You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ka...@apache.org on 2017/11/13 14:38:10 UTC
[6/9] sentry git commit: SENTRY-1475: Integrate Sentry with Solr 7
authorization framework. (Hrishikesh Gadre,
reviewed by Kalyan Kumar Kalvagadda)
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizable.java b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizable.java
new file mode 100644
index 0000000..56cb4c2
--- /dev/null
+++ b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizable.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.model.solr;
+
+import org.apache.sentry.core.common.Authorizable;
+
+import com.google.common.annotations.VisibleForTesting;
+
+public abstract class SolrModelAuthorizable implements Authorizable {
+
+ public enum AuthorizableType {
+ Collection,
+ Field,
+ Admin,
+ Config,
+ Schema
+ };
+
+ private final AuthorizableType type;
+ private final String name;
+
+ protected SolrModelAuthorizable(AuthorizableType type, String name) {
+ this.type = type;
+ this.name = name;
+ }
+
+ @Override
+ public String getTypeName() {
+ return type.name();
+ }
+
+ @Override
+ public String getName() {
+ return name;
+ }
+
+ @VisibleForTesting
+ public AuthorizableType getAuthzType() {
+ return type;
+ }
+
+ @Override
+ public String toString() {
+ return String.format("%s[name=%s]", getTypeName(), name);
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizables.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizables.java b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizables.java
new file mode 100644
index 0000000..7979b33
--- /dev/null
+++ b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrModelAuthorizables.java
@@ -0,0 +1,58 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.model.solr;
+
+import org.apache.sentry.core.common.utils.KeyValue;
+import org.apache.sentry.core.model.solr.SolrModelAuthorizable.AuthorizableType;
+
+public class SolrModelAuthorizables {
+
+ private SolrModelAuthorizables() {
+ // Make constructor private to avoid instantiation
+ }
+
+ public static SolrModelAuthorizable from(KeyValue keyValue) {
+ String prefix = keyValue.getKey().toLowerCase();
+ String name = keyValue.getValue().toLowerCase();
+ SolrModelAuthorizable result = null;
+ for(AuthorizableType type : AuthorizableType.values()) {
+ if(prefix.equalsIgnoreCase(type.name())) {
+ switch (type) {
+ case Collection:
+ result = new Collection(name);
+ break;
+ case Admin:
+ result = new AdminOperation(name);
+ break;
+ case Config:
+ result = new Config(name);
+ break;
+ case Schema:
+ result = new Schema(name);
+ break;
+ default:
+ break;
+ }
+ }
+ }
+ return result;
+ }
+
+ public static SolrModelAuthorizable from(String s) {
+ return from(new KeyValue(s));
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrPrivilegeModel.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrPrivilegeModel.java b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrPrivilegeModel.java
new file mode 100644
index 0000000..60d8e0f
--- /dev/null
+++ b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/SolrPrivilegeModel.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.model.solr;
+
+import com.google.common.collect.ImmutableList;
+import org.apache.sentry.core.common.BitFieldActionFactory;
+import org.apache.sentry.core.common.ImplyMethodType;
+import org.apache.sentry.core.common.Model;
+import org.apache.sentry.core.common.validator.PrivilegeValidator;
+import org.apache.sentry.core.model.solr.validator.SolrPrivilegeValidator;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * This class provides the concrete implementation of Sentry authorization model
+ * for Apache Solr.
+ */
+public class SolrPrivilegeModel implements Model {
+
+ private Map<String, ImplyMethodType> implyMethodMap;
+ private BitFieldActionFactory bitFieldActionFactory;
+ private static SolrPrivilegeModel solrPrivilegeModel = new SolrPrivilegeModel();
+
+ private SolrPrivilegeModel() {
+ implyMethodMap = new HashMap<String, ImplyMethodType>();
+ bitFieldActionFactory = new SolrActionFactory();
+
+ implyMethodMap.put(SolrModelAuthorizable.AuthorizableType.Collection.name().toLowerCase(), ImplyMethodType.STRING);
+ implyMethodMap.put(SolrModelAuthorizable.AuthorizableType.Config.name().toLowerCase(), ImplyMethodType.STRING);
+ implyMethodMap.put(SolrModelAuthorizable.AuthorizableType.Schema.name().toLowerCase(), ImplyMethodType.STRING);
+ implyMethodMap.put(SolrModelAuthorizable.AuthorizableType.Admin.name().toLowerCase(), ImplyMethodType.STRING);
+ }
+
+ @Override
+ public Map<String, ImplyMethodType> getImplyMethodMap() {
+ return implyMethodMap;
+ }
+
+ @Override
+ public BitFieldActionFactory getBitFieldActionFactory() {
+ return bitFieldActionFactory;
+ }
+
+ public static SolrPrivilegeModel getInstance() {
+ return solrPrivilegeModel;
+ }
+
+ public ImmutableList<PrivilegeValidator> getPrivilegeValidators() {
+ return ImmutableList.<PrivilegeValidator>of(new SolrPrivilegeValidator());
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/validator/SolrPrivilegeValidator.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/validator/SolrPrivilegeValidator.java b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/validator/SolrPrivilegeValidator.java
new file mode 100644
index 0000000..4d28db9
--- /dev/null
+++ b/sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/validator/SolrPrivilegeValidator.java
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for additional information regarding
+ * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License. You may obtain a
+ * copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the License
+ * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.sentry.core.model.solr.validator;
+
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.sentry.core.common.utils.SentryConstants;
+import org.apache.sentry.core.common.validator.PrivilegeValidator;
+import org.apache.sentry.core.common.validator.PrivilegeValidatorContext;
+import org.apache.sentry.core.model.solr.AdminOperation;
+import org.apache.sentry.core.model.solr.SolrConstants;
+import org.apache.shiro.config.ConfigurationException;
+
+/**
+ * This class provides the privilege validation functionality for
+ * Sentry/Solr permissions.
