You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@druid.apache.org by le...@apache.org on 2019/06/06 13:51:43 UTC
[incubator-druid] branch master updated: Druid basic authentication
class composition config (#7789)
This is an automated email from the ASF dual-hosted git repository.
leventov pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-druid.git
The following commit(s) were added to refs/heads/master by this push:
new 0802702 Druid basic authentication class composition config (#7789)
0802702 is described below
commit 080270283a40e5d83eefb909decb9c167e7aa420
Author: Eugene Sevastyanov <se...@gmail.com>
AuthorDate: Thu Jun 6 16:51:37 2019 +0300
Druid basic authentication class composition config (#7789)
* Druid basic authentication class composition config.
* Added comments
* Reduced nulls
* Used noop implementations to get rid of null
* Added docs for no-op metadata storage updaters
* Fixed BasicAuthClassCompositionConfig javadoc
* Removed incorrect comments
---
.../basic/BasicAuthClassCompositionConfig.java | 128 +++++++++++++++
.../security/basic/BasicSecurityDruidModule.java | 181 ++++++++++++++-------
.../cache/NoopBasicAuthenticatorCacheNotifier.java | 34 ++++
...opBasicAuthenticatorMetadataStorageUpdater.java | 73 +++++++++
.../db/cache/NoopBasicAuthorizerCacheNotifier.java | 34 ++++
.../NoopBasicAuthorizerMetadataStorageUpdater.java | 99 +++++++++++
6 files changed, 493 insertions(+), 56 deletions(-)
diff --git a/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/BasicAuthClassCompositionConfig.java b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/BasicAuthClassCompositionConfig.java
new file mode 100644
index 0000000..dc531a1
--- /dev/null
+++ b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/BasicAuthClassCompositionConfig.java
@@ -0,0 +1,128 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.druid.security.basic;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+/**
+ * Basic authentication storage/cache/resource handler config.
+ * BasicAuthClassCompositionConfig provides options to specify authenticator/authorizer classes of user/role managers,
+ * caches and notifiers. If a field in this class is non-null then the corresponding class is instantiated
+ * regardless of what type of Druid component runs it (see {@link BasicSecurityDruidModule}).
+ * Hence every Druid component might be a user/role manager and notify others by sending notifications.
+ * Every field must be a valid class name (appropriate for the corresponding goal) or null.
+ */
+public class BasicAuthClassCompositionConfig
+{
+ @JsonProperty
+ private final String authenticatorMetadataStorageUpdater;
+
+ @JsonProperty
+ private final String authenticatorCacheManager;
+
+ @JsonProperty
+ private final String authenticatorResourceHandler;
+
+ @JsonProperty
+ private final String authenticatorCacheNotifier;
+
+ @JsonProperty
+ private final String authorizerMetadataStorageUpdater;
+
+ @JsonProperty
+ private final String authorizerCacheManager;
+
+ @JsonProperty
+ private final String authorizerResourceHandler;
+
+ @JsonProperty
+ private final String authorizerCacheNotifier;
+
+ @JsonCreator
+ public BasicAuthClassCompositionConfig(
+ @JsonProperty("authenticatorMetadataStorageUpdater") String authenticatorMetadataStorageUpdater,
+ @JsonProperty("authenticatorCacheManager") String authenticatorCacheManager,
+ @JsonProperty("authenticatorResourceHandler") String authenticatorResourceHandler,
+ @JsonProperty("authenticatorCacheNotifier") String authenticatorCacheNotifier,
+ @JsonProperty("authorizerMetadataStorageUpdater") String authorizerMetadataStorageUpdater,
+ @JsonProperty("authorizerCacheManager") String authorizerCacheManager,
+ @JsonProperty("authorizerResourceHandler") String authorizerResourceHandler,
+ @JsonProperty("authorizerCacheNotifier") String authorizerCacheNotifier
+ )
+ {
+ this.authenticatorMetadataStorageUpdater = authenticatorMetadataStorageUpdater;
+ this.authenticatorCacheManager = authenticatorCacheManager;
+ this.authenticatorResourceHandler = authenticatorResourceHandler;
