You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sh...@apache.org on 2014/02/10 22:10:33 UTC
[02/13] SENTRY-105: Remove db specific name from sentry service
package (Brock via Shreepadma)
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/api/sentry_storeConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/api/sentry_storeConstants.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/api/sentry_storeConstants.java
deleted file mode 100644
index 440d22b..0000000
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/api/sentry_storeConstants.java
+++ /dev/null
@@ -1,38 +0,0 @@
-/**
- * Autogenerated by Thrift Compiler (0.9.0)
- *
- * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
- * @generated
- */
-package org.apache.sentry.service.api;
-
-import org.apache.commons.lang.builder.HashCodeBuilder;
-import org.apache.thrift.scheme.IScheme;
-import org.apache.thrift.scheme.SchemeFactory;
-import org.apache.thrift.scheme.StandardScheme;
-
-import org.apache.thrift.scheme.TupleScheme;
-import org.apache.thrift.protocol.TTupleProtocol;
-import org.apache.thrift.protocol.TProtocolException;
-import org.apache.thrift.EncodingUtils;
-import org.apache.thrift.TException;
-import java.util.List;
-import java.util.ArrayList;
-import java.util.Map;
-import java.util.HashMap;
-import java.util.EnumMap;
-import java.util.Set;
-import java.util.HashSet;
-import java.util.EnumSet;
-import java.util.Collections;
-import java.util.BitSet;
-import java.nio.ByteBuffer;
-import java.util.Arrays;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class sentry_storeConstants {
-
- public static final int TSENTRY_SERVICE_V1 = 1;
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java
new file mode 100644
index 0000000..81abd90
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/TSentryResponseStatus.java
@@ -0,0 +1,594 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TSentryResponseStatus implements org.apache.thrift.TBase<TSentryResponseStatus, TSentryResponseStatus._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryResponseStatus");
+
+ private static final org.apache.thrift.protocol.TField VALUE_FIELD_DESC = new org.apache.thrift.protocol.TField("value", org.apache.thrift.protocol.TType.I32, (short)1);
+ private static final org.apache.thrift.protocol.TField MESSAGE_FIELD_DESC = new org.apache.thrift.protocol.TField("message", org.apache.thrift.protocol.TType.STRING, (short)2);
+ private static final org.apache.thrift.protocol.TField STACK_FIELD_DESC = new org.apache.thrift.protocol.TField("stack", org.apache.thrift.protocol.TType.STRING, (short)3);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new TSentryResponseStatusStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new TSentryResponseStatusTupleSchemeFactory());
+ }
+
+ private int value; // required
+ private String message; // required
+ private String stack; // optional
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ VALUE((short)1, "value"),
+ MESSAGE((short)2, "message"),
+ STACK((short)3, "stack");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // VALUE
+ return VALUE;
+ case 2: // MESSAGE
+ return MESSAGE;
+ case 3: // STACK
+ return STACK;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ private static final int __VALUE_ISSET_ID = 0;
+ private byte __isset_bitfield = 0;
+ private _Fields optionals[] = {_Fields.STACK};
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.VALUE, new org.apache.thrift.meta_data.FieldMetaData("value", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+ tmpMap.put(_Fields.MESSAGE, new org.apache.thrift.meta_data.FieldMetaData("message", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+ tmpMap.put(_Fields.STACK, new org.apache.thrift.meta_data.FieldMetaData("stack", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryResponseStatus.class, metaDataMap);
+ }
+
+ public TSentryResponseStatus() {
+ }
+
+ public TSentryResponseStatus(
+ int value,
+ String message)
+ {
+ this();
+ this.value = value;
+ setValueIsSet(true);
+ this.message = message;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public TSentryResponseStatus(TSentryResponseStatus other) {
+ __isset_bitfield = other.__isset_bitfield;
+ this.value = other.value;
+ if (other.isSetMessage()) {
+ this.message = other.message;
+ }
+ if (other.isSetStack()) {
+ this.stack = other.stack;
+ }
+ }
+
+ public TSentryResponseStatus deepCopy() {
+ return new TSentryResponseStatus(this);
+ }
+
+ @Override
+ public void clear() {
+ setValueIsSet(false);
+ this.value = 0;
+ this.message = null;
+ this.stack = null;
+ }
+
+ public int getValue() {
+ return this.value;
+ }
+
+ public void setValue(int value) {
+ this.value = value;
+ setValueIsSet(true);
+ }
+
+ public void unsetValue() {
+ __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __VALUE_ISSET_ID);
+ }
+
+ /** Returns true if field value is set (has been assigned a value) and false otherwise */
+ public boolean isSetValue() {
+ return EncodingUtils.testBit(__isset_bitfield, __VALUE_ISSET_ID);
+ }
+
+ public void setValueIsSet(boolean value) {
+ __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __VALUE_ISSET_ID, value);
+ }
+
+ public String getMessage() {
+ return this.message;
+ }
+
+ public void setMessage(String message) {
+ this.message = message;
+ }
+
+ public void unsetMessage() {
+ this.message = null;
+ }
+
+ /** Returns true if field message is set (has been assigned a value) and false otherwise */
+ public boolean isSetMessage() {
+ return this.message != null;
+ }
+
+ public void setMessageIsSet(boolean value) {
+ if (!value) {
+ this.message = null;
+ }
+ }
+
+ public String getStack() {
+ return this.stack;
+ }
+
+ public void setStack(String stack) {
+ this.stack = stack;
+ }
+
+ public void unsetStack() {
+ this.stack = null;
+ }
+
+ /** Returns true if field stack is set (has been assigned a value) and false otherwise */
+ public boolean isSetStack() {
+ return this.stack != null;
+ }
+
+ public void setStackIsSet(boolean value) {
+ if (!value) {
+ this.stack = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case VALUE:
+ if (value == null) {
+ unsetValue();
+ } else {
