You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by ls...@apache.org on 2016/01/21 07:51:31 UTC
[1/4] incubator-sentry git commit: SENTRY-986: Apply PMD plugin to
Sentry source (Colm O hEigeartaigh via Lenni Kuff)
Repository: incubator-sentry
Updated Branches:
refs/heads/master 5a827f6db -> 95b1e40e7
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
index 1b83c0d..3a648a5 100644
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
+++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
@@ -16,10 +16,6 @@
*/
package org.apache.sentry.provider.file;
-import static org.apache.sentry.provider.common.PolicyFileConstants.DATABASES;
-import static org.apache.sentry.provider.common.PolicyFileConstants.GROUPS;
-import static org.apache.sentry.provider.common.PolicyFileConstants.ROLES;
-import static org.apache.sentry.provider.common.PolicyFileConstants.USERS;
import static org.apache.sentry.provider.common.ProviderConstants.ROLE_SPLITTER;
import java.io.IOException;
@@ -40,6 +36,7 @@ import org.apache.sentry.core.common.SentryConfigurationException;
import org.apache.sentry.policy.common.PrivilegeUtils;
import org.apache.sentry.policy.common.PrivilegeValidator;
import org.apache.sentry.policy.common.PrivilegeValidatorContext;
+import org.apache.sentry.provider.common.PolicyFileConstants;
import org.apache.sentry.provider.common.ProviderBackend;
import org.apache.sentry.provider.common.ProviderBackendContext;
import org.apache.shiro.config.Ini;
@@ -193,7 +190,7 @@ public class SimpleFileProviderBackend implements ProviderBackend {
}
List<String> localConfigErrors = Lists.newArrayList(configErrors);
List<String> localConfigWarnings = Lists.newArrayList(configWarnings);
- if ((strictValidation && !localConfigWarnings.isEmpty()) || !localConfigErrors.isEmpty()) {
+ if (strictValidation && !localConfigWarnings.isEmpty() || !localConfigErrors.isEmpty()) {
localConfigErrors.add("Failed to process global policy file " + resourcePath);
SentryConfigurationException e = new SentryConfigurationException("");
e.setConfigErrors(localConfigErrors);
@@ -235,9 +232,9 @@ public class SimpleFileProviderBackend implements ProviderBackend {
parseIni(null, ini, validators, resourcePath, groupRolePrivilegeTableTemp);
mergeResult(groupRolePrivilegeTableTemp);
groupRolePrivilegeTableTemp.clear();
- Ini.Section filesSection = ini.getSection(DATABASES);
+ Ini.Section filesSection = ini.getSection(PolicyFileConstants.DATABASES);
if(filesSection == null) {
- LOGGER.info("Section " + DATABASES + " needs no further processing");
+ LOGGER.info("Section " + PolicyFileConstants.DATABASES + " needs no further processing");
} else if (!allowPerDatabaseSection) {
String msg = "Per-db policy file is not expected in this configuration.";
throw new SentryConfigurationException(msg);
@@ -251,14 +248,14 @@ public class SimpleFileProviderBackend implements ProviderBackend {
try {
LOGGER.debug("Parsing " + perDbPolicy);
Ini perDbIni = PolicyFiles.loadFromPath(perDbPolicy.getFileSystem(conf), perDbPolicy);
- if(perDbIni.containsKey(USERS)) {
- configErrors.add("Per-db policy file cannot contain " + USERS + " section in " + perDbPolicy);
- throw new SentryConfigurationException("Per-db policy files cannot contain " + USERS + " section");
+ if(perDbIni.containsKey(PolicyFileConstants.USERS)) {
+ configErrors.add("Per-db policy file cannot contain " + PolicyFileConstants.USERS + " section in " + perDbPolicy);
+ throw new SentryConfigurationException("Per-db policy files cannot contain " + PolicyFileConstants.USERS + " section");
}
- if(perDbIni.containsKey(DATABASES)) {
- configErrors.add("Per-db policy files cannot contain " + DATABASES
+ if(perDbIni.containsKey(PolicyFileConstants.DATABASES)) {
+ configErrors.add("Per-db policy files cannot contain " + PolicyFileConstants.DATABASES
+ " section in " + perDbPolicy);
- throw new SentryConfigurationException("Per-db policy files cannot contain " + DATABASES + " section");
+ throw new SentryConfigurationException("Per-db policy files cannot contain " + PolicyFileConstants.DATABASES + " section");
}
parseIni(database, perDbIni, validators, perDbPolicy, groupRolePrivilegeTableTemp);
} catch (Exception e) {
@@ -301,17 +298,17 @@ public class SimpleFileProviderBackend implements ProviderBackend {
private void parseIni(String database, Ini ini,
List<? extends PrivilegeValidator> validators, Path policyPath,
Table<String, String, Set<String>> groupRolePrivilegeTable) {
- Ini.Section privilegesSection = ini.getSection(ROLES);
+ Ini.Section privilegesSection = ini.getSection(PolicyFileConstants.ROLES);
boolean invalidConfiguration = false;
if (privilegesSection == null) {
- String errMsg = String.format("Section %s empty for %s", ROLES, policyPath);
+ String errMsg = String.format("Section %s empty for %s", PolicyFileConstants.ROLES, policyPath);
LOGGER.warn(errMsg);
configErrors.add(errMsg);
invalidConfiguration = true;
}
- Ini.Section groupsSection = ini.getSection(GROUPS);
+ Ini.Section groupsSection = ini.getSection(PolicyFileConstants.GROUPS);
if (groupsSection == null) {
- String warnMsg = String.format("Section %s empty for %s", GROUPS, policyPath);
+ String warnMsg = String.format("Section %s empty for %s", PolicyFileConstants.GROUPS, policyPath);
LOGGER.warn(warnMsg);
configErrors.add(warnMsg);
invalidConfiguration = true;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java
index ec26ef3..f749740 100644
--- a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java
+++ b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/RollingFileWithoutDeleteAppender.java
@@ -22,7 +22,6 @@ import java.io.File;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.io.Writer;
-import java.nio.file.Files;
import org.apache.log4j.FileAppender;
import org.apache.log4j.Layout;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SecureRequestHandlerUtil.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SecureRequestHandlerUtil.java b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SecureRequestHandlerUtil.java
index 1f46835..be9642b 100644
--- a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SecureRequestHandlerUtil.java
+++ b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SecureRequestHandlerUtil.java
@@ -20,7 +20,6 @@ import java.util.EnumSet;
import java.util.Set;
import org.apache.sentry.core.model.search.SearchModelAction;
import org.apache.solr.request.SolrQueryRequest;
-import org.apache.solr.response.SolrQueryResponse;
/**
* Utility functions for Secure (sentry-aware) versions of RequestHandlers
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java
index 185884b..c9d2414 100644
--- a/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java
+++ b/sentry-solr/solr-sentry-core/src/main/java/org/apache/solr/sentry/SentryIndexAuthorizationSingleton.java
@@ -134,7 +134,7 @@ public class SentryIndexAuthorizationSingleton {
try {
ipAddress = sreq.getRemoteAddr();
} catch (AssertionError e) {
- ; // ignore
+ // ignore
// This is a work-around for "Unexpected method call getRemoteAddr()"
// exception during unit test mocking at
// com.sun.proxy.$Proxy28.getRemoteAddr(Unknown Source)
@@ -212,7 +212,7 @@ public class SentryIndexAuthorizationSingleton {
throw new SolrException(SolrException.ErrorCode.UNAUTHORIZED, builder.toString());
}
- String superUser = (System.getProperty("solr.authorization.superuser", "solr"));
+ String superUser = System.getProperty("solr.authorization.superuser", "solr");
// If a local request, treat it like a super user request; i.e. it is equivalent to an
// http request from the same process.
return req instanceof LocalSolrQueryRequest?
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java
index 6192dff..98354e5 100644
--- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java
+++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureAdminHandlers.java
@@ -17,14 +17,11 @@
package org.apache.solr.handler.admin;
import java.io.IOException;
-import java.util.EnumSet;
import java.util.Map;
import org.apache.solr.common.SolrException;
import org.apache.solr.core.CoreContainer;
import org.apache.solr.core.SolrCore;
-import org.apache.sentry.core.model.search.SearchModelAction;
-import org.apache.solr.handler.RequestHandlerBase;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.request.SolrRequestHandler;
import org.apache.solr.response.SolrQueryResponse;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureCollectionsHandler.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureCollectionsHandler.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureCollectionsHandler.java
index dc96698..7490ad0 100644
--- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureCollectionsHandler.java
+++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureCollectionsHandler.java
@@ -17,11 +17,9 @@ package org.apache.solr.handler.admin;
* limitations under the License.
*/
-import java.util.EnumSet;
import org.apache.solr.common.params.SolrParams;
import org.apache.solr.common.params.CollectionParams.CollectionAction;
import org.apache.solr.common.params.CoreAdminParams;
-import org.apache.sentry.core.model.search.SearchModelAction;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.response.SolrQueryResponse;
import org.apache.solr.sentry.SecureRequestHandlerUtil;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureInfoHandler.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureInfoHandler.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureInfoHandler.java
index 90b898b..628d1d7 100644
--- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureInfoHandler.java
+++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/admin/SecureInfoHandler.java
@@ -17,9 +17,6 @@ package org.apache.solr.handler.admin;
* limitations under the License.
*/
-import java.util.EnumSet;
-import org.apache.sentry.core.model.search.SearchModelAction;
-import org.apache.solr.handler.RequestHandlerBase;
import org.apache.solr.core.CoreContainer;
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java
index 371787d..666c088 100644
--- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java
+++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryDocAuthorizationComponent.java
@@ -24,13 +24,9 @@ import org.apache.solr.common.params.ModifiableSolrParams;
import org.apache.solr.common.params.SolrParams;
import org.apache.solr.common.util.NamedList;
import org.apache.solr.sentry.SentryIndexAuthorizationSingleton;
-import org.apache.solr.request.LocalSolrQueryRequest;
import com.google.common.annotations.VisibleForTesting;
import java.io.IOException;
-import java.util.EnumSet;
-import java.util.Iterator;
import java.util.Set;
-import java.net.URLEncoder;
public class QueryDocAuthorizationComponent extends SearchComponent
{
@@ -75,10 +71,12 @@ public class QueryDocAuthorizationComponent extends SearchComponent
@Override
public void prepare(ResponseBuilder rb) throws IOException {
- if (!enabled) return;
+ if (!enabled) {
+ return;
+ }
String userName = sentryInstance.getUserName(rb.req);
- String superUser = (System.getProperty("solr.authorization.superuser", "solr"));
+ String superUser = System.getProperty("solr.authorization.superuser", "solr");
if (superUser.equals(userName)) {
return;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryIndexAuthorizationComponent.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryIndexAuthorizationComponent.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryIndexAuthorizationComponent.java
index 8f68f40..5fbb743 100644
--- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryIndexAuthorizationComponent.java
+++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/QueryIndexAuthorizationComponent.java
@@ -20,8 +20,6 @@ package org.apache.solr.handler.component;
import org.apache.solr.common.util.StrUtils;
import org.apache.solr.sentry.SentryIndexAuthorizationSingleton;
import org.apache.sentry.core.model.search.SearchModelAction;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import com.google.common.annotations.VisibleForTesting;
import java.io.IOException;
import java.util.EnumSet;
@@ -30,8 +28,6 @@ import java.util.List;
public class QueryIndexAuthorizationComponent extends SearchComponent
{
private static final String OPERATION_NAME = "query";
- private static Logger log =
- LoggerFactory.getLogger(QueryIndexAuthorizationComponent.class);
private SentryIndexAuthorizationSingleton sentryInstance;
public QueryIndexAuthorizationComponent() {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessor.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessor.java
index 5e60645..d995a7d 100644
--- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessor.java
+++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessor.java
@@ -39,13 +39,13 @@ public class UpdateIndexAuthorizationProcessor extends UpdateRequestProcessor {
private SentryIndexAuthorizationSingleton sentryInstance;
public UpdateIndexAuthorizationProcessor(SolrQueryRequest req,
- SolrQueryResponse rsp, UpdateRequestProcessor next) {
- this(SentryIndexAuthorizationSingleton.getInstance(), req, rsp, next);
+ SolrQueryResponse rsp, UpdateRequestProcessor next) { //NOPMD
+ this(SentryIndexAuthorizationSingleton.getInstance(), req, next);
}
@VisibleForTesting
public UpdateIndexAuthorizationProcessor(SentryIndexAuthorizationSingleton sentryInstance,
- SolrQueryRequest req, SolrQueryResponse rsp, UpdateRequestProcessor next) {
+ SolrQueryRequest req, UpdateRequestProcessor next) {
super(next);
this.sentryInstance = sentryInstance;
this.req = req;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorFactory.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorFactory.java b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorFactory.java
index 945dbc4..07f7f28 100644
--- a/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorFactory.java
+++ b/sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorFactory.java
@@ -20,7 +20,6 @@ package org.apache.solr.update.processor;
import org.apache.solr.common.util.NamedList;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.response.SolrQueryResponse;
-import org.apache.solr.update.processor.UpdateRequestProcessorFactory;
/**
* Factory for Sentry's index-level update authorization.
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/TestSecureReplicationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/TestSecureReplicationHandler.java b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/TestSecureReplicationHandler.java
index 9387677..6367814 100644
--- a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/TestSecureReplicationHandler.java
+++ b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/TestSecureReplicationHandler.java
@@ -18,7 +18,6 @@ package org.apache.solr.handler;
import org.apache.solr.cloud.CloudDescriptor;
import org.apache.solr.core.SolrCore;
-import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.request.SolrRequestHandler;
import org.apache.solr.sentry.SentryTestBase;
import org.apache.solr.sentry.SentrySingletonTestInstance;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureAdminHandlersTest.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureAdminHandlersTest.java b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureAdminHandlersTest.java
index 3cb2597..aea44f7 100644
--- a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureAdminHandlersTest.java
+++ b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureAdminHandlersTest.java
@@ -31,8 +31,6 @@ import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
public class SecureAdminHandlersTest extends SentryTestBase {
@@ -146,10 +144,6 @@ public class SecureAdminHandlersTest extends SentryTestBase {
verifyQueryAccess("/admin/luke", true);
}
- private void verifySystem() throws Exception {
- verifyQueryAccess("/admin/system", true);
- }
-
private void verifyMBeans() throws Exception {
verifyQueryAccess("/admin/mbeans", true);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureCoreAdminHandlerTest.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureCoreAdminHandlerTest.java b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureCoreAdminHandlerTest.java
index 2a19902..a145bc5 100644
--- a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureCoreAdminHandlerTest.java
+++ b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureCoreAdminHandlerTest.java
@@ -27,7 +27,6 @@ import net.sf.cglib.proxy.MethodProxy;
import org.apache.solr.cloud.CloudDescriptor;
import org.apache.solr.common.params.CoreAdminParams;
-import org.apache.solr.common.params.CoreAdminParams.CoreAdminAction;
import org.apache.solr.common.params.ModifiableSolrParams;
import org.apache.solr.common.params.CoreAdminParams.CoreAdminAction;
import org.apache.solr.core.CoreContainer;
@@ -35,7 +34,6 @@ import org.apache.solr.core.SolrCore;
import org.apache.solr.request.SolrQueryRequest;
import org.apache.solr.sentry.SentryTestBase;
import org.apache.solr.sentry.SentrySingletonTestInstance;
-import org.eclipse.jetty.util.log.Log;
import org.junit.AfterClass;
import org.junit.BeforeClass;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureInfoHandlerTest.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureInfoHandlerTest.java b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureInfoHandlerTest.java
index 7221fa0..54784f4 100644
--- a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureInfoHandlerTest.java
+++ b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/handler/admin/SecureInfoHandlerTest.java
@@ -17,15 +17,11 @@
package org.apache.solr.handler.admin;
import org.apache.solr.cloud.CloudDescriptor;
-import org.apache.solr.common.SolrException;
import org.apache.solr.core.SolrCore;
-import org.apache.solr.handler.RequestHandlerBase;
import org.apache.solr.request.SolrQueryRequest;
-import org.apache.solr.response.SolrQueryResponse;
import org.apache.solr.sentry.SentryTestBase;
import org.apache.solr.sentry.SentrySingletonTestInstance;
import org.junit.AfterClass;
-import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorTest.java
----------------------------------------------------------------------
diff --git a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorTest.java b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorTest.java
index 8feb5a7..630ca7c 100644
--- a/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorTest.java
+++ b/sentry-solr/solr-sentry-handlers/src/test/java/org/apache/solr/update/processor/UpdateIndexAuthorizationProcessorTest.java
@@ -135,7 +135,7 @@ public class UpdateIndexAuthorizationProcessorTest extends SentryTestBase {
SolrQueryRequest request = getRequest();
prepareCollAndUser(core, request, collection, user);
return new UpdateIndexAuthorizationProcessor(
- SentrySingletonTestInstance.getInstance().getSentryInstance(), request, null, null);
+ SentrySingletonTestInstance.getInstance().getSentryInstance(), request, null);
}
/**
[3/4] incubator-sentry git commit: SENTRY-986: Apply PMD plugin to
Sentry source (Colm O hEigeartaigh via Lenni Kuff)
Posted by ls...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
index 2db72b1..968d29c 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestKrbConnectionTimeout.java
@@ -17,16 +17,7 @@
*/
package org.apache.sentry.hdfs;
-import static org.junit.Assert.*;
-
-import java.security.PrivilegedExceptionAction;
-
-import javax.security.auth.Subject;
-
import org.apache.hadoop.minikdc.MiniKdc;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
index db3d413..114dbb0 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
@@ -109,27 +109,27 @@ public abstract class AuthorizationProvider {
*
* @return the inode unique ID.