+ */
+public class SolrPrivilegeValidator implements PrivilegeValidator {
+ private static final Pattern PRIVILEGE_AUTHORIZABLE_REGEX =
+ Pattern.compile("^(collection|admin|schema|config)\\s*=\\s*(\\S+)$", Pattern.CASE_INSENSITIVE);;
+ private static final Pattern PRIVILEGE_ACTION_REGEX =
+ Pattern.compile("^action\\s*=\\s*(query|update|\\*)$", Pattern.CASE_INSENSITIVE);
+
+ private String entityType;
+ private String entityName;
+ private String actionName;
+
+ @Override
+ public void validate(PrivilegeValidatorContext context) throws ConfigurationException {
+ try {
+ validate(context.getPrivilege(), false);
+ } catch (IllegalArgumentException ex) {
+ throw new ConfigurationException(ex.getMessage());
+ }
+ }
+
+ public void validate (String privilegeStr, boolean actionRequired) {
+ String[] components = privilegeStr.split(SentryConstants.AUTHORIZABLE_SEPARATOR);
+ Matcher authMatcher = PRIVILEGE_AUTHORIZABLE_REGEX.matcher(components[0].trim());
+
+ if (!authMatcher.matches()) {
+ throw new IllegalArgumentException("Invalid privilege String: " + privilegeStr);
+ }
+
+ entityType = authMatcher.group(1).toLowerCase();
+ entityName = authMatcher.group(2).toLowerCase();
+ actionName = null;
+
+ if (components.length > 1) {
+ Matcher actionMactcher = PRIVILEGE_ACTION_REGEX.matcher(components[1].trim());
+ if (actionMactcher.matches()) {
+ actionName = actionMactcher.group(1).toLowerCase();
+ } else {
+ throw new IllegalArgumentException("Invalid privilege String: " + privilegeStr);
+ }
+ }
+
+ if (actionRequired && actionName == null) {
+ throw new IllegalArgumentException("Privilege is invalid: action required but not specified.");
+ }
+
+ extraPrivilegeValidation (entityType, entityName, actionName);
+ }
+
+ private void extraPrivilegeValidation(String entityType, String entityName, String actionName) {
+ if ("admin".equals(entityType)) {
+ if (!AdminOperation.ENTITY_NAMES.contains(entityName)) {
+ throw new IllegalArgumentException(
+ "Invalid entity name specified for the admin entity type. Valid names are " + AdminOperation.ENTITY_NAMES);
+ } else if (AdminOperation.METRICS.getName().equals(entityName) && !SolrConstants.QUERY.equals(actionName)) {
+ throw new IllegalArgumentException(
+ "Invalid action specified for the metrics entity of type admin. Valid actions are [" + SolrConstants.QUERY + "]" );
+ }
+ }
+ }
+
+ public String getEntityType() {
+ return entityType;
+ }
+
+ public String getEntityName() {
+ return entityName;
+ }
+
+ public String getActionName() {
+ return actionName;
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestCollection.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestCollection.java b/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestCollection.java
new file mode 100644
index 0000000..df21958
--- /dev/null
+++ b/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestCollection.java
@@ -0,0 +1,49 @@
+package org.apache.sentry.core.solr;
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.sentry.core.model.solr.Collection;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class TestCollection {
+
+ @Test
+ public void testSimple() {
+ String name = "simple";
+ Collection simple = new Collection(name);
+ Assert.assertEquals(simple.getName(), name);
+ }
+
+ @Test
+ public void testCollectionAuthzType() {
+ Collection collection1 = new Collection("collection1");
+ Collection collection2 = new Collection("collection2");
+ Assert.assertEquals(collection1.getAuthzType(), collection2.getAuthzType());
+ Assert.assertEquals(collection1.getTypeName(), collection2.getTypeName());
+ }
+
+ // just test it doesn't throw NPE
+ @Test
+ public void testNullCollection() {
+ Collection nullCollection = new Collection(null);
+ nullCollection.getName();
+ nullCollection.toString();
+ nullCollection.getAuthzType();
+ nullCollection.getTypeName();
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestSolrBitFieldAction.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestSolrBitFieldAction.java b/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestSolrBitFieldAction.java
new file mode 100644
index 0000000..214ee0d
--- /dev/null
+++ b/sentry-core/sentry-core-model-solr/src/test/java/org/apache/sentry/core/solr/TestSolrBitFieldAction.java
@@ -0,0 +1,73 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.core.solr;
+
+import org.apache.sentry.core.model.solr.SolrActionFactory;
+import org.apache.sentry.core.model.solr.SolrConstants;
+import org.apache.sentry.core.model.solr.SolrActionFactory.SolrAction;
+import org.apache.sentry.core.model.solr.SolrActionFactory.SolrBitFieldAction;
+import org.junit.Test;
+
+import com.google.common.collect.Lists;
+
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertEquals;
+
+public class TestSolrBitFieldAction {
+ SolrActionFactory actionFactory = new SolrActionFactory();
+
+ @Test
+ public void testImpliesAction() {
+ SolrBitFieldAction updateAction = new SolrBitFieldAction(SolrAction.UPDATE);
+ SolrBitFieldAction queryAction = new SolrBitFieldAction(SolrAction.QUERY);
+ SolrBitFieldAction allAction = new SolrBitFieldAction(SolrAction.ALL);
+
+ assertTrue(allAction.implies(queryAction));
+ assertTrue(allAction.implies(updateAction));
+ assertTrue(allAction.implies(allAction));
+ assertTrue(updateAction.implies(updateAction));
+ assertTrue(queryAction.implies(queryAction));
+
+ assertFalse(queryAction.implies(updateAction));
+ assertFalse(queryAction.implies(allAction));
+ assertFalse(updateAction.implies(queryAction));
+ assertFalse(updateAction.implies(allAction));
+ }
+
+ @Test
+ public void testGetActionByName() throws Exception {
+ SolrBitFieldAction updateAction = (SolrBitFieldAction)actionFactory.getActionByName(SolrConstants.UPDATE);
+ SolrBitFieldAction queryAction = (SolrBitFieldAction)actionFactory.getActionByName(SolrConstants.QUERY);
+ SolrBitFieldAction allAction = (SolrBitFieldAction)actionFactory.getActionByName(SolrConstants.ALL);
+
+ assertTrue(updateAction.equals(new SolrBitFieldAction(SolrAction.UPDATE)));
+ assertTrue(queryAction.equals(new SolrBitFieldAction(SolrAction.QUERY)));
+ assertTrue(allAction.equals(new SolrBitFieldAction(SolrAction.ALL)));
+ }
+
+ @Test