+ setValue((Integer)value);
+ }
+ break;
+
+ case MESSAGE:
+ if (value == null) {
+ unsetMessage();
+ } else {
+ setMessage((String)value);
+ }
+ break;
+
+ case STACK:
+ if (value == null) {
+ unsetStack();
+ } else {
+ setStack((String)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case VALUE:
+ return Integer.valueOf(getValue());
+
+ case MESSAGE:
+ return getMessage();
+
+ case STACK:
+ return getStack();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case VALUE:
+ return isSetValue();
+ case MESSAGE:
+ return isSetMessage();
+ case STACK:
+ return isSetStack();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof TSentryResponseStatus)
+ return this.equals((TSentryResponseStatus)that);
+ return false;
+ }
+
+ public boolean equals(TSentryResponseStatus that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_value = true;
+ boolean that_present_value = true;
+ if (this_present_value || that_present_value) {
+ if (!(this_present_value && that_present_value))
+ return false;
+ if (this.value != that.value)
+ return false;
+ }
+
+ boolean this_present_message = true && this.isSetMessage();
+ boolean that_present_message = true && that.isSetMessage();
+ if (this_present_message || that_present_message) {
+ if (!(this_present_message && that_present_message))
+ return false;
+ if (!this.message.equals(that.message))
+ return false;
+ }
+
+ boolean this_present_stack = true && this.isSetStack();
+ boolean that_present_stack = true && that.isSetStack();
+ if (this_present_stack || that_present_stack) {
+ if (!(this_present_stack && that_present_stack))
+ return false;
+ if (!this.stack.equals(that.stack))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_value = true;
+ builder.append(present_value);
+ if (present_value)
+ builder.append(value);
+
+ boolean present_message = true && (isSetMessage());
+ builder.append(present_message);
+ if (present_message)
+ builder.append(message);
+
+ boolean present_stack = true && (isSetStack());
+ builder.append(present_stack);
+ if (present_stack)
+ builder.append(stack);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(TSentryResponseStatus other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ TSentryResponseStatus typedOther = (TSentryResponseStatus)other;
+
+ lastComparison = Boolean.valueOf(isSetValue()).compareTo(typedOther.isSetValue());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetValue()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.value, typedOther.value);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetMessage()).compareTo(typedOther.isSetMessage());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetMessage()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.message, typedOther.message);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetStack()).compareTo(typedOther.isSetStack());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetStack()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.stack, typedOther.stack);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("TSentryResponseStatus(");
+ boolean first = true;
+
+ sb.append("value:");
+ sb.append(this.value);
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("message:");
+ if (this.message == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.message);
+ }
+ first = false;
+ if (isSetStack()) {
+ if (!first) sb.append(", ");
+ sb.append("stack:");
+ if (this.stack == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.stack);
+ }
+ first = false;
+ }
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ if (!isSetValue()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'value' is unset! Struct:" + toString());
+ }
+
+ if (!isSetMessage()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'message' is unset! Struct:" + toString());
+ }
+
+ // check for sub-struct validity
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+ __isset_bitfield = 0;
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class TSentryResponseStatusStandardSchemeFactory implements SchemeFactory {
+ public TSentryResponseStatusStandardScheme getScheme() {
+ return new TSentryResponseStatusStandardScheme();
+ }
+ }
+
+ private static class TSentryResponseStatusStandardScheme extends StandardScheme<TSentryResponseStatus> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // VALUE
+ if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+ struct.value = iprot.readI32();
+ struct.setValueIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 2: // MESSAGE
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.message = iprot.readString();
+ struct.setMessageIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 3: // STACK
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.stack = iprot.readString();
+ struct.setStackIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ oprot.writeFieldBegin(VALUE_FIELD_DESC);
+ oprot.writeI32(struct.value);
+ oprot.writeFieldEnd();
+ if (struct.message != null) {
+ oprot.writeFieldBegin(MESSAGE_FIELD_DESC);
+ oprot.writeString(struct.message);
+ oprot.writeFieldEnd();
+ }
+ if (struct.stack != null) {
+ if (struct.isSetStack()) {
+ oprot.writeFieldBegin(STACK_FIELD_DESC);
+ oprot.writeString(struct.stack);
+ oprot.writeFieldEnd();
+ }
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class TSentryResponseStatusTupleSchemeFactory implements SchemeFactory {
+ public TSentryResponseStatusTupleScheme getScheme() {
+ return new TSentryResponseStatusTupleScheme();
+ }
+ }
+
+ private static class TSentryResponseStatusTupleScheme extends TupleScheme<TSentryResponseStatus> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ oprot.writeI32(struct.value);
+ oprot.writeString(struct.message);
+ BitSet optionals = new BitSet();
+ if (struct.isSetStack()) {
+ optionals.set(0);
+ }
+ oprot.writeBitSet(optionals, 1);
+ if (struct.isSetStack()) {
+ oprot.writeString(struct.stack);
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, TSentryResponseStatus struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ struct.value = iprot.readI32();
+ struct.setValueIsSet(true);
+ struct.message = iprot.readString();
+ struct.setMessageIsSet(true);
+ BitSet incoming = iprot.readBitSet(1);