+ this.authenticatorCacheNotifier = authenticatorCacheNotifier;
+ this.authorizerMetadataStorageUpdater = authorizerMetadataStorageUpdater;
+ this.authorizerCacheManager = authorizerCacheManager;
+ this.authorizerResourceHandler = authorizerResourceHandler;
+ this.authorizerCacheNotifier = authorizerCacheNotifier;
+ }
+
+ @JsonProperty
+ public String getAuthenticatorMetadataStorageUpdater()
+ {
+ return authenticatorMetadataStorageUpdater;
+ }
+
+ @JsonProperty
+ public String getAuthenticatorCacheManager()
+ {
+ return authenticatorCacheManager;
+ }
+
+ @JsonProperty
+ public String getAuthenticatorResourceHandler()
+ {
+ return authenticatorResourceHandler;
+ }
+
+ @JsonProperty
+ public String getAuthenticatorCacheNotifier()
+ {
+ return authenticatorCacheNotifier;
+ }
+
+ @JsonProperty
+ public String getAuthorizerMetadataStorageUpdater()
+ {
+ return authorizerMetadataStorageUpdater;
+ }
+
+ @JsonProperty
+ public String getAuthorizerCacheManager()
+ {
+ return authorizerCacheManager;
+ }
+
+ @JsonProperty
+ public String getAuthorizerResourceHandler()
+ {
+ return authorizerResourceHandler;
+ }
+
+ @JsonProperty
+ public String getAuthorizerCacheNotifier()
+ {
+ return authorizerCacheNotifier;
+ }
+}
diff --git a/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/BasicSecurityDruidModule.java b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/BasicSecurityDruidModule.java
index c921bae..523d06b 100644
--- a/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/BasicSecurityDruidModule.java
+++ b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/BasicSecurityDruidModule.java
@@ -39,8 +39,10 @@ import org.apache.druid.security.basic.authentication.db.cache.BasicAuthenticato
import org.apache.druid.security.basic.authentication.db.cache.CoordinatorBasicAuthenticatorCacheNotifier;
import org.apache.druid.security.basic.authentication.db.cache.CoordinatorPollingBasicAuthenticatorCacheManager;
import org.apache.druid.security.basic.authentication.db.cache.MetadataStoragePollingBasicAuthenticatorCacheManager;
+import org.apache.druid.security.basic.authentication.db.cache.NoopBasicAuthenticatorCacheNotifier;
import org.apache.druid.security.basic.authentication.db.updater.BasicAuthenticatorMetadataStorageUpdater;
import org.apache.druid.security.basic.authentication.db.updater.CoordinatorBasicAuthenticatorMetadataStorageUpdater;
+import org.apache.druid.security.basic.authentication.db.updater.NoopBasicAuthenticatorMetadataStorageUpdater;
import org.apache.druid.security.basic.authentication.endpoint.BasicAuthenticatorResource;
import org.apache.druid.security.basic.authentication.endpoint.BasicAuthenticatorResourceHandler;
import org.apache.druid.security.basic.authentication.endpoint.CoordinatorBasicAuthenticatorResourceHandler;
@@ -51,8 +53,10 @@ import org.apache.druid.security.basic.authorization.db.cache.BasicAuthorizerCac
import org.apache.druid.security.basic.authorization.db.cache.CoordinatorBasicAuthorizerCacheNotifier;
import org.apache.druid.security.basic.authorization.db.cache.CoordinatorPollingBasicAuthorizerCacheManager;
import org.apache.druid.security.basic.authorization.db.cache.MetadataStoragePollingBasicAuthorizerCacheManager;
+import org.apache.druid.security.basic.authorization.db.cache.NoopBasicAuthorizerCacheNotifier;
import org.apache.druid.security.basic.authorization.db.updater.BasicAuthorizerMetadataStorageUpdater;
import org.apache.druid.security.basic.authorization.db.updater.CoordinatorBasicAuthorizerMetadataStorageUpdater;
+import org.apache.druid.security.basic.authorization.db.updater.NoopBasicAuthorizerMetadataStorageUpdater;
import org.apache.druid.security.basic.authorization.endpoint.BasicAuthorizerResource;
import org.apache.druid.security.basic.authorization.endpoint.BasicAuthorizerResourceHandler;
import org.apache.druid.security.basic.authorization.endpoint.CoordinatorBasicAuthorizerResourceHandler;
@@ -62,10 +66,12 @@ import java.util.List;
public class BasicSecurityDruidModule implements DruidModule
{
+
@Override
public void configure(Binder binder)
{
