You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sr...@apache.org on 2014/09/18 01:01:11 UTC
[1/2] SENTRY-359: Support Sentry service API to retrieve applicable
privileges for a given authorizable object (Prasad Mujumdar via Arun and
Sravya)
Repository: incubator-sentry
Updated Branches:
refs/heads/master d1d2fd3dc -> fa5f81c77
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java
new file mode 100644
index 0000000..6fe5a7e
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthResponse.java
@@ -0,0 +1,558 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TListSentryPrivilegesByAuthResponse implements org.apache.thrift.TBase<TListSentryPrivilegesByAuthResponse, TListSentryPrivilegesByAuthResponse._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthResponse");
+
+ private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
+ private static final org.apache.thrift.protocol.TField PRIVILEGES_MAP_BY_AUTH_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegesMapByAuth", org.apache.thrift.protocol.TType.MAP, (short)2);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthResponseStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthResponseTupleSchemeFactory());
+ }
+
+ private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
+ private Map<TSentryAuthorizable,TSentryPrivilegeMap> privilegesMapByAuth; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ STATUS((short)1, "status"),
+ PRIVILEGES_MAP_BY_AUTH((short)2, "privilegesMapByAuth");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // STATUS
+ return STATUS;
+ case 2: // PRIVILEGES_MAP_BY_AUTH
+ return PRIVILEGES_MAP_BY_AUTH;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
+ tmpMap.put(_Fields.PRIVILEGES_MAP_BY_AUTH, new org.apache.thrift.meta_data.FieldMetaData("privilegesMapByAuth", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class),
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilegeMap.class))));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthResponse.class, metaDataMap);
+ }
+
+ public TListSentryPrivilegesByAuthResponse() {
+ }
+
+ public TListSentryPrivilegesByAuthResponse(
+ org.apache.sentry.service.thrift.TSentryResponseStatus status,
+ Map<TSentryAuthorizable,TSentryPrivilegeMap> privilegesMapByAuth)
+ {
+ this();
+ this.status = status;
+ this.privilegesMapByAuth = privilegesMapByAuth;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public TListSentryPrivilegesByAuthResponse(TListSentryPrivilegesByAuthResponse other) {
+ if (other.isSetStatus()) {
+ this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
+ }
+ if (other.isSetPrivilegesMapByAuth()) {
+ Map<TSentryAuthorizable,TSentryPrivilegeMap> __this__privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>();
+ for (Map.Entry<TSentryAuthorizable, TSentryPrivilegeMap> other_element : other.privilegesMapByAuth.entrySet()) {
+
+ TSentryAuthorizable other_element_key = other_element.getKey();
+ TSentryPrivilegeMap other_element_value = other_element.getValue();
+
+ TSentryAuthorizable __this__privilegesMapByAuth_copy_key = new TSentryAuthorizable(other_element_key);
+
+ TSentryPrivilegeMap __this__privilegesMapByAuth_copy_value = new TSentryPrivilegeMap(other_element_value);
+
+ __this__privilegesMapByAuth.put(__this__privilegesMapByAuth_copy_key, __this__privilegesMapByAuth_copy_value);
+ }
+ this.privilegesMapByAuth = __this__privilegesMapByAuth;
+ }
+ }
+
+ public TListSentryPrivilegesByAuthResponse deepCopy() {
+ return new TListSentryPrivilegesByAuthResponse(this);
+ }
+
+ @Override
+ public void clear() {
+ this.status = null;
+ this.privilegesMapByAuth = null;
+ }
+
+ public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
+ return this.status;
+ }
+
+ public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
+ this.status = status;
+ }
+
+ public void unsetStatus() {
+ this.status = null;
+ }
+
+ /** Returns true if field status is set (has been assigned a value) and false otherwise */
+ public boolean isSetStatus() {
+ return this.status != null;
+ }
+
+ public void setStatusIsSet(boolean value) {
+ if (!value) {
+ this.status = null;
+ }
+ }
+
+ public int getPrivilegesMapByAuthSize() {
+ return (this.privilegesMapByAuth == null) ? 0 : this.privilegesMapByAuth.size();
+ }
+
+ public void putToPrivilegesMapByAuth(TSentryAuthorizable key, TSentryPrivilegeMap val) {
+ if (this.privilegesMapByAuth == null) {
+ this.privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>();
+ }
+ this.privilegesMapByAuth.put(key, val);
+ }
+
+ public Map<TSentryAuthorizable,TSentryPrivilegeMap> getPrivilegesMapByAuth() {
+ return this.privilegesMapByAuth;
+ }
+
+ public void setPrivilegesMapByAuth(Map<TSentryAuthorizable,TSentryPrivilegeMap> privilegesMapByAuth) {
+ this.privilegesMapByAuth = privilegesMapByAuth;
+ }
+
+ public void unsetPrivilegesMapByAuth() {
+ this.privilegesMapByAuth = null;
+ }
+
+ /** Returns true if field privilegesMapByAuth is set (has been assigned a value) and false otherwise */
+ public boolean isSetPrivilegesMapByAuth() {
+ return this.privilegesMapByAuth != null;
+ }
+
+ public void setPrivilegesMapByAuthIsSet(boolean value) {
+ if (!value) {
+ this.privilegesMapByAuth = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case STATUS:
+ if (value == null) {
+ unsetStatus();
+ } else {
+ setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
+ }
+ break;
+
+ case PRIVILEGES_MAP_BY_AUTH:
+ if (value == null) {
+ unsetPrivilegesMapByAuth();
+ } else {
+ setPrivilegesMapByAuth((Map<TSentryAuthorizable,TSentryPrivilegeMap>)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case STATUS:
+ return getStatus();
+
+ case PRIVILEGES_MAP_BY_AUTH:
+ return getPrivilegesMapByAuth();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case STATUS:
+ return isSetStatus();
+ case PRIVILEGES_MAP_BY_AUTH:
+ return isSetPrivilegesMapByAuth();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof TListSentryPrivilegesByAuthResponse)
+ return this.equals((TListSentryPrivilegesByAuthResponse)that);
+ return false;
+ }
+
+ public boolean equals(TListSentryPrivilegesByAuthResponse that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_status = true && this.isSetStatus();
+ boolean that_present_status = true && that.isSetStatus();
+ if (this_present_status || that_present_status) {
+ if (!(this_present_status && that_present_status))
+ return false;
+ if (!this.status.equals(that.status))
+ return false;
+ }
+
+ boolean this_present_privilegesMapByAuth = true && this.isSetPrivilegesMapByAuth();
+ boolean that_present_privilegesMapByAuth = true && that.isSetPrivilegesMapByAuth();
+ if (this_present_privilegesMapByAuth || that_present_privilegesMapByAuth) {
+ if (!(this_present_privilegesMapByAuth && that_present_privilegesMapByAuth))
+ return false;
+ if (!this.privilegesMapByAuth.equals(that.privilegesMapByAuth))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_status = true && (isSetStatus());
+ builder.append(present_status);
+ if (present_status)
+ builder.append(status);
+
+ boolean present_privilegesMapByAuth = true && (isSetPrivilegesMapByAuth());
+ builder.append(present_privilegesMapByAuth);
+ if (present_privilegesMapByAuth)
+ builder.append(privilegesMapByAuth);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(TListSentryPrivilegesByAuthResponse other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ TListSentryPrivilegesByAuthResponse typedOther = (TListSentryPrivilegesByAuthResponse)other;
+
+ lastComparison = Boolean.valueOf(isSetStatus()).compareTo(typedOther.isSetStatus());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetStatus()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, typedOther.status);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetPrivilegesMapByAuth()).compareTo(typedOther.isSetPrivilegesMapByAuth());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetPrivilegesMapByAuth()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegesMapByAuth, typedOther.privilegesMapByAuth);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthResponse(");
+ boolean first = true;
+
+ sb.append("status:");
+ if (this.status == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.status);
+ }
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("privilegesMapByAuth:");
+ if (this.privilegesMapByAuth == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.privilegesMapByAuth);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ if (!isSetStatus()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
+ }
+
+ if (!isSetPrivilegesMapByAuth()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilegesMapByAuth' is unset! Struct:" + toString());
+ }
+
+ // check for sub-struct validity
+ if (status != null) {
+ status.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class TListSentryPrivilegesByAuthResponseStandardSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesByAuthResponseStandardScheme getScheme() {
+ return new TListSentryPrivilegesByAuthResponseStandardScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesByAuthResponseStandardScheme extends StandardScheme<TListSentryPrivilegesByAuthResponse> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // STATUS
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
+ struct.status.read(iprot);
+ struct.setStatusIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 2: // PRIVILEGES_MAP_BY_AUTH
+ if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
+ {
+ org.apache.thrift.protocol.TMap _map98 = iprot.readMapBegin();
+ struct.privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>(2*_map98.size);
+ for (int _i99 = 0; _i99 < _map98.size; ++_i99)
+ {
+ TSentryAuthorizable _key100; // required
+ TSentryPrivilegeMap _val101; // required
+ _key100 = new TSentryAuthorizable();
+ _key100.read(iprot);
+ _val101 = new TSentryPrivilegeMap();
+ _val101.read(iprot);
+ struct.privilegesMapByAuth.put(_key100, _val101);
+ }
+ iprot.readMapEnd();
+ }
+ struct.setPrivilegesMapByAuthIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ if (struct.status != null) {
+ oprot.writeFieldBegin(STATUS_FIELD_DESC);
+ struct.status.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ if (struct.privilegesMapByAuth != null) {
+ oprot.writeFieldBegin(PRIVILEGES_MAP_BY_AUTH_FIELD_DESC);
+ {
+ oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRUCT, org.apache.thrift.protocol.TType.STRUCT, struct.privilegesMapByAuth.size()));
+ for (Map.Entry<TSentryAuthorizable, TSentryPrivilegeMap> _iter102 : struct.privilegesMapByAuth.entrySet())
+ {
+ _iter102.getKey().write(oprot);
+ _iter102.getValue().write(oprot);
+ }
+ oprot.writeMapEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class TListSentryPrivilegesByAuthResponseTupleSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesByAuthResponseTupleScheme getScheme() {
+ return new TListSentryPrivilegesByAuthResponseTupleScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesByAuthResponseTupleScheme extends TupleScheme<TListSentryPrivilegesByAuthResponse> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ struct.status.write(oprot);
+ {
+ oprot.writeI32(struct.privilegesMapByAuth.size());
+ for (Map.Entry<TSentryAuthorizable, TSentryPrivilegeMap> _iter103 : struct.privilegesMapByAuth.entrySet())
+ {
+ _iter103.getKey().write(oprot);
+ _iter103.getValue().write(oprot);
+ }
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthResponse struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