+ if (incoming.get(0)) {
+ struct.stack = iprot.readString();
+ struct.setStackIsSet(true);
+ }
+ }
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java
new file mode 100644
index 0000000..8174fe2
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/service/thrift/sentry_common_serviceConstants.java
@@ -0,0 +1,46 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class sentry_common_serviceConstants {
+
+ public static final int TSENTRY_SERVICE_V1 = 1;
+
+ public static final int TSENTRY_STATUS_OK = 0;
+
+ public static final int TSENTRY_STATUS_ALREADY_EXISTS = 1;
+
+ public static final int TSENTRY_STATUS_NO_SUCH_OBJECT = 2;
+
+ public static final int TSENTRY_STATUS_RUNTIME_ERROR = 3;
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 39b87c0..39921d8 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -37,8 +37,8 @@ import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.hive.metastore.ObjectStore;
import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryRole;
-import org.apache.sentry.service.api.TSentryPrivilege;
-import org.apache.sentry.service.api.TSentryRole;
+import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
+import org.apache.sentry.provider.db.service.thrift.TSentryRole;
public class SentryStore {
@@ -50,9 +50,10 @@ public class SentryStore {
private boolean isInitialized = false;
private PersistenceManager pm = null;
- int openTrasactionCalls = 0;
+ private int openTrasactionCalls = 0;
private Transaction currentTransaction = null;
private TXN_STATUS transactionStatus = TXN_STATUS.NO_STATE;
+ @SuppressWarnings("unused")
private final AtomicBoolean isSchemaVerified = new AtomicBoolean(false);
private static enum TXN_STATUS {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConnectionDeniedException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConnectionDeniedException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConnectionDeniedException.java
deleted file mode 100644
index c09a61c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConnectionDeniedException.java
+++ /dev/null
@@ -1,39 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-public class ConnectionDeniedException extends UnsupportedCallbackException {
-
- private static final long serialVersionUID = 653174214903923178L;
- private String message;
- private String connectionPrincipal;
-
- public ConnectionDeniedException(Callback callback, String message, String connectionPrincipal) {
- super(callback, message);
- this.message = message;
- this.connectionPrincipal = connectionPrincipal;
-
- }
-
- public String getConnectionPrincipal() {
- return connectionPrincipal;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Constants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Constants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Constants.java
deleted file mode 100644
index 51b1827..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Constants.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.security.sasl.Sasl;
-import com.google.common.collect.ImmutableMap;
-
-public class Constants {
-
- private static final ImmutableMap<String, String> SASL_PROPERTIES;
-
- static {
- Map<String, String> saslProps = new HashMap<String, String>();
- saslProps.put(Sasl.SERVER_AUTH, "true");
- saslProps.put(Sasl.QOP, "auth-conf");
- SASL_PROPERTIES = ImmutableMap.copyOf(saslProps);
- }
-
- public static class ServerArgs {
- public static final String CONFIG_FILE = "--conf-file";
- }
- public static class ServerConfig {
- public static final ImmutableMap<String, String> SASL_PROPERTIES = Constants.SASL_PROPERTIES;
- public static final String PRINCIPAL = "sentry.service.server.principal";
- public static final String KEY_TAB = "sentry.service.server.keytab";
- public static final String RPC_PORT = "sentry.service.server.rpc-port";
- public static final int RPC_PORT_DEFAULT = 8038;
- public static final String RPC_ADDRESS = "sentry.service.server.rpc-address";
- public static final String RPC_ADDRESS_DEFAULT = "0.0.0.0";
- public static final String RPC_MAX_THREADS = "sentry.service.server-max-threads";
- public static final int RPC_MAX_THREADS_DEFAULT = 500;
- public static final String RPC_MIN_THREADS = "sentry.service.server-min-threads";
- public static final int RPC_MIN_THREADS_DEFAULT = 10;
- public static final String ALLOW_CONNECT = "sentry.service.allow.connect";
- }
- public static class ClientConfig {
- public static final ImmutableMap<String, String> SASL_PROPERTIES = Constants.SASL_PROPERTIES;
- public static final String SERVER_RPC_PORT = "sentry.service.client.server.rpc-port";
- public static final int SERVER_RPC_PORT_DEFAULT = ServerConfig.RPC_PORT_DEFAULT;
- public static final String SERVER_RPC_ADDRESS = "sentry.service.client.server.rpc-address";
- public static final String SERVER_RPC_CONN_TIMEOUT = "sentry.service.client.server.rpc-connection-timeout";
- public static final int SERVER_RPC_CONN_TIMEOUT_DEFAULT = 200000;
- }
-
- /**
- * Thrift generates terrible constant class names
- */
- public static class ThriftConstants extends org.apache.sentry.service.api.sentry_storeConstants {
- public static final int TSENTRY_SERVICE_VERSION_CURRENT = TSENTRY_SERVICE_V1;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/GSSCallback.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/GSSCallback.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/GSSCallback.java
deleted file mode 100644
index c28311c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/GSSCallback.java
+++ /dev/null
@@ -1,102 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.util.Arrays;
-import java.util.List;
-
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-import javax.security.sasl.AuthorizeCallback;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.SaslRpcServer;
-
-public class GSSCallback extends SaslRpcServer.SaslGssCallbackHandler {
-
- private final Configuration conf;
- public GSSCallback(Configuration conf) {
- super();
- this.conf = conf;
- }
-
- boolean comparePrincipals(String principal1, String principal2) {
- String[] principalParts1 = SaslRpcServer.splitKerberosName(principal1);