JsonConfigProvider.bind(binder, "druid.auth.basic.common", BasicAuthCommonCacheConfig.class);
+ JsonConfigProvider.bind(binder, "druid.auth.basic.composition", BasicAuthClassCompositionConfig.class);
LifecycleModule.register(binder, BasicAuthenticatorMetadataStorageUpdater.class);
LifecycleModule.register(binder, BasicAuthorizerMetadataStorageUpdater.class);
@@ -76,84 +82,124 @@ public class BasicSecurityDruidModule implements DruidModule
Jerseys.addResource(binder, BasicAuthorizerResource.class);
}
- @Provides @LazySingleton
- public static BasicAuthenticatorMetadataStorageUpdater createAuthenticatorStorageUpdater(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthenticatorMetadataStorageUpdater createAuthenticatorStorageUpdater(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(CoordinatorBasicAuthenticatorMetadataStorageUpdater.class);
- } else {
- return null;
- }
+ return getInstance(
+ injector,
+ config.getAuthenticatorMetadataStorageUpdater(),
+ CoordinatorBasicAuthenticatorMetadataStorageUpdater.class,
+ NoopBasicAuthenticatorMetadataStorageUpdater.class
+ );
}
- @Provides @LazySingleton
- public static BasicAuthenticatorCacheManager createAuthenticatorCacheManager(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthenticatorCacheManager createAuthenticatorCacheManager(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(MetadataStoragePollingBasicAuthenticatorCacheManager.class);
- } else {
- return injector.getInstance(CoordinatorPollingBasicAuthenticatorCacheManager.class);
- }
+ return getInstance(
+ injector,
+ config.getAuthenticatorCacheManager(),
+ MetadataStoragePollingBasicAuthenticatorCacheManager.class,
+ CoordinatorPollingBasicAuthenticatorCacheManager.class
+ );
}
- @Provides @LazySingleton
- public static BasicAuthenticatorResourceHandler createAuthenticatorResourceHandler(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthenticatorResourceHandler createAuthenticatorResourceHandler(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(CoordinatorBasicAuthenticatorResourceHandler.class);
- } else {
- return injector.getInstance(DefaultBasicAuthenticatorResourceHandler.class);
- }
+ return getInstance(
+ injector,
+ config.getAuthenticatorResourceHandler(),
+ CoordinatorBasicAuthenticatorResourceHandler.class,
+ DefaultBasicAuthenticatorResourceHandler.class
+ );
}
- @Provides @LazySingleton
- public static BasicAuthenticatorCacheNotifier createAuthenticatorCacheNotifier(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthenticatorCacheNotifier createAuthenticatorCacheNotifier(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(CoordinatorBasicAuthenticatorCacheNotifier.class);
- } else {
- return null;
- }
+ return getInstance(
+ injector,
+ config.getAuthenticatorCacheNotifier(),
+ CoordinatorBasicAuthenticatorCacheNotifier.class,
+ NoopBasicAuthenticatorCacheNotifier.class
+ );
}
- @Provides @LazySingleton
- public static BasicAuthorizerMetadataStorageUpdater createAuthorizerStorageUpdater(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthorizerMetadataStorageUpdater createAuthorizerStorageUpdater(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(CoordinatorBasicAuthorizerMetadataStorageUpdater.class);
- } else {
- return null;
- }
+ return getInstance(
+ injector,
+ config.getAuthorizerMetadataStorageUpdater(),
+ CoordinatorBasicAuthorizerMetadataStorageUpdater.class,
+ NoopBasicAuthorizerMetadataStorageUpdater.class
+ );
}
- @Provides @LazySingleton
- public static BasicAuthorizerCacheManager createAuthorizerCacheManager(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthorizerCacheManager createAuthorizerCacheManager(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(MetadataStoragePollingBasicAuthorizerCacheManager.class);
- } else {
- return injector.getInstance(CoordinatorPollingBasicAuthorizerCacheManager.class);
- }
+ return getInstance(
+ injector,
+ config.getAuthorizerCacheManager(),
+ MetadataStoragePollingBasicAuthorizerCacheManager.class,
+ CoordinatorPollingBasicAuthorizerCacheManager.class
+ );
}
- @Provides @LazySingleton