*/
- public long getId();
+ long getId();
/**
* Return the inode path element name. This value may change.
* @return the inode path element name.
*/
- public String getLocalName();
+ String getLocalName();
/**
* Return the parent inode. This value may change.
*
* @return the parent inode.
*/
- public INodeAuthorizationInfo getParent();
+ INodeAuthorizationInfo getParent();
/**
* Return the inode full path. This value may change.
*
* @return the inode full path
*/
- public String getFullPathName();
+ String getFullPathName();
/**
* Return if the inode is a directory or not.
@@ -137,7 +137,7 @@ public abstract class AuthorizationProvider {
* @return <code>TRUE</code> if the inode is a directory,
* <code>FALSE</code> otherwise.
*/
- public boolean isDirectory();
+ boolean isDirectory();
/**
* Return the inode user for the specified snapshot.
@@ -146,7 +146,7 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode user for the specified snapshot.
*/
- public String getUserName(int snapshotId);
+ String getUserName(int snapshotId);
/**
* Return the inode group for the specified snapshot.
@@ -155,7 +155,7 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode group for the specified snapshot.
*/
- public String getGroupName(int snapshotId);
+ String getGroupName(int snapshotId);
/**
* Return the inode permission for the specified snapshot.
@@ -164,7 +164,7 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode permission for the specified snapshot.
*/
- public FsPermission getFsPermission(int snapshotId);
+ FsPermission getFsPermission(int snapshotId);
/**
* Return the inode ACL feature for the specified snapshot.
@@ -173,8 +173,8 @@ public abstract class AuthorizationProvider {
* value.
* @return the inode ACL feature for the specified snapshot.
*/
- public AclFeature getAclFeature(int snapshotId);
-
+ AclFeature getAclFeature(int snapshotId);
+
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
index 25fd71c..ea1514c 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
@@ -31,7 +31,7 @@ public class SentryAuthorizationConstants {
public static final String HDFS_PERMISSION_KEY = CONFIG_PREFIX +
"hdfs-permission";
- public static final long HDFS_PERMISSION_DEFAULT = 0771;
+ public static final long HDFS_PERMISSION_DEFAULT = 771;
public static final String HDFS_PATH_PREFIXES_KEY = CONFIG_PREFIX +
"hdfs-path-prefixes";
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
index def34a4..c2416c1 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
@@ -35,7 +35,6 @@ import org.slf4j.LoggerFactory;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
-import com.google.common.collect.Lists;
public class SentryAuthorizationInfo implements Runnable {
private static Logger LOG =
@@ -134,7 +133,7 @@ public class SentryAuthorizationInfo implements Runnable {
updates.getPermUpdates(), authzPermissions);
// If there were any FULL updates the returned instance would be
// different
- if ((newAuthzPaths != authzPaths)||(newAuthzPerms != authzPermissions)) {
+ if (newAuthzPaths != authzPaths || newAuthzPerms != authzPermissions) {
lock.writeLock().lock();
try {
LOG.debug("FULL Updated paths seq Num [old="
@@ -206,7 +205,7 @@ public class SentryAuthorizationInfo implements Runnable {
}
public void start() {
- if ((authzPaths != null)||(authzPermissions != null)) {
+ if (authzPaths != null || authzPermissions != null) {
boolean success = false;
try {
success = update();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
index b7e94f3..4de130a 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
@@ -188,7 +188,7 @@ public class SentryAuthorizationProvider
String[] paths;
INodeAuthorizationInfo parent = node.getParent();
if (parent == null) {
- paths = (idx > 0) ? new String[idx] : EMPTY_STRING_ARRAY;
+ paths = idx > 0 ? new String[idx] : EMPTY_STRING_ARRAY;
} else {
paths = getPathElements(parent, idx + 1);
paths[paths.length - 1 - idx] = node.getLocalName();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
index daa87cf..c61736f 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryPermissions.java
@@ -143,8 +143,8 @@ public class SentryPermissions implements AuthzPermissions {
builder.setType(AclEntryType.GROUP);
builder.setScope(AclEntryScope.ACCESS);
FsAction action = groupPerm.getValue();
- if ((action == FsAction.READ) || (action == FsAction.WRITE)
- || (action == FsAction.READ_WRITE)) {
+ if (action == FsAction.READ || action == FsAction.WRITE
+ || action == FsAction.READ_WRITE) {
action = action.or(FsAction.EXECUTE);
}
builder.setPermission(action);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
index 422554e..88be3f5 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
@@ -18,7 +18,6 @@
package org.apache.sentry.hdfs;
import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.hdfs.SentryAuthzUpdate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
index aa78360..33581b7 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
@@ -17,7 +17,6 @@
*/
package org.apache.sentry.hdfs;
-import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
index 4349c6e..cdf1c59 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
@@ -22,7 +22,6 @@ import com.google.common.collect.Lists;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.metastore.IHMSHandler;
import org.apache.hadoop.hive.metastore.api.Database;
-import org.apache.hadoop.hive.metastore.api.NoSuchObjectException;
import org.apache.hadoop.hive.metastore.api.Partition;
import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.sentry.hdfs.service.thrift.TPathChanges;
@@ -66,20 +65,20 @@ class MetastoreCacheInitializer implements Closeable {
* Class represents retry strategy for BaseTask.
*/
private class RetryStrategy {
- private int maxRetries = 0;
- private int waitDurationMillis;
+ private int retryStrategyMaxRetries = 0;
+ private int retryStrategyWaitDurationMillis;
private int retries;
private Exception exception;
- private RetryStrategy(int maxRetries, int waitDurationMillis) {
- this.maxRetries = maxRetries;
+ private RetryStrategy(int retryStrategyMaxRetries, int retryStrategyWaitDurationMillis) {
+ this.retryStrategyMaxRetries = retryStrategyMaxRetries;
retries = 0;
// Assign default wait duration if negative value is provided.
- if (waitDurationMillis > 0) {
- this.waitDurationMillis = waitDurationMillis;
+ if (retryStrategyWaitDurationMillis > 0) {
+ this.retryStrategyWaitDurationMillis = retryStrategyWaitDurationMillis;
} else {
- this.waitDurationMillis = 1000;
+ this.retryStrategyWaitDurationMillis = 1000;
}
}
@@ -89,7 +88,7 @@ class MetastoreCacheInitializer implements Closeable {
// synchronous waiting on getting the result.
// Retry the failure task until reach the max retry number.
// Wait configurable duration for next retry.
- for (int i = 0; i < maxRetries; i++) {
+ for (int i = 0; i < retryStrategyMaxRetries; i++) {
try {
doTask();
@@ -99,16 +98,16 @@ class MetastoreCacheInitializer implements Closeable {
return new CallResult(exception, true);
} catch (Exception ex) {
LOGGER.debug("Failed to execute task on " + (i + 1) + " attempts." +
- " Sleeping for " + waitDurationMillis + " ms. Exception: " + ex.toString(), ex);
+ " Sleeping for " + retryStrategyWaitDurationMillis + " ms. Exception: " + ex.toString(), ex);
exception = ex;
try {
- Thread.sleep(waitDurationMillis);
+ Thread.sleep(retryStrategyWaitDurationMillis);
} catch (InterruptedException exception) {
// Skip the rest retries if get InterruptedException.
// And set the corresponding retries number.
retries = i;
- i = maxRetries;
+ i = retryStrategyMaxRetries;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
index f88295d..6e14c29 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
@@ -103,7 +103,7 @@ public class MetastorePlugin extends SentryMetastoreListenerPlugin {
private volatile Throwable initError = null;
private final Queue<PathsUpdate> updateQueue = new LinkedList<PathsUpdate>();
- private final ExecutorService threadPool;
+ private final ExecutorService threadPool; //NOPMD
private final Configuration sentryConf;
static class ProxyHMSHandler extends HMSHandler {
@@ -166,7 +166,7 @@ public class MetastorePlugin extends SentryMetastoreListenerPlugin {
"cache initialization is completed !!");
initUpdater.start();
} else {
- initUpdater.run();
+ initUpdater.run(); //NOPMD
}
try {
sentryClient = SentryHDFSServiceClientFactory.create(sentryConf);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
index 5e2f98e..4ce16c7 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/PluginCacheSyncUtil.java
@@ -175,7 +175,9 @@ public class PluginCacheSyncUtil {
"Error releasing ZK lock for update cache syncup" + e, e);
}
timerContext.stop();
- if (failed) SentryHdfsMetricsUtil.getFailedCacheSyncToZK.inc();
+ if (failed) {
+ SentryHdfsMetricsUtil.getFailedCacheSyncToZK.inc();
+ }
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
index 647e8fc..f3926a2 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryPlugin.java
@@ -28,12 +28,10 @@ import com.codahale.metrics.Timer;
import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.hdfs.ServiceConstants.ServerConfig;
import org.apache.sentry.hdfs.UpdateForwarder.ExternalImageRetriever;
-import org.apache.sentry.hdfs.service.thrift.TPathChanges;
import org.apache.sentry.hdfs.service.thrift.TPermissionsUpdate;
import org.apache.sentry.hdfs.service.thrift.TPrivilegeChanges;
import org.apache.sentry.hdfs.service.thrift.TRoleChanges;
import org.apache.sentry.provider.db.SentryPolicyStorePlugin;
-import org.apache.sentry.provider.db.SentryPolicyStorePlugin.SentryPluginException;
import org.apache.sentry.provider.db.service.persistent.SentryStore;
import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
@@ -48,9 +46,6 @@ import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.google.common.base.Strings;
-import com.google.common.collect.Lists;
-
public class SentryPlugin implements SentryPolicyStorePlugin {
private static final Logger LOGGER = LoggerFactory.getLogger(SentryPlugin.class);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
index 22a436a..7387281 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarder.java
@@ -19,6 +19,7 @@ package org.apache.sentry.hdfs;
import java.io.Closeable;
import java.io.IOException;
+import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
@@ -34,14 +35,12 @@ import org.apache.sentry.provider.db.service.persistent.HAContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.google.common.collect.Lists;
-
public class UpdateForwarder<K extends Updateable.Update> implements
Updateable<K>, Closeable {
- public static interface ExternalImageRetriever<K> {
+ interface ExternalImageRetriever<K> {
- public K retrieveFullImage(long currSeqNum);
+ K retrieveFullImage(long currSeqNum);
}
@@ -77,9 +76,9 @@ public class UpdateForwarder<K extends Updateable.Update> implements
ExternalImageRetriever<K> imageRetreiver, int maxUpdateLogSize) {
this(conf, updateable, imageRetreiver, maxUpdateLogSize, INIT_UPDATE_RETRY_DELAY);
}
- public UpdateForwarder(Configuration conf, Updateable<K> updateable,
+ public UpdateForwarder(Configuration conf, Updateable<K> updateable, //NOPMD
ExternalImageRetriever<K> imageRetreiver, int maxUpdateLogSize,
- int initUpdateRetryDelay) {
+ int initUpdateRetryDelay) {
this.maxUpdateLogSize = maxUpdateLogSize;
this.imageRetreiver = imageRetreiver;
if (imageRetreiver != null) {
@@ -177,7 +176,7 @@ public class UpdateForwarder<K extends Updateable.Update> implements
} else {
if (editNotMissed) {
// apply partial preUpdate
- updateable.updatePartial(Lists.newArrayList(update), lock);
+ updateable.updatePartial(Collections.singletonList(update), lock);
} else {
// Retrieve full update from External Source and
if (imageRetreiver != null) {
@@ -197,7 +196,7 @@ public class UpdateForwarder<K extends Updateable.Update> implements
synchronized (getUpdateLog()) {
boolean logCompacted = false;
if (getMaxUpdateLogSize() > 0) {
- if (update.hasFullImage() || (getUpdateLog().size() == getMaxUpdateLogSize())) {
+ if (update.hasFullImage() || getUpdateLog().size() == getMaxUpdateLogSize()) {
// Essentially a log compaction
getUpdateLog().clear();
getUpdateLog().add(update.hasFullImage() ? update
@@ -227,7 +226,7 @@ public class UpdateForwarder<K extends Updateable.Update> implements
List<K> retVal = new LinkedList<K>();
synchronized (getUpdateLog()) {
long currSeqNum = lastCommittedSeqNum.get();
- if (LOGGER.isDebugEnabled() && (updateable != null)) {
+ if (LOGGER.isDebugEnabled() && updateable != null) {
LOGGER.debug("#### GetAllUpdatesFrom ["
+ "type=" + updateable.getClass() + ", "
+ "reqSeqNum=" + seqNum + ", "
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
index 9a4e7bb..574627c 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateForwarderWithHA.java
@@ -19,26 +19,16 @@ package org.apache.sentry.hdfs;
import java.io.IOException;
import java.util.LinkedList;
-import java.util.concurrent.TimeUnit;
import org.apache.curator.framework.CuratorFramework;
-import org.apache.curator.framework.recipes.atomic.DistributedAtomicLong;
-import org.apache.curator.framework.recipes.cache.PathChildrenCache;
import org.apache.curator.framework.recipes.cache.PathChildrenCacheEvent;
import org.apache.curator.framework.recipes.cache.PathChildrenCacheListener;
-import org.apache.curator.framework.recipes.locks.InterProcessSemaphoreMutex;
-import org.apache.curator.utils.ZKPaths;
import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.SentryUserException;
import org.apache.sentry.hdfs.ServiceConstants.ServerConfig;
-import org.apache.sentry.hdfs.UpdateForwarder;
import org.apache.sentry.provider.db.SentryPolicyStorePlugin.SentryPluginException;
-import org.apache.sentry.provider.db.service.persistent.HAContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import com.google.common.cache.Cache;
-
public class UpdateForwarderWithHA<K extends Updateable.Update> extends
UpdateForwarder<K> implements Updateable<K> {
private static final Logger LOGGER = LoggerFactory.getLogger(UpdateForwarderWithHA.class);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
index 2fe81fd..3d756c9 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/UpdateablePermissions.java
@@ -20,8 +20,6 @@ package org.apache.sentry.hdfs;
import java.util.concurrent.atomic.AtomicLong;
import java.util.concurrent.locks.ReadWriteLock;
-import org.apache.sentry.hdfs.PermissionsUpdate;
-import org.apache.sentry.hdfs.Updateable;
import org.apache.sentry.hdfs.UpdateForwarder.ExternalImageRetriever;
public class UpdateablePermissions implements Updateable<PermissionsUpdate>{
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java b/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
index 40af05a..5246e05 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/test/java/org/apache/sentry/hdfs/TestHAUpdateForwarder.java
@@ -19,7 +19,6 @@ package org.apache.sentry.hdfs;
import static org.junit.Assert.assertEquals;
-import java.io.IOException;
import java.util.List;
import org.apache.curator.test.TestingServer;
@@ -28,7 +27,6 @@ import org.apache.sentry.provider.db.service.persistent.HAContext;
import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
import org.junit.After;
import org.junit.Before;
-import org.junit.BeforeClass;
import org.junit.Test;
import com.google.common.collect.Lists;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
index 38a5b65..bbb009c 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
@@ -17,7 +17,6 @@
package org.apache.sentry.policy.common;
-import java.util.List;
import java.util.Set;
import javax.annotation.concurrent.ThreadSafe;
@@ -39,7 +38,7 @@ public interface PolicyEngine {
* This is typically a factory that returns a privilege used to evaluate wildcards.