+ public void testGetActionsByCode() throws Exception {
+ SolrBitFieldAction updateAction = new SolrBitFieldAction(SolrAction.UPDATE);
+ SolrBitFieldAction queryAction = new SolrBitFieldAction(SolrAction.QUERY);
+
+ assertEquals(Lists.newArrayList(updateAction, queryAction), actionFactory.getActionsByCode(SolrAction.ALL.getCode()));
+ assertEquals(Lists.newArrayList(updateAction), actionFactory.getActionsByCode(SolrAction.UPDATE.getCode()));
+ assertEquals(Lists.newArrayList(queryAction), actionFactory.getActionsByCode(SolrAction.QUERY.getCode()));
+ }
+}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-dist/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-dist/pom.xml b/sentry-dist/pom.xml
index 2d7f57e..69f4fcc 100644
--- a/sentry-dist/pom.xml
+++ b/sentry-dist/pom.xml
@@ -40,7 +40,7 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-search</artifactId>
+ <artifactId>sentry-core-model-solr</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
@@ -64,14 +64,6 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>solr-sentry-core</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>solr-sentry-handlers</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-common</artifactId>
</dependency>
<dependency>
@@ -96,6 +88,10 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
+ <artifactId>solr-sentry-handlers</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
<artifactId>sentry-hdfs-dist</artifactId>
</dependency>
</dependencies>
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml
index cd19032..00c59b6 100644
--- a/sentry-provider/sentry-provider-db/pom.xml
+++ b/sentry-provider/sentry-provider-db/pom.xml
@@ -108,7 +108,7 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-search</artifactId>
+ <artifactId>sentry-core-model-solr</artifactId>
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
@@ -238,6 +238,19 @@ limitations under the License.
<groupId>org.apache.hive</groupId>
<artifactId>hive-metastore</artifactId>
<version>${hive.version}</version>
+ <exclusions>
+ <!-- This dependency needs to be excluded to avoid compilation errors in the Eclipse build.
+ Without this change, the Eclipse build classpath contains this jar file ahead of
+ datanucleus javax.jdo*.jar. This error can not be reproduced with the maven build.
+ Cause of compilation error : PersistenceManager class provided as part of this version,
+ does not implement java.lang.AutoClosable interface. This breaks the usage of
+ PersistenceManager inside try-with-resources clause in Sentry TransactionManager class.
+ -->
+ <exclusion>
+ <groupId>javax.jdo</groupId>
+ <artifactId>jdo-api</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
</dependencies>
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
index d8b4887..c13e000 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
@@ -35,7 +35,7 @@ import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.BitFieldAction;
import org.apache.sentry.core.common.BitFieldActionFactory;
import org.apache.sentry.core.model.kafka.KafkaActionFactory;
-import org.apache.sentry.core.model.search.SearchActionFactory;
+import org.apache.sentry.core.model.solr.SolrActionFactory;
import org.apache.sentry.core.model.sqoop.SqoopActionFactory;
import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
@@ -67,7 +67,7 @@ public class PrivilegeOperatePersistence {
private static final Logger LOGGER = LoggerFactory.getLogger(PrivilegeOperatePersistence.class);
private static final Map<String, BitFieldActionFactory> actionFactories = Maps.newHashMap();
static{
- actionFactories.put("solr", new SearchActionFactory());
+ actionFactories.put("solr", new SolrActionFactory());
actionFactories.put("sqoop", new SqoopActionFactory());
actionFactories.put("kafka", KafkaActionFactory.getInstance());
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
index 51d6df9..c65b66d 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
@@ -38,8 +38,8 @@ import org.apache.sentry.core.common.validator.PrivilegeValidatorContext;
import org.apache.sentry.core.model.kafka.KafkaAuthorizable;
import org.apache.sentry.core.model.kafka.KafkaModelAuthorizables;
import org.apache.sentry.core.model.kafka.KafkaPrivilegeModel;
-import org.apache.sentry.core.model.search.SearchModelAuthorizables;
-import org.apache.sentry.core.model.search.SearchPrivilegeModel;
+import org.apache.sentry.core.model.solr.SolrModelAuthorizables;
+import org.apache.sentry.core.model.solr.SolrPrivilegeModel;
import org.apache.sentry.core.model.sqoop.SqoopModelAuthorizables;
import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
import org.apache.sentry.provider.common.AuthorizationComponent;
@@ -162,7 +162,7 @@ public class GenericPrivilegeConverter implements TSentryPrivilegeConverter {
if (AuthorizationComponent.KAFKA.equals(component)) {
return KafkaPrivilegeModel.getInstance().getPrivilegeValidators();
} else if ("SOLR".equals(component)) {
- return SearchPrivilegeModel.getInstance().getPrivilegeValidators();
+ return SolrPrivilegeModel.getInstance().getPrivilegeValidators();
} else if (AuthorizationComponent.SQOOP.equals(component)) {
return SqoopPrivilegeModel.getInstance().getPrivilegeValidators(service);
}
@@ -174,7 +174,7 @@ public class GenericPrivilegeConverter implements TSentryPrivilegeConverter {
if (AuthorizationComponent.KAFKA.equals(component)) {
return KafkaModelAuthorizables.from(keyValue);
} else if ("SOLR".equals(component)) {
- return SearchModelAuthorizables.from(keyValue);
+ return SolrModelAuthorizables.from(keyValue);
} else if (AuthorizationComponent.SQOOP.equals(component)) {
return SqoopModelAuthorizables.from(keyValue);
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java
index 77d3919..5649f43 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/SentryConfigToolSolr.java
@@ -29,7 +29,7 @@ import org.apache.sentry.core.common.Action;
import org.apache.sentry.core.common.exception.SentryConfigurationException;
import org.apache.sentry.core.common.utils.KeyValue;
import org.apache.sentry.core.common.utils.SentryConstants;
-import org.apache.sentry.core.model.search.SearchPrivilegeModel;
+import org.apache.sentry.core.model.solr.SolrPrivilegeModel;