- public static BasicAuthorizerResourceHandler createAuthorizerResourceHandler(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthorizerResourceHandler createAuthorizerResourceHandler(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(CoordinatorBasicAuthorizerResourceHandler.class);
- } else {
- return injector.getInstance(DefaultBasicAuthorizerResourceHandler.class);
- }
+ return getInstance(
+ injector,
+ config.getAuthorizerResourceHandler(),
+ CoordinatorBasicAuthorizerResourceHandler.class,
+ DefaultBasicAuthorizerResourceHandler.class
+ );
}
- @Provides @LazySingleton
- public static BasicAuthorizerCacheNotifier createAuthorizerCacheNotifier(final Injector injector)
+ @Provides
+ @LazySingleton
+ public static BasicAuthorizerCacheNotifier createAuthorizerCacheNotifier(
+ final Injector injector,
+ BasicAuthClassCompositionConfig config
+ ) throws ClassNotFoundException
{
- if (isCoordinator(injector)) {
- return injector.getInstance(CoordinatorBasicAuthorizerCacheNotifier.class);
- } else {
- return null;
- }
+ return getInstance(
+ injector,
+ config.getAuthorizerCacheNotifier(),
+ CoordinatorBasicAuthorizerCacheNotifier.class,
+ NoopBasicAuthorizerCacheNotifier.class
+ );
}
@Override
@@ -168,6 +214,29 @@ public class BasicSecurityDruidModule implements DruidModule
);
}
+ /**
+ * Returns the instance provided either by a config property or coordinator-run class or default class.
+ * The order of check corresponds to the order of method params.
+ */
+ private static <T> T getInstance(
+ Injector injector,
+ String configClassName,
+ Class<? extends T> classRunByCoordinator,
+ Class<? extends T> defaultClass
+ ) throws ClassNotFoundException
+ {
+ if (configClassName != null) {
+ // ClassCastException is thrown in case of a mismatch, configuration fix is required.
+ @SuppressWarnings("unchecked")
+ final T instance = (T) injector.getInstance(Class.forName(configClassName));
+ return instance;
+ }
+ if (isCoordinator(injector)) {
+ return injector.getInstance(classRunByCoordinator);
+ }
+ return injector.getInstance(defaultClass);
+ }
+
private static boolean isCoordinator(Injector injector)
{
final String serviceName;
diff --git a/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authentication/db/cache/NoopBasicAuthenticatorCacheNotifier.java b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authentication/db/cache/NoopBasicAuthenticatorCacheNotifier.java
new file mode 100644
index 0000000..ae827b2
--- /dev/null
+++ b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authentication/db/cache/NoopBasicAuthenticatorCacheNotifier.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.druid.security.basic.authentication.db.cache;
+
+/**
+ * Noop basic authenticator cache notifier.
+ * No notification is sent on user udpate.
+ * Might be used as a config option to override default authenticator cache notifier.
+ */
+public class NoopBasicAuthenticatorCacheNotifier implements BasicAuthenticatorCacheNotifier
+{
+ @Override
+ public void addUpdate(String updatedAuthenticatorPrefix, byte[] updatedUserMap)
+ {
+ // Do nothing as this is a noop implementation
+ }
+}
diff --git a/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authentication/db/updater/NoopBasicAuthenticatorMetadataStorageUpdater.java b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authentication/db/updater/NoopBasicAuthenticatorMetadataStorageUpdater.java
new file mode 100644
index 0000000..1e01281
--- /dev/null
+++ b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authentication/db/updater/NoopBasicAuthenticatorMetadataStorageUpdater.java
@@ -0,0 +1,73 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.druid.security.basic.authentication.db.updater;
+
+import org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorCredentialUpdate;
+import org.apache.druid.security.basic.authentication.entity.BasicAuthenticatorUser;
+
+import javax.annotation.Nullable;
+import java.util.Collections;
+import java.util.Map;
+
+/**
+ * Empty implementation of {@link BasicAuthenticatorMetadataStorageUpdater}.
+ * Void methods do nothing, other return empty maps or empty arrays depending on the return type.