* @return the privilege factory
*/
- public PrivilegeFactory getPrivilegeFactory();
+ PrivilegeFactory getPrivilegeFactory();
/**
* Get privileges associated with a group. Returns Strings which can be resolved
@@ -50,7 +49,7 @@ public interface PolicyEngine {
* @param active role-set
* @return non-null immutable set of privileges
*/
- public ImmutableSet<String> getAllPrivileges(Set<String> groups, ActiveRoleSet roleSet)
+ ImmutableSet<String> getAllPrivileges(Set<String> groups, ActiveRoleSet roleSet)
throws SentryConfigurationException;
/**
@@ -63,10 +62,10 @@ public interface PolicyEngine {
* @param authorizable Hierarchy (Can be null)
* @return non-null immutable set of privileges
*/
- public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy)
+ ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy)
throws SentryConfigurationException;
- public void close();
+ void close();
- public void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
+ void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
index c7e1734..27d5afa 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java
@@ -17,5 +17,5 @@
package org.apache.sentry.policy.common;
public interface Privilege {
- public boolean implies(Privilege p);
+ boolean implies(Privilege p);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
index 5548f04..36abdd4 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java
@@ -20,5 +20,5 @@ import org.apache.shiro.config.ConfigurationException;
public interface PrivilegeValidator {
- public void validate(PrivilegeValidatorContext context) throws ConfigurationException;
+ void validate(PrivilegeValidatorContext context) throws ConfigurationException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
index eb7350e..dfc2872 100644
--- a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
+++ b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/DBWildcardPrivilege.java
@@ -30,8 +30,6 @@ import org.apache.sentry.policy.common.Privilege;
import org.apache.sentry.policy.common.PrivilegeFactory;
import org.apache.sentry.provider.common.KeyValue;
import org.apache.sentry.provider.common.ProviderConstants;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
@@ -41,8 +39,6 @@ import com.google.common.collect.Lists;
// XXX this class is made ugly by the fact that Action is not a Authorizable.
public class DBWildcardPrivilege implements Privilege {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(DBWildcardPrivilege.class);
private final ImmutableList<KeyValue> parts;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
index a03794e..b5b584f 100644
--- a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
+++ b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
@@ -16,7 +16,6 @@
*/
package org.apache.sentry.policy.db;
-import java.util.List;
import java.util.Set;
import org.apache.sentry.core.common.ActiveRoleSet;
@@ -63,7 +62,7 @@ public class SimpleDBPolicyEngine implements PolicyEngine {
@Override
public ImmutableSet<String> getAllPrivileges(Set<String> groups,
ActiveRoleSet roleSet) throws SentryConfigurationException {
- return getPrivileges(groups, roleSet, null);
+ return getPrivileges(groups, roleSet);
}
/**
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
index bdb1c96..52a9021 100644
--- a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
+++ b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
@@ -66,7 +66,6 @@ public class TestSearchAuthorizationProviderGeneralCases {
private static final Collection COLL_TMP = new Collection("tmpcollection");
private static final Collection COLL_PURCHASES_PARTIAL = new Collection("purchases_partial");
- private static final SearchModelAction ALL = SearchModelAction.ALL;
private static final SearchModelAction QUERY = SearchModelAction.QUERY;
private static final SearchModelAction UPDATE = SearchModelAction.UPDATE;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
index 3a57dfc..bbbcedd 100644
--- a/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
+++ b/sentry-policy/sentry-policy-sqoop/src/main/java/org/apache/sentry/policy/sqoop/ServerNameRequiredMatch.java
@@ -40,7 +40,7 @@ public class ServerNameRequiredMatch implements PrivilegeValidator {
Iterable<SqoopAuthorizable> authorizables = parsePrivilege(context.getPrivilege());
boolean match = false;
for (SqoopAuthorizable authorizable : authorizables) {
- if ((authorizable instanceof Server) && authorizable.getName().equalsIgnoreCase(sqoopServerName)) {
+ if (authorizable instanceof Server && authorizable.getName().equalsIgnoreCase(sqoopServerName)) {
match = true;
break;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
index 29c6c5c..811b931 100644
--- a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
+++ b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java
@@ -26,8 +26,8 @@ public interface PrivilegeCache {
* Get the privileges for the give set of groups with the give active roles
* from the cache
*/
- public Set<String> listPrivileges(Set<String> groups,
+ Set<String> listPrivileges(Set<String> groups,
ActiveRoleSet roleSet);
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
index 4b98447..73ed6c2 100644
--- a/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
+++ b/sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/SimpleCacheProviderBackend.java
@@ -31,11 +31,9 @@ import com.google.common.collect.ImmutableSet;
public class SimpleCacheProviderBackend implements ProviderBackend {
private PrivilegeCache cacheHandle;
- private Configuration conf;
private boolean isInitialized = false;
- public SimpleCacheProviderBackend(Configuration conf, String resourcePath) {
- this.conf = conf;
+ public SimpleCacheProviderBackend(Configuration conf, String resourcePath) { //NOPMD
}
/**
@@ -44,7 +42,9 @@ public class SimpleCacheProviderBackend implements ProviderBackend {
*/
@Override
public void initialize(ProviderBackendContext context) {
- if (isInitialized) return;
+ if (isInitialized) {
+ return;
+ }
isInitialized = true;
cacheHandle = (PrivilegeCache) context.getBindingHandle();
assert cacheHandle != null;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
index fe54b42..7141e81 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
@@ -34,7 +34,7 @@ import org.apache.sentry.policy.common.PolicyEngine;
@ThreadSafe
public interface AuthorizationProvider {
- public static String SENTRY_PROVIDER = "sentry.provider";
+ String SENTRY_PROVIDER = "sentry.provider";
/***
* Returns validate subject privileges on given Authorizable object
@@ -48,7 +48,7 @@ public interface AuthorizationProvider {
* @return
* True if the subject is authorized to perform requested action on the given object
*/
- public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
+ boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
Set<? extends Action> actions, ActiveRoleSet roleSet);
/***
@@ -56,14 +56,14 @@ public interface AuthorizationProvider {
*
* @return GroupMappingService used by the AuthorizationProvider
*/
- public GroupMappingService getGroupMapping();
+ GroupMappingService getGroupMapping();
/***
* Validate the policy file format for syntax and semantic errors
* @param strictValidation
* @throws SentryConfigurationException
*/
- public void validateResource(boolean strictValidation) throws SentryConfigurationException;
+ void validateResource(boolean strictValidation) throws SentryConfigurationException;
/***
* Returns the list privileges for the given subject
@@ -71,7 +71,7 @@ public interface AuthorizationProvider {
* @return
* @throws SentryConfigurationException
*/
- public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException;
+ Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException;
/**
* Returns the list privileges for the given group
@@ -79,21 +79,21 @@ public interface AuthorizationProvider {
* @return
* @throws SentryConfigurationException
*/
- public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException;
+ Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException;
/***
* Returns the list of missing privileges of the last access request
* @return
*/
- public List<String> getLastFailedPrivileges();
+ List<String> getLastFailedPrivileges();
/**
* Frees any resources held by the the provider
*/
- public void close();
+ void close();
/**
* Get the policy engine
*/
- public PolicyEngine getPolicyEngine();
+ PolicyEngine getPolicyEngine();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
index 22371d1..7e85261 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
@@ -31,5 +31,5 @@ public interface GroupMappingService {
/**
* @return non-null list of groups for user
*/
- public Set<String> getGroups(String user);
+ Set<String> getGroups(String user);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
index 4214449..f599dbb 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
@@ -24,15 +24,11 @@ import java.util.Set;
import org.apache.commons.lang.StringUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.Groups;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import com.google.common.collect.Lists;
public class HadoopGroupMappingService implements GroupMappingService {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(HadoopGroupMappingService.class);
private static Configuration hadoopConf;
private final Groups groups;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
index c8e6c9d..bcd3312 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
@@ -22,8 +22,6 @@ import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.security.Groups;
import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.GroupMappingService;
-import org.apache.sentry.provider.common.HadoopGroupMappingService;
import com.google.common.annotations.VisibleForTesting;
@@ -41,7 +39,7 @@ public class HadoopGroupResourceAuthorizationProvider extends
this(new Configuration(), resource, policy);
}
- public HadoopGroupResourceAuthorizationProvider(Configuration conf, String resource, PolicyEngine policy) throws IOException {
+ public HadoopGroupResourceAuthorizationProvider(Configuration conf, String resource, PolicyEngine policy) throws IOException { //NOPMD
this(policy, new HadoopGroupMappingService(getGroups(conf)));
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
index cad37b4..984fe46 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/KeyValue.java
@@ -73,23 +73,30 @@ public class KeyValue {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
KeyValue other = (KeyValue) obj;
if (key == null) {
- if (other.key != null)
+ if (other.key != null) {
return false;
- } else if (!key.equalsIgnoreCase(other.key))
+ }
+ } else if (!key.equalsIgnoreCase(other.key)) {
return false;
+ }
if (value == null) {
- if (other.value != null)
+ if (other.value != null) {
return false;
- } else if (!value.equalsIgnoreCase(other.value))
+ }
+ } else if (!value.equalsIgnoreCase(other.value)) {
return false;
+ }
return true;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
index 7cf617e..82b215c 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
@@ -44,7 +44,6 @@ public class NoAuthorizationProvider implements AuthorizationProvider {
@Override
public void validateResource(boolean strictValidation) throws SentryConfigurationException {
- return;
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
index ddb9cf9..b19a170 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
@@ -42,17 +42,17 @@ public interface ProviderBackend {
* that would be backwards incompatible.
* @param validators
*/
- public void initialize(ProviderBackendContext context);
+ void initialize(ProviderBackendContext context);
/**
* Get the privileges from the backend.
*/
- public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy);
+ ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy);
/**
* Get the roles associated with the groups from the backend.
*/
- public ImmutableSet<String> getRoles(Set<String> groups, ActiveRoleSet roleSet);
+ ImmutableSet<String> getRoles(Set<String> groups, ActiveRoleSet roleSet);
/**
* If strictValidation is true then an error is thrown for warnings
@@ -61,7 +61,7 @@ public interface ProviderBackend {
* @param strictValidation
* @throws SentryConfigurationException
*/
- public void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
+ void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
index 7bf830c..fef4bd9 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
@@ -109,7 +109,7 @@ public abstract class ResourceAuthorizationProvider implements AuthorizationProv
* Does the permission granted in the policy file imply the requested action?
*/
boolean result = permission.implies(privilegeFactory.createPrivilege(requestPrivilege));
- if(LOGGER.isDebugEnabled()) {
+ if (LOGGER.isDebugEnabled()) {
LOGGER.debug("ProviderPrivilege {}, RequestPrivilege {}, RoleSet, {}, Result {}",
new Object[]{ permission, requestPrivilege, roleSet, result});
}
@@ -135,23 +135,22 @@ public abstract class ResourceAuthorizationProvider implements AuthorizationProv
private ImmutableSet<String> appendDefaultDBPriv(ImmutableSet<String> privileges, Authorizable[] authorizables) {
// Only for switch db
- if ((authorizables != null)&&(authorizables.length == 4)&&(authorizables[2].getName().equals("+"))) {
- if ((privileges.size() == 1) && hasOnlyServerPrivilege(privileges.asList().get(0))) {
- // Assuming authorizable[0] will always be the server
- // This Code is only reachable only when user fires a 'use default'
- // and the user has a privilege on atleast 1 privilized Object
- String defaultPriv = "Server=" + authorizables[0].getName()
- + "->Db=default->Table=*->Column=*->action=select";
- HashSet<String> newPrivs = Sets.newHashSet(defaultPriv);
- return ImmutableSet.copyOf(newPrivs);
- }
+ if (authorizables != null && authorizables.length == 4 && authorizables[2].getName().equals("+")
+ && privileges.size() == 1 && hasOnlyServerPrivilege(privileges.asList().get(0))) {
+ // Assuming authorizable[0] will always be the server
+ // This Code is only reachable only when user fires a 'use default'
+ // and the user has a privilege on atleast 1 privilized Object
+ String defaultPriv = "Server=" + authorizables[0].getName()
+ + "->Db=default->Table=*->Column=*->action=select";
+ Set<String> newPrivs = Sets.newHashSet(defaultPriv);
+ return ImmutableSet.copyOf(newPrivs);
}
return privileges;
}
private boolean hasOnlyServerPrivilege(String priv) {
ArrayList<String> l = Lists.newArrayList(AUTHORIZABLE_SPLITTER.split(priv));
- if ((l.size() == 1)&&(l.get(0).toLowerCase().startsWith("server"))) {
+ if (l.size() == 1 && l.get(0).toLowerCase().startsWith("server")) {
return l.get(0).toLowerCase().split("=")[1].endsWith("+");
}
return false;
@@ -173,12 +172,12 @@ public abstract class ResourceAuthorizationProvider implements AuthorizationProv
@Override
public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException {
- return policy.getPrivileges(getGroups(subject), ActiveRoleSet.ALL, null);
+ return policy.getPrivileges(getGroups(subject), ActiveRoleSet.ALL);
}
@Override
public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException {
- return policy.getPrivileges(Sets.newHashSet(groupName), ActiveRoleSet.ALL, null);
+ return policy.getPrivileges(Sets.newHashSet(groupName), ActiveRoleSet.ALL);
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
index f57198a..dfb5d70 100644
--- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
+++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
@@ -19,7 +19,6 @@ package org.apache.sentry.provider.common;
import static org.junit.Assert.assertSame;
import java.util.Set;
-import java.util.List;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.SentryConfigurationException;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
index 998a48b..fe1ea1f 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryPolicyStorePlugin.java
@@ -32,7 +32,7 @@ import org.apache.sentry.provider.db.service.thrift.TRenamePrivilegesRequest;
public interface SentryPolicyStorePlugin {
@SuppressWarnings("serial")
- public static class SentryPluginException extends SentryUserException {
+ class SentryPluginException extends SentryUserException {
public SentryPluginException(String msg) {
super(msg);
}
@@ -41,20 +41,20 @@ public interface SentryPolicyStorePlugin {
}
}
- public void initialize(Configuration conf, SentryStore sentryStore) throws SentryPluginException;
+ void initialize(Configuration conf, SentryStore sentryStore) throws SentryPluginException;
- public void onAlterSentryRoleAddGroups(TAlterSentryRoleAddGroupsRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleAddGroups(TAlterSentryRoleAddGroupsRequest tRequest) throws SentryPluginException;
- public void onAlterSentryRoleDeleteGroups(TAlterSentryRoleDeleteGroupsRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleDeleteGroups(TAlterSentryRoleDeleteGroupsRequest tRequest) throws SentryPluginException;
- public void onAlterSentryRoleGrantPrivilege(TAlterSentryRoleGrantPrivilegeRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleGrantPrivilege(TAlterSentryRoleGrantPrivilegeRequest tRequest) throws SentryPluginException;
- public void onAlterSentryRoleRevokePrivilege(TAlterSentryRoleRevokePrivilegeRequest tRequest) throws SentryPluginException;
+ void onAlterSentryRoleRevokePrivilege(TAlterSentryRoleRevokePrivilegeRequest tRequest) throws SentryPluginException;