import org.apache.sentry.provider.common.ProviderBackend;
import org.apache.sentry.provider.common.ProviderBackendContext;
import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient;
@@ -92,7 +92,7 @@ public class SentryConfigToolSolr extends SentryConfigToolCommon {
SimpleFileProviderBackend policyFileBackend =
new SimpleFileProviderBackend(conf, policyFile);
ProviderBackendContext context = new ProviderBackendContext();
- context.setValidators(SearchPrivilegeModel.getInstance().getPrivilegeValidators());
+ context.setValidators(SolrPrivilegeModel.getInstance().getPrivilegeValidators());
policyFileBackend.initialize(context);
if (validate) {
validatePolicy(policyFileBackend);
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java
index 34c2107..95fc2fb 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestPrivilegeOperatePersistence.java
@@ -29,9 +29,9 @@ import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.BitFieldAction;
import org.apache.sentry.core.common.BitFieldActionFactory;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
+import org.apache.sentry.core.model.solr.Collection;
+import org.apache.sentry.core.model.solr.Field;
+import org.apache.sentry.core.model.solr.SolrConstants;
import org.apache.sentry.core.model.sqoop.SqoopActionConstant;
import org.apache.sentry.core.common.exception.SentryGrantDeniedException;
import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
@@ -89,7 +89,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilegeWithOption = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.withGrantOption(true)
@@ -103,7 +103,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilegeWithNoOption = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.withGrantOption(false)
@@ -117,7 +117,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilegeWithNullGrant = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.withGrantOption(null)
@@ -145,7 +145,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
String grantor = ADMIN_USER;
PrivilegeObject allPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
@@ -162,7 +162,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName)));
PrivilegeObject queryPrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.build();
/**
@@ -191,13 +191,13 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
sentryStore.createRole(SEARCH, roleName1, grantor);
@@ -216,7 +216,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
sentryStore.getPrivilegesByRole(SEARCH, Sets.newHashSet(roleName2)));
PrivilegeObject allPrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.build();
/**
@@ -255,7 +255,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
*/
PrivilegeObject queryPrivilege1 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.withGrantOption(true)
@@ -270,7 +270,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
*/
PrivilegeObject queryPrivilege2 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.withGrantOption(false).build();
@@ -347,7 +347,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
*/
PrivilegeObject queryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.withGrantOption(true)
@@ -383,13 +383,13 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
String grantor = ADMIN_USER;
PrivilegeObject queryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
sentryStore.createRole(SEARCH, roleName, grantor);
@@ -419,13 +419,13 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
String grantor = ADMIN_USER;
PrivilegeObject queryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME),new Field(FIELD_NAME)))
.build();
PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
sentryStore.createRole(SEARCH, roleName, grantor);
@@ -439,7 +439,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
* revoke all privilege
*/
PrivilegeObject allPrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.build();
sentryStore.alterRoleRevokePrivilege(SEARCH, roleName, allPrivilege, grantor);
@@ -461,7 +461,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
String grantor = ADMIN_USER;
PrivilegeObject allPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
@@ -476,11 +476,11 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
* revoke update privilege
*/
PrivilegeObject updatePrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
PrivilegeObject queryPrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.build();
sentryStore.alterRoleRevokePrivilege(SEARCH, roleName, updatePrivilege, grantor);
@@ -503,17 +503,17 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
String grantor = ADMIN_USER;
PrivilegeObject allPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
PrivilegeObject updatePrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
PrivilegeObject queryPrivilege = new Builder(allPrivilege)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.build();
sentryStore.createRole(SEARCH, roleName, grantor);
@@ -550,21 +550,21 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
String grantor = ADMIN_USER;
PrivilegeObject updatePrivilege1 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
PrivilegeObject queryPrivilege1 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME),new Field(FIELD_NAME)))
.build();
PrivilegeObject queryPrivilege2 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(NOT_COLLECTION_NAME)))
.build();
@@ -580,7 +580,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
*/
PrivilegeObject allPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
@@ -605,7 +605,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
*/
PrivilegeObject queryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.withGrantOption(true)
@@ -645,13 +645,13 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
/**
@@ -685,7 +685,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
* drop ALL privilege
*/
PrivilegeObject allPrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.build();
sentryStore.dropPrivilege(SEARCH, allPrivilege, grantor);
@@ -706,7 +706,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject parentPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
@@ -727,33 +727,33 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject oldQueryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(oldAuthoriables)