- String[] principalParts2 = SaslRpcServer.splitKerberosName(principal2);
- if (principalParts1.length == 0 || principalParts2.length == 0) {
- return false;
- }
- if (principalParts1.length == principalParts2.length) {
- for (int i=0; i < principalParts1.length; i++) {
- if (!principalParts1[i].equals(principalParts2[i])) {
- return false;
- }
- }
- return true;
- } else {
- return false;
- }
- }
-
- boolean allowConnect(String principal) {
- String allowedPrincipals = conf.get("sentry.service.allow.connect");
- if (allowedPrincipals == null) {
- return false;
- }
- List<String> items = Arrays.asList(allowedPrincipals.split("\\s*,\\s*"));
- for (String item:items) {
- if(comparePrincipals(item, principal)) {
- return true;
- }
- }
- return false;
- }
-
- @Override
- public void handle(Callback[] callbacks)
- throws UnsupportedCallbackException, ConnectionDeniedException {
- AuthorizeCallback ac = null;
- for (Callback callback : callbacks) {
- if (callback instanceof AuthorizeCallback) {
- ac = (AuthorizeCallback) callback;
- } else {
- throw new UnsupportedCallbackException(callback,
- "Unrecognized SASL GSSAPI Callback");
- }
- }
- if (ac != null) {
- String authid = ac.getAuthenticationID();
- String authzid = ac.getAuthorizationID();
-
- if (allowConnect(authid)) {
- if (authid.equals(authzid)) {
- ac.setAuthorized(true);
- } else {
- ac.setAuthorized(false);
- }
- if (ac.isAuthorized()) {
- ac.setAuthorizedID(authzid);
- }
- } else {
- throw new ConnectionDeniedException(ac,
- "Connection to sentry service denied due to lack of client credentials",
- authid);
- }
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/KerberosConfiguration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/KerberosConfiguration.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/KerberosConfiguration.java
deleted file mode 100644
index 1737984..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/KerberosConfiguration.java
+++ /dev/null
@@ -1,77 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.io.File;
-import java.util.Map;
-import java.util.HashMap;
-import javax.security.auth.login.AppConfigurationEntry;
-
-public class KerberosConfiguration extends javax.security.auth.login.Configuration {
- private String principal;
- private String keytab;
- private boolean isInitiator;
-
- private KerberosConfiguration(String principal, File keytab,
- boolean client) {
- this.principal = principal;
- this.keytab = keytab.getAbsolutePath();
- this.isInitiator = client;
- }
-
- public static javax.security.auth.login.Configuration createClientConfig(String principal,
- File keytab) {
- return new KerberosConfiguration(principal, keytab, true);
- }
-
- public static javax.security.auth.login.Configuration createServerConfig(String principal,
- File keytab) {
- return new KerberosConfiguration(principal, keytab, false);
- }
-
- private static String getKrb5LoginModuleName() {
- return System.getProperty("java.vendor").contains("IBM")
- ? "com.ibm.security.auth.module.Krb5LoginModule"
- : "com.sun.security.auth.module.Krb5LoginModule";
- }
-
- @Override
- public AppConfigurationEntry[] getAppConfigurationEntry(String name) {
- Map<String, String> options = new HashMap<String, String>();
- options.put("keyTab", keytab);
- options.put("principal", principal);
- options.put("useKeyTab", "true");
- options.put("storeKey", "true");
- options.put("doNotPrompt", "true");
- options.put("useTicketCache", "true");
- options.put("renewTGT", "true");
- options.put("refreshKrb5Config", "true");
- options.put("isInitiator", Boolean.toString(isInitiator));
- String ticketCache = System.getenv("KRB5CCNAME");
- if (ticketCache != null) {
- options.put("ticketCache", ticketCache);
- }
- options.put("debug", "true");
-
- return new AppConfigurationEntry[]{
- new AppConfigurationEntry(getKrb5LoginModuleName(),
- AppConfigurationEntry.LoginModuleControlFlag.REQUIRED,
- options)};
- }
-}
-
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
new file mode 100644
index 0000000..63f987c
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
@@ -0,0 +1,89 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.provider.db.service.thrift;
+import java.net.InetSocketAddress;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.net.NetUtils;
+import org.apache.hadoop.security.SaslRpcServer;
+import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
+import org.apache.sentry.service.thrift.Constants.ClientConfig;
+import org.apache.sentry.service.thrift.Constants.ServerConfig;
+import org.apache.thrift.TException;
+import org.apache.thrift.protocol.TBinaryProtocol;
+import org.apache.thrift.protocol.TMultiplexedProtocol;
+import org.apache.thrift.transport.TSaslClientTransport;
+import org.apache.thrift.transport.TSocket;
+import org.apache.thrift.transport.TTransport;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.base.Preconditions;
+
+public class SentryPolicyServiceClient {
+
+ @SuppressWarnings("unused")
+ private final Configuration conf;
+ private final InetSocketAddress serverAddress;
+ private final String[] serverPrincipalParts;
+ private SentryPolicyService.Client client;
+ private TTransport transport;
+ private int connectionTimeout;
+ private static final Logger LOGGER = LoggerFactory.getLogger(SentryPolicyServiceClient.class);
+
+ public SentryPolicyServiceClient(Configuration conf) throws Exception {
+ this.conf = conf;
+ this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(conf.
+ get(ClientConfig.SERVER_RPC_ADDRESS),
+ "Config key " + ClientConfig.SERVER_RPC_ADDRESS + " is required"),
+ conf.getInt(ClientConfig.SERVER_RPC_PORT, ClientConfig.SERVER_RPC_PORT_DEFAULT));
+ this.connectionTimeout = conf.getInt(ClientConfig.SERVER_RPC_CONN_TIMEOUT,
+ ClientConfig.SERVER_RPC_CONN_TIMEOUT_DEFAULT);
+ String serverPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL),
+ ServerConfig.PRINCIPAL + " is required");
+ serverPrincipalParts = SaslRpcServer.splitKerberosName(serverPrincipal);
+ Preconditions.checkArgument(serverPrincipalParts.length == 3,
+ "Kerberos principal should have 3 parts: " + serverPrincipal);
+ transport = new TSocket(serverAddress.getHostString(), serverAddress.getPort(),