- public void onDropSentryRole(TDropSentryRoleRequest tRequest) throws SentryPluginException;
+ void onDropSentryRole(TDropSentryRoleRequest tRequest) throws SentryPluginException;
- public void onRenameSentryPrivilege(TRenamePrivilegesRequest request) throws SentryPluginException;
+ void onRenameSentryPrivilege(TRenamePrivilegesRequest request) throws SentryPluginException;
- public void onDropSentryPrivilege(TDropPrivilegesRequest request) throws SentryPluginException;
+ void onDropSentryPrivilege(TDropPrivilegesRequest request) throws SentryPluginException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
index ff25d95..b996095 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
@@ -41,7 +41,7 @@ public class SimpleDBProviderBackend implements ProviderBackend {
private int retryCount;
private int retryIntervalSec;
- public SimpleDBProviderBackend(Configuration conf, String resourcePath) throws Exception {
+ public SimpleDBProviderBackend(Configuration conf, String resourcePath) throws Exception { //NOPMD
// DB Provider doesn't use policy file path
this(conf);
}
@@ -64,10 +64,6 @@ public class SimpleDBProviderBackend implements ProviderBackend {
*/
@Override
public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) {
- return getPrivileges(retryCount, groups, roleSet, authorizableHierarchy);
- }
-
- private ImmutableSet<String> getPrivileges(int retryCount, Set<String> groups, ActiveRoleSet roleSet, Authorizable... authorizableHierarchy) {
int retries = Math.max(retryCount + 1, 1); // if customer configs retryCount as Integer.MAX_VALUE, try only once
while (retries > 0) {
retries--;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
index d7cb814..474d05c 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/SentryGenericProviderBackend.java
@@ -49,7 +49,7 @@ public class SentryGenericProviderBackend implements ProviderBackend {
// ProviderBackend should have the same construct to support the reflect in authBinding,
// eg:SqoopAuthBinding
- public SentryGenericProviderBackend(Configuration conf, String resource)
+ public SentryGenericProviderBackend(Configuration conf, String resource) //NOPMD
throws Exception {
this.conf = conf;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
index 0aab975..e1c15fa 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
@@ -320,7 +320,9 @@ public class DelegateSentryStore implements SentryStoreLayer {
throws SentryUserException {
roles = toTrimedLower(roles);
Set<String> groupNames = Sets.newHashSet();
- if (roles.size() == 0) return groupNames;
+ if (roles.size() == 0) {
+ return groupNames;
+ }
PersistenceManager pm = null;
try{
@@ -354,7 +356,9 @@ public class DelegateSentryStore implements SentryStoreLayer {
Set<String> roles) throws SentryUserException {
Preconditions.checkNotNull(roles);
Set<PrivilegeObject> privileges = Sets.newHashSet();
- if (roles.isEmpty()) return privileges;
+ if (roles.isEmpty()) {
+ return privileges;
+ }
PersistenceManager pm = null;
try {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
index aa56207..c6e4aa6 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
@@ -20,7 +20,6 @@ package org.apache.sentry.provider.db.generic.service.persistent;
import static org.apache.sentry.provider.common.ProviderConstants.KV_JOINER;
import static org.apache.sentry.provider.common.ProviderConstants.AUTHORIZABLE_JOINER;
-import java.util.ArrayList;
import java.util.List;
import org.apache.sentry.core.common.Authorizable;
import com.google.common.base.Preconditions;
@@ -91,33 +90,44 @@ public class PrivilegeObject {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
PrivilegeObject other = (PrivilegeObject) obj;
if (action == null) {
- if (other.action != null)
+ if (other.action != null) {
return false;
- } else if (!action.equals(other.action))
+ }
+ } else if (!action.equals(other.action)) {
return false;
+ }
if (service == null) {
- if (other.service != null)
+ if (other.service != null) {
return false;
- } else if (!service.equals(other.service))
+ }
+ } else if (!service.equals(other.service)) {
return false;
+ }
if (component == null) {
- if (other.component != null)
+ if (other.component != null) {
return false;
- } else if (!component.equals(other.component))
+ }
+ } else if (!component.equals(other.component)) {
return false;
+ }
if (grantOption == null) {
- if (other.grantOption != null)
+ if (other.grantOption != null) {
return false;
- } else if (!grantOption.equals(other.grantOption))
+ }
+ } else if (!grantOption.equals(other.grantOption)) {
return false;
+ }
if (authorizables.size() != other.authorizables.size()) {
return false;
@@ -186,7 +196,7 @@ public class PrivilegeObject {
*/
private List<? extends Authorizable> toLowerAuthorizableName(List<? extends Authorizable> authorizables) {
List<Authorizable> newAuthorizable = Lists.newArrayList();
- if ((authorizables == null) || (authorizables.size() == 0)) {
+ if (authorizables == null || authorizables.size() == 0) {
return newAuthorizable;
}
for (final Authorizable authorizable : authorizables) {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
index 98b22b0..c3b0be8 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeOperatePersistence.java
@@ -35,7 +35,6 @@ import org.apache.sentry.core.model.search.SearchActionFactory;
import org.apache.sentry.core.model.sqoop.SqoopActionFactory;
import org.apache.sentry.provider.db.generic.service.persistent.PrivilegeObject.Builder;
import org.apache.sentry.provider.db.service.model.MSentryGMPrivilege;
-import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryRole;
import com.google.common.base.Joiner;
@@ -60,7 +59,7 @@ public class PrivilegeOperatePersistence {
//get persistent privileges by roles
Query query = pm.newQuery(MSentryGMPrivilege.class);
StringBuilder filters = new StringBuilder();
- if ((roles != null) && (roles.size() > 0)) {
+ if (roles != null && roles.size() > 0) {
query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
List<String> rolesFiler = new LinkedList<String>();
for (MSentryRole role : roles) {
@@ -102,7 +101,7 @@ public class PrivilegeOperatePersistence {
for (BitFieldAction ac : actions) {
grantPrivilege.setAction(ac.getValue());
MSentryGMPrivilege existPriv = getPrivilege(grantPrivilege, pm);
- if ((existPriv != null) && (role.getGmPrivileges().contains(existPriv))) {
+ if (existPriv != null && role.getGmPrivileges().contains(existPriv)) {
/**
* force to load all roles related this privilege
* avoid the lazy-loading risk,such as:
@@ -122,7 +121,7 @@ public class PrivilegeOperatePersistence {
*/
grantPrivilege.setAction(allAction.getValue());
MSentryGMPrivilege allPrivilege = getPrivilege(grantPrivilege, pm);
- if ((allPrivilege != null) && (role.getGmPrivileges().contains(allPrivilege))) {
+ if (allPrivilege != null && role.getGmPrivileges().contains(allPrivilege)) {
return;
}
}
@@ -184,7 +183,7 @@ public class PrivilegeOperatePersistence {
//add populateIncludePrivilegesQuery
filters.append(MSentryGMPrivilege.populateIncludePrivilegesQuery(parent));
// add filter for role names
- if ((roles != null) && (roles.size() > 0)) {
+ if (roles != null && roles.size() > 0) {
query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
List<String> rolesFiler = new LinkedList<String>();
for (MSentryRole role : roles) {
@@ -257,12 +256,11 @@ public class PrivilegeOperatePersistence {
*/
persistedPriv.removeRole(role);
pm.makePersistent(persistedPriv);
- } else {
- /**
- * if the revoke action is not equal to the persisted action,
- * do nothing
- */
}
+ /**
+ * if the revoke action is not equal to the persisted action,
+ * do nothing
+ */
}
}
@@ -311,7 +309,7 @@ public class PrivilegeOperatePersistence {
@SuppressWarnings("unchecked")
public Set<PrivilegeObject> getPrivilegesByRole(Set<MSentryRole> roles, PersistenceManager pm) {
Set<PrivilegeObject> privileges = Sets.newHashSet();
- if ((roles == null) || (roles.size() == 0)) {
+ if (roles == null || roles.size() == 0) {
return privileges;
}
Query query = pm.newQuery(MSentryGMPrivilege.class);
@@ -326,7 +324,7 @@ public class PrivilegeOperatePersistence {
query.setFilter(filters.toString());
List<MSentryGMPrivilege> mPrivileges = (List<MSentryGMPrivilege>) query.execute();
- if ((mPrivileges == null) || (mPrivileges.size() ==0)) {
+ if (mPrivileges == null || mPrivileges.isEmpty()) {
return privileges;
}
for (MSentryGMPrivilege mPrivilege : mPrivileges) {
@@ -345,7 +343,9 @@ public class PrivilegeOperatePersistence {
String service, Set<MSentryRole> roles,
List<? extends Authorizable> authorizables, PersistenceManager pm) {
Set<PrivilegeObject> privileges = Sets.newHashSet();
- if ((roles == null) || (roles.size() == 0)) return privileges;
+ if (roles == null || roles.isEmpty()) {
+ return privileges;
+ }
MSentryGMPrivilege parentPrivilege = new MSentryGMPrivilege(component, service, authorizables, null, null);
Set<MSentryGMPrivilege> privilegeGraph = Sets.newHashSet();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
index ba9e36f..f6d73e7 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/SentryStoreLayer.java
@@ -38,7 +38,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryAlreadyExistsException
*/
- public CommitContext createRole(String component, String role,
+ CommitContext createRole(String component, String role,
String requestor) throws SentryAlreadyExistsException;
/**
@@ -49,7 +49,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryNoSuchObjectException
*/
- public CommitContext dropRole(String component, String role,
+ CommitContext dropRole(String component, String role,
String requestor) throws SentryNoSuchObjectException;
/**
@@ -61,7 +61,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryNoSuchObjectException
*/
- public CommitContext alterRoleAddGroups(String component, String role,
+ CommitContext alterRoleAddGroups(String component, String role,
Set<String> groups, String requestor) throws SentryNoSuchObjectException;
/**
@@ -73,7 +73,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryNoSuchObjectException
*/
- public CommitContext alterRoleDeleteGroups(String component, String role,
+ CommitContext alterRoleDeleteGroups(String component, String role,
Set<String> groups, String requestor) throws SentryNoSuchObjectException;
/**
@@ -85,7 +85,7 @@ public interface SentryStoreLayer {
* @returns commit context Used for notification handlers
* @throws SentryUserException
*/
- public CommitContext alterRoleGrantPrivilege(String component, String role,
+ CommitContext alterRoleGrantPrivilege(String component, String role,
PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException;
/**
@@ -97,7 +97,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryUserException
*/
- public CommitContext alterRoleRevokePrivilege(String component, String role,
+ CommitContext alterRoleRevokePrivilege(String component, String role,
PrivilegeObject privilege, String grantorPrincipal) throws SentryUserException;
/**
@@ -111,7 +111,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryUserException
*/
- public CommitContext renamePrivilege(
+ CommitContext renamePrivilege(
String component, String service, List<? extends Authorizable> oldAuthorizables,
List<? extends Authorizable> newAuthorizables, String requestor) throws SentryUserException;
@@ -123,7 +123,7 @@ public interface SentryStoreLayer {
* @returns commit context used for notification handlers
* @throws SentryUserException
*/
- public CommitContext dropPrivilege(String component, PrivilegeObject privilege,
+ CommitContext dropPrivilege(String component, PrivilegeObject privilege,
String requestor) throws SentryUserException;
/**
@@ -133,7 +133,7 @@ public interface SentryStoreLayer {
* @returns the set of roles
* @throws SentryUserException
*/
- public Set<String> getRolesByGroups(String component, Set<String> groups) throws SentryUserException;
+ Set<String> getRolesByGroups(String component, Set<String> groups) throws SentryUserException;
/**
* Get groups
@@ -142,7 +142,7 @@ public interface SentryStoreLayer {
* @returns the set of groups
* @throws SentryUserException
*/
- public Set<String> getGroupsByRoles(String component, Set<String> roles) throws SentryUserException;
+ Set<String> getGroupsByRoles(String component, Set<String> roles) throws SentryUserException;
/**
* Get privileges
@@ -151,7 +151,7 @@ public interface SentryStoreLayer {
* @returns the set of privileges
* @throws SentryUserException
*/
- public Set<PrivilegeObject> getPrivilegesByRole(String component, Set<String> roles) throws SentryUserException;
+ Set<PrivilegeObject> getPrivilegesByRole(String component, Set<String> roles) throws SentryUserException;
/**
* get sentry privileges from provider as followings:
@@ -164,12 +164,12 @@ public interface SentryStoreLayer {
* @throws SentryUserException
*/
- public Set<PrivilegeObject> getPrivilegesByProvider(String component, String service,Set<String> roles,
+ Set<PrivilegeObject> getPrivilegesByProvider(String component, String service,Set<String> roles,
Set<String> groups, List<? extends Authorizable> authorizables)
throws SentryUserException;
/**
* close sentryStore
*/
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
index d8a51a6..e0a5f03 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandler.java
@@ -17,47 +17,31 @@
*/
package org.apache.sentry.provider.db.generic.service.thrift;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesResponse;
import org.apache.sentry.provider.db.service.persistent.CommitContext;
public interface NotificationHandler {
- public void create_sentry_role(CommitContext context,
+ void create_sentry_role(CommitContext context,
TCreateSentryRoleRequest request, TCreateSentryRoleResponse response);
- public void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request,
+ void drop_sentry_role(CommitContext context, TDropSentryRoleRequest request,
TDropSentryRoleResponse response);
- public void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request,
+ void alter_sentry_role_grant_privilege(CommitContext context, TAlterSentryRoleGrantPrivilegeRequest request,
TAlterSentryRoleGrantPrivilegeResponse response);
- public void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request,
+ void alter_sentry_role_revoke_privilege(CommitContext context, TAlterSentryRoleRevokePrivilegeRequest request,
TAlterSentryRoleRevokePrivilegeResponse response);
- public void alter_sentry_role_add_groups(CommitContext context,TAlterSentryRoleAddGroupsRequest request,
+ void alter_sentry_role_add_groups(CommitContext context,TAlterSentryRoleAddGroupsRequest request,
TAlterSentryRoleAddGroupsResponse response);
- public void alter_sentry_role_delete_groups(CommitContext context, TAlterSentryRoleDeleteGroupsRequest request,
+ void alter_sentry_role_delete_groups(CommitContext context, TAlterSentryRoleDeleteGroupsRequest request,
TAlterSentryRoleDeleteGroupsResponse response);
- public void drop_sentry_privilege(CommitContext context, TDropPrivilegesRequest request,
+ void drop_sentry_privilege(CommitContext context, TDropPrivilegesRequest request,
TDropPrivilegesResponse response);
- public void rename_sentry_privilege(CommitContext context, TRenamePrivilegesRequest request,
+ void rename_sentry_privilege(CommitContext context, TRenamePrivilegesRequest request,
TRenamePrivilegesResponse response);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
index 317c97b..11b5456 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
@@ -19,22 +19,6 @@ package org.apache.sentry.provider.db.generic.service.thrift;
import java.util.List;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropPrivilegesResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesRequest;
-import org.apache.sentry.provider.db.generic.service.thrift.TRenamePrivilegesResponse;
import org.apache.sentry.provider.db.service.persistent.CommitContext;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
index e7b6d17..45f9ce4 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericPolicyProcessor.java
@@ -99,7 +99,9 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
}
private Set<String> toTrimedLower(Set<String> s) {
- if (null == s) return new HashSet<String>();
+ if (null == s) {
+ return new HashSet<String>();
+ }
Set<String> result = Sets.newHashSet();
for (String v : s) {
result.add(v.trim().toLowerCase());
@@ -122,7 +124,8 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
requestorGroups = toTrimedLower(requestorGroups);
if (Sets.intersection(adminGroups, requestorGroups).isEmpty()) {
return false;
- } else return true;
+ }
+ return true;
}
public static SentryStoreLayer createStore(Configuration conf) throws SentryConfigurationException {
@@ -475,9 +478,7 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
public Response<Set<TSentryRole>> handle() throws Exception {
validateClientVersion(request.getProtocol_version());
Set<String> groups = getRequestorGroups(conf, request.getRequestorUserName());
- if (AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) {
- //check all groups which requestorUserName belongs to
- } else {
+ if (!AccessConstants.ALL.equalsIgnoreCase(request.getGroupName())) {
boolean admin = inAdminGroups(groups);
//Only admin users can list all roles in the system ( groupname = null)
//Non admin users are only allowed to list only groups which they belong to
@@ -628,7 +629,7 @@ public class SentryGenericPolicyProcessor implements SentryGenericPolicyService.
