You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sqoop.apache.org by ab...@apache.org on 2015/02/17 22:06:05 UTC
sqoop git commit: SQOOP-2101: Sqoop2: Add SqoopClient support to call
Restful API
Repository: sqoop
Updated Branches:
refs/heads/sqoop2 223bfcc0c -> 2b3ca36b1
SQOOP-2101: Sqoop2: Add SqoopClient support to call Restful API
(Richard Zhou via Abraham Elmahrek)
Project: http://git-wip-us.apache.org/repos/asf/sqoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/sqoop/commit/2b3ca36b
Tree: http://git-wip-us.apache.org/repos/asf/sqoop/tree/2b3ca36b
Diff: http://git-wip-us.apache.org/repos/asf/sqoop/diff/2b3ca36b
Branch: refs/heads/sqoop2
Commit: 2b3ca36b1702f7741fca8d38210e2039aecf25b0
Parents: 223bfcc
Author: Abraham Elmahrek <ab...@apache.org>
Authored: Tue Feb 17 13:02:04 2015 -0800
Committer: Abraham Elmahrek <ab...@apache.org>
Committed: Tue Feb 17 13:02:04 2015 -0800
----------------------------------------------------------------------
.../org/apache/sqoop/client/SqoopClient.java | 116 ++++++++++++++--
.../request/AuthorizationResourceRequest.java | 138 +++++++++++++++++++
.../client/request/SqoopResourceRequests.java | 63 +++++++--
3 files changed, 297 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sqoop/blob/2b3ca36b/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/sqoop/client/SqoopClient.java b/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
index 9e15c03..200f9b4 100644
--- a/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
+++ b/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
@@ -31,16 +31,8 @@ import org.apache.sqoop.classification.InterfaceStability;
import org.apache.sqoop.client.request.SqoopResourceRequests;
import org.apache.sqoop.common.Direction;
import org.apache.sqoop.common.SqoopException;
-import org.apache.sqoop.json.ConnectorBean;
-import org.apache.sqoop.json.DriverBean;
-import org.apache.sqoop.json.ValidationResultBean;
-import org.apache.sqoop.model.ConfigUtils;
-import org.apache.sqoop.model.MConnector;
-import org.apache.sqoop.model.MDriver;
-import org.apache.sqoop.model.MDriverConfig;
-import org.apache.sqoop.model.MJob;
-import org.apache.sqoop.model.MLink;
-import org.apache.sqoop.model.MSubmission;
+import org.apache.sqoop.json.*;
+import org.apache.sqoop.model.*;
import org.apache.sqoop.validation.ConfigValidationResult;
import org.apache.sqoop.validation.Status;
@@ -560,6 +552,110 @@ public class SqoopClient {
}
/**
+ * Retrieve list of all roles.
+ *
+ * @return
+ */
+ public List<MRole> getRoles() {
+ return resourceRequests.readRoles().getRoles();
+ }
+
+ /**
+ * Create a new role.
+ *
+ * @param role MRole
+ * @return
+ */
+ public void createRole(MRole role) {
+ resourceRequests.createRole(role);
+ }
+
+ /**
+ * Drop a role.
+ *
+ * @param role MRole
+ * @return
+ */
+ public void dropRole(MRole role) {
+ resourceRequests.dropRole(role);
+ }
+
+ /**
+ * Grant roles on principals.
+ *
+ * @param roles MRole List
+ * @param principals MPrincipal List
+ * @return
+ */
+ public void grantRole(List<MRole> roles, List<MPrincipal> principals) {
+ resourceRequests.grantRole(roles, principals);
+ }
+
+ /**
+ * Revoke roles on principals.
+ *
+ * @param roles MRole List
+ * @param principals MPrincipal List
+ * @return
+ */
+ public void revokeRole(List<MRole> roles, List<MPrincipal> principals) {
+ resourceRequests.revokeRole(roles, principals);
+ }
+
+ /**
+ * Get roles by principal.
+ *
+ * @param principal MPrincipal
+ * @return
+ */
+ public RolesBean getRolesByPrincipal(MPrincipal principal) {
+ return resourceRequests.readRolesByPrincipal(principal);
+ }
+
+ /**
+ * Get principals by role.
+ *
+ * @param role MRole
+ * @return
+ */
+ public PrincipalsBean getPrincipalsByRole(MRole role) {
+ return resourceRequests.readPrincipalsByRole(role);
+ }
+
+ /**
+ * Grant privileges on principals.
+ *
+ * @param principals MPrincipal List
+ * @param privileges MPrivilege List
+ * @return
+ */
+ public void grantPrivilege(List<MPrincipal> principals, List<MPrivilege> privileges) {
+ resourceRequests.grantPrivilege(principals, privileges);
+ }
+
+ /**
+ * Revoke privileges on principals.
+ *
+ * @param principals MPrincipal List
+ * @param privileges MPrivilege List
+ * @return
+ */
+ public void revokePrivilege(List<MPrincipal> principals, List<MPrivilege> privileges) {
+ resourceRequests.revokePrivilege(principals, privileges);
+ }
+
+ /**
+ * Get privileges by principal.