+ connectionTimeout);
+ TTransport saslTransport = new TSaslClientTransport(
+ AuthMethod.KERBEROS.getMechanismName(),
+ null,
+ serverPrincipalParts[0], serverPrincipalParts[1],
+ ClientConfig.SASL_PROPERTIES,
+ null,
+ transport);
+ saslTransport.open();
+ LOGGER.info("Successfully opened transport");
+ TMultiplexedProtocol protocol = new TMultiplexedProtocol(new TBinaryProtocol(saslTransport),
+ SentryPolicyStoreProcessor.SENTRY_POLICY_SERVICE_NAME);
+ client = new SentryPolicyService.Client(protocol);
+ LOGGER.info("Successfully created client");
+ }
+
+ public TCreateSentryRoleResponse createRole(TCreateSentryRoleRequest req) throws TException {
+ return client.create_sentry_role(req);
+ }
+
+ public void close() {
+ if (transport != null) {
+ transport.close();
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
new file mode 100644
index 0000000..2671ffc
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
@@ -0,0 +1,68 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.hive.conf.HiveConf;
+import org.apache.sentry.service.thrift.Status;
+import org.apache.sentry.service.thrift.TSentryResponseStatus;
+import org.apache.thrift.TException;
+
+@SuppressWarnings("unused")
+public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
+ public static final String SENTRY_POLICY_SERVICE_NAME = "SentryPolicyService";
+
+ private final String name;
+ private final Configuration conf;
+
+ public SentryPolicyStoreProcessor(String name, Configuration conf) {
+ super();
+ this.name = name;
+ this.conf = conf;
+ }
+ @Override
+ public TCreateSentryRoleResponse create_sentry_role(
+ TCreateSentryRoleRequest request) throws TException {
+ TCreateSentryRoleResponse resp = new TCreateSentryRoleResponse();
+ TSentryResponseStatus status = Status.OK();
+ resp.setStatus(status);
+ return resp;
+ }
+ @Override
+ public TCreateSentryPrivilegeResponse create_sentry_privilege(
+ TCreateSentryPrivilegeRequest request) throws TException {
+ return null;
+ }
+ @Override
+ public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(
+ TAlterSentryRoleAddGroupsRequest request) throws TException {
+ return null;
+ }
+ @Override
+ public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(
+ TAlterSentryRoleDeleteGroupsRequest request) throws TException {
+ return null;
+ }
+ @Override
+ public TListSentryRolesResponse list_sentry_roles(
+ TListSentryRolesRequest request) throws TException {
+ return null;
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java
new file mode 100644
index 0000000..95d5005
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessorFactory.java
@@ -0,0 +1,38 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.service.thrift.ProcessorFactory;
+import org.apache.thrift.TMultiplexedProcessor;
+import org.apache.thrift.TProcessor;
+
+public class SentryPolicyStoreProcessorFactory extends ProcessorFactory {
+ public SentryPolicyStoreProcessorFactory(Configuration conf) {
+ super(conf);
+ }
+
+ public boolean register(TMultiplexedProcessor multiplexedProcessor) {
+ SentryPolicyStoreProcessor sentryServiceHandler =
+ new SentryPolicyStoreProcessor(SentryPolicyStoreProcessor.SENTRY_POLICY_SERVICE_NAME, conf);
+ TProcessor processor =
+ new SentryPolicyService.Processor<SentryPolicyService.Iface>(sentryServiceHandler);
+ multiplexedProcessor.registerProcessor(SentryPolicyStoreProcessor.SENTRY_POLICY_SERVICE_NAME, processor);
+ return true;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryService.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryService.java
deleted file mode 100644
index 66ed637..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryService.java
+++ /dev/null
@@ -1,233 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.io.File;
-import java.io.IOException;
-import java.net.InetSocketAddress;
-import java.net.ServerSocket;
-import java.security.PrivilegedExceptionAction;
-import java.util.HashSet;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.ThreadFactory;
-
-import javax.security.auth.Subject;
-import javax.security.auth.kerberos.KerberosPrincipal;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.net.NetUtils;
-import org.apache.hadoop.security.SaslRpcServer;
-import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
-import org.apache.sentry.provider.db.service.thrift.Constants.ServerConfig;
-import org.apache.sentry.provider.db.service.thrift.KerberosConfiguration;
-import org.apache.sentry.service.api.SentryThriftService;
-import org.apache.thrift.TProcessor;
-import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.server.TServer;
-import org.apache.thrift.server.TThreadPoolServer;
-import org.apache.thrift.transport.TSaslServerTransport;
-import org.apache.thrift.transport.TServerSocket;
-import org.apache.thrift.transport.TServerTransport;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Preconditions;
-import com.google.common.collect.Sets;
-
-public class SentryService implements Runnable {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryService.class);
-
- private static enum Status {
- NOT_STARTED(),
- STARTED();
- }
- @SuppressWarnings("unused")
- private final Configuration conf;
- private final InetSocketAddress address;
- private final int maxThreads;
- private final int minThreads;
- private final String principal;
- private final String[] principalParts;
- private final String keytab;
- private final ExecutorService serviceExecutor;
-
- private TServer thriftServer;
- private Status status;
-
- public SentryService(Configuration conf) {
- this.conf = conf;
- int port = conf.getInt(ServerConfig.RPC_PORT, ServerConfig.RPC_PORT_DEFAULT);
- if (port == 0) {
- port = findFreePort();
- }
- this.address = NetUtils.createSocketAddr(conf.
- get(ServerConfig.RPC_ADDRESS, ServerConfig.RPC_ADDRESS_DEFAULT),
- port);
- LOGGER.info("Configured on address " + address);
- maxThreads = conf.getInt(ServerConfig.RPC_MAX_THREADS,
- ServerConfig.RPC_MAX_THREADS_DEFAULT);
- minThreads = conf.getInt(ServerConfig.RPC_MIN_THREADS,
- ServerConfig.RPC_MIN_THREADS_DEFAULT);
- principal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL),
- ServerConfig.PRINCIPAL + " is required");