}
}
private interface RequestHandler <T>{
- public Response<T> handle() throws Exception ;
+ Response<T> handle() throws Exception ;
}
private static void validateClientVersion(int protocol_version) throws SentryThriftAPIMismatchException {
[2/4] incubator-sentry git commit: SENTRY-986: Apply PMD plugin to
Sentry source (Colm O hEigeartaigh via Lenni Kuff)
Posted by ls...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
index 4b31b0b..6050289 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClient.java
@@ -33,10 +33,10 @@ public interface SentryGenericServiceClient {
* @param component: The request is issued to which component
* @throws SentryUserException
*/
- public void createRole(String requestorUserName, String roleName,
+ void createRole(String requestorUserName, String roleName,
String component) throws SentryUserException;
- public void createRoleIfNotExist(String requestorUserName,
+ void createRoleIfNotExist(String requestorUserName,
String roleName, String component) throws SentryUserException;
/**
@@ -46,10 +46,10 @@ public interface SentryGenericServiceClient {
* @param component: The request is issued to which component
* @throws SentryUserException
*/
- public void dropRole(String requestorUserName, String roleName,
+ void dropRole(String requestorUserName, String roleName,
String component) throws SentryUserException;
- public void dropRoleIfExists(String requestorUserName, String roleName,
+ void dropRoleIfExists(String requestorUserName, String roleName,
String component) throws SentryUserException;
/**
@@ -60,7 +60,7 @@ public interface SentryGenericServiceClient {
* @param groups: The name of groups
* @throws SentryUserException
*/
- public void addRoleToGroups(String requestorUserName, String roleName,
+ void addRoleToGroups(String requestorUserName, String roleName,
String component, Set<String> groups) throws SentryUserException;
/**
@@ -71,7 +71,7 @@ public interface SentryGenericServiceClient {
* @param groups: The name of groups
* @throws SentryUserException
*/
- public void deleteRoleToGroups(String requestorUserName, String roleName,
+ void deleteRoleToGroups(String requestorUserName, String roleName,
String component, Set<String> groups) throws SentryUserException;
/**
@@ -82,7 +82,7 @@ public interface SentryGenericServiceClient {
* @param privilege
* @throws SentryUserException
*/
- public void grantPrivilege(String requestorUserName, String roleName,
+ void grantPrivilege(String requestorUserName, String roleName,
String component, TSentryPrivilege privilege) throws SentryUserException;
/**
@@ -93,7 +93,7 @@ public interface SentryGenericServiceClient {
* @param privilege
* @throws SentryUserException
*/
- public void revokePrivilege(String requestorUserName, String roleName,
+ void revokePrivilege(String requestorUserName, String roleName,
String component, TSentryPrivilege privilege) throws SentryUserException;
/**
@@ -104,7 +104,7 @@ public interface SentryGenericServiceClient {
* @param privilege
* @throws SentryUserException
*/
- public void dropPrivilege(String requestorUserName,String component,
+ void dropPrivilege(String requestorUserName,String component,
TSentryPrivilege privilege) throws SentryUserException;
/**
@@ -116,7 +116,7 @@ public interface SentryGenericServiceClient {
* @param newAuthorizables
* @throws SentryUserException
*/
- public void renamePrivilege(String requestorUserName, String component,
+ void renamePrivilege(String requestorUserName, String component,
String serviceName, List<? extends Authorizable> oldAuthorizables,
List<? extends Authorizable> newAuthorizables) throws SentryUserException;
@@ -128,16 +128,16 @@ public interface SentryGenericServiceClient {
* @return Set of thrift sentry role objects
* @throws SentryUserException
*/
- public Set<TSentryRole> listRolesByGroupName(
+ Set<TSentryRole> listRolesByGroupName(
String requestorUserName,
String groupName,
String component)
throws SentryUserException;
- public Set<TSentryRole> listUserRoles(String requestorUserName, String component)
+ Set<TSentryRole> listUserRoles(String requestorUserName, String component)
throws SentryUserException;
- public Set<TSentryRole> listAllRoles(String requestorUserName, String component)
+ Set<TSentryRole> listAllRoles(String requestorUserName, String component)
throws SentryUserException;
/**
@@ -150,12 +150,12 @@ public interface SentryGenericServiceClient {
* @return
* @throws SentryUserException
*/
- public Set<TSentryPrivilege> listPrivilegesByRoleName(
+ Set<TSentryPrivilege> listPrivilegesByRoleName(
String requestorUserName, String roleName, String component,
String serviceName, List<? extends Authorizable> authorizables)
throws SentryUserException;
- public Set<TSentryPrivilege> listPrivilegesByRoleName(
+ Set<TSentryPrivilege> listPrivilegesByRoleName(
String requestorUserName, String roleName, String component,
String serviceName) throws SentryUserException;
@@ -169,9 +169,9 @@ public interface SentryGenericServiceClient {
* @returns the set of permissions
* @throws SentryUserException
*/
- public Set<String> listPrivilegesForProvider(String component,
+ Set<String> listPrivilegesForProvider(String component,
String serviceName, ActiveRoleSet roleSet, Set<String> groups,
List<? extends Authorizable> authorizables) throws SentryUserException;
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
index c1eafe4..761b0a4 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
@@ -378,8 +378,8 @@ public class SentryGenericServiceClientDefaultImpl implements SentryGenericServi
public void renamePrivilege(String requestorUserName, String component,
String serviceName, List<? extends Authorizable> oldAuthorizables,
List<? extends Authorizable> newAuthorizables) throws SentryUserException {
- if ((oldAuthorizables == null) || (oldAuthorizables.size() == 0)
- || (newAuthorizables == null) || (newAuthorizables.size() == 0)) {
+ if (oldAuthorizables == null || oldAuthorizables.isEmpty()
+ || newAuthorizables == null || newAuthorizables.isEmpty()) {
throw new SentryUserException("oldAuthorizables and newAuthorizables can't be null or empty");
}
@@ -466,7 +466,7 @@ public class SentryGenericServiceClientDefaultImpl implements SentryGenericServi
request.setServiceName(serviceName);
request.setRequestorUserName(requestorUserName);
request.setRoleName(roleName);
- if ((authorizables != null) && (authorizables.size() > 0)) {
+ if (authorizables != null && !authorizables.isEmpty()) {
List<TAuthorizable> tAuthorizables = Lists.newArrayList();
for (Authorizable authorizable : authorizables) {
tAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
@@ -515,7 +515,7 @@ public class SentryGenericServiceClientDefaultImpl implements SentryGenericServi
request.setGroups(groups);
}
List<TAuthorizable> tAuthoriables = Lists.newArrayList();
- if ((authorizables != null) && (authorizables.size() > 0)) {
+ if (authorizables != null && !authorizables.isEmpty()) {
for (Authorizable authorizable : authorizables) {
tAuthoriables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
index 7ca5813..b8dafc8 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/appender/RollingFileWithoutDeleteAppender.java
@@ -22,7 +22,6 @@ import java.io.File;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.io.Writer;
-import java.nio.file.Files;
import org.apache.log4j.FileAppender;
import org.apache.log4j.Layout;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
index f7edeb1..913f125 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java
@@ -20,6 +20,6 @@ package org.apache.sentry.provider.db.log.entity;
public interface JsonLogEntity {
- public String toJsonFormatLog() throws Exception;
+ String toJsonFormatLog() throws Exception;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java
index 266f349..56bbb8f 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGMPrivilege.java
@@ -21,7 +21,6 @@ import static org.apache.sentry.provider.common.ProviderConstants.AUTHORIZABLE_J
import static org.apache.sentry.provider.common.ProviderConstants.KV_JOINER;
import java.lang.reflect.Field;
-import java.util.Arrays;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
@@ -51,14 +50,15 @@ public class MSentryGMPrivilege {
* We assume that the generic model privilege for any component(hive/impala or solr) doesn't exceed four level.
* This generic model privilege currently can support maximum 4 level.
**/
- private String resourceName0 = NULL_COL;
- private String resourceType0 = NULL_COL;
- private String resourceName1 = NULL_COL;
- private String resourceType1 = NULL_COL;
- private String resourceName2 = NULL_COL;
- private String resourceType2 = NULL_COL;
- private String resourceName3 = NULL_COL;
- private String resourceType3 = NULL_COL;
+ private String resourceName0 = NULL_COL; //NOPMD
+ private String resourceType0 = NULL_COL; //NOPMD
+ private String resourceName1 = NULL_COL; //NOPMD
+ private String resourceType1 = NULL_COL; //NOPMD
+ private String resourceName2 = NULL_COL; //NOPMD
+ private String resourceType2 = NULL_COL; //NOPMD
+ private String resourceName3 = NULL_COL; //NOPMD
+ private String resourceType3 = NULL_COL; //NOPMD
+
private String serviceName;
private String componentName;
@@ -180,7 +180,7 @@ public class MSentryGMPrivilege {
* @param authorizables
*/
public void setAuthorizables(List<? extends Authorizable> authorizables) {
- if ((authorizables == null) || (authorizables.isEmpty())) {
+ if (authorizables == null || authorizables.isEmpty()) {
//service scope
scope = SERVICE_SCOPE;
return;
@@ -253,38 +253,51 @@ public class MSentryGMPrivilege {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
MSentryGMPrivilege other = (MSentryGMPrivilege) obj;
if (action == null) {
- if (other.action != null)
+ if (other.action != null) {
return false;
- } else if (!action.equalsIgnoreCase(other.action))
+ }
+ } else if (!action.equalsIgnoreCase(other.action)) {
return false;
+ }
if (scope == null) {
- if (other.scope != null)
+ if (other.scope != null) {
return false;
- } else if (!scope.equals(other.scope))
+ }
+ } else if (!scope.equals(other.scope)) {
return false;
+ }
if (serviceName == null) {
- if (other.serviceName != null)
+ if (other.serviceName != null) {
return false;
- } else if (!serviceName.equals(other.serviceName))
+ }
+ } else if (!serviceName.equals(other.serviceName)) {
return false;
+ }
if (componentName == null) {
- if (other.componentName != null)
+ if (other.componentName != null) {
return false;
- } else if (!componentName.equals(other.componentName))
+ }
+ } else if (!componentName.equals(other.componentName)) {
return false;
+ }
if (grantOption == null) {
- if (other.grantOption != null)
+ if (other.grantOption != null) {
return false;
- } else if (!grantOption.equals(other.grantOption))
+ }
+ } else if (!grantOption.equals(other.grantOption)) {
return false;
+ }
List<? extends Authorizable> authorizables = getAuthorizables();
List<? extends Authorizable> other_authorizables = other.getAuthorizables();
@@ -349,7 +362,7 @@ public class MSentryGMPrivilege {
}
}
- if ( (!existIterator.hasNext()) && (!requestIterator.hasNext()) ){
+ if ( !existIterator.hasNext() && !requestIterator.hasNext() ){
/**
* The persistent privilege has the same authorizables size as the requested privilege
* The check is pass
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
index 32dbafc..7e41c93 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
@@ -91,20 +91,26 @@ public class MSentryGroup {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
MSentryGroup other = (MSentryGroup) obj;
- if (createTime != other.createTime)
+ if (createTime != other.createTime) {
return false;
+ }
if (groupName == null) {
- if (other.groupName != null)
+ if (other.groupName != null) {
return false;
- } else if (!groupName.equals(other.groupName))
+ }
+ } else if (!groupName.equals(other.groupName)) {
return false;
+ }
return true;
}
-}
\ No newline at end of file
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
index 1c68a0f..4c3af79 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
@@ -53,7 +53,7 @@ public class MSentryPrivilege {
this.roles = new HashSet<MSentryRole>();
}
- public MSentryPrivilege(String privilegeName, String privilegeScope,
+ public MSentryPrivilege(String privilegeScope,
String serverName, String dbName, String tableName, String columnName,
String URI, String action, Boolean grantOption) {
this.privilegeScope = privilegeScope;
@@ -67,10 +67,10 @@ public class MSentryPrivilege {
this.roles = new HashSet<MSentryRole>();
}
- public MSentryPrivilege(String privilegeName, String privilegeScope,
+ public MSentryPrivilege(String privilegeScope,
String serverName, String dbName, String tableName, String columnName,
String URI, String action) {
- this(privilegeName, privilegeScope, serverName, dbName, tableName,
+ this(privilegeScope, serverName, dbName, tableName,
columnName, URI, action, false);
}
@@ -202,48 +202,65 @@ public class MSentryPrivilege {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
MSentryPrivilege other = (MSentryPrivilege) obj;
if (URI == null) {
- if (other.URI != null)
+ if (other.URI != null) {
return false;
- } else if (!URI.equals(other.URI))
+ }
+ } else if (!URI.equals(other.URI)) {
return false;
+ }
if (action == null) {
- if (other.action != null)
+ if (other.action != null) {
return false;
- } else if (!action.equals(other.action))
+ }
+ } else if (!action.equals(other.action)) {
return false;
+ }
if (dbName == null) {
- if (other.dbName != null)
+ if (other.dbName != null) {
return false;
- } else if (!dbName.equals(other.dbName))
+ }
+ } else if (!dbName.equals(other.dbName)) {
return false;
+ }
if (serverName == null) {
- if (other.serverName != null)
+ if (other.serverName != null) {
return false;
- } else if (!serverName.equals(other.serverName))
+ }
+ } else if (!serverName.equals(other.serverName)) {
return false;
+ }
if (tableName == null) {
- if (other.tableName != null)
+ if (other.tableName != null) {
return false;
- } else if (!tableName.equals(other.tableName))
+ }
+ } else if (!tableName.equals(other.tableName)) {
return false;
+ }
if (columnName == null) {
- if (other.columnName != null)
+ if (other.columnName != null) {
return false;
- } else if (!columnName.equals(other.columnName))
+ }
+ } else if (!columnName.equals(other.columnName)) {
return false;
+ }
if (grantOption == null) {
- if (other.grantOption != null)
+ if (other.grantOption != null) {
return false;
- } else if (!grantOption.equals(other.grantOption))
+ }
+ } else if (!grantOption.equals(other.grantOption)) {
return false;
+ }
return true;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
index 0076753..24514ea 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
@@ -166,18 +166,23 @@ public class MSentryRole {
@Override
public boolean equals(Object obj) {
- if (this == obj)
+ if (this == obj) {
return true;
- if (obj == null)
+ }
+ if (obj == null) {
return false;
- if (getClass() != obj.getClass())
+ }
+ if (getClass() != obj.getClass()) {
return false;
+ }
MSentryRole other = (MSentryRole) obj;
if (roleName == null) {
- if (other.roleName != null)
+ if (other.roleName != null) {
return false;
- } else if (!roleName.equals(other.roleName))
+ }
+ } else if (!roleName.equals(other.roleName)) {
return false;
+ }
return true;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java
index 6eb36a1..476bf6a 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/FixedJsonInstanceSerializer.java
@@ -75,14 +75,14 @@ public class FixedJsonInstanceSerializer<T> implements InstanceSerializer<T>
private Integer getIntegerField(final JsonNode pNode, final String pFieldName) {
Preconditions.checkNotNull(pNode);
Preconditions.checkNotNull(pFieldName);
- return (pNode.get(pFieldName) != null && pNode.get(pFieldName).isNumber()) ? pNode.get(pFieldName)
+ return pNode.get(pFieldName) != null && pNode.get(pFieldName).isNumber() ? pNode.get(pFieldName)
.getIntValue() : null;
}
private Long getLongField(final JsonNode pNode, final String pFieldName) {
Preconditions.checkNotNull(pNode);
Preconditions.checkNotNull(pFieldName);
- return (pNode.get(pFieldName) != null && pNode.get(pFieldName).isLong()) ? pNode.get(pFieldName).getLongValue()
+ return pNode.get(pFieldName) != null && pNode.get(pFieldName).isLong() ? pNode.get(pFieldName).getLongValue()
: null;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
index ada6308..eac10a0 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
@@ -20,12 +20,7 @@ package org.apache.sentry.provider.db.service.persistent;
import java.io.IOException;
import java.util.Arrays;
-import java.util.Collections;
-import java.util.HashMap;
import java.util.List;
-import java.util.Map;
-
-import javax.security.auth.login.AppConfigurationEntry;
import org.apache.curator.RetryPolicy;
import org.apache.curator.framework.CuratorFramework;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 6798f2f..530bdc7 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -176,7 +176,7 @@ public class SentryStore {
prop.setProperty("datanucleus.NontransactionalWrite", "false");
pmf = JDOHelper.getPersistenceManagerFactory(prop);
- verifySentryStoreSchema(conf, checkSchemaVersion);
+ verifySentryStoreSchema(checkSchemaVersion);
// Kick off the thread that cleans orphaned privileges (unless told not to)
privCleaner = this.new PrivCleaner();
@@ -189,8 +189,7 @@ public class SentryStore {
}
// ensure that the backend DB schema is set
- private void verifySentryStoreSchema(Configuration serverConf,
- boolean checkVersion)
+ private void verifySentryStoreSchema(boolean checkVersion)
throws SentryNoSuchObjectException, SentryAccessDeniedException {
if (!checkVersion) {
setSentryVersion(SentryStoreSchemaInfo.getSentryVersion(),
@@ -337,7 +336,7 @@ public class SentryStore {
private <T> Long getCount(Class<T> tClass) {
PersistenceManager pm = null;
- Long size = new Long(-1);
+ Long size = Long.valueOf(-1);
try {
pm = openTransaction();
Query query = pm.newQuery();
@@ -448,8 +447,8 @@ public class SentryStore {
throw new SentryNoSuchObjectException("Role: " + roleName);
} else {
- if ((!isNULL(privilege.getColumnName())) || (!isNULL(privilege.getTableName()))
- || (!isNULL(privilege.getDbName()))) {
+ if (!isNULL(privilege.getColumnName()) || !isNULL(privilege.getTableName())
+ || !isNULL(privilege.getDbName())) {
// If Grant is for ALL and Either INSERT/SELECT already exists..
