseStatus, String userName, String requestClassName,
- String component) {
- GMAuditMetadataLogEntity gmamle = new GMAuditMetadataLogEntity();
- setCommAttrForAMLE(gmamle, conf, responseStatus, userName, requestClassName);
- gmamle.setComponent(component);
- return gmamle;
- }
-
- private void setCommAttrForAMLE(AuditMetadataLogEntity amle, Configuration conf,
- TSentryResponseStatus responseStatus, String userName, String requestClassName) {
- amle.setUserName(userName);
- amle.setServiceName(conf.get(ServerConfig.SENTRY_SERVICE_NAME,
- ServerConfig.SENTRY_SERVICE_NAME_DEFAULT).trim());
- amle.setImpersonator(ThriftUtil.getImpersonator());
- amle.setIpAddress(ThriftUtil.getIpAddress());
- amle.setOperation(Constants.requestTypeToOperationMap.get(requestClassName));
- amle.setEventTime(Long.toString(System.currentTimeMillis()));
- amle.setAllowed(isAllowed(responseStatus));
- amle.setObjectType(Constants.requestTypeToObjectTypeMap
- .get(requestClassName));
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
deleted file mode 100644
index 328bbbb..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
+++ /dev/null
@@ -1,233 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.util;
-
-import java.net.InetAddress;
-import java.net.NetworkInterface;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.Set;
-
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.datanucleus.util.StringUtils;
-
-import com.google.common.annotations.VisibleForTesting;
-
-public final class CommandUtil {
-
- public CommandUtil() {
- // Make constructor private to avoid instantiation
- }
-
- public static String createCmdForCreateOrDropRole(String roleName,
- boolean isCreate) {
- if (isCreate) {
- return "CREATE ROLE " + roleName;
- }
- return "DROP ROLE " + roleName;
- }
-
- public static String createCmdForRoleAddGroup(String roleName, String groups) {
- return createCmdForRoleGrant(roleName, groups, true, true);
- }
-
- public static String createCmdForRoleDeleteGroup(String roleName, String groups) {
- return createCmdForRoleGrant(roleName, groups, false, true);
- }
-
- private static String createCmdForRoleGrant(String roleName, String principals,
- boolean isGrant, boolean isGroup) {
- StringBuilder sb = new StringBuilder();
- if (isGrant) {
- sb.append("GRANT ROLE ");
- } else {
- sb.append("REVOKE ROLE ");
- }
- sb.append(roleName);
- if (isGrant) {
- sb.append(" TO ");
- } else {
- sb.append(" FROM ");
- }
-
- String principalType = isGroup ? "GROUP" : "USER";
- if (!StringUtils.isEmpty(principals)) {
- sb.append(principalType).append(" ").append(principals);
- } else {
- sb = new StringBuilder("Missing " + principalType + " information.");
- }
-
- return sb.toString();
- }
-
- public static String createCmdForRoleAddUser(String roleName, String users) {
- return createCmdForRoleGrant(roleName, users, true, false);
- }
-
- public static String createCmdForRoleDeleteUser(String roleName, String users) {
- return createCmdForRoleGrant(roleName, users, false, false);
- }
-
- public static String createCmdForGrantPrivilege(
- TAlterSentryRoleGrantPrivilegeRequest request) {
- return createCmdForGrantOrRevokePrivileges(request.getRoleName(),
- request.getPrivileges(), true);
- }
-
- public static String createCmdForRevokePrivilege(
- TAlterSentryRoleRevokePrivilegeRequest request) {
- return createCmdForGrantOrRevokePrivileges(request.getRoleName(),
- request.getPrivileges(), false);
- }
-
- private static String createCmdForGrantOrRevokePrivileges(String roleName,
- Set<TSentryPrivilege> privileges, boolean isGrant) {
- StringBuilder sb = new StringBuilder();
- if (privileges != null) {
- for (TSentryPrivilege privilege : privileges) {
- sb.append(createCmdForGrantOrRevokePrivilege(roleName, privilege, isGrant));
- }
- }
- return sb.toString();
- }
-
- private static String createCmdForGrantOrRevokePrivilege(String roleName,
- TSentryPrivilege privilege, boolean isGrant) {
- StringBuilder sb = new StringBuilder();
- if (isGrant) {
- sb.append("GRANT ");
- } else {
- sb.append("REVOKE ");
- }
-
- String action = privilege.getAction();
- String privilegeScope = privilege.getPrivilegeScope();
- if (AccessConstants.ALL.equalsIgnoreCase(action)) {
- sb.append("ALL");
- } else {
- if (action != null) {
- action = action.toUpperCase();