+ *
+ * @param principal MPrincipal
+ * @param resource MResource
+ * @return
+ */
+ public PrivilegesBean getPrivilegesByPrincipal(MPrincipal principal, MResource resource) {
+ return resourceRequests.readPrivilegesByPrincipal(principal, resource);
+ }
+
+ /**
* Add delegation token into credentials of Hadoop security.
*
* @param renewer renewer string
http://git-wip-us.apache.org/repos/asf/sqoop/blob/2b3ca36b/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java b/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java
new file mode 100644
index 0000000..cdd8e73
--- /dev/null
+++ b/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java
@@ -0,0 +1,138 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sqoop.client.request;
+
+import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
+import org.apache.sqoop.json.*;
+import org.apache.sqoop.model.MPrincipal;
+import org.apache.sqoop.model.MPrivilege;
+import org.apache.sqoop.model.MResource;
+import org.apache.sqoop.model.MRole;
+import org.json.simple.JSONObject;
+
+import java.util.List;
+
+/**
+ * Provide CRUD semantics over RESTfull HTTP API for authorization. All operations are
+ * normally supported.
+ */
+public class AuthorizationResourceRequest extends ResourceRequest {
+
+ public static final String RESOURCE = "v1/authorization";
+
+ public static final String ROLES = "/roles";
+ public static final String PRINCIPALS = "/principals";
+ public static final String PRIVILEGES = "/privileges";
+
+ private static final String CREATE = "/create";
+ private static final String GRANT = "/grant";
+ private static final String REVOKE = "/revoke";
+
+ public AuthorizationResourceRequest() {
+ super();
+ }
+
+ public AuthorizationResourceRequest(DelegationTokenAuthenticatedURL.Token token) {
+ super(token);
+ }
+
+ public RolesBean readRoles(String serverUrl) {
+ String response = super.get(serverUrl + RESOURCE + ROLES);
+ JSONObject jsonObject = JSONUtils.parse(response);
+ RolesBean bean = new RolesBean();
+ bean.restore(jsonObject);
+ return bean;
+ }
+
+ public void createRole(String serverUrl, MRole role) {
+ RoleBean roleBean = new RoleBean(role);
+ // Extract all config inputs including sensitive inputs
+ JSONObject roleJson = roleBean.extract(false);
+ super.put(serverUrl + RESOURCE + ROLES + CREATE, roleJson.toJSONString());
+ }
+
+ public void dropRole(String serverUrl, MRole role) {
+ super.delete(serverUrl + RESOURCE + ROLES + "/" + role.getName());
+ }
+
+ public void grantRevokeRole(String serverUrl, List<MRole> roles, List<MPrincipal> principals, boolean isGrant) {
+ RolesBean rolesBean = new RolesBean(roles);
+ PrincipalsBean principalsBean = new PrincipalsBean(principals);
+ // Extract all config inputs including sensitive inputs
+ JSONObject jsonObject = new JSONObject();
+ jsonObject.putAll(rolesBean.extract(false));
+ jsonObject.putAll(principalsBean.extract(false));
+ if (isGrant) {
+ super.put(serverUrl + RESOURCE + ROLES + GRANT, jsonObject.toJSONString());
+ } else {
+ super.put(serverUrl + RESOURCE + ROLES + REVOKE, jsonObject.toJSONString());
+ }
+ }
+
+ public RolesBean readRolesByPrincipal(String serverUrl, MPrincipal principal) {
+ String response = super.get(serverUrl + RESOURCE + ROLES
+ + "?principal_name=" + principal.getName()
+ + "&principal_type=" + principal.getType());
+ JSONObject jsonObject = JSONUtils.parse(response);
+ RolesBean bean = new RolesBean();
+ bean.restore(jsonObject);
+ return bean;
+ }
+
+ public PrincipalsBean readPrincipalsByRole(String serverUrl, MRole role) {
+ String response = super.get(serverUrl + RESOURCE + PRINCIPALS
+ + "?role_name=" + role.getName());
+ JSONObject jsonObject = JSONUtils.parse(response);
+ PrincipalsBean bean = new PrincipalsBean();
+ bean.restore(jsonObject);
+ return bean;
+ }
+
+ public void grantRevokePrivilege(String serverUrl, List<MPrincipal> principals, List<MPrivilege> privileges, boolean isGrant) {
+ PrincipalsBean principalsBean = new PrincipalsBean(principals);
+ // Extract all config inputs including sensitive inputs
+ JSONObject jsonObject = new JSONObject();
+ jsonObject.putAll(principalsBean.extract(false));
+
+ if (privileges != null && privileges.size() != 0) {
+ PrivilegesBean privilegesBean = new PrivilegesBean(privileges);
+ jsonObject.putAll(privilegesBean.extract(false));
+ }
+
+ if (isGrant) {
+ super.put(serverUrl + RESOURCE + PRIVILEGES + GRANT, jsonObject.toJSONString());