// need to remove it and GRANT ALL..
if (AccessConstants.ALL.equalsIgnoreCase(privilege.getAction())
@@ -459,12 +458,12 @@ public class SentryStore {
MSentryPrivilege mSelect = getMSentryPrivilege(tNotAll, pm);
tNotAll.setAction(AccessConstants.INSERT);
MSentryPrivilege mInsert = getMSentryPrivilege(tNotAll, pm);
- if ((mSelect != null) && (mRole.getPrivileges().contains(mSelect))) {
+ if (mSelect != null && mRole.getPrivileges().contains(mSelect)) {
mSelect.removeRole(mRole);
privCleaner.incPrivRemoval();
pm.makePersistent(mSelect);
}
- if ((mInsert != null) && (mRole.getPrivileges().contains(mInsert))) {
+ if (mInsert != null && mRole.getPrivileges().contains(mInsert)) {
mInsert.removeRole(mRole);
privCleaner.incPrivRemoval();
pm.makePersistent(mInsert);
@@ -477,10 +476,10 @@ public class SentryStore {
MSentryPrivilege mAll1 = getMSentryPrivilege(tAll, pm);
tAll.setAction(AccessConstants.ACTION_ALL);
MSentryPrivilege mAll2 = getMSentryPrivilege(tAll, pm);
- if ((mAll1 != null) && (mRole.getPrivileges().contains(mAll1))) {
+ if (mAll1 != null && mRole.getPrivileges().contains(mAll1)) {
return null;
}
- if ((mAll2 != null) && (mRole.getPrivileges().contains(mAll2))) {
+ if (mAll2 != null && mRole.getPrivileges().contains(mAll2)) {
return null;
}
}
@@ -584,10 +583,10 @@ public class SentryStore {
privCleaner.incPrivRemoval();
pm.makePersistent(persistedPriv);
} else if (requestedPrivToRevoke.getAction().equalsIgnoreCase(AccessConstants.SELECT)
- && (!currentPrivilege.getAction().equalsIgnoreCase(AccessConstants.INSERT))) {
+ && !currentPrivilege.getAction().equalsIgnoreCase(AccessConstants.INSERT)) {
revokeRolePartial(pm, mRole, currentPrivilege, persistedPriv, AccessConstants.INSERT);
} else if (requestedPrivToRevoke.getAction().equalsIgnoreCase(AccessConstants.INSERT)
- && (!currentPrivilege.getAction().equalsIgnoreCase(AccessConstants.SELECT))) {
+ && !currentPrivilege.getAction().equalsIgnoreCase(AccessConstants.SELECT)) {
revokeRolePartial(pm, mRole, currentPrivilege, persistedPriv, AccessConstants.SELECT);
}
}
@@ -602,7 +601,7 @@ public class SentryStore {
currentPrivilege.setAction(AccessConstants.ALL);
persistedPriv = getMSentryPrivilege(convertToTSentryPrivilege(currentPrivilege), pm);
- if ((persistedPriv != null)&&(mRole.getPrivileges().contains(persistedPriv))) {
+ if (persistedPriv != null && mRole.getPrivileges().contains(persistedPriv)) {
persistedPriv.removeRole(mRole);
privCleaner.incPrivRemoval();
pm.makePersistent(persistedPriv);
@@ -646,14 +645,14 @@ public class SentryStore {
private void populateChildren(PersistenceManager pm, Set<String> roleNames, MSentryPrivilege priv,
Set<MSentryPrivilege> children) throws SentryInvalidInputException {
Preconditions.checkNotNull(pm);
- if ((!isNULL(priv.getServerName())) || (!isNULL(priv.getDbName()))
- || (!isNULL(priv.getTableName()))) {
+ if (!isNULL(priv.getServerName()) || !isNULL(priv.getDbName())
+ || !isNULL(priv.getTableName())) {
// Get all TableLevel Privs
Set<MSentryPrivilege> childPrivs = getChildPrivileges(pm, roleNames, priv);
for (MSentryPrivilege childPriv : childPrivs) {
// Only recurse for table level privs..
- if ((!isNULL(childPriv.getDbName())) && (!isNULL(childPriv.getTableName()))
- && (!isNULL(childPriv.getColumnName()))) {
+ if (!isNULL(childPriv.getDbName()) && !isNULL(childPriv.getTableName())
+ && !isNULL(childPriv.getColumnName())) {
populateChildren(pm, roleNames, childPriv, children);
}
// The method getChildPrivileges() didn't do filter on "action",
@@ -682,7 +681,7 @@ public class SentryStore {
private Set<MSentryPrivilege> getChildPrivileges(PersistenceManager pm, Set<String> roleNames,
MSentryPrivilege parent) throws SentryInvalidInputException {
// Column and URI do not have children
- if ((!isNULL(parent.getColumnName())) || (!isNULL(parent.getURI()))) {
+ if (!isNULL(parent.getColumnName()) || !isNULL(parent.getURI())) {
return new HashSet<MSentryPrivilege>();
}
@@ -768,8 +767,9 @@ public class SentryStore {
grantOption = false;
}
Object obj = query.execute(grantOption);
- if (obj != null)
+ if (obj != null) {
return (MSentryPrivilege) obj;
+ }
return null;
}
@@ -928,7 +928,9 @@ public class SentryStore {
}
private boolean hasAnyServerPrivileges(Set<String> roleNames, String serverName) {
- if ((roleNames.size() == 0)||(roleNames == null)) return false;
+ if (roleNames == null || roleNames.isEmpty()) {
+ return false;
+ }
boolean rollbackTransaction = true;
PersistenceManager pm = null;
try {
@@ -948,7 +950,7 @@ public class SentryStore {
Long numPrivs = (Long) query.execute();
rollbackTransaction = false;
commitTransaction(pm);
- return (numPrivs > 0);
+ return numPrivs > 0;
} finally {
if (rollbackTransaction) {
rollbackTransaction(pm);
@@ -957,7 +959,9 @@ public class SentryStore {
}
List<MSentryPrivilege> getMSentryPrivileges(Set<String> roleNames, TSentryAuthorizable authHierarchy) {
- if ((roleNames.size() == 0)||(roleNames == null)) return new ArrayList<MSentryPrivilege>();
+ if (roleNames == null || roleNames.isEmpty()) {
+ return new ArrayList<MSentryPrivilege>();
+ }
boolean rollbackTransaction = true;
PersistenceManager pm = null;
try {
@@ -970,20 +974,19 @@ public class SentryStore {
}
StringBuilder filters = new StringBuilder("roles.contains(role) "
+ "&& (" + Joiner.on(" || ").join(rolesFiler) + ") ");
- if ((authHierarchy != null) && (authHierarchy.getServer() != null)) {
+ if (authHierarchy != null && authHierarchy.getServer() != null) {
filters.append("&& serverName == \"" + authHierarchy.getServer().toLowerCase() + "\"");
if (authHierarchy.getDb() != null) {
filters.append(" && ((dbName == \"" + authHierarchy.getDb().toLowerCase() + "\") || (dbName == \"__NULL__\")) && (URI == \"__NULL__\")");
- if ((authHierarchy.getTable() != null)
+ if (authHierarchy.getTable() != null
&& !AccessConstants.ALL.equalsIgnoreCase(authHierarchy.getTable())) {
if (!AccessConstants.SOME.equalsIgnoreCase(authHierarchy.getTable())) {
filters.append(" && ((tableName == \"" + authHierarchy.getTable().toLowerCase() + "\") || (tableName == \"__NULL__\")) && (URI == \"__NULL__\")");
}
- if ((authHierarchy.getColumn() != null)
- && !AccessConstants.ALL.equalsIgnoreCase(authHierarchy.getColumn())) {
- if (!AccessConstants.SOME.equalsIgnoreCase(authHierarchy.getColumn())) {
- filters.append(" && ((columnName == \"" + authHierarchy.getColumn().toLowerCase() + "\") || (columnName == \"__NULL__\")) && (URI == \"__NULL__\")");
- }
+ if (authHierarchy.getColumn() != null
+ && !AccessConstants.ALL.equalsIgnoreCase(authHierarchy.getColumn())
+ && !AccessConstants.SOME.equalsIgnoreCase(authHierarchy.getColumn())) {
+ filters.append(" && ((columnName == \"" + authHierarchy.getColumn().toLowerCase() + "\") || (columnName == \"__NULL__\")) && (URI == \"__NULL__\")");
}
}
}
@@ -1010,7 +1013,7 @@ public class SentryStore {
pm = openTransaction();
Query query = pm.newQuery(MSentryPrivilege.class);
StringBuilder filters = new StringBuilder();
- if ((roleNames.size() == 0)||(roleNames == null)) {
+ if (roleNames.size() == 0 || roleNames == null) {
filters.append(" !roles.isEmpty() ");
} else {
query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
@@ -1021,7 +1024,7 @@ public class SentryStore {
filters.append("roles.contains(role) "
+ "&& (" + Joiner.on(" || ").join(rolesFiler) + ") ");
}
- if ((authHierarchy.getServer() != null)) {
+ if (authHierarchy.getServer() != null) {
filters.append("&& serverName == \"" +
authHierarchy.getServer().toLowerCase() + "\"");
if (authHierarchy.getDb() != null) {
@@ -1043,9 +1046,7 @@ public class SentryStore {
// if no server, then return empty resultset
return new ArrayList<MSentryPrivilege>();
}
- FetchGroup grp = pm.getFetchGroup(
- org.apache.sentry.provider.db.service.model.MSentryPrivilege.class,
- "fetchRole");
+ FetchGroup grp = pm.getFetchGroup(MSentryPrivilege.class, "fetchRole");
grp.addMember("roles");
pm.getFetchPlan().addGroup("fetchRole");
query.setFilter(filters.toString());
@@ -1128,13 +1129,13 @@ public class SentryStore {
if (authHierarchy.getServer() == null) {
throw new SentryInvalidInputException("serverName cannot be null !!");
}
- if ((authHierarchy.getTable() != null) && (authHierarchy.getDb() == null)) {
+ if (authHierarchy.getTable() != null && authHierarchy.getDb() == null) {
throw new SentryInvalidInputException("dbName cannot be null when tableName is present !!");
}
- if ((authHierarchy.getColumn() != null) && (authHierarchy.getTable() == null)) {
+ if (authHierarchy.getColumn() != null && authHierarchy.getTable() == null) {
throw new SentryInvalidInputException("tableName cannot be null when columnName is present !!");
}
- if ((authHierarchy.getUri() == null) && (authHierarchy.getDb() == null)) {
+ if (authHierarchy.getUri() == null && authHierarchy.getDb() == null) {
throw new SentryInvalidInputException("One of uri or dbName must not be null !!");
}
return convertToTSentryPrivileges(getMSentryPrivileges(roleNames, authHierarchy));
@@ -1314,7 +1315,9 @@ public class SentryStore {
@VisibleForTesting
static Set<String> toTrimedLower(Set<String> s) {
- if (null == s) return new HashSet<String>();
+ if (null == s) {
+ return new HashSet<String>();
+ }
Set<String> result = Sets.newHashSet();
for (String v : s) {
result.add(v.trim().toLowerCase());
@@ -1609,7 +1612,7 @@ public class SentryStore {
List<MSentryPrivilege> mPrivileges = getMSentryPrivileges(tPrivilege, pm);
if (mPrivileges != null && !mPrivileges.isEmpty()) {
for (MSentryPrivilege mPrivilege : mPrivileges) {
- roleSet.addAll(ImmutableSet.copyOf((mPrivilege.getRoles())));
+ roleSet.addAll(ImmutableSet.copyOf(mPrivilege.getRoles()));
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java
index 0e3c0bb..9f921d4 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceManager.java
@@ -21,8 +21,6 @@ package org.apache.sentry.provider.db.service.persistent;
import java.io.IOException;
import java.net.InetSocketAddress;
-import org.apache.curator.framework.CuratorFramework;
-import org.apache.curator.framework.imps.CuratorFrameworkState;
import org.apache.curator.x.discovery.ServiceDiscovery;
import org.apache.curator.x.discovery.ServiceDiscoveryBuilder;
import org.apache.curator.x.discovery.ServiceInstance;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java
index 1e17f9a..79dfe48 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/ServiceRegister.java
@@ -18,7 +18,6 @@
package org.apache.sentry.provider.db.service.persistent;
-import org.apache.curator.framework.imps.CuratorFrameworkState;
import org.apache.curator.x.discovery.ServiceDiscoveryBuilder;
import org.apache.curator.x.discovery.ServiceInstance;
import org.apache.curator.x.discovery.details.InstanceSerializer;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
index cbc0aaf..de50adb 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
@@ -28,17 +28,17 @@ import org.apache.sentry.core.common.Authorizable;
public interface SentryPolicyServiceClient {
- public void createRole(String requestorUserName, String roleName) throws SentryUserException;
+ void createRole(String requestorUserName, String roleName) throws SentryUserException;
- public void dropRole(String requestorUserName, String roleName) throws SentryUserException;
+ void dropRole(String requestorUserName, String roleName) throws SentryUserException;
- public void dropRoleIfExists(String requestorUserName, String roleName)
+ void dropRoleIfExists(String requestorUserName, String roleName)
throws SentryUserException;
- public Set<TSentryRole> listRolesByGroupName(String requestorUserName, String groupName)
+ Set<TSentryRole> listRolesByGroupName(String requestorUserName, String groupName)
throws SentryUserException;
- public Set<TSentryPrivilege> listAllPrivilegesByRoleName(String requestorUserName, String roleName)
+ Set<TSentryPrivilege> listAllPrivilegesByRoleName(String requestorUserName, String roleName)
throws SentryUserException;
/**
@@ -50,121 +50,121 @@ public interface SentryPolicyServiceClient {
* @return Set of thrift sentry privilege objects
* @throws SentryUserException
*/
- public Set<TSentryPrivilege> listPrivilegesByRoleName(String requestorUserName, String roleName,
+ Set<TSentryPrivilege> listPrivilegesByRoleName(String requestorUserName, String roleName,
List<? extends Authorizable> authorizable) throws SentryUserException;
- public Set<TSentryRole> listRoles(String requestorUserName) throws SentryUserException;
+ Set<TSentryRole> listRoles(String requestorUserName) throws SentryUserException;
- public Set<TSentryRole> listUserRoles(String requestorUserName) throws SentryUserException;
+ Set<TSentryRole> listUserRoles(String requestorUserName) throws SentryUserException;
- public TSentryPrivilege grantURIPrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantURIPrivilege(String requestorUserName, String roleName,
String server, String uri) throws SentryUserException;
- public TSentryPrivilege grantURIPrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantURIPrivilege(String requestorUserName, String roleName,
String server, String uri, Boolean grantOption) throws SentryUserException;
- public void grantServerPrivilege(String requestorUserName, String roleName, String server,
+ void grantServerPrivilege(String requestorUserName, String roleName, String server,
String action) throws SentryUserException;
- public TSentryPrivilege grantServerPrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantServerPrivilege(String requestorUserName, String roleName,
String server, Boolean grantOption) throws SentryUserException;
- public TSentryPrivilege grantServerPrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantServerPrivilege(String requestorUserName, String roleName,
String server, String action, Boolean grantOption) throws SentryUserException;
- public TSentryPrivilege grantDatabasePrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantDatabasePrivilege(String requestorUserName, String roleName,
String server, String db, String action) throws SentryUserException;
- public TSentryPrivilege grantDatabasePrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantDatabasePrivilege(String requestorUserName, String roleName,
String server, String db, String action, Boolean grantOption) throws SentryUserException;
- public TSentryPrivilege grantTablePrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantTablePrivilege(String requestorUserName, String roleName,
String server, String db, String table, String action) throws SentryUserException;
- public TSentryPrivilege grantTablePrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantTablePrivilege(String requestorUserName, String roleName,
String server, String db, String table, String action, Boolean grantOption)
throws SentryUserException;
- public TSentryPrivilege grantColumnPrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantColumnPrivilege(String requestorUserName, String roleName,
String server, String db, String table, String columnName, String action)
throws SentryUserException;
- public TSentryPrivilege grantColumnPrivilege(String requestorUserName, String roleName,
+ TSentryPrivilege grantColumnPrivilege(String requestorUserName, String roleName,
String server, String db, String table, String columnName, String action, Boolean grantOption)
throws SentryUserException;
- public Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName, String roleName,
+ Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName, String roleName,
String server, String db, String table, List<String> columnNames, String action)
throws SentryUserException;
- public Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName, String roleName,
+ Set<TSentryPrivilege> grantColumnsPrivileges(String requestorUserName, String roleName,
String server, String db, String table, List<String> columnNames, String action,
Boolean grantOption) throws SentryUserException;
- public void revokeURIPrivilege(String requestorUserName, String roleName, String server,
+ void revokeURIPrivilege(String requestorUserName, String roleName, String server,
String uri) throws SentryUserException;
- public void revokeURIPrivilege(String requestorUserName, String roleName, String server,
+ void revokeURIPrivilege(String requestorUserName, String roleName, String server,
String uri, Boolean grantOption) throws SentryUserException;
- public void revokeServerPrivilege(String requestorUserName, String roleName, String server,