- principalParts = SaslRpcServer.splitKerberosName(principal);
- Preconditions.checkArgument(principalParts.length == 3,
- "Kerberos principal should have 3 parts: " + principal);
- keytab = Preconditions.checkNotNull(conf.get(ServerConfig.KEY_TAB),
- ServerConfig.KEY_TAB + " is required");
- File keytabFile = new File(keytab);
- Preconditions.checkState(keytabFile.isFile() && keytabFile.canRead(),
- "Keytab " + keytab + " does not exist or is not readable.");
- serviceExecutor = Executors.newSingleThreadExecutor(new ThreadFactory() {
- private int count = 0;
- @Override
- public Thread newThread(Runnable r) {
- return new Thread(r, SentryService.class.getSimpleName() + "-" + (count++));
- }
- });
- status = Status.NOT_STARTED;
- }
-
- @Override
- public void run() {
- LoginContext loginContext = null;
- try {
- Subject subject = new Subject(false, Sets.newHashSet(
- new KerberosPrincipal(principal)), new HashSet<Object>(),
- new HashSet<Object>());
- loginContext = new LoginContext("", subject, null,
- KerberosConfiguration.createClientConfig(principal, new File(keytab)));
- loginContext.login();
- subject = loginContext.getSubject();
- Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
- @Override
- public Void run() throws Exception {
- SentryServiceHandler sentryServiceHandler = new SentryServiceHandler("sentry-policy-service", null);
- TProcessor processor =
- new SentryThriftService.Processor<SentryThriftService.Iface>(sentryServiceHandler);
- TServerTransport serverTransport = new TServerSocket(address);
- TSaslServerTransport.Factory saslTransportFactory = new TSaslServerTransport.Factory();
- saslTransportFactory.addServerDefinition(
- AuthMethod.KERBEROS.getMechanismName(),
- principalParts[0],
- principalParts[1],
- ServerConfig.SASL_PROPERTIES,
- new GSSCallback(conf));
- TThreadPoolServer.Args args = new TThreadPoolServer.Args(serverTransport)
- .processor(processor)
- .transportFactory(saslTransportFactory)
- .protocolFactory(new TBinaryProtocol.Factory())
- .minWorkerThreads(minThreads)
- .maxWorkerThreads(maxThreads);
- thriftServer = new TThreadPoolServer(args);
- LOGGER.info("Serving on " + address);
- thriftServer.serve();
- return null;
- }
- });
- } catch(Throwable t) {
- LOGGER.error("Error starting server", t);
- } finally {
- status = Status.NOT_STARTED;
- if (loginContext != null) {
- try {
- loginContext.logout();
- } catch (LoginException e) {
- LOGGER.error("Error logging out", e);
- }
- }
- }
- }
-
- public InetSocketAddress getAddress() {
- return address;
- }
-
- public synchronized boolean isRunning() {
- return status == Status.STARTED && thriftServer != null && thriftServer.isServing();
- }
-
- public synchronized void start() {
- if (status != Status.NOT_STARTED) {
- throw new IllegalStateException("Cannot start when " + status);
- }
- LOGGER.info("Attempting to start...");
- status = Status.STARTED;
- serviceExecutor.submit(this);
- }
-
- public synchronized void stop() {
- if (status == Status.NOT_STARTED) {
- return;
- }
- LOGGER.info("Attempting to stop...");
- if (thriftServer.isServing()) {
- thriftServer.stop();
- }
- thriftServer = null;
- status = Status.NOT_STARTED;
- LOGGER.info("Stopped...");
- }
-
- private static int findFreePort() {
- int attempts = 0;
- while (attempts++ <= 1000) {
- try {
- ServerSocket s = new ServerSocket(0);
- int port = s.getLocalPort();
- s.close();
- return port;
- } catch (IOException e) {
- // ignore and retry
- }
- }
- throw new IllegalStateException("Unable to find a port after 1000 attempts");
- }
-
- @SuppressWarnings("deprecation")
- public static void main(String[] args) throws Exception {
- // XXX if more more than one argument is handled here, use an options parser
- File configFile = null;
- if (args.length != 2 || !args[0].equalsIgnoreCase(Constants.ServerArgs.CONFIG_FILE)) {
- throw new IllegalArgumentException("Usage: " + Constants.ServerArgs.CONFIG_FILE
- + " path/to/sentry-service.xml");
- } else if(!((configFile = new File(args[1])).isFile() && configFile.canRead())) {
- throw new IllegalArgumentException("Cannot read configuration file " + configFile);
- }
- Configuration conf = new Configuration(false);
- conf.addResource(configFile.toURL());
- final SentryService server = new SentryService(conf);
- server.start();
- Runtime.getRuntime().addShutdownHook(new Thread() {
- @Override
- public void run() {
- LOGGER.info("ShutdownHook shutting down server");
- try {
- server.stop();
- } catch (Throwable t) {
- LOGGER.error("Error stopping SentryService", t);
- }
- }
- });
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClient.java
deleted file mode 100644
index e3bfaf9..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClient.java
+++ /dev/null
@@ -1,89 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-import java.net.InetSocketAddress;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.net.NetUtils;
-import org.apache.hadoop.security.SaslRpcServer;
-import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
-import org.apache.sentry.provider.db.service.thrift.Constants.ClientConfig;
-import org.apache.sentry.provider.db.service.thrift.Constants.ServerConfig;
-import org.apache.sentry.service.api.SentryThriftService;
-import org.apache.sentry.service.api.TCreateSentryRoleRequest;
-import org.apache.sentry.service.api.TCreateSentryRoleResponse;
-import org.apache.thrift.TException;
-import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.transport.TSaslClientTransport;
-import org.apache.thrift.transport.TSocket;
-import org.apache.thrift.transport.TTransport;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Preconditions;
-
-public class SentryServiceClient {
-
- @SuppressWarnings("unused")
- private final Configuration conf;
- private final InetSocketAddress serverAddress;
- private final String[] serverPrincipalParts;
- private SentryThriftService.Client client;
- private TTransport transport;
- private int connectionTimeout;
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryServiceClient.class);
-
- public SentryServiceClient(Configuration conf) throws Exception {
- this.conf = conf;
- this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(conf.