+ struct.status.read(iprot);
+ struct.setStatusIsSet(true);
+ {
+ org.apache.thrift.protocol.TMap _map104 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRUCT, org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
+ struct.privilegesMapByAuth = new HashMap<TSentryAuthorizable,TSentryPrivilegeMap>(2*_map104.size);
+ for (int _i105 = 0; _i105 < _map104.size; ++_i105)
+ {
+ TSentryAuthorizable _key106; // required
+ TSentryPrivilegeMap _val107; // required
+ _key106 = new TSentryAuthorizable();
+ _key106.read(iprot);
+ _val107 = new TSentryPrivilegeMap();
+ _val107.read(iprot);
+ struct.privilegesMapByAuth.put(_key106, _val107);
+ }
+ }
+ struct.setPrivilegesMapByAuthIsSet(true);
+ }
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java
new file mode 100644
index 0000000..50b4979
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryPrivilegeMap.java
@@ -0,0 +1,486 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TSentryPrivilegeMap implements org.apache.thrift.TBase<TSentryPrivilegeMap, TSentryPrivilegeMap._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryPrivilegeMap");
+
+ private static final org.apache.thrift.protocol.TField PRIVILEGE_MAP_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegeMap", org.apache.thrift.protocol.TType.MAP, (short)1);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new TSentryPrivilegeMapStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new TSentryPrivilegeMapTupleSchemeFactory());
+ }
+
+ private Map<String,Set<TSentryPrivilege>> privilegeMap; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ PRIVILEGE_MAP((short)1, "privilegeMap");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // PRIVILEGE_MAP
+ return PRIVILEGE_MAP;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.PRIVILEGE_MAP, new org.apache.thrift.meta_data.FieldMetaData("privilegeMap", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING),
+ new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)))));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryPrivilegeMap.class, metaDataMap);
+ }
+
+ public TSentryPrivilegeMap() {
+ }
+
+ public TSentryPrivilegeMap(
+ Map<String,Set<TSentryPrivilege>> privilegeMap)
+ {
+ this();
+ this.privilegeMap = privilegeMap;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public TSentryPrivilegeMap(TSentryPrivilegeMap other) {
+ if (other.isSetPrivilegeMap()) {
+ Map<String,Set<TSentryPrivilege>> __this__privilegeMap = new HashMap<String,Set<TSentryPrivilege>>();
+ for (Map.Entry<String, Set<TSentryPrivilege>> other_element : other.privilegeMap.entrySet()) {
+
+ String other_element_key = other_element.getKey();
+ Set<TSentryPrivilege> other_element_value = other_element.getValue();
+
+ String __this__privilegeMap_copy_key = other_element_key;
+
+ Set<TSentryPrivilege> __this__privilegeMap_copy_value = new HashSet<TSentryPrivilege>();
+ for (TSentryPrivilege other_element_value_element : other_element_value) {
+ __this__privilegeMap_copy_value.add(new TSentryPrivilege(other_element_value_element));
+ }
+
+ __this__privilegeMap.put(__this__privilegeMap_copy_key, __this__privilegeMap_copy_value);
+ }
+ this.privilegeMap = __this__privilegeMap;
+ }
+ }
+
+ public TSentryPrivilegeMap deepCopy() {
+ return new TSentryPrivilegeMap(this);
+ }
+
+ @Override
+ public void clear() {
+ this.privilegeMap = null;
+ }
+
+ public int getPrivilegeMapSize() {
+ return (this.privilegeMap == null) ? 0 : this.privilegeMap.size();
+ }
+
+ public void putToPrivilegeMap(String key, Set<TSentryPrivilege> val) {
+ if (this.privilegeMap == null) {
+ this.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>();
+ }
+ this.privilegeMap.put(key, val);
+ }
+
+ public Map<String,Set<TSentryPrivilege>> getPrivilegeMap() {
+ return this.privilegeMap;
+ }
+
+ public void setPrivilegeMap(Map<String,Set<TSentryPrivilege>> privilegeMap) {
+ this.privilegeMap = privilegeMap;
+ }
+
+ public void unsetPrivilegeMap() {
+ this.privilegeMap = null;
+ }
+
+ /** Returns true if field privilegeMap is set (has been assigned a value) and false otherwise */
+ public boolean isSetPrivilegeMap() {
+ return this.privilegeMap != null;
+ }
+
+ public void setPrivilegeMapIsSet(boolean value) {
+ if (!value) {
+ this.privilegeMap = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case PRIVILEGE_MAP:
+ if (value == null) {
+ unsetPrivilegeMap();
+ } else {
+ setPrivilegeMap((Map<String,Set<TSentryPrivilege>>)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case PRIVILEGE_MAP:
+ return getPrivilegeMap();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case PRIVILEGE_MAP:
+ return isSetPrivilegeMap();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof TSentryPrivilegeMap)
+ return this.equals((TSentryPrivilegeMap)that);
+ return false;
+ }
+
+ public boolean equals(TSentryPrivilegeMap that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_privilegeMap = true && this.isSetPrivilegeMap();
+ boolean that_present_privilegeMap = true && that.isSetPrivilegeMap();
+ if (this_present_privilegeMap || that_present_privilegeMap) {
+ if (!(this_present_privilegeMap && that_present_privilegeMap))
+ return false;
+ if (!this.privilegeMap.equals(that.privilegeMap))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_privilegeMap = true && (isSetPrivilegeMap());
+ builder.append(present_privilegeMap);
+ if (present_privilegeMap)
+ builder.append(privilegeMap);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(TSentryPrivilegeMap other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ TSentryPrivilegeMap typedOther = (TSentryPrivilegeMap)other;
+
+ lastComparison = Boolean.valueOf(isSetPrivilegeMap()).compareTo(typedOther.isSetPrivilegeMap());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetPrivilegeMap()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegeMap, typedOther.privilegeMap);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("TSentryPrivilegeMap(");
+ boolean first = true;
+
+ sb.append("privilegeMap:");
+ if (this.privilegeMap == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.privilegeMap);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ if (!isSetPrivilegeMap()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilegeMap' is unset! Struct:" + toString());
+ }
+
+ // check for sub-struct validity
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class TSentryPrivilegeMapStandardSchemeFactory implements SchemeFactory {
+ public TSentryPrivilegeMapStandardScheme getScheme() {
+ return new TSentryPrivilegeMapStandardScheme();
+ }
+ }
+
+ private static class TSentryPrivilegeMapStandardScheme extends StandardScheme<TSentryPrivilegeMap> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // PRIVILEGE_MAP
+ if (schemeField.type == org.apache.thrift.protocol.TType.MAP) {
+ {
+ org.apache.thrift.protocol.TMap _map64 = iprot.readMapBegin();
+ struct.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map64.size);
+ for (int _i65 = 0; _i65 < _map64.size; ++_i65)
+ {
+ String _key66; // required
+ Set<TSentryPrivilege> _val67; // required
+ _key66 = iprot.readString();
+ {
+ org.apache.thrift.protocol.TSet _set68 = iprot.readSetBegin();
+ _val67 = new HashSet<TSentryPrivilege>(2*_set68.size);
+ for (int _i69 = 0; _i69 < _set68.size; ++_i69)
+ {
+ TSentryPrivilege _elem70; // required
+ _elem70 = new TSentryPrivilege();
+ _elem70.read(iprot);
+ _val67.add(_elem70);
+ }
+ iprot.readSetEnd();
+ }
+ struct.privilegeMap.put(_key66, _val67);
+ }
+ iprot.readMapEnd();
+ }
+ struct.setPrivilegeMapIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ if (struct.privilegeMap != null) {
+ oprot.writeFieldBegin(PRIVILEGE_MAP_FIELD_DESC);
+ {
+ oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, struct.privilegeMap.size()));
+ for (Map.Entry<String, Set<TSentryPrivilege>> _iter71 : struct.privilegeMap.entrySet())
+ {
+ oprot.writeString(_iter71.getKey());
+ {
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, _iter71.getValue().size()));
+ for (TSentryPrivilege _iter72 : _iter71.getValue())
+ {
+ _iter72.write(oprot);
+ }
+ oprot.writeSetEnd();
+ }
+ }
+ oprot.writeMapEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class TSentryPrivilegeMapTupleSchemeFactory implements SchemeFactory {
+ public TSentryPrivilegeMapTupleScheme getScheme() {
+ return new TSentryPrivilegeMapTupleScheme();
+ }
+ }
+
+ private static class TSentryPrivilegeMapTupleScheme extends TupleScheme<TSentryPrivilegeMap> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ {
+ oprot.writeI32(struct.privilegeMap.size());
+ for (Map.Entry<String, Set<TSentryPrivilege>> _iter73 : struct.privilegeMap.entrySet())
+ {
+ oprot.writeString(_iter73.getKey());
+ {
+ oprot.writeI32(_iter73.getValue().size());
+ for (TSentryPrivilege _iter74 : _iter73.getValue())
+ {
+ _iter74.write(oprot);
+ }
+ }
+ }
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, TSentryPrivilegeMap struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ {
+ org.apache.thrift.protocol.TMap _map75 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRING, org.apache.thrift.protocol.TType.SET, iprot.readI32());
+ struct.privilegeMap = new HashMap<String,Set<TSentryPrivilege>>(2*_map75.size);
+ for (int _i76 = 0; _i76 < _map75.size; ++_i76)
+ {
+ String _key77; // required
+ Set<TSentryPrivilege> _val78; // required
+ _key77 = iprot.readString();
+ {
+ org.apache.thrift.protocol.TSet _set79 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
+ _val78 = new HashSet<TSentryPrivilege>(2*_set79.size);
+ for (int _i80 = 0; _i80 < _set79.size; ++_i80)
+ {
+ TSentryPrivilege _elem81; // required
+ _elem81 = new TSentryPrivilege();
+ _elem81.read(iprot);
+ _val78.add(_elem81);
+ }
+ }
+ struct.privilegeMap.put(_key77, _val78);
+ }
+ }
+ struct.setPrivilegeMapIsSet(true);
+ }
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 869b8e3..1bf3faf 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -31,6 +31,7 @@ import java.util.Properties;
import java.util.Set;
import java.util.UUID;
+import javax.jdo.FetchGroup;
import javax.jdo.JDODataStoreException;
import javax.jdo.JDOHelper;
import javax.jdo.PersistenceManager;
@@ -59,6 +60,7 @@ import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
+import org.apache.sentry.provider.db.service.thrift.TSentryPrivilegeMap;
import org.apache.sentry.provider.db.service.thrift.TSentryRole;
import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
@@ -68,10 +70,9 @@ import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import com.google.common.base.Strings;
-import com.google.common.collect.HashMultimap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
-import com.google.common.collect.SetMultimap;
+import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
/**
@@ -281,7 +282,12 @@ public class SentryStore {
// first do grant check
grantOptionCheck(pm, grantorPrincipal, privilege);
- alterSentryRoleGrantPrivilegeCore(pm, roleName, privilege);
+ MSentryPrivilege mPrivilege =
+ alterSentryRoleGrantPrivilegeCore(pm, roleName, privilege);
+ // capture the new privilege
+ if (mPrivilege != null) {
+ convertToTSentryPrivilege(mPrivilege, privilege);
+ }
CommitContext commit = commitUpdateTransaction(pm);
rollbackTransaction = false;
return commit;
@@ -292,9 +298,10 @@ public class SentryStore {
}
}
- private void alterSentryRoleGrantPrivilegeCore(PersistenceManager pm,