+ */
+public class NoopBasicAuthenticatorMetadataStorageUpdater implements BasicAuthenticatorMetadataStorageUpdater
+{
+ @Override
+ public void createUser(String prefix, String userName)
+ {
+ }
+
+ @Override
+ public void deleteUser(String prefix, String userName)
+ {
+ }
+
+ @Override
+ public void setUserCredentials(String prefix, String userName, BasicAuthenticatorCredentialUpdate update)
+ {
+ }
+
+ @Nullable
+ @Override
+ public Map<String, BasicAuthenticatorUser> getCachedUserMap(String prefix)
+ {
+ return Collections.emptyMap();
+ }
+
+ @Override
+ public byte[] getCachedSerializedUserMap(String prefix)
+ {
+ return new byte[0];
+ }
+
+ @Override
+ public byte[] getCurrentUserMapBytes(String prefix)
+ {
+ return new byte[0];
+ }
+
+ @Override
+ public void refreshAllNotification()
+ {
+ }
+}
diff --git a/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authorization/db/cache/NoopBasicAuthorizerCacheNotifier.java b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authorization/db/cache/NoopBasicAuthorizerCacheNotifier.java
new file mode 100644
index 0000000..1df596e
--- /dev/null
+++ b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authorization/db/cache/NoopBasicAuthorizerCacheNotifier.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.druid.security.basic.authorization.db.cache;
+
+/**
+ * Noop basic authorizer cache notifier.
+ * No notification is sent on user/role udpate.
+ * Might be used as a config option to override default authorizer cache notifier.
+ */
+public class NoopBasicAuthorizerCacheNotifier implements BasicAuthorizerCacheNotifier
+{
+ @Override
+ public void addUpdate(String authorizerPrefix, byte[] userAndRoleMap)
+ {
+ // Do nothing as this is a noop implementation
+ }
+}
diff --git a/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authorization/db/updater/NoopBasicAuthorizerMetadataStorageUpdater.java b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authorization/db/updater/NoopBasicAuthorizerMetadataStorageUpdater.java
new file mode 100644
index 0000000..5ef2de9
--- /dev/null
+++ b/extensions-core/druid-basic-security/src/main/java/org/apache/druid/security/basic/authorization/db/updater/NoopBasicAuthorizerMetadataStorageUpdater.java
@@ -0,0 +1,99 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.druid.security.basic.authorization.db.updater;
+
+import org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole;
+import org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUser;
+import org.apache.druid.server.security.ResourceAction;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Empty implementation of {@link BasicAuthorizerMetadataStorageUpdater}.
+ * Void methods do nothing, other return empty maps or empty arrays depending on the return type.
+ */
+public class NoopBasicAuthorizerMetadataStorageUpdater implements BasicAuthorizerMetadataStorageUpdater
+{
+ @Override
+ public void createUser(String prefix, String userName)
+ {
+ }
+
+ @Override
+ public void deleteUser(String prefix, String userName)
+ {
+ }
+
+ @Override
+ public void createRole(String prefix, String roleName)
+ {
+ }
+
+ @Override
+ public void deleteRole(String prefix, String roleName)
+ {
+ }
+
+ @Override
+ public void assignRole(String prefix, String userName, String roleName)
+ {
+ }
+
+ @Override
+ public void unassignRole(String prefix, String userName, String roleName)
+ {
+ }
+
+ @Override
+ public void setPermissions(String prefix, String roleName, List<ResourceAction> permissions)
+ {
+ }
+
+ @Override
+ public Map<String, BasicAuthorizerUser> getCachedUserMap(String prefix)
+ {
+ return Collections.emptyMap();
+ }
+
+ @Override
+ public Map<String, BasicAuthorizerRole> getCachedRoleMap(String prefix)
+ {
+ return Collections.emptyMap();
+ }
+
+ @Override
+ public byte[] getCurrentUserMapBytes(String prefix)
+ {
+ return new byte[0];
+ }
+
+ @Override
+ public byte[] getCurrentRoleMapBytes(String prefix)
+ {
+ return new byte[0];
+ }
+
+ @Override
+ public void refreshAllNotification()
+ {
+ }
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@druid.apache.org
For additional commands, e-mail: commits-help@druid.apache.org