.build();
PrivilegeObject oldUpdatePrivilege = new Builder(oldQueryPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
PrivilegeObject oldALLPrivilege = new Builder(oldQueryPrivilege)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.build();
PrivilegeObject newQueryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(newAuthoriables)
.build();
PrivilegeObject newUpdatePrivilege = new Builder(newQueryPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
PrivilegeObject newALLPrivilege = new Builder(newQueryPrivilege)
- .setAction(SearchConstants.ALL)
+ .setAction(SolrConstants.ALL)
.build();
@@ -826,7 +826,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
@@ -837,7 +837,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject updatePrivilege = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
@@ -863,28 +863,28 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilege1 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
PrivilegeObject updatePrivilege1 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
PrivilegeObject queryPrivilege2 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
PrivilegeObject updatePrivilege2 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
@@ -928,28 +928,28 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilege1 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
PrivilegeObject updatePrivilege1 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
PrivilegeObject queryPrivilege2 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME)))
.build();
PrivilegeObject updatePrivilege2 = new Builder()
.setComponent(SEARCH)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.setService(service1)
.setAuthorizables(Arrays.asList(new Collection(COLLECTION_NAME), new Field(FIELD_NAME)))
.build();
@@ -1018,7 +1018,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
String grantor = ADMIN_USER;
PrivilegeObject queryPrivilege = new Builder()
.setComponent(component)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Collections.singletonList(new Collection(COLLECTION_NAME)))
.withGrantOption(null)
@@ -1032,7 +1032,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilegeWithOption = new Builder()
.setComponent(component)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Collections.singletonList(new Collection(COLLECTION_NAME)))
.withGrantOption(true)
@@ -1045,7 +1045,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
PrivilegeObject queryPrivilegeWithNoOption = new Builder()
.setComponent(component)
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService(SERVICE)
.setAuthorizables(Collections.singletonList(new Collection(COLLECTION_NAME)))
.withGrantOption(false)
@@ -1066,7 +1066,7 @@ public class TestPrivilegeOperatePersistence extends SentryStoreIntegrationBase
public enum MyComponentActionType {
FOO("foo", 1),
BAR("bar", 2),
- QUERY(SearchConstants.QUERY, 4),
+ QUERY(SolrConstants.QUERY, 4),
ALL("*", FOO.getCode() | BAR.getCode() | QUERY.getCode());
private String name;
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java
index 258721e..03abb4e 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryGMPrivilege.java
@@ -24,9 +24,9 @@ import static org.junit.Assert.fail;
import java.util.Arrays;
import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
+import org.apache.sentry.core.model.solr.Collection;
+import org.apache.sentry.core.model.solr.Field;
+import org.apache.sentry.core.model.solr.SolrConstants;
import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
import org.junit.Test;
@@ -36,21 +36,21 @@ public class TestSentryGMPrivilege {
public void testValidateAuthorizables() throws Exception {
try {
new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection("c1"), new Field("f1")),SearchConstants.QUERY, false);
+ "service1", Arrays.asList(new Collection("c1"), new Field("f1")),SolrConstants.QUERY, false);
} catch (IllegalStateException e) {
fail("unexpect happend: it is a validated privilege");
}
try {
new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(new Collection(""), new Field("f1")),SearchConstants.QUERY, false);
+ "service1", Arrays.asList(new Collection(""), new Field("f1")),SolrConstants.QUERY, false);
fail("unexpect happend: it is not a validated privilege, The empty name of authorizable can't be empty");
} catch (IllegalStateException e) {
}
try {
new MSentryGMPrivilege("solr",
- "service1", Arrays.asList(null, new Field("f1")),SearchConstants.QUERY, false);
+ "service1", Arrays.asList(null, new Field("f1")),SolrConstants.QUERY, false);
fail("unexpect happend: it is not a validated privilege, The authorizable can't be null");
} catch (IllegalStateException e) {
}
@@ -60,24 +60,24 @@ public class TestSentryGMPrivilege {
public void testImpliesWithServerScope() throws Exception {
//The persistent privilege is server scope
MSentryGMPrivilege serverPrivilege = new MSentryGMPrivilege("solr",
- "service1", null,SearchConstants.QUERY, false);
+ "service1", null,SolrConstants.QUERY, false);
MSentryGMPrivilege collectionPrivilege = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertTrue(serverPrivilege.implies(collectionPrivilege));
MSentryGMPrivilege fieldPrivilege = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertTrue(serverPrivilege.implies(fieldPrivilege));
assertTrue(collectionPrivilege.implies(fieldPrivilege));
- serverPrivilege.setAction(SearchConstants.UPDATE);
+ serverPrivilege.setAction(SolrConstants.UPDATE);
assertFalse(serverPrivilege.implies(collectionPrivilege));
assertFalse(serverPrivilege.implies(fieldPrivilege));
- serverPrivilege.setAction(SearchConstants.ALL);
+ serverPrivilege.setAction(SolrConstants.ALL);
assertTrue(serverPrivilege.implies(collectionPrivilege));
assertTrue(serverPrivilege.implies(fieldPrivilege));
}
@@ -91,15 +91,15 @@ public class TestSentryGMPrivilege {
* Test the scope of persistent privilege is the larger than the requested privilege
*/
MSentryGMPrivilege serverPrivilege = new MSentryGMPrivilege("solr",
- "service1", null, SearchConstants.QUERY, false);
+ "service1", null, SolrConstants.QUERY, false);
MSentryGMPrivilege collectionPrivilege = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