- }
- sb.append(action);
- }
-
- sb.append(" ON ").append(privilege.getPrivilegeScope()).append(" ");
- if (PrivilegeScope.DATABASE.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getDbName());
- } else if (PrivilegeScope.TABLE.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getTableName());
- } else if (PrivilegeScope.SERVER.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getServerName());
- } else if (PrivilegeScope.URI.name().equalsIgnoreCase(privilegeScope)) {
- sb.append(privilege.getURI());
- }
-
- if (isGrant) {
- sb.append(" TO ROLE ");
- } else {
- sb.append(" FROM ROLE ");
- }
- sb.append(roleName);
-
- if (privilege.getGrantOption() == TSentryGrantOption.TRUE) {
- sb.append(" WITH GRANT OPTION");
- }
-
- return sb.toString();
- }
-
- public static String createCmdForGrantGMPrivilege(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request) {
- return createCmdForGrantOrRevokeGMPrivilege(request.getRoleName(), request.getPrivilege(), true);
- }
-
- public static String createCmdForRevokeGMPrivilege(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request) {
- return createCmdForGrantOrRevokeGMPrivilege(request.getRoleName(), request.getPrivilege(),
- false);
- }
-
- private static String createCmdForGrantOrRevokeGMPrivilege(String roleName,
- org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege,
- boolean isGrant) {
- StringBuilder sb = new StringBuilder();
- if (isGrant) {
- sb.append("GRANT ");
- } else {
- sb.append("REVOKE ");
- }
-
- String action = privilege.getAction();
- if (AccessConstants.ALL.equalsIgnoreCase(action)) {
- sb.append("ALL");
- } else {
- if (action != null) {
- action = action.toUpperCase();
- }
- sb.append(action);
- }
-
- sb.append(" ON");
-
- List<TAuthorizable> authorizables = privilege.getAuthorizables();
- if (authorizables != null) {
- for (TAuthorizable authorizable : authorizables) {
- sb.append(" ").append(authorizable.getType()).append(" ").append(authorizable.getName());
- }
- }
-
- if (isGrant) {
- sb.append(" TO ROLE ");
- } else {
- sb.append(" FROM ROLE ");
- }
- sb.append(roleName);
-
- if (privilege.getGrantOption() == org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.TRUE) {
- sb.append(" WITH GRANT OPTION");
- }
-
- return sb.toString();
- }
-
- // Check if the given IP is one of the local IP.
- @VisibleForTesting
- public static boolean assertIPInAuditLog(String ipInAuditLog) throws Exception {
- if (ipInAuditLog == null) {
- return false;
- }
- Enumeration<NetworkInterface> netInterfaces = NetworkInterface.getNetworkInterfaces();
- while (netInterfaces.hasMoreElements()) {
- NetworkInterface ni = netInterfaces.nextElement();
- Enumeration<InetAddress> ips = ni.getInetAddresses();
- while (ips.hasMoreElements()) {
- if (ipInAuditLog.indexOf(ips.nextElement().getHostAddress()) != -1) {
- return true;
- }
- }
- }
- return false;
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/f1332300/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
deleted file mode 100644
index 2e71ce0..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
+++ /dev/null
@@ -1,162 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.log.util;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.apache.sentry.provider.db.service.thrift.*;
-
-public final class Constants {
- public final static String AUDIT_LOGGER_NAME = "sentry.hive.authorization.ddl.logger";
- public final static String AUDIT_LOGGER_NAME_GENERIC = "sentry.generic.authorization.ddl.logger";
-
- public final static String LOG_FIELD_SERVICE_NAME = "serviceName";
- public final static String LOG_FIELD_USER_NAME = "userName";
- public final static String LOG_FIELD_IMPERSONATOR = "impersonator";
- public final static String LOG_FIELD_IP_ADDRESS = "ipAddress";
- public final static String LOG_FIELD_OPERATION = "operation";
- public final static String LOG_FIELD_EVENT_TIME = "eventTime";
- public final static String LOG_FIELD_OPERATION_TEXT = "operationText";
- public final static String LOG_FIELD_ALLOWED = "allowed";
- public final static String LOG_FIELD_DATABASE_NAME = "databaseName";
- public final static String LOG_FIELD_TABLE_NAME = "tableName";
- public final static String LOG_FIELD_COLUMN_NAME = "column";
- public final static String LOG_FIELD_RESOURCE_PATH = "resourcePath";