+ private MSentryPrivilege alterSentryRoleGrantPrivilegeCore(PersistenceManager pm,
String roleName, TSentryPrivilege privilege)
throws SentryNoSuchObjectException, SentryInvalidInputException {
+ MSentryPrivilege mPrivilege = null;
MSentryRole mRole = getMSentryRole(pm, roleName);
if (mRole == null) {
throw new SentryNoSuchObjectException("Role: " + roleName);
@@ -324,12 +331,12 @@ public class SentryStore {
tAll.setAction(AccessConstants.ALL);
MSentryPrivilege mAll = getMSentryPrivilege(tAll, pm);
if ((mAll != null) && (mRole.getPrivileges().contains(mAll))) {
- return;
+ return null;
}
}
}
- MSentryPrivilege mPrivilege = getMSentryPrivilege(privilege, pm);
+ mPrivilege = getMSentryPrivilege(privilege, pm);
if (mPrivilege == null) {
mPrivilege = convertToMSentryPrivilege(privilege);
}
@@ -337,7 +344,7 @@ public class SentryStore {
pm.makePersistent(mRole);
pm.makePersistent(mPrivilege);
}
- return;
+ return mPrivilege;
}
public CommitContext alterSentryRoleRevokePrivilege(String grantorPrincipal, String roleName,
@@ -754,6 +761,93 @@ public class SentryStore {
}
}
+ List<MSentryPrivilege> getMSentryPrivilegesByAuth(Set<String> roleNames, TSentryAuthorizable authHierarchy) {
+ boolean rollbackTransaction = true;
+ PersistenceManager pm = null;
+ try {
+ pm = openTransaction();
+ Query query = pm.newQuery(MSentryPrivilege.class);
+ StringBuilder filters = new StringBuilder();
+ if ((roleNames.size() == 0)||(roleNames == null)) {
+ filters.append(" !roles.isEmpty() ");
+ } else {
+ query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
+ List<String> rolesFiler = new LinkedList<String>();
+ for (String rName : roleNames) {
+ rolesFiler.add("role.roleName == \"" + rName.trim().toLowerCase() + "\"");
+ }
+ filters.append("roles.contains(role) "
+ + "&& (" + Joiner.on(" || ").join(rolesFiler) + ") ");
+ }
+ if ((authHierarchy.getServer() != null)) {
+ filters.append("&& serverName == \"" +
+ authHierarchy.getServer().toLowerCase() + "\"");
+ if (authHierarchy.getDb() != null) {
+ filters.append(" && (dbName == \"" +
+ authHierarchy.getDb().toLowerCase() + "\") && (URI == \"__NULL__\")");
+ if (authHierarchy.getTable() != null) {
+ filters.append(" && (tableName == \"" +
+ authHierarchy.getTable().toLowerCase() + "\")");
+ } else {
+ filters.append(" && (tableName == \"__NULL__\")");
+ }
+ } else if (authHierarchy.getUri() != null) {
+ filters.append(" && (URI != \"__NULL__\") && (\"" + authHierarchy.getUri() +
+ "\".startsWith(URI)) && (dbName == \"__NULL__\")");
+ } else {
+ filters.append(" && (dbName == \"__NULL__\") && (URI == \"__NULL__\")");
+ }
+ } else {
+ // if no server, then return empty resultset
+ return new ArrayList<MSentryPrivilege>();
+ }
+ FetchGroup grp = pm.getFetchGroup(
+ org.apache.sentry.provider.db.service.model.MSentryPrivilege.class,
+ "fetchRole");
+ grp.addMember("roles");
+ pm.getFetchPlan().addGroup("fetchRole");
+ query.setFilter(filters.toString());
+ List<MSentryPrivilege> privileges = (List<MSentryPrivilege>) query.execute();
+ rollbackTransaction = false;
+ commitTransaction(pm);
+ return privileges;
+ } finally {
+ if (rollbackTransaction) {
+ rollbackTransaction(pm);
+ }
+ }
+ }
+
+ public TSentryPrivilegeMap listSentryPrivilegesByAuthorizable(
+ Set<String> groups, TSentryActiveRoleSet activeRoles,
+ TSentryAuthorizable authHierarchy)
+ throws SentryInvalidInputException {
+ Map<String, Set<TSentryPrivilege>> resultPrivilegeMap = Maps.newTreeMap();
+ Set<String> roles = Sets.newHashSet();
+ if (groups != null && !groups.isEmpty()) {
+ roles = getRolesToQuery(groups, new TSentryActiveRoleSet(true, null));
+ }
+ if (activeRoles != null && !activeRoles.isAll()) {
+ roles.addAll(activeRoles.getRoles());
+ }
+
+ List<MSentryPrivilege> mSentryPrivileges = getMSentryPrivilegesByAuth(roles,
+ authHierarchy);
+ for (MSentryPrivilege priv : mSentryPrivileges) {
+ for (MSentryRole role : priv.getRoles()) {
+ TSentryPrivilege tPriv = convertToTSentryPrivilege(priv);
+ if (resultPrivilegeMap.containsKey(role.getRoleName())) {
+ resultPrivilegeMap.get(role.getRoleName()).add(tPriv);
+ } else {
+ Set<TSentryPrivilege> tPrivSet = Sets.newTreeSet();
+ tPrivSet.add(tPriv);
+ resultPrivilegeMap.put(role.getRoleName(), tPrivSet);
+ }
+ }
+ }
+ return new TSentryPrivilegeMap(resultPrivilegeMap);
+ }
+
private Set<MSentryPrivilege> getMSentryPrivilegesByRoleName(String roleName)
throws SentryNoSuchObjectException {
MSentryRole mSentryRole = getMSentryRoleByName(roleName);
@@ -1017,6 +1111,12 @@ public class SentryStore {
private TSentryPrivilege convertToTSentryPrivilege(MSentryPrivilege mSentryPrivilege) {
TSentryPrivilege privilege = new TSentryPrivilege();
+ convertToTSentryPrivilege(mSentryPrivilege, privilege);
+ return privilege;
+ }
+
+ private void convertToTSentryPrivilege(MSentryPrivilege mSentryPrivilege,
+ TSentryPrivilege privilege) {
privilege.setCreateTime(mSentryPrivilege.getCreateTime());
privilege.setAction(fromNULLCol(mSentryPrivilege.getAction()));
privilege.setPrivilegeScope(mSentryPrivilege.getPrivilegeScope());
@@ -1029,7 +1129,6 @@ public class SentryStore {
} else {
privilege.setGrantOption(TSentryGrantOption.UNSET);
}
- return privilege;
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
index 5d97dc1..0668912 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
@@ -53,6 +53,7 @@ import org.apache.thrift.transport.TTransportException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
@@ -276,17 +277,17 @@ public class SentryPolicyServiceClient {
return listRolesByGroupName(requestorUserName, AccessConstants.ALL);
}
- public void grantURIPrivilege(String requestorUserName,
+ public TSentryPrivilege grantURIPrivilege(String requestorUserName,
String roleName, String server, String uri)
throws SentryUserException {
- grantPrivilege(requestorUserName, roleName,
+ return grantPrivilege(requestorUserName, roleName,
PrivilegeScope.URI, server, uri, null, null, AccessConstants.ALL);
}
- public void grantURIPrivilege(String requestorUserName,
+ public TSentryPrivilege grantURIPrivilege(String requestorUserName,
String roleName, String server, String uri, Boolean grantOption)
throws SentryUserException {
- grantPrivilege(requestorUserName, roleName,
+ return grantPrivilege(requestorUserName, roleName,
PrivilegeScope.URI, server, uri, null, null, AccessConstants.ALL, grantOption);
}
@@ -297,43 +298,44 @@ public class SentryPolicyServiceClient {
PrivilegeScope.SERVER, server, null, null, null, action);
}
- public void grantServerPrivilege(String requestorUserName,
+ public TSentryPrivilege grantServerPrivilege(String requestorUserName,
String roleName, String server, String action, Boolean grantOption)
throws SentryUserException {
- grantPrivilege(requestorUserName, roleName,
+ return grantPrivilege(requestorUserName, roleName,
PrivilegeScope.SERVER, server, null, null, null, action, grantOption);
}
- public void grantDatabasePrivilege(String requestorUserName,
+ public TSentryPrivilege grantDatabasePrivilege(String requestorUserName,
String roleName, String server, String db, String action)
throws SentryUserException {
- grantPrivilege(requestorUserName, roleName,
+ return grantPrivilege(requestorUserName, roleName,
PrivilegeScope.DATABASE, server, null, db, null, action);
}
- public void grantDatabasePrivilege(String requestorUserName,
+ public TSentryPrivilege grantDatabasePrivilege(String requestorUserName,
String roleName, String server, String db, String action, Boolean grantOption)
throws SentryUserException {
- grantPrivilege(requestorUserName, roleName,
+ return grantPrivilege(requestorUserName, roleName,
PrivilegeScope.DATABASE, server, null, db, null, action, grantOption);
}
- public void grantTablePrivilege(String requestorUserName,
+ public TSentryPrivilege grantTablePrivilege(String requestorUserName,
String roleName, String server, String db, String table, String action)
throws SentryUserException {
- grantPrivilege(requestorUserName, roleName, PrivilegeScope.TABLE, server,
- null,
- db, table, action);
+ return grantPrivilege(requestorUserName, roleName, PrivilegeScope.TABLE,
+ server, null, db, table, action);
}
- public void grantTablePrivilege(String requestorUserName,
+ public TSentryPrivilege grantTablePrivilege(String requestorUserName,
String roleName, String server, String db, String table, String action, Boolean grantOption)
throws SentryUserException {
- grantPrivilege(requestorUserName, roleName, PrivilegeScope.TABLE, server,
+ return grantPrivilege(requestorUserName, roleName, PrivilegeScope.TABLE,
+ server,
null, db, table, action, grantOption);
}
- private TSentryAuthorizable setupSentryAuthorizable(
+ @VisibleForTesting
+ public static TSentryAuthorizable setupSentryAuthorizable(
List<? extends Authorizable> authorizable) {
TSentryAuthorizable tSentryAuthorizable = new TSentryAuthorizable();
@@ -355,14 +357,15 @@ public class SentryPolicyServiceClient {
return tSentryAuthorizable;
}
- private void grantPrivilege(String requestorUserName, String roleName,
+ private TSentryPrivilege grantPrivilege(String requestorUserName,
+ String roleName,
PrivilegeScope scope, String serverName, String uri, String db,
String table, String action) throws SentryUserException {
- grantPrivilege(requestorUserName, roleName, scope, serverName, uri,
+ return grantPrivilege(requestorUserName, roleName, scope, serverName, uri,
db, table, action, false);
}
- private void grantPrivilege(String requestorUserName,
+ private TSentryPrivilege grantPrivilege(String requestorUserName,
String roleName, PrivilegeScope scope, String serverName, String uri, String db, String table, String action, Boolean grantOption)
throws SentryUserException {
TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
@@ -382,6 +385,7 @@ public class SentryPolicyServiceClient {
try {
TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request);
Status.throwIfNotOk(response.getStatus());
+ return response.getPrivilege();
} catch (TException e) {
throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
}
@@ -569,6 +573,33 @@ TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName,
}
}
+ public synchronized Map<TSentryAuthorizable, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(
+ Set<List<? extends Authorizable>> authorizables, Set<String> groups, ActiveRoleSet roleSet)
+ throws SentryUserException {
+ Set<TSentryAuthorizable> authSet = Sets.newTreeSet();
+
+ for (List<? extends Authorizable> authorizableHierarchy : authorizables) {
+ authSet.add(setupSentryAuthorizable(authorizableHierarchy));
+ }
+ TListSentryPrivilegesByAuthRequest request = new TListSentryPrivilegesByAuthRequest(
+ ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT, authSet);
+ if (groups != null) {
+ request.setGroups(groups);
+ }
+ if (roleSet != null) {
+ request.setRoleSet(new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles()));
+ }
+
+ try {
+ TListSentryPrivilegesByAuthResponse response = client
+ .list_sentry_privileges_by_authorizable(request);
+ Status.throwIfNotOk(response.getStatus());
+ return response.getPrivilegesMapByAuth();
+ } catch (TException e) {
+ throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
+ }
+ }
+
public void close() {
if (transport != null) {
transport.close();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
index b05d71b..e3cdfc2 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