MSentryGMPrivilege fieldPrivilege = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertTrue(serverPrivilege.implies(collectionPrivilege));
assertTrue(serverPrivilege.implies(fieldPrivilege));
assertTrue(collectionPrivilege.implies(fieldPrivilege));
@@ -116,7 +116,7 @@ public class TestSentryGMPrivilege {
*/
MSentryGMPrivilege fieldAllPrivilege = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field(AccessConstants.ALL)),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertTrue(fieldAllPrivilege.implies(collectionPrivilege));
@@ -125,11 +125,11 @@ public class TestSentryGMPrivilege {
*/
MSentryGMPrivilege fieldPrivilege1 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
MSentryGMPrivilege fieldPrivilege2 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c2"), new Field("f2")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertFalse(fieldPrivilege1.implies(fieldPrivilege2));
}
@@ -141,30 +141,30 @@ public class TestSentryGMPrivilege {
public void testSearchImpliesEqualAuthorizable() throws Exception {
MSentryGMPrivilege serverPrivilege1 = new MSentryGMPrivilege("solr",
- "service1", null,SearchConstants.QUERY, false);
+ "service1", null,SolrConstants.QUERY, false);
MSentryGMPrivilege serverPrivilege2 = new MSentryGMPrivilege("solr",
- "service2", null,SearchConstants.QUERY, false);
+ "service2", null,SolrConstants.QUERY, false);
assertFalse(serverPrivilege1.implies(serverPrivilege2));
MSentryGMPrivilege collectionPrivilege1 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
MSentryGMPrivilege collectionPrivilege2 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c2")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertFalse(collectionPrivilege1.implies(collectionPrivilege2));
MSentryGMPrivilege fieldPrivilege1 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
MSentryGMPrivilege fieldPrivilege2 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field("f2")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertFalse(fieldPrivilege1.implies(fieldPrivilege2));
@@ -185,23 +185,23 @@ public class TestSentryGMPrivilege {
*/
MSentryGMPrivilege fieldPrivilege1 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field("f2")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
MSentryGMPrivilege fieldPrivilege2 = new MSentryGMPrivilege("solr",
"service1", Arrays.asList(new Collection("c1"), new Field("f2")),
- SearchConstants.QUERY, false);
+ SolrConstants.QUERY, false);
assertTrue(fieldPrivilege1.implies(fieldPrivilege2));
/**
* action isn't equal
*/
- fieldPrivilege2.setAction(SearchConstants.UPDATE);
+ fieldPrivilege2.setAction(SolrConstants.UPDATE);
assertFalse(fieldPrivilege1.implies(fieldPrivilege2));
/**
* action isn't equal,but the persistent privilege has the ALL action
*/
- fieldPrivilege1.setAction(SearchConstants.ALL);
+ fieldPrivilege1.setAction(SolrConstants.ALL);
assertTrue(fieldPrivilege1.implies(fieldPrivilege2));
}
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java
index 9be4a8b..61a74c3 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/persistent/TestSentryRole.java
@@ -33,7 +33,7 @@ import javax.jdo.Query;
import javax.jdo.Transaction;
import org.apache.commons.io.FileUtils;
-import org.apache.sentry.core.model.search.Collection;
+import org.apache.sentry.core.model.solr.Collection;
import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryRole;
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
index b7f0774..6597a7c 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericPolicyProcessor.java
@@ -27,14 +27,14 @@ import java.util.*;
import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.exception.SentrySiteConfigurationException;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
-import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.core.model.solr.Collection;
+import org.apache.sentry.core.model.solr.Field;
+import org.apache.sentry.core.model.solr.SolrConstants;
import org.apache.sentry.core.common.exception.SentryAlreadyExistsException;
import org.apache.sentry.core.common.exception.SentryGrantDeniedException;
import org.apache.sentry.core.common.exception.SentryInvalidInputException;
import org.apache.sentry.core.common.exception.SentryNoSuchObjectException;
+import org.apache.sentry.provider.common.GroupMappingService;
import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject;
import org.apache.sentry.provider.db.generic.service.persistent.SentryStoreLayer;
import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
@@ -222,17 +222,17 @@ public class TestSentryGenericPolicyProcessor extends org.junit.Assert {
String groupName = "g1";
PrivilegeObject queryPrivilege = new Builder()
.setComponent("SOLR")
- .setAction(SearchConstants.QUERY)
+ .setAction(SolrConstants.QUERY)
.setService("service1")
.setAuthorizables(Arrays.asList(new Collection("c1"), new Field("f1")))
.build();
PrivilegeObject updatePrivilege = new Builder(queryPrivilege)
- .setAction(SearchConstants.UPDATE)
+ .setAction(SolrConstants.UPDATE)
.build();
MSentryGMPrivilege mSentryGMPrivilege = new MSentryGMPrivilege("SOLR", "service1",
Arrays.asList(new Collection("c1"), new Field("f1")),
- SearchConstants.QUERY, true);
+ SolrConstants.QUERY, true);
MSentryRole role = new MSentryRole("r1", 290);
mSentryGMPrivilege.setRoles(Sets.newHashSet(role));
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
index ac8b2a7..5364d10 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/service/thrift/TestSentryGenericServiceIntegration.java
@@ -29,9 +29,9 @@ import java.util.Set;
import org.apache.sentry.core.common.exception.SentryUserException;
import org.apache.sentry.core.common.ActiveRoleSet;
import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.model.search.Collection;
-import org.apache.sentry.core.model.search.Field;
-import org.apache.sentry.core.model.search.SearchConstants;
+import org.apache.sentry.core.model.solr.Collection;
+import org.apache.sentry.core.model.solr.Field;
+import org.apache.sentry.core.model.solr.SolrConstants;
import org.junit.Test;
import com.google.common.collect.Lists;
@@ -122,11 +122,11 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.UPDATE);
+ SolrConstants.UPDATE);