- get(ClientConfig.SERVER_RPC_ADDRESS),
- "Config key " + ClientConfig.SERVER_RPC_ADDRESS + " is required"),
- conf.getInt(ClientConfig.SERVER_RPC_PORT, ClientConfig.SERVER_RPC_PORT_DEFAULT));
- this.connectionTimeout = conf.getInt(ClientConfig.SERVER_RPC_CONN_TIMEOUT,
- ClientConfig.SERVER_RPC_CONN_TIMEOUT_DEFAULT);
- String serverPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL),
- ServerConfig.PRINCIPAL + " is required");
- serverPrincipalParts = SaslRpcServer.splitKerberosName(serverPrincipal);
- Preconditions.checkArgument(serverPrincipalParts.length == 3,
- "Kerberos principal should have 3 parts: " + serverPrincipal);
- transport = new TSocket(serverAddress.getHostString(), serverAddress.getPort(),
- connectionTimeout);
- TTransport saslTransport = new TSaslClientTransport(
- AuthMethod.KERBEROS.getMechanismName(),
- null,
- serverPrincipalParts[0], serverPrincipalParts[1],
- ClientConfig.SASL_PROPERTIES,
- null,
- transport);
- saslTransport.open();
- LOGGER.info("Successfully opened transport");
- client = new SentryThriftService.Client(new TBinaryProtocol(saslTransport));
- LOGGER.info("Successfully created client");
- }
-
- public TCreateSentryRoleResponse createRole(TCreateSentryRoleRequest req) throws TException {
- return client.create_sentry_role(req);
- }
-
- public void close() {
- if (transport != null) {
- transport.close();
- }
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClientFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClientFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClientFactory.java
deleted file mode 100644
index 2afafe5..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceClientFactory.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-import org.apache.hadoop.conf.Configuration;
-
-public class SentryServiceClientFactory {
-
- public SentryServiceClient create(Configuration conf) throws Exception {
- SentryServiceClient client = new SentryServiceClient(conf);
- return client;
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceFactory.java
deleted file mode 100644
index 0736e3f..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceFactory.java
+++ /dev/null
@@ -1,29 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-import org.apache.hadoop.conf.Configuration;
-
-public class SentryServiceFactory {
-
- public SentryService create(Configuration conf) throws Exception {
- SentryService server = new SentryService(conf);
- return server;
- }
-
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceHandler.java
deleted file mode 100644
index 27153bf..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryServiceHandler.java
+++ /dev/null
@@ -1,74 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.hadoop.hive.conf.HiveConf;
-import org.apache.sentry.service.api.SentryThriftService;
-import org.apache.sentry.service.api.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.service.api.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.service.api.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.service.api.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.service.api.TCreateSentryPrivilegeRequest;
-import org.apache.sentry.service.api.TCreateSentryPrivilegeResponse;
-import org.apache.sentry.service.api.TCreateSentryRoleRequest;
-import org.apache.sentry.service.api.TCreateSentryRoleResponse;
-import org.apache.sentry.service.api.TListSentryRolesRequest;
-import org.apache.sentry.service.api.TListSentryRolesResponse;
-import org.apache.sentry.service.api.TSentryResponseStatus;
-import org.apache.thrift.TException;
-
-public class SentryServiceHandler implements SentryThriftService.Iface {
- private final String name;
- private final HiveConf conf;
-
- public SentryServiceHandler(String name, HiveConf conf) {
- super();
- this.name = name;
- this.conf = conf;
- }
- @Override
- public TCreateSentryRoleResponse create_sentry_role(
- TCreateSentryRoleRequest request) throws TException {
- TCreateSentryRoleResponse resp = new TCreateSentryRoleResponse();
- TSentryResponseStatus status = Status.OK();
- resp.setStatus(status);
- return resp;
- }
- @Override
- public TCreateSentryPrivilegeResponse create_sentry_privilege(
- TCreateSentryPrivilegeRequest request) throws TException {
- return null;
- }
- @Override
- public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(
- TAlterSentryRoleAddGroupsRequest request) throws TException {
- return null;
- }
- @Override
- public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(
- TAlterSentryRoleDeleteGroupsRequest request) throws TException {
- return null;
- }
- @Override
- public TListSentryRolesResponse list_sentry_roles(
- TListSentryRolesRequest request) throws TException {
- return null;
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Status.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Status.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Status.java
deleted file mode 100644
index 4fef486..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/Status.java
+++ /dev/null
@@ -1,57 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.io.PrintWriter;
-import java.io.StringWriter;
-
-import javax.annotation.Nullable;
-
-import org.apache.sentry.service.api.TSentryResponseStatus;
-import org.apache.sentry.service.api.TSentryStatus;
-
-/**
- * Simple factory to make returning TSentryStatus objects easy
- */
-public class Status {
- public static TSentryResponseStatus OK() {
- return Create(TSentryStatus.OK, "");
- }
- public static TSentryResponseStatus AlreadyExists(String message, Throwable t) {
- return Create(TSentryStatus.ALREADY_EXISTS, message, t);
- }
- public static TSentryResponseStatus NoSuchObject(String message, Throwable t) {
- return Create(TSentryStatus.NO_SUCH_OBJECT, message, t);
- }
- public static TSentryResponseStatus Create(TSentryStatus value, String message) {
- return Create(value, message, null);
- }
- public static TSentryResponseStatus Create(TSentryStatus value, String message, @Nullable Throwable t) {
- TSentryResponseStatus status = new TSentryResponseStatus();
- status.setValue(value);
- status.setMessage(message);
- if (t != null) {
- StringWriter stringWriter = new StringWriter();
- PrintWriter printWriter = new PrintWriter(stringWriter);
- t.printStackTrace(printWriter);
- printWriter.close();
- status.setStack(stringWriter.toString());
- }
- return status;
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/sentry_store.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/sentry_store.thrift b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/sentry_store.thrift
deleted file mode 100644
index ba8406d..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/sentry_store.thrift
+++ /dev/null
@@ -1,139 +0,0 @@
-#!/usr/local/bin/thrift -java
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#
-# Thrift Service that the MetaStore is built on
-#
-
-include "share/fb303/if/fb303.thrift"
-
-namespace java org.apache.sentry.service.api
-namespace php sentryservice
-namespace cpp Apache.Sentry
-
-
-const i32 TSENTRY_SERVICE_V1 = 1;
-
-enum TSentryStatus {
-OK,
-ALREADY_EXISTS,