+ void revokeServerPrivilege(String requestorUserName, String roleName, String server,
String action) throws SentryUserException;
- public void revokeServerPrivilege(String requestorUserName, String roleName, String server,
+ void revokeServerPrivilege(String requestorUserName, String roleName, String server,
String action, Boolean grantOption) throws SentryUserException;
- public void revokeServerPrivilege(String requestorUserName, String roleName, String server,
+ void revokeServerPrivilege(String requestorUserName, String roleName, String server,
boolean grantOption) throws SentryUserException;
- public void revokeDatabasePrivilege(String requestorUserName, String roleName, String server,
+ void revokeDatabasePrivilege(String requestorUserName, String roleName, String server,
String db, String action) throws SentryUserException;
- public void revokeDatabasePrivilege(String requestorUserName, String roleName, String server,
+ void revokeDatabasePrivilege(String requestorUserName, String roleName, String server,
String db, String action, Boolean grantOption) throws SentryUserException;
- public void revokeTablePrivilege(String requestorUserName, String roleName, String server,
+ void revokeTablePrivilege(String requestorUserName, String roleName, String server,
String db, String table, String action) throws SentryUserException;
- public void revokeTablePrivilege(String requestorUserName, String roleName, String server,
+ void revokeTablePrivilege(String requestorUserName, String roleName, String server,
String db, String table, String action, Boolean grantOption) throws SentryUserException;
- public void revokeColumnPrivilege(String requestorUserName, String roleName, String server,
+ void revokeColumnPrivilege(String requestorUserName, String roleName, String server,
String db, String table, String columnName, String action) throws SentryUserException;
- public void revokeColumnPrivilege(String requestorUserName, String roleName, String server,
+ void revokeColumnPrivilege(String requestorUserName, String roleName, String server,
String db, String table, String columnName, String action, Boolean grantOption)
throws SentryUserException;
- public void revokeColumnsPrivilege(String requestorUserName, String roleName, String server,
+ void revokeColumnsPrivilege(String requestorUserName, String roleName, String server,
String db, String table, List<String> columns, String action) throws SentryUserException;
- public void revokeColumnsPrivilege(String requestorUserName, String roleName, String server,
+ void revokeColumnsPrivilege(String requestorUserName, String roleName, String server,
String db, String table, List<String> columns, String action, Boolean grantOption)
throws SentryUserException;
- public Set<String> listPrivilegesForProvider(Set<String> groups, ActiveRoleSet roleSet,
+ Set<String> listPrivilegesForProvider(Set<String> groups, ActiveRoleSet roleSet,
Authorizable... authorizable) throws SentryUserException;
- public void grantRoleToGroup(String requestorUserName, String groupName, String roleName)
+ void grantRoleToGroup(String requestorUserName, String groupName, String roleName)
throws SentryUserException;
- public void revokeRoleFromGroup(String requestorUserName, String groupName, String roleName)
+ void revokeRoleFromGroup(String requestorUserName, String groupName, String roleName)
throws SentryUserException;
- public void grantRoleToGroups(String requestorUserName, String roleName, Set<String> groups)
+ void grantRoleToGroups(String requestorUserName, String roleName, Set<String> groups)
throws SentryUserException;
- public void revokeRoleFromGroups(String requestorUserName, String roleName, Set<String> groups)
+ void revokeRoleFromGroups(String requestorUserName, String roleName, Set<String> groups)
throws SentryUserException;
- public void dropPrivileges(String requestorUserName,
+ void dropPrivileges(String requestorUserName,
List<? extends Authorizable> authorizableObjects) throws SentryUserException;
- public void renamePrivileges(String requestorUserName,
+ void renamePrivileges(String requestorUserName,
List<? extends Authorizable> oldAuthorizables, List<? extends Authorizable> newAuthorizables)
throws SentryUserException;
- public Map<TSentryAuthorizable, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(
+ Map<TSentryAuthorizable, TSentryPrivilegeMap> listPrivilegsbyAuthorizable(
String requestorUserName, Set<List<? extends Authorizable>> authorizables,
Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException;
@@ -178,15 +178,15 @@ public interface SentryPolicyServiceClient {
* @return The value of the propertyName
* @throws SentryUserException
*/
- public String getConfigValue(String propertyName, String defaultValue) throws SentryUserException;
+ String getConfigValue(String propertyName, String defaultValue) throws SentryUserException;
- public void close();
+ void close();
// Import the sentry mapping data with map structure
- public void importPolicy(Map<String, Map<String, Set<String>>> policyFileMappingData,
+ void importPolicy(Map<String, Map<String, Set<String>>> policyFileMappingData,
String requestorUserName, boolean isOverwriteRole) throws SentryUserException;
// export the sentry mapping data with map structure
- public Map<String, Map<String, Set<String>>> exportPolicy(String requestorUserName)
+ Map<String, Map<String, Set<String>>> exportPolicy(String requestorUserName)
throws SentryUserException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
index 74f379a..c40edca 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java
@@ -432,7 +432,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService
request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
request.setRequestorUserName(requestorUserName);
request.setRoleName(roleName);
- Set<TSentryPrivilege> privileges = convertColumnPrivilege(requestorUserName, scope,
+ Set<TSentryPrivilege> privileges = convertColumnPrivilege(scope,
serverName, uri, db, table, column, action, grantOption);
request.setPrivileges(privileges);
try {
@@ -465,7 +465,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService
request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
request.setRequestorUserName(requestorUserName);
request.setRoleName(roleName);
- Set<TSentryPrivilege> privileges = convertColumnPrivileges(requestorUserName, scope,
+ Set<TSentryPrivilege> privileges = convertColumnPrivileges(scope,
serverName, uri, db, table, columns, action, grantOption);
request.setPrivileges(privileges);
try {
@@ -593,7 +593,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService
request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
request.setRequestorUserName(requestorUserName);
request.setRoleName(roleName);
- Set<TSentryPrivilege> privileges = convertColumnPrivileges(requestorUserName, scope,
+ Set<TSentryPrivilege> privileges = convertColumnPrivileges(scope,
serverName, uri, db, table, columns, action, grantOption);
request.setPrivileges(privileges);
try {
@@ -604,7 +604,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService
}
}
- private Set<TSentryPrivilege> convertColumnPrivileges(String requestorUserName,
+ private Set<TSentryPrivilege> convertColumnPrivileges(
PrivilegeScope scope, String serverName, String uri, String db, String table, List<String> columns,
String action, Boolean grantOption) {
ImmutableSet.Builder<TSentryPrivilege> setBuilder = ImmutableSet.builder();
@@ -638,7 +638,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService
return setBuilder.build();
}
- private Set<TSentryPrivilege> convertColumnPrivilege(String requestorUserName,
+ private Set<TSentryPrivilege> convertColumnPrivilege(
PrivilegeScope scope, String serverName, String uri, String db, String table, String column,
String action, Boolean grantOption) {
ImmutableSet.Builder<TSentryPrivilege> setBuilder = ImmutableSet.builder();
@@ -673,7 +673,7 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService
TListSentryPrivilegesForProviderRequest request =
new TListSentryPrivilegesForProviderRequest(ThriftConstants.
TSENTRY_SERVICE_VERSION_CURRENT, groups, thriftRoleSet);
- if ((authorizable != null)&&(authorizable.length > 0)) {
+ if (authorizable != null && authorizable.length > 0) {
TSentryAuthorizable tSentryAuthorizable = setupSentryAuthorizable(Lists
.newArrayList(authorizable));
request.setAuthorizableHierarchy(tSentryAuthorizable);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
index 4f8c834..82bfca5 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
@@ -130,7 +130,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
sentryMetrics.addSentryStoreGauges(sentryStore);
String sentryReporting = conf.get(ServerConfig.SENTRY_REPORTER);
- if( sentryReporting != null) {
+ if (sentryReporting != null) {
SentryMetrics.Reporting reporting;
try {
reporting = SentryMetrics.Reporting.valueOf(sentryReporting.toUpperCase());
@@ -151,6 +151,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
try {
haContext.getCuratorFramework().close();
} catch (Exception e) {
+ LOGGER.warn("Error in stopping processor", e);
}
}
}
@@ -206,7 +207,8 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
requestorGroups = toTrimedLower(requestorGroups);
if (Sets.intersection(adminGroups, requestorGroups).isEmpty()) {
return false;
- } else return true;
+ }
+ return true;
}
private void authorize(String requestorUser, Set<String> requestorGroups)
throws SentryAccessDeniedException {
@@ -650,19 +652,18 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
Set<String> privilegesForProvider = sentryStore.listSentryPrivilegesForProvider(
request.getGroups(), request.getRoleSet(), request.getAuthorizableHierarchy());
response.setPrivileges(privilegesForProvider);
- if (((privilegesForProvider == null)||(privilegesForProvider.size() == 0))&&(request.getAuthorizableHierarchy() != null)) {
- if (sentryStore.hasAnyServerPrivileges(
- request.getGroups(), request.getRoleSet(), request.getAuthorizableHierarchy().getServer())) {
-
- // REQUIRED for ensuring 'default' Db is accessible by any user
- // with privileges to atleast 1 object with the specific server as root
-
- // Need some way to specify that even though user has no privilege
- // For the specific AuthorizableHierarchy.. he has privilege on
- // atleast 1 object in the server hierarchy
- HashSet<String> serverPriv = Sets.newHashSet("server=+");
- response.setPrivileges(serverPriv);
- }
+ if (privilegesForProvider == null || privilegesForProvider.size() == 0 && request.getAuthorizableHierarchy() != null
+ && sentryStore.hasAnyServerPrivileges(
+ request.getGroups(), request.getRoleSet(), request.getAuthorizableHierarchy().getServer())) {
+
+ // REQUIRED for ensuring 'default' Db is accessible by any user
+ // with privileges to atleast 1 object with the specific server as root
+
+ // Need some way to specify that even though user has no privilege
+ // For the specific AuthorizableHierarchy.. he has privilege on
+ // atleast 1 object in the server hierarchy
+ HashSet<String> serverPriv = Sets.newHashSet("server=+");
+ response.setPrivileges(serverPriv);
}
response.setStatus(Status.OK());
} catch (SentryThriftAPIMismatchException e) {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java
index 43f28ea..fdb99ce 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryWebServer.java
@@ -116,7 +116,7 @@ public class SentryWebServer {
Preconditions.checkArgument(keytabFile.length() != 0, "Keytab File is not right.");
try {
UserGroupInformation.setConfiguration(conf);
- String hostPrincipal = SecurityUtil.getServerPrincipal(principal, "0.0.0.0");
+ String hostPrincipal = SecurityUtil.getServerPrincipal(principal, ServerConfig.RPC_ADDRESS_DEFAULT);
UserGroupInformation.loginUserFromKeytab(hostPrincipal, keytabFile);
} catch (IOException ex) {
throw new IllegalArgumentException("Can't use Kerberos authentication, principal ["
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java
index e3e04f1..e5768c6 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaHelper.java
@@ -34,58 +34,58 @@ public class SentrySchemaHelper {
COMMENT
}
- static final String DEFAUTL_DELIMITER = ";";
+ String DEFAUTL_DELIMITER = ";";
/***
* Find the type of given command
* @param dbCommand
* @return
*/
- public boolean isPartialCommand(String dbCommand) throws IllegalArgumentException;
+ boolean isPartialCommand(String dbCommand) throws IllegalArgumentException;
/** Parse the DB specific nesting format and extract the inner script name if any
* @param dbCommand command from parent script
* @return
* @throws IllegalFormatException
*/
- public String getScriptName(String dbCommand) throws IllegalArgumentException;
+ String getScriptName(String dbCommand) throws IllegalArgumentException;
/***
* Find if the given command is a nested script execution
* @param dbCommand
* @return
*/
- public boolean isNestedScript(String dbCommand);
+ boolean isNestedScript(String dbCommand);
/***
* Find if the given command is should be passed to DB
* @param dbCommand
* @return
*/
- public boolean isNonExecCommand(String dbCommand);
+ boolean isNonExecCommand(String dbCommand);
/***
* Get the SQL statement delimiter
* @return
*/
- public String getDelimiter();
+ String getDelimiter();
/***
* Clear any client specific tags
* @return
*/
- public String cleanseCommand(String dbCommand);
+ String cleanseCommand(String dbCommand);
/***
* Does the DB required table/column names quoted
* @return
*/
- public boolean needsQuotedIdentifier();
+ boolean needsQuotedIdentifier();
/***
* Set DB specific options if any
* @param dbOps
*/
- public void setDbOpts(String dbOps);
+ void setDbOpts(String dbOps);
}
@@ -112,7 +112,7 @@ public class SentrySchemaHelper {
@Override
public boolean isNonExecCommand(String dbCommand) {
- return (dbCommand.startsWith("--") || dbCommand.startsWith("#"));
+ return dbCommand.startsWith("--") || dbCommand.startsWith("#");
}
@Override
@@ -214,7 +214,7 @@ public class SentrySchemaHelper {
@Override
public boolean isNonExecCommand(String dbCommand) {
return super.isNonExecCommand(dbCommand) ||
- (dbCommand.startsWith("/*") && dbCommand.endsWith("*/")) ||
+ dbCommand.startsWith("/*") && dbCommand.endsWith("*/") ||
dbCommand.startsWith(DELIMITER_TOKEN);
}
@@ -255,10 +255,9 @@ public class SentrySchemaHelper {
@Override
public boolean isNonExecCommand(String dbCommand) {
// Skip "standard_conforming_strings" command which is not supported in older postgres
- if (POSTGRES_SKIP_STANDARD_STRING.equalsIgnoreCase(getDbOpts())) {
- if (dbCommand.startsWith(POSTGRES_STRING_COMMAND_FILTER) || dbCommand.startsWith(POSTGRES_STRING_CLIENT_ENCODING)) {
- return true;
- }
+ if (POSTGRES_SKIP_STANDARD_STRING.equalsIgnoreCase(getDbOpts())
+ && (dbCommand.startsWith(POSTGRES_STRING_COMMAND_FILTER) || dbCommand.startsWith(POSTGRES_STRING_CLIENT_ENCODING))) {
+ return true;
}
return super.isNonExecCommand(dbCommand);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java
index 11b2ed2..d974d7b 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/SentrySchemaTool.java
@@ -204,7 +204,7 @@ public class SentrySchemaTool {
System.out.println("Sentry store Connection Driver :\t " + driver);
System.out.println("Sentry store connection User:\t " + userName);
}
- if ((userName == null) || userName.isEmpty()) {
+ if (userName == null || userName.isEmpty()) {
throw new SentryUserException("UserName empty ");
}
try {
@@ -519,11 +519,11 @@ public class SentrySchemaTool {
if (line.hasOption("dbType")) {
dbType = line.getOptionValue("dbType");
- if ((!dbType.equalsIgnoreCase(SentrySchemaHelper.DB_DERBY)
+ if (!dbType.equalsIgnoreCase(SentrySchemaHelper.DB_DERBY)
&& !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_MYSQL)
&& !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_POSTGRACE)
&& !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_ORACLE)
- && !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_DB2))) {
+ && !dbType.equalsIgnoreCase(SentrySchemaHelper.DB_DB2)) {
System.err.println("Unsupported dbType " + dbType);
printAndExit(cmdLineOptions);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java
index ae9809a..79aed49 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java
@@ -23,5 +23,5 @@ import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
* The interface for all admin commands, eg, CreateRoleCmd.