client.grantPrivilege(requestorUserName, roleName1, SOLR, queryPrivilege);
client.grantPrivilege(requestorUserName, roleName2, SOLR, updatePrivilege);
@@ -156,7 +156,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
client.grantPrivilege(requestorUserName, roleName1, SOLR, queryPrivilege);
Set<TSentryPrivilege> listPrivilegesByRoleName = client.listAllPrivilegesByRoleName(requestorUserName, roleName1, SOLR, "service1");
@@ -215,11 +215,11 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.UPDATE);
+ SolrConstants.UPDATE);
client.grantPrivilege(requestorUserName, roleName, SOLR, updatePrivilege);
client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege);
@@ -247,7 +247,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege);
assertEquals(1, client.listAllPrivilegesByRoleName(requestorUserName, roleName, SOLR, "service1").size());
@@ -281,17 +281,17 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege grantPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
grantPrivilege.setGrantOption(TSentryGrantOption.TRUE);
TSentryPrivilege noGrantPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
noGrantPrivilege.setGrantOption(TSentryGrantOption.FALSE);
TSentryPrivilege testPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
testPrivilege.setGrantOption(TSentryGrantOption.FALSE);
client.grantPrivilege(adminUser, grantRole, SOLR, grantPrivilege);
@@ -346,11 +346,11 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c2"), new Field("f2"))),
- SearchConstants.UPDATE);
+ SolrConstants.UPDATE);
client.grantPrivilege(adminUser, testRole, SOLR, queryPrivilege);
client.grantPrivilege(adminUser, testRole, SOLR, updatePrivilege);
@@ -405,11 +405,11 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
TSentryPrivilege updatePrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f2"))),
- SearchConstants.UPDATE);
+ SolrConstants.UPDATE);
client.grantPrivilege(adminUser, testRole, SOLR, queryPrivilege);
client.grantPrivilege(adminUser, testRole, SOLR, updatePrivilege);
@@ -464,7 +464,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege queryPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c1"), new Field("f1"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
client.grantPrivilege(requestorUserName, roleName, SOLR, queryPrivilege);
assertEquals(1, client.listPrivilegesByRoleName(requestorUserName, roleName,
@@ -484,7 +484,7 @@ public class TestSentryGenericServiceIntegration extends SentryGenericServiceInt
TSentryPrivilege dropPrivilege = new TSentryPrivilege(SOLR, "service1",
fromAuthorizable(Arrays.asList(new Collection("c2"), new Field("f2"))),
- SearchConstants.QUERY);
+ SolrConstants.QUERY);
client.dropPrivilege(requestorUserName, SOLR, dropPrivilege);
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java
index 3685073..9e6ff42 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryConfigToolSolr.java
@@ -147,7 +147,7 @@ public class TestSentryConfigToolSolr extends SentryGenericServiceIntegrationBas
}
for (String expectedPrivilege : expectedPrivileges) {
- assertTrue("Did not find expected privilege: " + expectedPrivilege,
+ assertTrue("Did not find expected privilege: " + expectedPrivilege + " in " + privilegeStrs,
privilegeStrs.contains(expectedPrivilege));
}
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java
index 55831a4..c3a6a9f 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/generic/tools/TestSentryShellSolr.java
@@ -432,7 +432,7 @@ public class TestSentryShellSolr extends SentryGenericServiceIntegrationBase {
getShellResultWithOSRedirect(sentryShell, args, false);
fail("Expected IllegalArgumentException");
} catch (IllegalArgumentException e) {
- assert("Privilege is invalid: action required but not specified.".equals(e.getMessage()));
+ assertEquals("Privilege is invalid: action required but not specified.", e.getMessage());
}
// test: -r is required when revoke privilege from role
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-solr/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-solr/pom.xml b/sentry-solr/pom.xml
index 133ea60..3b0b041 100644
--- a/sentry-solr/pom.xml
+++ b/sentry-solr/pom.xml
@@ -31,7 +31,6 @@ limitations under the License.
<modules>
<module>solr-sentry-handlers</module>
- <module>solr-sentry-core</module>
</modules>
</project>
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-solr/solr-sentry-core/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-core/pom.xml b/sentry-solr/solr-sentry-core/pom.xml
deleted file mode 100644
index e788262..0000000
--- a/sentry-solr/solr-sentry-core/pom.xml
+++ /dev/null
@@ -1,58 +0,0 @@
-<?xml version="1.0"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
--->
-<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-solr</artifactId>
- <version>2.0.0-SNAPSHOT</version>
- </parent>
-
- <artifactId>solr-sentry-core</artifactId>
- <name>Solr Sentry Core</name>
-
- <dependencies>
- <dependency>
- <groupId>log4j</groupId>
- <artifactId>log4j</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-common</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-core-model-search</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.sentry</groupId>
- <artifactId>sentry-binding-solr</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.solr</groupId>
- <artifactId>solr-solrj</artifactId>
- </dependency>
- <dependency>
- <groupId>org.apache.solr</groupId>
- <artifactId>solr-core</artifactId>
- </dependency>
- </dependencies>
-
-</project>
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/AuditLogger.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/AuditLogger.java b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/AuditLogger.java
deleted file mode 100644
index 7f3e391..0000000
--- a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/AuditLogger.java
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.solr.sentry;
-
-
-import org.apache.lucene.util.Version;
-import org.noggit.CharArr;
-import org.noggit.JSONWriter;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-/**
- * Writes audit events to the audit log. This helps answer questions such as:
- * Who did what action when from where, and what values were changed from what
- * to what as a result?