-NO_SUCH_OBJECT,
-RUNTIME_ERROR
-}
-
-struct TSentryResponseStatus {
-1: required TSentryStatus value,
-// message will be set to empty string when status is OK
-2: required string message
-3: optional string stack
-}
-
-struct TSentryPrivilege {
-1: required string privilegeScope,
-2: required string privilegeName,
-3: required string serverName,
-4: optional string dbName,
-5: optional string tableName,
-6: optional string URI,
-7: required string action,
-8: required i64 createTime,
-9: required string grantorPrincipal
-}
-
-struct TSentryRole {
-1: required string roleName,
-2: required set<TSentryPrivilege> privileges,
-3: required i64 createTime,
-4: required string grantorPrincipal
-}
-// TODO fill out
-struct TSentryGroup {
-1: required string groupName
-}
-
-struct TCreateSentryRoleRequest {
-1: required i32 protocol_version = TSENTRY_SERVICE_V1,
-2: required string userName,
-3: required TSentryRole role
-}
-struct TCreateSentryRoleResponse {
-1: required TSentryResponseStatus status
-}
-
-struct TCreateSentryPrivilegeRequest {
-1: required i32 protocol_version = TSENTRY_SERVICE_V1,
-2: required string userName,
-3: required TSentryPrivilege privilege
-}
-struct TCreateSentryPrivilegeResponse {
-1: required TSentryResponseStatus status
-}
-
-struct TCreateSentryPrivilegeRequest {
-1: required i32 protocol_version = TSENTRY_SERVICE_V1,
-2: required string userName,
-3: required TSentryPrivilege privilege
-}
-struct TCreateSentryPrivilegeResponse {
-1: required TSentryResponseStatus status
-}
-
-struct TAlterSentryRoleAddGroupsRequest {
-1: required i32 protocol_version = TSENTRY_SERVICE_V1,
-2: required string userName,
-3: required string roleName,
-4: required set<TSentryGroup> groups
-}
-struct TAlterSentryRoleAddGroupsResponse {
-1: required TSentryResponseStatus status
-}
-
-struct TAlterSentryRoleDeleteGroupsRequest {
-1: required i32 protocol_version = TSENTRY_SERVICE_V1,
-2: required string userName,
-}
-struct TAlterSentryRoleDeleteGroupsResponse {
-1: required TSentryResponseStatus status
-}
-
-struct TListSentryRolesRequest {
-1: required i32 protocol_version = TSENTRY_SERVICE_V1,
-2: required string userName,
-3: optional string groupName,
-4: optional string roleName
-}
-struct TListSentryRolesResponse {
-1: required TSentryResponseStatus status
-2: required set<TSentryRole> roles
-}
-
-service SentryThriftService
-{
- TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
- //TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
-
- TCreateSentryPrivilegeResponse create_sentry_privilege(1:TCreateSentryPrivilegeRequest request)
- //TDropSentryPrivilegeResponse drop_sentry_privilege(1:TDropSentryPrivilegeRequest request)
-
- TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(1:TAlterSentryRoleAddGroupsRequest request)
- TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(1:TAlterSentryRoleDeleteGroupsRequest request)
-
- TListSentryRolesResponse list_sentry_roles(1:TListSentryRolesRequest request)
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ConnectionDeniedException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ConnectionDeniedException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ConnectionDeniedException.java
new file mode 100644
index 0000000..02c5eb3
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ConnectionDeniedException.java
@@ -0,0 +1,36 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.service.thrift;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+public class ConnectionDeniedException extends UnsupportedCallbackException {
+
+ private static final long serialVersionUID = 653174214903923178L;
+ private String connectionPrincipal;
+
+ public ConnectionDeniedException(Callback callback, String message, String connectionPrincipal) {
+ super(callback, message);
+ this.connectionPrincipal = connectionPrincipal;
+ }
+
+ public String getConnectionPrincipal() {
+ return connectionPrincipal;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/1e121ccc/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Constants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Constants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Constants.java
new file mode 100644
index 0000000..16b2aad
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Constants.java
@@ -0,0 +1,78 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.service.thrift;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.sasl.Sasl;
+
+import com.google.common.base.Splitter;
+import com.google.common.collect.ImmutableMap;
+
+public class Constants {
+
+ private static final ImmutableMap<String, String> SASL_PROPERTIES;
+
+ static {
+ Map<String, String> saslProps = new HashMap<String, String>();
+ saslProps.put(Sasl.SERVER_AUTH, "true");
+ saslProps.put(Sasl.QOP, "auth-conf");
+ SASL_PROPERTIES = ImmutableMap.copyOf(saslProps);
+ }
+
+ public static class ConfUtilties {
+ public static final Splitter CLASS_SPLITTER = Splitter.onPattern("[\\s,]")
+ .trimResults().omitEmptyStrings();
+ }
+ public static class ServerArgs {
+ public static final String CONFIG_FILE = "--conf-file";
+ }
+ public static class ServerConfig {
+ public static final ImmutableMap<String, String> SASL_PROPERTIES = Constants.SASL_PROPERTIES;
+ public static final String PRINCIPAL = "sentry.service.server.principal";
+ public static final String KEY_TAB = "sentry.service.server.keytab";
+ public static final String RPC_PORT = "sentry.service.server.rpc-port";
+ public static final int RPC_PORT_DEFAULT = 8038;
+ public static final String RPC_ADDRESS = "sentry.service.server.rpc-address";
+ public static final String RPC_ADDRESS_DEFAULT = "0.0.0.0";
+ public static final String RPC_MAX_THREADS = "sentry.service.server-max-threads";
+ public static final int RPC_MAX_THREADS_DEFAULT = 500;
+ public static final String RPC_MIN_THREADS = "sentry.service.server-min-threads";
+ public static final int RPC_MIN_THREADS_DEFAULT = 10;
+ public static final String ALLOW_CONNECT = "sentry.service.allow.connect";
+ public static final String PROCESSOR_FACTORIES = "sentry.service.processor.factories";
+ public static final String PROCESSOR_FACTORIES_DEFAULT =
+ "org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessorFactory";
+ }
+ public static class ClientConfig {
+ public static final ImmutableMap<String, String> SASL_PROPERTIES = Constants.SASL_PROPERTIES;
+ public static final String SERVER_RPC_PORT = "sentry.service.client.server.rpc-port";
+ public static final int SERVER_RPC_PORT_DEFAULT = ServerConfig.RPC_PORT_DEFAULT;
+ public static final String SERVER_RPC_ADDRESS = "sentry.service.client.server.rpc-address";
+ public static final String SERVER_RPC_CONN_TIMEOUT = "sentry.service.client.server.rpc-connection-timeout";
+ public static final int SERVER_RPC_CONN_TIMEOUT_DEFAULT = 200000;
+ }
+
+ /**
+ * Thrift generates terrible constant class names
+ */
+ public static class ThriftConstants extends org.apache.sentry.service.thrift.sentry_common_serviceConstants {
+ public static final int TSENTRY_SERVICE_VERSION_CURRENT = TSENTRY_SERVICE_V1;
+ }
+}