- public final static String LOG_FIELD_OBJECT_TYPE = "objectType";
- public final static String LOG_FIELD_COMPONENT = "component";
-
- public final static String OPERATION_CREATE_ROLE = "CREATE_ROLE";
- public final static String OPERATION_DROP_ROLE = "DROP_ROLE";
- public final static String OPERATION_ADD_ROLE = "ADD_ROLE_TO_GROUP";
- public final static String OPERATION_DELETE_ROLE = "DELETE_ROLE_FROM_GROUP";
- public final static String OPERATION_ADD_ROLE_USER = "ADD_ROLE_TO_USER";
- public final static String OPERATION_DELETE_ROLE_USER = "DELETE_ROLE_FROM_USER";
- public final static String OPERATION_GRANT_PRIVILEGE = "GRANT_PRIVILEGE";
- public final static String OPERATION_REVOKE_PRIVILEGE = "REVOKE_PRIVILEGE";
-
- public final static String OBJECT_TYPE_PRINCIPAL = "PRINCIPAL";
- public final static String OBJECT_TYPE_ROLE = "ROLE";
-
- public final static String TRUE = "true";
- public final static String FALSE = "false";
-
- public static final Map<String, String> requestTypeToOperationMap = new HashMap<String, String>();
- public static final Map<String, String> requestTypeToObjectTypeMap = new HashMap<String, String>();
-
- static {
- // for hive audit log
- requestTypeToOperationMap.put(TCreateSentryRoleRequest.class.getName(),
- Constants.OPERATION_CREATE_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
- Constants.OPERATION_GRANT_PRIVILEGE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
- Constants.OPERATION_REVOKE_PRIVILEGE);
- requestTypeToOperationMap.put(TDropSentryRoleRequest.class.getName(),
- Constants.OPERATION_DROP_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleAddGroupsRequest.class.getName(),
- Constants.OPERATION_ADD_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleDeleteGroupsRequest.class.getName(),
- Constants.OPERATION_DELETE_ROLE);
- requestTypeToOperationMap.put(
- TAlterSentryRoleAddUsersRequest.class.getName(),
- Constants.OPERATION_ADD_ROLE_USER);
- requestTypeToOperationMap.put(
- TAlterSentryRoleDeleteUsersRequest.class.getName(),
- Constants.OPERATION_DELETE_ROLE_USER);
-
- // for generic model audit log
- requestTypeToOperationMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest.class
- .getName(), Constants.OPERATION_CREATE_ROLE);
- requestTypeToOperationMap
- .put(org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest.class
- .getName(), Constants.OPERATION_DROP_ROLE);
- requestTypeToOperationMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest.class
- .getName(), Constants.OPERATION_GRANT_PRIVILEGE);
- requestTypeToOperationMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest.class
- .getName(), Constants.OPERATION_REVOKE_PRIVILEGE);
- requestTypeToOperationMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest.class
- .getName(), Constants.OPERATION_ADD_ROLE);
- requestTypeToOperationMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest.class
- .getName(), Constants.OPERATION_DELETE_ROLE);
-
- // for hive audit log
- requestTypeToObjectTypeMap.put(TCreateSentryRoleRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(TDropSentryRoleRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleAddGroupsRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleDeleteGroupsRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleAddUsersRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleDeleteUsersRequest.class.getName(),
- Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
- Constants.OBJECT_TYPE_PRINCIPAL);
- requestTypeToObjectTypeMap.put(
- TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
- Constants.OBJECT_TYPE_PRINCIPAL);
- // for generic model audit log
- requestTypeToObjectTypeMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap
- .put(org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap.put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest.class
- .getName(), Constants.OBJECT_TYPE_ROLE);
- requestTypeToObjectTypeMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest.class
- .getName(), Constants.OBJECT_TYPE_PRINCIPAL);
- requestTypeToObjectTypeMap
- .put(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest.class
- .getName(), Constants.OBJECT_TYPE_PRINCIPAL);
- }
-
- private Constants() {
- // Make constructor private to avoid instantiation
- }
-
-}