- */
-final class AuditLogger {
-
- public static final int ALLOWED = 1;
- public static final int UNAUTHORIZED = 0;
-
- private final Logger logger;
-
- private static final boolean IS_ENABLED =
- Boolean.valueOf(
- System.getProperty(AuditLogger.class.getName() + ".isEnabled", "true"));
-
- private static final String SOLR_VERSION = Version.LATEST.toString();
-
-
- public AuditLogger() {
- this.logger = LoggerFactory.getLogger(getClass());
- }
-
- public boolean isLogEnabled() {
- return IS_ENABLED && logger.isInfoEnabled();
- }
-
- public void log(
- String userName,
- String impersonator,
- String ipAddress,
- String operation,
- String operationParams,
- long eventTime,
- int allowed,
- String collectionName) {
-
- if (!isLogEnabled()) {
- return;
- }
- CharArr chars = new CharArr(512);
- JSONWriter writer = new JSONWriter(chars, -1);
- writer.startObject();
- writeField("solrVersion", SOLR_VERSION, writer);
- writer.writeValueSeparator();
- writeField("eventTime", eventTime, writer);
- writer.writeValueSeparator();
- writeField("allowed", allowed, writer);
- writer.writeValueSeparator();
- writeField("collectionName", collectionName, writer);
- writer.writeValueSeparator();
- writeField("operation", operation, writer);
- writer.writeValueSeparator();
- writeField("operationParams", operationParams, writer);
- writer.writeValueSeparator();
- writeField("ipAddress", ipAddress, writer);
- writer.writeValueSeparator();
- writeField("username", userName, writer);
- writer.writeValueSeparator();
- writeField("impersonator", impersonator, writer);
- writer.endObject();
- logger.info("{}", chars);
- }
-
- private void writeField(String key, Object value, JSONWriter writer) {
- writer.writeString(key);
- writer.writeNameSeparator();
- writer.write(value);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/e62fa28d/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java
deleted file mode 100644
index f749740..0000000
--- a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.solr.sentry;
-
-import java.io.File;
-import java.io.IOException;
-import java.io.InterruptedIOException;
-import java.io.Writer;
-
-import org.apache.log4j.FileAppender;
-import org.apache.log4j.Layout;
-import org.apache.log4j.helpers.CountingQuietWriter;
-import org.apache.log4j.helpers.LogLog;
-import org.apache.log4j.helpers.OptionConverter;
-import org.apache.log4j.spi.LoggingEvent;
-
-public class RollingFileWithoutDeleteAppender extends FileAppender {
- /**
- * The default maximum file size is 10MB.
- */
- protected long maxFileSize = 10 * 1024 * 1024;
-
- private long nextRollover = 0;
-
- /**
- * The default constructor simply calls its {@link FileAppender#FileAppender
- * parents constructor}.
- */
- public RollingFileWithoutDeleteAppender() {
- super();
- }
-
- /**
- * Instantiate a RollingFileAppender and open the file designated by
- * <code>filename</code>. The opened filename will become the ouput
- * destination for this appender.
- * <p>
- * If the <code>append</code> parameter is true, the file will be appended to.
- * Otherwise, the file desginated by <code>filename</code> will be truncated
- * before being opened.
- */
- public RollingFileWithoutDeleteAppender(Layout layout, String filename,
- boolean append) throws IOException {
- super(layout, getLogFileName(filename), append);
- }
-
- /**
- * Instantiate a FileAppender and open the file designated by
- * <code>filename</code>. The opened filename will become the output
- * destination for this appender.
- * <p>
- * The file will be appended to.
- */
- public RollingFileWithoutDeleteAppender(Layout layout, String filename)
- throws IOException {
- super(layout, getLogFileName(filename));
- }
-
- /**
- * Get the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- */
- public long getMaximumFileSize() {
- return maxFileSize;
- }
-
- /**
- * Implements the usual roll over behaviour.
- * <p>
- * <code>File</code> is renamed <code>File.yyyyMMddHHmmss</code> and closed. A
- * new <code>File</code> is created to receive further log output.
- */
- // synchronization not necessary since doAppend is alreasy synched
- public void rollOver() {
- if (qw != null) {
- long size = ((CountingQuietWriter) qw).getCount();
- LogLog.debug("rolling over count=" + size);
- // if operation fails, do not roll again until
- // maxFileSize more bytes are written
- nextRollover = size + maxFileSize;
- }
-
- this.closeFile(); // keep windows happy.
-
- String newFileName = getLogFileName(fileName);
- try {
- // This will also close the file. This is OK since multiple
- // close operations are safe.
- this.setFile(newFileName, false, bufferedIO, bufferSize);
- nextRollover = 0;
- } catch (IOException e) {
- if (e instanceof InterruptedIOException) {
- Thread.currentThread().interrupt();
- }
- LogLog.error("setFile(" + newFileName + ", false) call failed.", e);
- }
- }
-
- public synchronized void setFile(String fileName, boolean append,
- boolean bufferedIO, int bufferSize) throws IOException {
- super.setFile(fileName, append, this.bufferedIO, this.bufferSize);
- if (append) {
- File f = new File(fileName);
- ((CountingQuietWriter) qw).setCount(f.length());
- }
- }
-
- /**
- * Set the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- * <p>
- * This method is equivalent to {@link #setMaxFileSize} except that it is
- * required for differentiating the setter taking a <code>long</code> argument
- * from the setter taking a <code>String</code> argument by the JavaBeans
- * {@link java.beans.Introspector Introspector}.
- *
- * @see #setMaxFileSize(String)
- */
- public void setMaximumFileSize(long maxFileSize) {
- this.maxFileSize = maxFileSize;
- }
-
- /**
- * Set the maximum size that the output file is allowed to reach before being
- * rolled over to backup files.
- * <p>
- * In configuration files, the <b>MaxFileSize</b> option takes an long integer
- * in the range 0 - 2^63. You can specify the value with the suffixes "KB",
- * "MB" or "GB" so that the integer is interpreted being expressed
- * respectively in kilobytes, megabytes or gigabytes. For example, the value
- * "10KB" will be interpreted as 10240.
- */
- public void setMaxFileSize(String value) {
- maxFileSize = OptionConverter.toFileSize(value, maxFileSize + 1);
- }
-
- protected void setQWForFiles(Writer writer) {
- this.qw = new CountingQuietWriter(writer, errorHandler);
- }
-
- /**
- * This method differentiates RollingFileAppender from its super class.
- */
- protected void subAppend(LoggingEvent event) {
- super.subAppend(event);
-
- if (fileName != null && qw != null) {
- long size = ((CountingQuietWriter) qw).getCount();
- if (size >= maxFileSize && size >= nextRollover) {
- rollOver();
- }
- }
- }
-
- // Mangled file name. Append the current timestamp
- private static String getLogFileName(String oldFileName) {
- return oldFileName + "." + Long.toString(System.currentTimeMillis());
- }
-}