@@ -22,6 +22,7 @@ import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.util.HashSet;
import java.util.List;
+import java.util.Map;
import java.util.Set;
import org.apache.hadoop.conf.Configuration;
@@ -49,6 +50,7 @@ import com.google.common.base.Preconditions;
import com.google.common.base.Splitter;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
+import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
@SuppressWarnings("unused")
@@ -180,6 +182,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
CommitContext commitContext = sentryStore.alterSentryRoleGrantPrivilege(request.getRequestorUserName(),
request.getRoleName(), request.getPrivilege());
response.setStatus(Status.OK());
+ response.setPrivilege(request.getPrivilege());
notificationHandlerInvoker.alter_sentry_role_grant_privilege(commitContext,
request, response);
} catch (SentryNoSuchObjectException e) {
@@ -529,4 +532,26 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
return response;
}
+ @Override
+ public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(
+ TListSentryPrivilegesByAuthRequest request) throws TException {
+ TListSentryPrivilegesByAuthResponse response = new TListSentryPrivilegesByAuthResponse();
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> authRoleMap = Maps.newHashMap();
+ try {
+ for (TSentryAuthorizable authorizable : request.getAuthorizableSet()) {
+ authRoleMap.put(authorizable, sentryStore
+ .listSentryPrivilegesByAuthorizable(request.getGroups(),
+ request.getRoleSet(), authorizable));
+ }
+ response.setPrivilegesMapByAuth(authRoleMap);
+ response.setStatus(Status.OK());
+ } catch (Exception e) {
+ String msg = "Unknown error for request: " + request + ", message: "
+ + e.getMessage();
+ LOGGER.error(msg, e);
+ response.setStatus(Status.RuntimeError(msg, e));
+ }
+ return response;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
index d215ffe..d8357aa 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
@@ -108,6 +108,7 @@ struct TAlterSentryRoleGrantPrivilegeRequest {
}
struct TAlterSentryRoleGrantPrivilegeResponse {
1: required sentry_common_service.TSentryResponseStatus status
+2: optional TSentryPrivilege privilege
}
# REVOKE ... ON ... FROM ROLE ...
@@ -198,6 +199,22 @@ struct TListSentryPrivilegesForProviderResponse {
2: required set<string> privileges
}
+# List role:set<privileges> for the given authorizable
+# Optionally use the set of groups to filter the roles
+struct TSentryPrivilegeMap {
+1: required map<string, set<TSentryPrivilege>> privilegeMap
+}
+struct TListSentryPrivilegesByAuthRequest {
+1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
+2: required set<TSentryAuthorizable> authorizableSet,
+3: optional set<string> groups,
+4: optional TSentryActiveRoleSet roleSet
+}
+struct TListSentryPrivilegesByAuthResponse {
+1: required sentry_common_service.TSentryResponseStatus status,
+2: required map<TSentryAuthorizable, TSentryPrivilegeMap> privilegesMapByAuth
+}
+
service SentryPolicyService
{
TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
@@ -219,4 +236,6 @@ service SentryPolicyService
TDropPrivilegesResponse drop_sentry_privilege(1:TDropPrivilegesRequest request);
TRenamePrivilegesResponse rename_sentry_privilege(1:TRenamePrivilegesRequest request);
+
+ TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(1:TListSentryPrivilegesByAuthRequest request);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
index 5244094..38cb39b 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
@@ -21,12 +21,23 @@ package org.apache.sentry.provider.db.service.thrift;
import static junit.framework.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
+import java.util.List;
+import java.util.Map;
import java.util.Set;
+import java.util.TreeMap;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.model.db.AccessConstants;
+import org.apache.sentry.core.model.db.AccessURI;
+import org.apache.sentry.core.model.db.Database;
+import org.apache.sentry.core.model.db.Server;
+import org.apache.sentry.core.model.db.Table;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.junit.Test;
+import com.google.common.collect.Lists;
+import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
@@ -287,4 +298,216 @@ public class TestSentryServiceIntegration extends SentryServiceIntegrationBase {
client.revokeTablePrivilege(requestorUserName, roleName, "server", "db1", "table1", "ALL", null);
assertEquals(0, client.listAllPrivilegesByRoleName(requestorUserName, roleName).size());
}
+
+ @Test
+ public void testListByAuthDB() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ String roleName1 = "role1";
+ String roleName2 = "role2";
+ Set<String> testRoleSet = Sets.newHashSet(roleName1, roleName2);
+ String group1 = "group1";
+ String group2 = "group2";
+ Set<String> testGroupSet = Sets.newHashSet(group1, group2);
+ String server = "server1";
+ String db = "testDB";
+ String db2 = "testDB2";
+ String tab = "testTab";
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+
+ client.dropRoleIfExists(requestorUserName, roleName1);
+ client.createRole(requestorUserName, roleName1);
+ client.dropRoleIfExists(requestorUserName, roleName2);
+ client.createRole(requestorUserName, roleName2);
+
+ TSentryPrivilege role1db1 = client.grantDatabasePrivilege(
+ requestorUserName, roleName1, server, db, AccessConstants.SELECT);
+ client.grantTablePrivilege(requestorUserName, roleName1, server, db, tab,
+ AccessConstants.ALL);
+ client.grantTablePrivilege(requestorUserName, roleName1, server, db2, tab,
+ AccessConstants.SELECT);
+ client.grantURIPrivilege(requestorUserName, roleName1, server, "hdfs:///fooUri");
+ client.grantRoleToGroup(requestorUserName, group1, roleName1);
+
+ TSentryPrivilege role2db1 = client.grantDatabasePrivilege(
+ requestorUserName, roleName2, server, db,
+ AccessConstants.ALL);
+ client.grantDatabasePrivilege(requestorUserName, roleName2, server, db2,
+ AccessConstants.SELECT);
+ client.grantTablePrivilege(requestorUserName, roleName2, server, db2, tab,
+ AccessConstants.ALL);
+ client.grantRoleToGroup(requestorUserName, group2, roleName2);
+
+ // build expected output
+ TSentryPrivilegeMap db1RoleToPrivMap = new TSentryPrivilegeMap(
+ new TreeMap<String, Set<TSentryPrivilege>>());
+ db1RoleToPrivMap.getPrivilegeMap()
+ .put(roleName1, Sets.newHashSet(role1db1));
+ db1RoleToPrivMap.getPrivilegeMap()
+ .put(roleName2, Sets.newHashSet(role2db1));
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> expectedResults = Maps
+ .newTreeMap();
+ List<? extends Authorizable> db1Authrizable = Lists.newArrayList(
+ new Server(server), new Database(db));
+ expectedResults.put(
+ SentryPolicyServiceClient.setupSentryAuthorizable(db1Authrizable),
+ db1RoleToPrivMap);
+
+ Set<List<? extends Authorizable>> authorizableSet = Sets.newHashSet();
+ authorizableSet.add(db1Authrizable);
+
+ // verify for null group and null roleset
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> authPrivMap = client
+ .listPrivilegsbyAuthorizable(authorizableSet, null, null);
+ assertEquals(expectedResults, authPrivMap);
+
+ // verify for null group and specific roleset
+ authPrivMap = client.listPrivilegsbyAuthorizable(authorizableSet, null,
+ new ActiveRoleSet(testRoleSet));
+ assertEquals(expectedResults, authPrivMap);
+
+ // verify for null group and specific roleset
+ authPrivMap = client.listPrivilegsbyAuthorizable(authorizableSet, null,
+ ActiveRoleSet.ALL);
+ assertEquals(expectedResults, authPrivMap);
+
+ // verify for specific group and null roleset
+ authPrivMap = client.listPrivilegsbyAuthorizable(authorizableSet,
+ testGroupSet, null);
+ assertEquals(expectedResults, authPrivMap);
+
+ // verify for specific group and specific roleset
+ authPrivMap = client.listPrivilegsbyAuthorizable(authorizableSet,
+ testGroupSet, new ActiveRoleSet(testRoleSet));
+ assertEquals(expectedResults, authPrivMap);
+
+ // verify for specific group and ALL roleset
+ authPrivMap = client.listPrivilegsbyAuthorizable(authorizableSet,
+ testGroupSet, ActiveRoleSet.ALL);
+ assertEquals(expectedResults, authPrivMap);
+ }
+
+ @Test
+ public void testListByAuthTab() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ String roleName1 = "role1";
+ String roleName2 = "role2";
+ String server = "server1";
+ String db = "testDB";
+ String db2 = "testDB2";
+ String tab = "testTab";
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+
+ client.dropRoleIfExists(requestorUserName, roleName1);
+ client.createRole(requestorUserName, roleName1);
+ client.dropRoleIfExists(requestorUserName, roleName2);
+ client.createRole(requestorUserName, roleName2);
+
+ client.grantDatabasePrivilege(
+ requestorUserName, roleName1, server, db, AccessConstants.SELECT);
+ client.grantTablePrivilege(requestorUserName, roleName1, server, db, tab,
+ AccessConstants.ALL);
+ TSentryPrivilege role1db2tab = client.grantTablePrivilege(
+ requestorUserName, roleName1, server, db2, tab,
+ AccessConstants.SELECT);
+
+ client.grantDatabasePrivilege(
+ requestorUserName, roleName2, server, db,
+ AccessConstants.ALL);
+ client.grantDatabasePrivilege(requestorUserName, roleName2, server, db2,
+ AccessConstants.SELECT);
+ TSentryPrivilege role2db2tab = client.grantTablePrivilege(
+ requestorUserName, roleName2, server, db2, tab,
+ AccessConstants.ALL);
+ client.grantURIPrivilege(requestorUserName, roleName1, server,
+ "hdfs:///fooUri");
+
+ // build expected output
+ TSentryPrivilegeMap db1RoleToPrivMap = new TSentryPrivilegeMap(
+ new TreeMap<String, Set<TSentryPrivilege>>());
+ db1RoleToPrivMap.getPrivilegeMap()
+.put(roleName1,
+ Sets.newHashSet(role1db2tab));
+ db1RoleToPrivMap.getPrivilegeMap()
+.put(roleName2,
+ Sets.newHashSet(role2db2tab));
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> expectedResults = Maps
+ .newTreeMap();
+ List<? extends Authorizable> db2TabAuthrizable = Lists.newArrayList(
+ new Server(server), new Database(db2), new Table(tab));
+ expectedResults.put(
+ SentryPolicyServiceClient.setupSentryAuthorizable(db2TabAuthrizable),
+ db1RoleToPrivMap);
+
+ Set<List<? extends Authorizable>> authorizableSet = Sets.newHashSet();
+ authorizableSet.add(db2TabAuthrizable);
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> authPrivMap = client
+ .listPrivilegsbyAuthorizable(authorizableSet, null, null);
+
+ assertEquals(expectedResults, authPrivMap);
+ }
+
+ @Test
+ public void testListByAuthUri() throws Exception {
+ String requestorUserName = ADMIN_USER;
+ Set<String> requestorUserGroupNames = Sets.newHashSet(ADMIN_GROUP);
+ String roleName1 = "role1";
+ String roleName2 = "role2";
+ String server = "server1";
+ String db = "testDB";
+ String db2 = "testDB2";
+ String tab = "testTab";
+ String uri1 = "hdfs:///fooUri";
+ setLocalGroupMapping(requestorUserName, requestorUserGroupNames);
+ writePolicyFile();
+
+ client.dropRoleIfExists(requestorUserName, roleName1);
+ client.createRole(requestorUserName, roleName1);
+ client.dropRoleIfExists(requestorUserName, roleName2);
+ client.createRole(requestorUserName, roleName2);
+
+ client.grantDatabasePrivilege(requestorUserName, roleName1, server, db,
+ AccessConstants.SELECT);
+ client.grantTablePrivilege(requestorUserName, roleName1, server, db, tab,
+ AccessConstants.ALL);
+ client.grantTablePrivilege(requestorUserName, roleName1, server, db2, tab,
+ AccessConstants.SELECT);
+ TSentryPrivilege role1uri1 = client.grantURIPrivilege(requestorUserName,
+ roleName1, server, uri1);