+ } else {
+ super.put(serverUrl + RESOURCE + PRIVILEGES + REVOKE, jsonObject.toJSONString());
+ }
+ }
+
+ public PrivilegesBean readPrivilegesByPrincipal(String serverUrl, MPrincipal principal, MResource resource) {
+ String url = serverUrl + RESOURCE + PRIVILEGES
+ + "?principal_name=" + principal.getName()
+ + "&principal_type=" + principal.getType();
+ if (resource != null) {
+ url += "&resource_name=" + resource.getName();
+ url += "&resource_type=" + resource.getType();
+ }
+ String response = super.get(url);
+ JSONObject jsonObject = JSONUtils.parse(response);
+ PrivilegesBean bean = new PrivilegesBean();
+ bean.restore(jsonObject);
+ return bean;
+ }
+}
http://git-wip-us.apache.org/repos/asf/sqoop/blob/2b3ca36b/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java b/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
index 1825cf3..882c336 100644
--- a/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
+++ b/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
@@ -20,17 +20,11 @@ package org.apache.sqoop.client.request;
import org.apache.hadoop.security.token.Token;
import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
import org.apache.hadoop.security.Credentials;
-import org.apache.sqoop.json.ConnectorBean;
-import org.apache.sqoop.json.DriverBean;
-import org.apache.sqoop.json.JobBean;
-import org.apache.sqoop.json.LinkBean;
-import org.apache.sqoop.json.SubmissionBean;
-import org.apache.sqoop.json.SubmissionsBean;
-import org.apache.sqoop.json.ValidationResultBean;
-import org.apache.sqoop.model.MJob;
-import org.apache.sqoop.model.MLink;
+import org.apache.sqoop.json.*;
+import org.apache.sqoop.model.*;
import java.io.IOException;
+import java.util.List;
/**
* Unified class for all request objects.
@@ -44,9 +38,10 @@ public class SqoopResourceRequests {
private LinkResourceRequest linkRequest;
private JobResourceRequest jobRequest;
private SubmissionResourceRequest submissionRequest;
+ private AuthorizationResourceRequest authorizationRequest;
private DelegationTokenAuthenticatedURL.Token authToken;
- public SqoopResourceRequests(){
+ public SqoopResourceRequests() {
authToken = new DelegationTokenAuthenticatedURL.Token();
}
@@ -94,6 +89,14 @@ public class SqoopResourceRequests {
return submissionRequest;
}
+ public AuthorizationResourceRequest getAuthorizationRequest() {
+ if (authorizationRequest == null) {
+ authorizationRequest = new AuthorizationResourceRequest(authToken);
+ }
+
+ return authorizationRequest;
+ }
+
public DriverBean readDriver() {
return getDriverResourceRequest().read(serverUrl);
}
@@ -162,6 +165,46 @@ public class SqoopResourceRequests {
return getSubmissionResourceRequest().read(serverUrl, jid);
}
+ public RolesBean readRoles() {
+ return getAuthorizationRequest().readRoles(serverUrl);
+ }
+
+ public void createRole(MRole role) {
+ getAuthorizationRequest().createRole(serverUrl, role);
+ }
+
+ public void dropRole(MRole role) {
+ getAuthorizationRequest().dropRole(serverUrl, role);
+ }
+
+ public void grantRole(List<MRole> roles, List<MPrincipal> principals) {
+ getAuthorizationRequest().grantRevokeRole(serverUrl, roles, principals, true);
+ }
+
+ public void revokeRole(List<MRole> roles, List<MPrincipal> principals) {
+ getAuthorizationRequest().grantRevokeRole(serverUrl, roles, principals, false);
+ }
+
+ public RolesBean readRolesByPrincipal(MPrincipal principal) {
+ return getAuthorizationRequest().readRolesByPrincipal(serverUrl, principal);
+ }
+
+ public PrincipalsBean readPrincipalsByRole(MRole role) {
+ return getAuthorizationRequest().readPrincipalsByRole(serverUrl, role);
+ }
+
+ public void grantPrivilege(List<MPrincipal> principals, List<MPrivilege> privileges) {
+ getAuthorizationRequest().grantRevokePrivilege(serverUrl, principals, privileges, true);
+ }
+
+ public PrivilegesBean readPrivilegesByPrincipal(MPrincipal principal, MResource resource) {
+ return getAuthorizationRequest().readPrivilegesByPrincipal(serverUrl, principal, resource);
+ }
+
+ public void revokePrivilege(List<MPrincipal> principals, List<MPrivilege> privileges) {
+ getAuthorizationRequest().grantRevokePrivilege(serverUrl, principals, privileges, false);
+ }
+
public Token<?>[] addDelegationTokens(String renewer,
Credentials credentials) throws IOException {
return getDriverResourceRequest().addDelegationTokens(serverUrl + DriverResourceRequest.RESOURCE, renewer, credentials);