+
+ client.grantDatabasePrivilege(requestorUserName, roleName2, server, db,
+ AccessConstants.ALL);
+ client.grantDatabasePrivilege(requestorUserName, roleName2, server, db2,
+ AccessConstants.SELECT);
+ client.grantTablePrivilege(requestorUserName, roleName2, server, db2, tab,
+ AccessConstants.ALL);
+ TSentryPrivilege role2uri2 = client.grantURIPrivilege(requestorUserName,
+ roleName2, server, uri1);
+
+ // build expected output
+ TSentryPrivilegeMap db1RoleToPrivMap = new TSentryPrivilegeMap(
+ new TreeMap<String, Set<TSentryPrivilege>>());
+ db1RoleToPrivMap.getPrivilegeMap().put(roleName1,
+ Sets.newHashSet(role1uri1));
+ db1RoleToPrivMap.getPrivilegeMap().put(roleName2,
+ Sets.newHashSet(role2uri2));
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> expectedResults = Maps
+ .newTreeMap();
+ List<? extends Authorizable> uri1Authrizable = Lists.newArrayList(
+ new Server(server), new AccessURI(uri1));
+ expectedResults.put(
+ SentryPolicyServiceClient.setupSentryAuthorizable(uri1Authrizable),
+ db1RoleToPrivMap);
+
+ Set<List<? extends Authorizable>> authorizableSet = Sets.newHashSet();
+ authorizableSet.add(uri1Authrizable);
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> authPrivMap = client
+ .listPrivilegsbyAuthorizable(authorizableSet, null, null);
+
+ assertEquals(expectedResults, authPrivMap);
+ }
+
}
[2/2] git commit: SENTRY-359: Support Sentry service API to retrieve
applicable privileges for a given authorizable object (Prasad Mujumdar via
Arun and Sravya)
Posted by sr...@apache.org.
SENTRY-359: Support Sentry service API to retrieve applicable privileges for a given authorizable object (Prasad Mujumdar via Arun and Sravya)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/fa5f81c7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/fa5f81c7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/fa5f81c7
Branch: refs/heads/master
Commit: fa5f81c7734f8af8e1bdc669d6cbe2e5951e2bac
Parents: d1d2fd3
Author: Sravya Tirukkovalur <sr...@clouera.com>
Authored: Wed Sep 17 16:00:24 2014 -0700
Committer: Sravya Tirukkovalur <sr...@clouera.com>
Committed: Wed Sep 17 16:00:24 2014 -0700
----------------------------------------------------------------------
.../db/service/thrift/SentryPolicyService.java | 806 ++++++++++++++++++
.../TAlterSentryRoleGrantPrivilegeResponse.java | 117 ++-
.../TListSentryPrivilegesByAuthRequest.java | 813 +++++++++++++++++++
.../TListSentryPrivilegesByAuthResponse.java | 558 +++++++++++++
.../db/service/thrift/TSentryPrivilegeMap.java | 486 +++++++++++
.../db/service/persistent/SentryStore.java | 115 ++-
.../thrift/SentryPolicyServiceClient.java | 71 +-
.../thrift/SentryPolicyStoreProcessor.java | 25 +
.../main/resources/sentry_policy_service.thrift | 19 +
.../thrift/TestSentryServiceIntegration.java | 223 +++++
10 files changed, 3204 insertions(+), 29 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
index 8a006aa..d112871 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
@@ -57,6 +57,8 @@ public class SentryPolicyService {
public TRenamePrivilegesResponse rename_sentry_privilege(TRenamePrivilegesRequest request) throws org.apache.thrift.TException;
+ public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException;
+
}
public interface AsyncIface {
@@ -83,6 +85,8 @@ public class SentryPolicyService {
public void rename_sentry_privilege(TRenamePrivilegesRequest request, org.apache.thrift.async.AsyncMethodCallback<AsyncClient.rename_sentry_privilege_call> resultHandler) throws org.apache.thrift.TException;
+ public void list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback<AsyncClient.list_sentry_privileges_by_authorizable_call> resultHandler) throws org.apache.thrift.TException;
+
}
public static class Client extends org.apache.thrift.TServiceClient implements Iface {
@@ -358,6 +362,29 @@ public class SentryPolicyService {
throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "rename_sentry_privilege failed: unknown result");
}
+ public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException
+ {
+ send_list_sentry_privileges_by_authorizable(request);
+ return recv_list_sentry_privileges_by_authorizable();
+ }
+
+ public void send_list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException
+ {
+ list_sentry_privileges_by_authorizable_args args = new list_sentry_privileges_by_authorizable_args();
+ args.setRequest(request);
+ sendBase("list_sentry_privileges_by_authorizable", args);
+ }
+
+ public TListSentryPrivilegesByAuthResponse recv_list_sentry_privileges_by_authorizable() throws org.apache.thrift.TException
+ {
+ list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
+ receiveBase(result, "list_sentry_privileges_by_authorizable");
+ if (result.isSetSuccess()) {
+ return result.success;
+ }
+ throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_by_authorizable failed: unknown result");
+ }
+
}
public static class AsyncClient extends org.apache.thrift.async.TAsyncClient implements AsyncIface {
public static class Factory implements org.apache.thrift.async.TAsyncClientFactory<AsyncClient> {
@@ -728,6 +755,38 @@ public class SentryPolicyService {
}
}
+ public void list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback<list_sentry_privileges_by_authorizable_call> resultHandler) throws org.apache.thrift.TException {
+ checkReady();
+ list_sentry_privileges_by_authorizable_call method_call = new list_sentry_privileges_by_authorizable_call(request, resultHandler, this, ___protocolFactory, ___transport);
+ this.___currentMethod = method_call;
+ ___manager.call(method_call);
+ }
+
+ public static class list_sentry_privileges_by_authorizable_call extends org.apache.thrift.async.TAsyncMethodCall {
+ private TListSentryPrivilegesByAuthRequest request;
+ public list_sentry_privileges_by_authorizable_call(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback<list_sentry_privileges_by_authorizable_call> resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
+ super(client, protocolFactory, transport, resultHandler, false);
+ this.request = request;
+ }
+
+ public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
+ prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_by_authorizable", org.apache.thrift.protocol.TMessageType.CALL, 0));
+ list_sentry_privileges_by_authorizable_args args = new list_sentry_privileges_by_authorizable_args();
+ args.setRequest(request);
+ args.write(prot);
+ prot.writeMessageEnd();
+ }
+
+ public TListSentryPrivilegesByAuthResponse getResult() throws org.apache.thrift.TException {
+ if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
+ throw new IllegalStateException("Method call not finished!");
+ }
+ org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
+ org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
+ return (new Client(prot)).recv_list_sentry_privileges_by_authorizable();
+ }
+ }
+
}
public static class Processor<I extends Iface> extends org.apache.thrift.TBaseProcessor<I> implements org.apache.thrift.TProcessor {
@@ -752,6 +811,7 @@ public class SentryPolicyService {
processMap.put("list_sentry_privileges_for_provider", new list_sentry_privileges_for_provider());
processMap.put("drop_sentry_privilege", new drop_sentry_privilege());
processMap.put("rename_sentry_privilege", new rename_sentry_privilege());
+ processMap.put("list_sentry_privileges_by_authorizable", new list_sentry_privileges_by_authorizable());
return processMap;
}
@@ -975,6 +1035,26 @@ public class SentryPolicyService {
}
}
+ public static class list_sentry_privileges_by_authorizable<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_by_authorizable_args> {
+ public list_sentry_privileges_by_authorizable() {
+ super("list_sentry_privileges_by_authorizable");
+ }
+
+ public list_sentry_privileges_by_authorizable_args getEmptyArgsInstance() {
+ return new list_sentry_privileges_by_authorizable_args();
+ }
+
+ protected boolean isOneway() {
+ return false;
+ }
+
+ public list_sentry_privileges_by_authorizable_result getResult(I iface, list_sentry_privileges_by_authorizable_args args) throws org.apache.thrift.TException {
+ list_sentry_privileges_by_authorizable_result result = new list_sentry_privileges_by_authorizable_result();
+ result.success = iface.list_sentry_privileges_by_authorizable(args.request);
+ return result;
+ }
+ }
+
}
public static class create_sentry_role_args implements org.apache.thrift.TBase<create_sentry_role_args, create_sentry_role_args._Fields>, java.io.Serializable, Cloneable {
@@ -8963,4 +9043,730 @@ public class SentryPolicyService {
}
+ public static class list_sentry_privileges_by_authorizable_args implements org.apache.thrift.TBase<list_sentry_privileges_by_authorizable_args, list_sentry_privileges_by_authorizable_args._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("list_sentry_privileges_by_authorizable_args");
+
+ private static final org.apache.thrift.protocol.TField REQUEST_FIELD_DESC = new org.apache.thrift.protocol.TField("request", org.apache.thrift.protocol.TType.STRUCT, (short)1);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new list_sentry_privileges_by_authorizable_argsStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new list_sentry_privileges_by_authorizable_argsTupleSchemeFactory());
+ }
+
+ private TListSentryPrivilegesByAuthRequest request; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ REQUEST((short)1, "request");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // REQUEST
+ return REQUEST;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.REQUEST, new org.apache.thrift.meta_data.FieldMetaData("request", org.apache.thrift.TFieldRequirementType.DEFAULT,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TListSentryPrivilegesByAuthRequest.class)));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(list_sentry_privileges_by_authorizable_args.class, metaDataMap);
+ }
+
+ public list_sentry_privileges_by_authorizable_args() {
+ }
+
+ public list_sentry_privileges_by_authorizable_args(
+ TListSentryPrivilegesByAuthRequest request)
+ {
+ this();
+ this.request = request;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public list_sentry_privileges_by_authorizable_args(list_sentry_privileges_by_authorizable_args other) {
+ if (other.isSetRequest()) {
+ this.request = new TListSentryPrivilegesByAuthRequest(other.request);
+ }
+ }
+
+ public list_sentry_privileges_by_authorizable_args deepCopy() {
+ return new list_sentry_privileges_by_authorizable_args(this);
+ }
+
+ @Override
+ public void clear() {
+ this.request = null;
+ }
+
+ public TListSentryPrivilegesByAuthRequest getRequest() {
+ return this.request;
+ }
+
+ public void setRequest(TListSentryPrivilegesByAuthRequest request) {
+ this.request = request;
+ }
+
+ public void unsetRequest() {
+ this.request = null;
+ }
+
+ /** Returns true if field request is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequest() {
+ return this.request != null;
+ }
+
+ public void setRequestIsSet(boolean value) {
+ if (!value) {
+ this.request = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case REQUEST:
+ if (value == null) {
+ unsetRequest();
+ } else {
+ setRequest((TListSentryPrivilegesByAuthRequest)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case REQUEST:
+ return getRequest();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case REQUEST:
+ return isSetRequest();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof list_sentry_privileges_by_authorizable_args)
+ return this.equals((list_sentry_privileges_by_authorizable_args)that);
+ return false;
+ }
+
+ public boolean equals(list_sentry_privileges_by_authorizable_args that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_request = true && this.isSetRequest();
+ boolean that_present_request = true && that.isSetRequest();
+ if (this_present_request || that_present_request) {
+ if (!(this_present_request && that_present_request))
+ return false;
+ if (!this.request.equals(that.request))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_request = true && (isSetRequest());
+ builder.append(present_request);
+ if (present_request)
+ builder.append(request);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(list_sentry_privileges_by_authorizable_args other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ list_sentry_privileges_by_authorizable_args typedOther = (list_sentry_privileges_by_authorizable_args)other;
+
+ lastComparison = Boolean.valueOf(isSetRequest()).compareTo(typedOther.isSetRequest());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetRequest()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.request, typedOther.request);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("list_sentry_privileges_by_authorizable_args(");
+ boolean first = true;
+
+ sb.append("request:");
+ if (this.request == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.request);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ // check for sub-struct validity
+ if (request != null) {
+ request.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class list_sentry_privileges_by_authorizable_argsStandardSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_by_authorizable_argsStandardScheme getScheme() {
+ return new list_sentry_privileges_by_authorizable_argsStandardScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_by_authorizable_argsStandardScheme extends StandardScheme<list_sentry_privileges_by_authorizable_args> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, list_sentry_privileges_by_authorizable_args struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // REQUEST
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.request = new TListSentryPrivilegesByAuthRequest();
+ struct.request.read(iprot);
+ struct.setRequestIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, list_sentry_privileges_by_authorizable_args struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ if (struct.request != null) {
+ oprot.writeFieldBegin(REQUEST_FIELD_DESC);
+ struct.request.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class list_sentry_privileges_by_authorizable_argsTupleSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_by_authorizable_argsTupleScheme getScheme() {
+ return new list_sentry_privileges_by_authorizable_argsTupleScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_by_authorizable_argsTupleScheme extends TupleScheme<list_sentry_privileges_by_authorizable_args> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_args struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ BitSet optionals = new BitSet();
+ if (struct.isSetRequest()) {
+ optionals.set(0);
+ }
+ oprot.writeBitSet(optionals, 1);
+ if (struct.isSetRequest()) {
+ struct.request.write(oprot);
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_args struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ BitSet incoming = iprot.readBitSet(1);
+ if (incoming.get(0)) {
+ struct.request = new TListSentryPrivilegesByAuthRequest();
+ struct.request.read(iprot);
+ struct.setRequestIsSet(true);
+ }
+ }
+ }
+
+ }
+
+ public static class list_sentry_privileges_by_authorizable_result implements org.apache.thrift.TBase<list_sentry_privileges_by_authorizable_result, list_sentry_privileges_by_authorizable_result._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("list_sentry_privileges_by_authorizable_result");
+
+ private static final org.apache.thrift.protocol.TField SUCCESS_FIELD_DESC = new org.apache.thrift.protocol.TField("success", org.apache.thrift.protocol.TType.STRUCT, (short)0);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new list_sentry_privileges_by_authorizable_resultStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new list_sentry_privileges_by_authorizable_resultTupleSchemeFactory());
+ }
+
+ private TListSentryPrivilegesByAuthResponse success; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ SUCCESS((short)0, "success");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 0: // SUCCESS
+ return SUCCESS;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TListSentryPrivilegesByAuthResponse.class)));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(list_sentry_privileges_by_authorizable_result.class, metaDataMap);
+ }
+
+ public list_sentry_privileges_by_authorizable_result() {
+ }
+
+ public list_sentry_privileges_by_authorizable_result(
+ TListSentryPrivilegesByAuthResponse success)
+ {
+ this();
+ this.success = success;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public list_sentry_privileges_by_authorizable_result(list_sentry_privileges_by_authorizable_result other) {
+ if (other.isSetSuccess()) {
+ this.success = new TListSentryPrivilegesByAuthResponse(other.success);
+ }
+ }
+
+ public list_sentry_privileges_by_authorizable_result deepCopy() {
+ return new list_sentry_privileges_by_authorizable_result(this);
+ }
+
+ @Override
+ public void clear() {
+ this.success = null;
+ }
+
+ public TListSentryPrivilegesByAuthResponse getSuccess() {
+ return this.success;
+ }
+
+ public void setSuccess(TListSentryPrivilegesByAuthResponse success) {
+ this.success = success;
+ }
+
+ public void unsetSuccess() {
+ this.success = null;
+ }
+
+ /** Returns true if field success is set (has been assigned a value) and false otherwise */
+ public boolean isSetSuccess() {
+ return this.success != null;
+ }
+
+ public void setSuccessIsSet(boolean value) {
+ if (!value) {
+ this.success = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case SUCCESS:
+ if (value == null) {
+ unsetSuccess();
+ } else {
+ setSuccess((TListSentryPrivilegesByAuthResponse)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case SUCCESS:
+ return getSuccess();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case SUCCESS:
+ return isSetSuccess();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof list_sentry_privileges_by_authorizable_result)
+ return this.equals((list_sentry_privileges_by_authorizable_result)that);
+ return false;
+ }
+
+ public boolean equals(list_sentry_privileges_by_authorizable_result that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_success = true && this.isSetSuccess();
+ boolean that_present_success = true && that.isSetSuccess();
+ if (this_present_success || that_present_success) {
+ if (!(this_present_success && that_present_success))
+ return false;
+ if (!this.success.equals(that.success))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_success = true && (isSetSuccess());
+ builder.append(present_success);
+ if (present_success)
+ builder.append(success);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(list_sentry_privileges_by_authorizable_result other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ list_sentry_privileges_by_authorizable_result typedOther = (list_sentry_privileges_by_authorizable_result)other;
+
+ lastComparison = Boolean.valueOf(isSetSuccess()).compareTo(typedOther.isSetSuccess());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetSuccess()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.success, typedOther.success);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("list_sentry_privileges_by_authorizable_result(");
+ boolean first = true;
+
+ sb.append("success:");
+ if (this.success == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.success);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ // check for sub-struct validity
+ if (success != null) {
+ success.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class list_sentry_privileges_by_authorizable_resultStandardSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_by_authorizable_resultStandardScheme getScheme() {
+ return new list_sentry_privileges_by_authorizable_resultStandardScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_by_authorizable_resultStandardScheme extends StandardScheme<list_sentry_privileges_by_authorizable_result> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, list_sentry_privileges_by_authorizable_result struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 0: // SUCCESS
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.success = new TListSentryPrivilegesByAuthResponse();
+ struct.success.read(iprot);
+ struct.setSuccessIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, list_sentry_privileges_by_authorizable_result struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ if (struct.success != null) {
+ oprot.writeFieldBegin(SUCCESS_FIELD_DESC);
+ struct.success.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class list_sentry_privileges_by_authorizable_resultTupleSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_by_authorizable_resultTupleScheme getScheme() {
+ return new list_sentry_privileges_by_authorizable_resultTupleScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_by_authorizable_resultTupleScheme extends TupleScheme<list_sentry_privileges_by_authorizable_result> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_result struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ BitSet optionals = new BitSet();
+ if (struct.isSetSuccess()) {
+ optionals.set(0);
+ }
+ oprot.writeBitSet(optionals, 1);
+ if (struct.isSetSuccess()) {
+ struct.success.write(oprot);
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_result struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ BitSet incoming = iprot.readBitSet(1);
+ if (incoming.get(0)) {
+ struct.success = new TListSentryPrivilegesByAuthResponse();
+ struct.success.read(iprot);
+ struct.setSuccessIsSet(true);
+ }
+ }
+ }
+
+ }
+
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
index 05e9f95..5246889 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeResponse.java
@@ -35,6 +35,7 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TAlterSentryRoleGrantPrivilegeResponse");
private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
+ private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)2);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
static {
@@ -43,10 +44,12 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
}
private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
+ private TSentryPrivilege privilege; // optional
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
- STATUS((short)1, "status");
+ STATUS((short)1, "status"),
+ PRIVILEGE((short)2, "privilege");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -63,6 +66,8 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
switch(fieldId) {
case 1: // STATUS
return STATUS;
+ case 2: // PRIVILEGE
+ return PRIVILEGE;
default:
return null;
}
@@ -103,11 +108,14 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
}
// isset id assignments
+ private _Fields optionals[] = {_Fields.PRIVILEGE};
public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
static {
Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
+ tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
metaDataMap = Collections.unmodifiableMap(tmpMap);
org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleGrantPrivilegeResponse.class, metaDataMap);
}
@@ -129,6 +137,9 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
if (other.isSetStatus()) {
this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
}
+ if (other.isSetPrivilege()) {
+ this.privilege = new TSentryPrivilege(other.privilege);
+ }
}
public TAlterSentryRoleGrantPrivilegeResponse deepCopy() {
@@ -138,6 +149,7 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
@Override
public void clear() {
this.status = null;
+ this.privilege = null;
}
public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
@@ -163,6 +175,29 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
}
}
+ public TSentryPrivilege getPrivilege() {
+ return this.privilege;
+ }
+
+ public void setPrivilege(TSentryPrivilege privilege) {
+ this.privilege = privilege;
+ }
+
+ public void unsetPrivilege() {
+ this.privilege = null;
+ }
+
+ /** Returns true if field privilege is set (has been assigned a value) and false otherwise */
+ public boolean isSetPrivilege() {
+ return this.privilege != null;
+ }
+
+ public void setPrivilegeIsSet(boolean value) {
+ if (!value) {
+ this.privilege = null;
+ }
+ }
+
public void setFieldValue(_Fields field, Object value) {
switch (field) {
case STATUS:
@@ -173,6 +208,14 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
}
break;
+ case PRIVILEGE:
+ if (value == null) {
+ unsetPrivilege();
+ } else {
+ setPrivilege((TSentryPrivilege)value);
+ }
+ break;
+
}
}
@@ -181,6 +224,9 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
case STATUS:
return getStatus();
+ case PRIVILEGE:
+ return getPrivilege();
+
}
throw new IllegalStateException();
}
@@ -194,6 +240,8 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
switch (field) {
case STATUS:
return isSetStatus();
+ case PRIVILEGE:
+ return isSetPrivilege();
}
throw new IllegalStateException();
}
@@ -220,6 +268,15 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
return false;
}
+ boolean this_present_privilege = true && this.isSetPrivilege();
+ boolean that_present_privilege = true && that.isSetPrivilege();
+ if (this_present_privilege || that_present_privilege) {
+ if (!(this_present_privilege && that_present_privilege))
+ return false;
+ if (!this.privilege.equals(that.privilege))
+ return false;
+ }
+
return true;
}
@@ -232,6 +289,11 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
if (present_status)
builder.append(status);
+ boolean present_privilege = true && (isSetPrivilege());
+ builder.append(present_privilege);
+ if (present_privilege)
+ builder.append(privilege);
+
return builder.toHashCode();
}
@@ -253,6 +315,16 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
return lastComparison;
}
}
+ lastComparison = Boolean.valueOf(isSetPrivilege()).compareTo(typedOther.isSetPrivilege());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetPrivilege()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilege, typedOther.privilege);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
return 0;
}
@@ -280,6 +352,16 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
sb.append(this.status);
}
first = false;
+ if (isSetPrivilege()) {
+ if (!first) sb.append(", ");
+ sb.append("privilege:");
+ if (this.privilege == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.privilege);
+ }
+ first = false;
+ }
sb.append(")");
return sb.toString();
}
@@ -294,6 +376,9 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
if (status != null) {
status.validate();
}
+ if (privilege != null) {
+ privilege.validate();
+ }
}
private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
@@ -339,6 +424,15 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
+ case 2: // PRIVILEGE
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.privilege = new TSentryPrivilege();
+ struct.privilege.read(iprot);
+ struct.setPrivilegeIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
default:
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -357,6 +451,13 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
struct.status.write(oprot);
oprot.writeFieldEnd();
}
+ if (struct.privilege != null) {
+ if (struct.isSetPrivilege()) {
+ oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
+ struct.privilege.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ }
oprot.writeFieldStop();
oprot.writeStructEnd();
}
@@ -375,6 +476,14 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
public void write(org.apache.thrift.protocol.TProtocol prot, TAlterSentryRoleGrantPrivilegeResponse struct) throws org.apache.thrift.TException {
TTupleProtocol oprot = (TTupleProtocol) prot;
struct.status.write(oprot);
+ BitSet optionals = new BitSet();
+ if (struct.isSetPrivilege()) {
+ optionals.set(0);
+ }
+ oprot.writeBitSet(optionals, 1);
+ if (struct.isSetPrivilege()) {
+ struct.privilege.write(oprot);
+ }
}
@Override
@@ -383,6 +492,12 @@ public class TAlterSentryRoleGrantPrivilegeResponse implements org.apache.thrift
struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
struct.status.read(iprot);
struct.setStatusIsSet(true);
+ BitSet incoming = iprot.readBitSet(1);
+ if (incoming.get(0)) {
+ struct.privilege = new TSentryPrivilege();
+ struct.privilege.read(iprot);
+ struct.setPrivilegeIsSet(true);
+ }
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/fa5f81c7/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java
new file mode 100644
index 0000000..6f78641
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesByAuthRequest.java
@@ -0,0 +1,813 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TListSentryPrivilegesByAuthRequest implements org.apache.thrift.TBase<TListSentryPrivilegesByAuthRequest, TListSentryPrivilegesByAuthRequest._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthRequest");
+
+ private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
+ private static final org.apache.thrift.protocol.TField AUTHORIZABLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizableSet", org.apache.thrift.protocol.TType.SET, (short)2);
+ private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("roleSet", org.apache.thrift.protocol.TType.STRUCT, (short)4);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthRequestStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthRequestTupleSchemeFactory());
+ }
+
+ private int protocol_version; // required
+ private Set<TSentryAuthorizable> authorizableSet; // required
+ private Set<String> groups; // optional
+ private TSentryActiveRoleSet roleSet; // optional
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ PROTOCOL_VERSION((short)1, "protocol_version"),
+ AUTHORIZABLE_SET((short)2, "authorizableSet"),
+ GROUPS((short)3, "groups"),
+ ROLE_SET((short)4, "roleSet");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // PROTOCOL_VERSION
+ return PROTOCOL_VERSION;
+ case 2: // AUTHORIZABLE_SET
+ return AUTHORIZABLE_SET;
+ case 3: // GROUPS
+ return GROUPS;
+ case 4: // ROLE_SET
+ return ROLE_SET;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
+ private byte __isset_bitfield = 0;
+ private _Fields optionals[] = {_Fields.GROUPS,_Fields.ROLE_SET};
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+ tmpMap.put(_Fields.AUTHORIZABLE_SET, new org.apache.thrift.meta_data.FieldMetaData("authorizableSet", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class))));
+ tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_SET, new org.apache.thrift.meta_data.FieldMetaData("roleSet", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryActiveRoleSet.class)));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthRequest.class, metaDataMap);
+ }
+
+ public TListSentryPrivilegesByAuthRequest() {
+ this.protocol_version = 1;
+
+ }
+
+ public TListSentryPrivilegesByAuthRequest(
+ int protocol_version,
+ Set<TSentryAuthorizable> authorizableSet)
+ {
+ this();
+ this.protocol_version = protocol_version;
+ setProtocol_versionIsSet(true);
+ this.authorizableSet = authorizableSet;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public TListSentryPrivilegesByAuthRequest(TListSentryPrivilegesByAuthRequest other) {
+ __isset_bitfield = other.__isset_bitfield;
+ this.protocol_version = other.protocol_version;
+ if (other.isSetAuthorizableSet()) {
+ Set<TSentryAuthorizable> __this__authorizableSet = new HashSet<TSentryAuthorizable>();
+ for (TSentryAuthorizable other_element : other.authorizableSet) {
+ __this__authorizableSet.add(new TSentryAuthorizable(other_element));
+ }
+ this.authorizableSet = __this__authorizableSet;
+ }
+ if (other.isSetGroups()) {
+ Set<String> __this__groups = new HashSet<String>();
+ for (String other_element : other.groups) {
+ __this__groups.add(other_element);
+ }
+ this.groups = __this__groups;
+ }
+ if (other.isSetRoleSet()) {
+ this.roleSet = new TSentryActiveRoleSet(other.roleSet);
+ }
+ }
+
+ public TListSentryPrivilegesByAuthRequest deepCopy() {
+ return new TListSentryPrivilegesByAuthRequest(this);
+ }
+
+ @Override
+ public void clear() {
+ this.protocol_version = 1;
+
+ this.authorizableSet = null;
+ this.groups = null;
+ this.roleSet = null;
+ }
+
+ public int getProtocol_version() {
+ return this.protocol_version;
+ }
+
+ public void setProtocol_version(int protocol_version) {
+ this.protocol_version = protocol_version;
+ setProtocol_versionIsSet(true);
+ }
+
+ public void unsetProtocol_version() {
+ __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
+ }
+
+ /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
+ public boolean isSetProtocol_version() {
+ return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
+ }
+
+ public void setProtocol_versionIsSet(boolean value) {
+ __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
+ }
+
+ public int getAuthorizableSetSize() {
+ return (this.authorizableSet == null) ? 0 : this.authorizableSet.size();
+ }
+
+ public java.util.Iterator<TSentryAuthorizable> getAuthorizableSetIterator() {
+ return (this.authorizableSet == null) ? null : this.authorizableSet.iterator();
+ }
+
+ public void addToAuthorizableSet(TSentryAuthorizable elem) {
+ if (this.authorizableSet == null) {
+ this.authorizableSet = new HashSet<TSentryAuthorizable>();
+ }
+ this.authorizableSet.add(elem);
+ }
+
+ public Set<TSentryAuthorizable> getAuthorizableSet() {
+ return this.authorizableSet;
+ }
+
+ public void setAuthorizableSet(Set<TSentryAuthorizable> authorizableSet) {
+ this.authorizableSet = authorizableSet;
+ }
+
+ public void unsetAuthorizableSet() {
+ this.authorizableSet = null;
+ }
+
+ /** Returns true if field authorizableSet is set (has been assigned a value) and false otherwise */
+ public boolean isSetAuthorizableSet() {
+ return this.authorizableSet != null;
+ }
+
+ public void setAuthorizableSetIsSet(boolean value) {
+ if (!value) {
+ this.authorizableSet = null;
+ }
+ }
+
+ public int getGroupsSize() {
+ return (this.groups == null) ? 0 : this.groups.size();
+ }
+
+ public java.util.Iterator<String> getGroupsIterator() {
+ return (this.groups == null) ? null : this.groups.iterator();
+ }
+
+ public void addToGroups(String elem) {
+ if (this.groups == null) {
+ this.groups = new HashSet<String>();
+ }
+ this.groups.add(elem);
+ }
+
+ public Set<String> getGroups() {
+ return this.groups;
+ }
+
+ public void setGroups(Set<String> groups) {
+ this.groups = groups;
+ }
+
+ public void unsetGroups() {
+ this.groups = null;
+ }
+
+ /** Returns true if field groups is set (has been assigned a value) and false otherwise */
+ public boolean isSetGroups() {
+ return this.groups != null;
+ }
+
+ public void setGroupsIsSet(boolean value) {
+ if (!value) {
+ this.groups = null;
+ }
+ }
+
+ public TSentryActiveRoleSet getRoleSet() {
+ return this.roleSet;
+ }
+
+ public void setRoleSet(TSentryActiveRoleSet roleSet) {
+ this.roleSet = roleSet;
+ }
+
+ public void unsetRoleSet() {
+ this.roleSet = null;
+ }
+
+ /** Returns true if field roleSet is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleSet() {
+ return this.roleSet != null;
+ }
+
+ public void setRoleSetIsSet(boolean value) {
+ if (!value) {
+ this.roleSet = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case PROTOCOL_VERSION:
+ if (value == null) {
+ unsetProtocol_version();
+ } else {
+ setProtocol_version((Integer)value);
+ }
+ break;
+
+ case AUTHORIZABLE_SET:
+ if (value == null) {
+ unsetAuthorizableSet();
+ } else {
+ setAuthorizableSet((Set<TSentryAuthorizable>)value);
+ }
+ break;
+
+ case GROUPS:
+ if (value == null) {
+ unsetGroups();
+ } else {
+ setGroups((Set<String>)value);
+ }
+ break;
+
+ case ROLE_SET:
+ if (value == null) {
+ unsetRoleSet();
+ } else {
+ setRoleSet((TSentryActiveRoleSet)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case PROTOCOL_VERSION:
+ return Integer.valueOf(getProtocol_version());
+
+ case AUTHORIZABLE_SET:
+ return getAuthorizableSet();
+
+ case GROUPS:
+ return getGroups();
+
+ case ROLE_SET:
+ return getRoleSet();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case PROTOCOL_VERSION:
+ return isSetProtocol_version();
+ case AUTHORIZABLE_SET:
+ return isSetAuthorizableSet();
+ case GROUPS:
+ return isSetGroups();
+ case ROLE_SET:
+ return isSetRoleSet();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof TListSentryPrivilegesByAuthRequest)
+ return this.equals((TListSentryPrivilegesByAuthRequest)that);
+ return false;
+ }
+
+ public boolean equals(TListSentryPrivilegesByAuthRequest that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_protocol_version = true;
+ boolean that_present_protocol_version = true;
+ if (this_present_protocol_version || that_present_protocol_version) {
+ if (!(this_present_protocol_version && that_present_protocol_version))
+ return false;
+ if (this.protocol_version != that.protocol_version)
+ return false;
+ }
+
+ boolean this_present_authorizableSet = true && this.isSetAuthorizableSet();
+ boolean that_present_authorizableSet = true && that.isSetAuthorizableSet();
+ if (this_present_authorizableSet || that_present_authorizableSet) {
+ if (!(this_present_authorizableSet && that_present_authorizableSet))
+ return false;
+ if (!this.authorizableSet.equals(that.authorizableSet))
+ return false;
+ }
+
+ boolean this_present_groups = true && this.isSetGroups();
+ boolean that_present_groups = true && that.isSetGroups();
+ if (this_present_groups || that_present_groups) {
+ if (!(this_present_groups && that_present_groups))
+ return false;
+ if (!this.groups.equals(that.groups))
+ return false;
+ }
+
+ boolean this_present_roleSet = true && this.isSetRoleSet();
+ boolean that_present_roleSet = true && that.isSetRoleSet();
+ if (this_present_roleSet || that_present_roleSet) {
+ if (!(this_present_roleSet && that_present_roleSet))
+ return false;
+ if (!this.roleSet.equals(that.roleSet))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_protocol_version = true;
+ builder.append(present_protocol_version);
+ if (present_protocol_version)
+ builder.append(protocol_version);
+
+ boolean present_authorizableSet = true && (isSetAuthorizableSet());
+ builder.append(present_authorizableSet);
+ if (present_authorizableSet)
+ builder.append(authorizableSet);
+
+ boolean present_groups = true && (isSetGroups());
+ builder.append(present_groups);
+ if (present_groups)
+ builder.append(groups);
+
+ boolean present_roleSet = true && (isSetRoleSet());
+ builder.append(present_roleSet);
+ if (present_roleSet)
+ builder.append(roleSet);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(TListSentryPrivilegesByAuthRequest other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ TListSentryPrivilegesByAuthRequest typedOther = (TListSentryPrivilegesByAuthRequest)other;
+
+ lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(typedOther.isSetProtocol_version());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetProtocol_version()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, typedOther.protocol_version);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetAuthorizableSet()).compareTo(typedOther.isSetAuthorizableSet());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetAuthorizableSet()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizableSet, typedOther.authorizableSet);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetGroups()).compareTo(typedOther.isSetGroups());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetGroups()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, typedOther.groups);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetRoleSet()).compareTo(typedOther.isSetRoleSet());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetRoleSet()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleSet, typedOther.roleSet);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthRequest(");
+ boolean first = true;
+
+ sb.append("protocol_version:");
+ sb.append(this.protocol_version);
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("authorizableSet:");
+ if (this.authorizableSet == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.authorizableSet);
+ }
+ first = false;
+ if (isSetGroups()) {
+ if (!first) sb.append(", ");
+ sb.append("groups:");
+ if (this.groups == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.groups);
+ }
+ first = false;
+ }
+ if (isSetRoleSet()) {
+ if (!first) sb.append(", ");
+ sb.append("roleSet:");
+ if (this.roleSet == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.roleSet);
+ }
+ first = false;
+ }
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ if (!isSetProtocol_version()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
+ }
+
+ if (!isSetAuthorizableSet()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'authorizableSet' is unset! Struct:" + toString());
+ }
+
+ // check for sub-struct validity
+ if (roleSet != null) {
+ roleSet.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+ __isset_bitfield = 0;
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class TListSentryPrivilegesByAuthRequestStandardSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesByAuthRequestStandardScheme getScheme() {
+ return new TListSentryPrivilegesByAuthRequestStandardScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesByAuthRequestStandardScheme extends StandardScheme<TListSentryPrivilegesByAuthRequest> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // PROTOCOL_VERSION
+ if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+ struct.protocol_version = iprot.readI32();
+ struct.setProtocol_versionIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 2: // AUTHORIZABLE_SET
+ if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
+ {
+ org.apache.thrift.protocol.TSet _set82 = iprot.readSetBegin();
+ struct.authorizableSet = new HashSet<TSentryAuthorizable>(2*_set82.size);
+ for (int _i83 = 0; _i83 < _set82.size; ++_i83)
+ {
+ TSentryAuthorizable _elem84; // required
+ _elem84 = new TSentryAuthorizable();
+ _elem84.read(iprot);
+ struct.authorizableSet.add(_elem84);
+ }
+ iprot.readSetEnd();
+ }
+ struct.setAuthorizableSetIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 3: // GROUPS
+ if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
+ {
+ org.apache.thrift.protocol.TSet _set85 = iprot.readSetBegin();
+ struct.groups = new HashSet<String>(2*_set85.size);
+ for (int _i86 = 0; _i86 < _set85.size; ++_i86)
+ {
+ String _elem87; // required
+ _elem87 = iprot.readString();
+ struct.groups.add(_elem87);
+ }
+ iprot.readSetEnd();
+ }
+ struct.setGroupsIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 4: // ROLE_SET
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.roleSet = new TSentryActiveRoleSet();
+ struct.roleSet.read(iprot);
+ struct.setRoleSetIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
+ oprot.writeI32(struct.protocol_version);
+ oprot.writeFieldEnd();
+ if (struct.authorizableSet != null) {
+ oprot.writeFieldBegin(AUTHORIZABLE_SET_FIELD_DESC);
+ {
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.authorizableSet.size()));
+ for (TSentryAuthorizable _iter88 : struct.authorizableSet)
+ {
+ _iter88.write(oprot);
+ }
+ oprot.writeSetEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ if (struct.groups != null) {
+ if (struct.isSetGroups()) {
+ oprot.writeFieldBegin(GROUPS_FIELD_DESC);
+ {
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
+ for (String _iter89 : struct.groups)
+ {
+ oprot.writeString(_iter89);
+ }
+ oprot.writeSetEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ }
+ if (struct.roleSet != null) {
+ if (struct.isSetRoleSet()) {
+ oprot.writeFieldBegin(ROLE_SET_FIELD_DESC);
+ struct.roleSet.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class TListSentryPrivilegesByAuthRequestTupleSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesByAuthRequestTupleScheme getScheme() {
+ return new TListSentryPrivilegesByAuthRequestTupleScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesByAuthRequestTupleScheme extends TupleScheme<TListSentryPrivilegesByAuthRequest> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ oprot.writeI32(struct.protocol_version);
+ {
+ oprot.writeI32(struct.authorizableSet.size());
+ for (TSentryAuthorizable _iter90 : struct.authorizableSet)
+ {
+ _iter90.write(oprot);
+ }
+ }
+ BitSet optionals = new BitSet();
+ if (struct.isSetGroups()) {
+ optionals.set(0);
+ }
+ if (struct.isSetRoleSet()) {
+ optionals.set(1);
+ }
+ oprot.writeBitSet(optionals, 2);
+ if (struct.isSetGroups()) {
+ {
+ oprot.writeI32(struct.groups.size());
+ for (String _iter91 : struct.groups)
+ {
+ oprot.writeString(_iter91);
+ }
+ }
+ }
+ if (struct.isSetRoleSet()) {
+ struct.roleSet.write(oprot);
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthRequest struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ struct.protocol_version = iprot.readI32();
+ struct.setProtocol_versionIsSet(true);
+ {
+ org.apache.thrift.protocol.TSet _set92 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
+ struct.authorizableSet = new HashSet<TSentryAuthorizable>(2*_set92.size);
+ for (int _i93 = 0; _i93 < _set92.size; ++_i93)
+ {
+ TSentryAuthorizable _elem94; // required
+ _elem94 = new TSentryAuthorizable();
+ _elem94.read(iprot);
+ struct.authorizableSet.add(_elem94);
+ }
+ }
+ struct.setAuthorizableSetIsSet(true);
+ BitSet incoming = iprot.readBitSet(2);
+ if (incoming.get(0)) {
+ {
+ org.apache.thrift.protocol.TSet _set95 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.groups = new HashSet<String>(2*_set95.size);
+ for (int _i96 = 0; _i96 < _set95.size; ++_i96)
+ {
+ String _elem97; // required
+ _elem97 = iprot.readString();
+ struct.groups.add(_elem97);
+ }
+ }
+ struct.setGroupsIsSet(true);
+ }
+ if (incoming.get(1)) {
+ struct.roleSet = new TSentryActiveRoleSet();
+ struct.roleSet.read(iprot);
+ struct.setRoleSetIsSet(true);
+ }
+ }
+ }
+
+}
+