*/
public interface Command {
- abstract void execute(SentryPolicyServiceClient client, String requestorName) throws Exception;
+ void execute(SentryPolicyServiceClient client, String requestorName) throws Exception;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java
index 0a73d9f..ffccec2 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CommandUtil.java
@@ -104,11 +104,10 @@ public class CommandUtil {
|| StringUtils.isEmpty(tableName)) {
throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
}
- } else if (ServiceConstants.PrivilegeScope.COLUMN.toString().equals(tSentryPrivilege.getPrivilegeScope())) {
- if (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)
- || StringUtils.isEmpty(tableName) || StringUtils.isEmpty(columnName)) {
+ } else if (ServiceConstants.PrivilegeScope.COLUMN.toString().equals(tSentryPrivilege.getPrivilegeScope())
+ && (StringUtils.isEmpty(serverName) || StringUtils.isEmpty(dbName)
+ || StringUtils.isEmpty(tableName) || StringUtils.isEmpty(columnName))) {
throw new IllegalArgumentException("The hierarchy of privilege is not correct.");
- }
}
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java
index 377e934..a58fa41 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/HAClientInvocationHandler.java
@@ -57,36 +57,34 @@ public class HAClientInvocationHandler extends SentryClientInvocationHandler {
public Object invokeImpl(Object proxy, Method method, Object[] args) throws
SentryUserException {
Object result = null;
- while (true) {
- try {
- if (!method.isAccessible()) {
- method.setAccessible(true);
- }
- // The client is initialized in the first call instead of constructor.
- // This way we can propagate the connection exception to caller cleanly
- if (client == null) {
- renewSentryClient();
- }
- result = method.invoke(client, args);
- } catch (IllegalAccessException e) {
- throw new SentryUserException(e.getMessage(), e.getCause());
- } catch (InvocationTargetException e) {
- if (e.getTargetException() instanceof SentryUserException) {
- throw (SentryUserException)e.getTargetException();
- } else {
- LOGGER.warn(THRIFT_EXCEPTION_MESSAGE + ": Error in connect current" +
- " service, will retry other service.", e);
- if (client != null) {
- client.close();
- client = null;
- }
+ try {
+ if (!method.isAccessible()) {
+ method.setAccessible(true);
+ }
+ // The client is initialized in the first call instead of constructor.
+ // This way we can propagate the connection exception to caller cleanly
+ if (client == null) {
+ renewSentryClient();
+ }
+ result = method.invoke(client, args);
+ } catch (IllegalAccessException e) {
+ throw new SentryUserException(e.getMessage(), e.getCause());
+ } catch (InvocationTargetException e) {
+ if (e.getTargetException() instanceof SentryUserException) {
+ throw (SentryUserException)e.getTargetException();
+ } else {
+ LOGGER.warn(THRIFT_EXCEPTION_MESSAGE + ": Error in connect current" +
+ " service, will retry other service.", e);
+ if (client != null) {
+ client.close();
+ client = null;
}
- } catch (IOException e1) {
- throw new SentryUserException("Error connecting to sentry service "
- + e1.getMessage(), e1);
}
- return result;
+ } catch (IOException e1) {
+ throw new SentryUserException("Error connecting to sentry service "
+ + e1.getMessage(), e1);
}
+ return result;
}
// Retrieve the new connection endpoint from ZK and connect to new server
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
index 1e7a789..b4056e9 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/PoolClientInvocationHandler.java
@@ -67,7 +67,7 @@ public class PoolClientInvocationHandler extends SentryClientInvocationHandler {
while (retryCount < connectionRetryTotal) {
try {
// The wapper here is for the retry of thrift call, the default retry number is 3.
- result = invokeFromPool(proxy, method, args);
+ result = invokeFromPool(method, args);
break;
} catch (TTransportException e) {
// TTransportException means there has connection problem, create a new connection and try
@@ -89,7 +89,7 @@ public class PoolClientInvocationHandler extends SentryClientInvocationHandler {
return result;
}
- private Object invokeFromPool(Object proxy, Method method, Object[] args) throws Exception {
+ private Object invokeFromPool(Method method, Object[] args) throws Exception {
Object result = null;
SentryPolicyServiceClient client;
try {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
index 5847cb5..32d813c 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
@@ -62,7 +62,7 @@ public class ServiceConstants {
public static final String RPC_PORT = "sentry.service.server.rpc-port";
public static final int RPC_PORT_DEFAULT = 8038;
public static final String RPC_ADDRESS = "sentry.service.server.rpc-address";
- public static final String RPC_ADDRESS_DEFAULT = "0.0.0.0";
+ public static final String RPC_ADDRESS_DEFAULT = "0.0.0.0"; //NOPMD
public static final String RPC_MAX_THREADS = "sentry.service.server-max-threads";
public static final int RPC_MAX_THREADS_DEFAULT = 500;
public static final String RPC_MIN_THREADS = "sentry.service.server-min-threads";
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
index 922cbc2..ba1d923 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
@@ -30,10 +30,10 @@ public class TestSentryStoreToAuthorizable {
@Test
public void testServer() {
- privilege = new MSentryPrivilege(null, null, "server1", null, null, null, null, null);
+ privilege = new MSentryPrivilege(null, "server1", null, null, null, null, null);
assertEquals("server=server1",
SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, null, "server1", null, null, null, null,
+ privilege = new MSentryPrivilege(null, "server1", null, null, null, null,
AccessConstants.ALL);
assertEquals("server=server1",
SentryStore.toAuthorizable(privilege));
@@ -41,18 +41,18 @@ public class TestSentryStoreToAuthorizable {
@Test
public void testTable() {
- privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null, null, null);
+ privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null, null);
assertEquals("server=server1->db=db1->table=tbl1",
SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null, null,
+ privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null,
AccessConstants.INSERT);
assertEquals("server=server1->db=db1->table=tbl1->action=insert",
SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null, null,
+ privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null,
AccessConstants.SELECT);
assertEquals("server=server1->db=db1->table=tbl1->action=select",
SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null, null,
+ privilege = new MSentryPrivilege(null, "server1", "db1", "tbl1", null, null,
AccessConstants.ALL);
assertEquals("server=server1->db=db1->table=tbl1",
SentryStore.toAuthorizable(privilege));
@@ -60,10 +60,10 @@ public class TestSentryStoreToAuthorizable {
@Test
public void testDb() {
- privilege = new MSentryPrivilege(null, null, "server1", "db1", null, null, null, null);
+ privilege = new MSentryPrivilege(null, "server1", "db1", null, null, null, null);
assertEquals("server=server1->db=db1",
SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, null, "server1", "db1", null, null, null,
+ privilege = new MSentryPrivilege(null, "server1", "db1", null, null, null,
AccessConstants.ALL);
assertEquals("server=server1->db=db1",
SentryStore.toAuthorizable(privilege));
@@ -71,14 +71,14 @@ public class TestSentryStoreToAuthorizable {
@Test
public void testUri() {
- privilege = new MSentryPrivilege(null, null, "server1", null, null, null, "file:///", null);
+ privilege = new MSentryPrivilege(null, "server1", null, null, null, "file:///", null);
assertEquals("server=server1->uri=file:///",
SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, null, "server1", null, null, null, "file:///",
+ privilege = new MSentryPrivilege(null, "server1", null, null, null, "file:///",
AccessConstants.SELECT);
assertEquals("server=server1->uri=file:///->action=select",
SentryStore.toAuthorizable(privilege));
- privilege = new MSentryPrivilege(null, null, "server1", null, null, null, "file:///",
+ privilege = new MSentryPrivilege(null, "server1", null, null, null, "file:///",
AccessConstants.ALL);
assertEquals("server=server1->uri=file:///",
SentryStore.toAuthorizable(privilege));
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java
index 4e5d4b9..d537e3b 100644
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java
+++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFiles.java
@@ -74,7 +74,6 @@ public class PolicyFiles {
InputStream inputStream = null;
try {
LOGGER.debug("Opening " + path);
- String dfsUri = fileSystem.getDefaultUri(fileSystem.getConf()).toString();
inputStream = fileSystem.open(path);
Ini ini = new Ini();
ini.load(inputStream);
[4/4] incubator-sentry git commit: SENTRY-986: Apply PMD plugin to
Sentry source (Colm O hEigeartaigh via Lenni Kuff)
Posted by ls...@apache.org.
SENTRY-986: Apply PMD plugin to Sentry source (Colm O hEigeartaigh via Lenni Kuff)
Change-Id: Ied167f439bdf9c3bdfea7853801ed4f21d7aaede
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/95b1e40e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/95b1e40e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/95b1e40e
Branch: refs/heads/master
Commit: 95b1e40e7062343f05e131afaea0a97bbf71ba4f
Parents: 5a827f6
Author: Lenni Kuff <ls...@cloudera.com>
Authored: Wed Jan 20 22:50:42 2016 -0800
Committer: Lenni Kuff <ls...@cloudera.com>
Committed: Wed Jan 20 22:50:42 2016 -0800
----------------------------------------------------------------------
build-tools/sentry-pmd-ruleset.xml | 39 +++++++++
pom.xml | 60 +++++++++++++
.../v2/authorizer/DefaultSentryValidator.java | 6 +-
.../v2/metastore/AuthorizingObjectStoreV2.java | 1 -
.../SentryMetastorePostEventListenerV2.java | 4 +-
.../hive/ql/exec/SentryFilterDDLTask.java | 1 -
.../hive/ql/exec/SentryGrantRevokeTask.java | 22 ++---
.../ql/exec/SentryHivePrivilegeObjectDesc.java | 3 -
.../binding/hive/HiveAuthzBindingHook.java | 33 ++-----
.../hive/HiveAuthzBindingSessionHook.java | 1 -
.../SentryHiveAuthorizationTaskFactoryImpl.java | 7 +-
.../hive/SentryOnFailureHookContext.java | 24 ++---
.../binding/hive/SentryPolicyFileFormatter.java | 4 +-
.../binding/hive/authz/HiveAuthzBinding.java | 2 -
.../hive/authz/HiveAuthzPrivilegesMap.java | 7 --
.../binding/hive/authz/SentryConfigTool.java | 7 +-
.../sentry/binding/hive/conf/HiveAuthzConf.java | 1 -
.../metastore/AuthorizingObjectStore.java | 1 -
.../metastore/MetastoreAuthzBinding.java | 6 +-
.../metastore/SentryHiveMetaStoreClient.java | 3 -
.../metastore/SentryMetaStoreFilterHook.java | 7 +-
.../SentryMetastorePostEventListener.java | 6 +-
.../binding/solr/authz/SolrAuthzBinding.java | 4 +-
.../authz/SentryAuthorizationValidator.java | 2 +-
.../sentry/sqoop/binding/SqoopAuthBinding.java | 4 +-
.../main/java/org/apache/sentry/Command.java | 2 +-
.../main/java/org/apache/sentry/SentryMain.java | 7 +-
.../org/apache/sentry/core/common/Action.java | 4 +-
.../apache/sentry/core/common/Authorizable.java | 4 +-
.../sentry/core/common/BitFieldAction.java | 2 +-
.../sentry/core/common/utils/PathUtils.java | 9 +-
.../core/model/db/DBModelAuthorizable.java | 2 +-
.../model/indexer/IndexerModelAuthorizable.java | 2 +-
.../core/indexer/TestIndexerBitFieldAction.java | 2 -
.../model/search/SearchModelAuthorizable.java | 2 +-
.../core/search/TestSearchBitFieldAction.java | 2 -
.../core/model/sqoop/SqoopActionFactory.java | 3 +-
.../core/model/sqoop/SqoopAuthorizable.java | 4 +-
.../apache/sentry/hdfs/AuthzPathsDumper.java | 4 +-
.../apache/sentry/hdfs/AuthzPermissions.java | 2 +-
.../java/org/apache/sentry/hdfs/HMSPaths.java | 24 ++---
.../org/apache/sentry/hdfs/HMSPathsDumper.java | 4 +-
.../sentry/hdfs/SentryHDFSServiceClient.java | 12 ++-
.../java/org/apache/sentry/hdfs/Updateable.java | 12 +--
.../sentry/hdfs/UpdateableAuthzPaths.java | 18 ++--
.../hdfs/ha/HdfsHAClientInvocationHandler.java | 68 +++++++--------
.../sentry/hdfs/TestHMSPathsFullDump.java | 4 -
.../sentry/hdfs/TestKrbConnectionTimeout.java | 9 --
.../server/namenode/AuthorizationProvider.java | 20 ++---
.../hdfs/SentryAuthorizationConstants.java | 2 +-
.../sentry/hdfs/SentryAuthorizationInfo.java | 5 +-
.../hdfs/SentryAuthorizationProvider.java | 2 +-
.../apache/sentry/hdfs/SentryPermissions.java | 4 +-
.../org/apache/sentry/hdfs/SentryUpdater.java | 1 -
.../sentry/hdfs/UpdateableAuthzPermissions.java | 1 -
.../sentry/hdfs/MetastoreCacheInitializer.java | 23 +++--
.../org/apache/sentry/hdfs/MetastorePlugin.java | 4 +-
.../apache/sentry/hdfs/PluginCacheSyncUtil.java | 4 +-
.../org/apache/sentry/hdfs/SentryPlugin.java | 5 --
.../org/apache/sentry/hdfs/UpdateForwarder.java | 17 ++--
.../sentry/hdfs/UpdateForwarderWithHA.java | 10 ---
.../sentry/hdfs/UpdateablePermissions.java | 2 -
.../sentry/hdfs/TestHAUpdateForwarder.java | 2 -
.../sentry/policy/common/PolicyEngine.java | 11 ++-
.../apache/sentry/policy/common/Privilege.java | 2 +-
.../policy/common/PrivilegeValidator.java | 2 +-
.../sentry/policy/db/DBWildcardPrivilege.java | 4 -
.../sentry/policy/db/SimpleDBPolicyEngine.java | 3 +-
...SearchAuthorizationProviderGeneralCases.java | 1 -
.../policy/sqoop/ServerNameRequiredMatch.java | 2 +-
.../sentry/provider/cache/PrivilegeCache.java | 4 +-
.../cache/SimpleCacheProviderBackend.java | 8 +-
.../provider/common/AuthorizationProvider.java | 18 ++--
.../provider/common/GroupMappingService.java | 2 +-
.../common/HadoopGroupMappingService.java | 4 -
...adoopGroupResourceAuthorizationProvider.java | 4 +-
.../apache/sentry/provider/common/KeyValue.java | 21 +++--
.../common/NoAuthorizationProvider.java | 1 -
.../sentry/provider/common/ProviderBackend.java | 10 +--
.../common/ResourceAuthorizationProvider.java | 27 +++---
.../provider/common/TestGetGroupMapping.java | 1 -
.../provider/db/SentryPolicyStorePlugin.java | 18 ++--
.../provider/db/SimpleDBProviderBackend.java | 6 +-
.../generic/SentryGenericProviderBackend.java | 2 +-
.../service/persistent/DelegateSentryStore.java | 8 +-
.../service/persistent/PrivilegeObject.java | 36 +++++---
.../persistent/PrivilegeOperatePersistence.java | 26 +++---
.../service/persistent/SentryStoreLayer.java | 26 +++---
.../service/thrift/NotificationHandler.java | 32 ++-----
.../thrift/NotificationHandlerInvoker.java | 16 ----
.../thrift/SentryGenericPolicyProcessor.java | 13 +--
.../thrift/SentryGenericServiceClient.java | 34 ++++----
.../SentryGenericServiceClientDefaultImpl.java | 8 +-
.../RollingFileWithoutDeleteAppender.java | 1 -
.../provider/db/log/entity/JsonLogEntity.java | 2 +-
.../db/service/model/MSentryGMPrivilege.java | 61 ++++++++-----
.../provider/db/service/model/MSentryGroup.java | 20 +++--
.../db/service/model/MSentryPrivilege.java | 57 +++++++-----
.../provider/db/service/model/MSentryRole.java | 15 ++--
.../persistent/FixedJsonInstanceSerializer.java | 4 +-
.../db/service/persistent/HAContext.java | 5 --
.../db/service/persistent/SentryStore.java | 81 ++++++++---------
.../db/service/persistent/ServiceManager.java | 2 -
.../db/service/persistent/ServiceRegister.java | 1 -
.../thrift/SentryPolicyServiceClient.java | 92 ++++++++++----------
.../SentryPolicyServiceClientDefaultImpl.java | 12 +--
.../thrift/SentryPolicyStoreProcessor.java | 31 +++----
.../db/service/thrift/SentryWebServer.java | 2 +-
.../provider/db/tools/SentrySchemaHelper.java | 29 +++---
.../provider/db/tools/SentrySchemaTool.java | 6 +-
.../provider/db/tools/command/hive/Command.java | 2 +-
.../db/tools/command/hive/CommandUtil.java | 7 +-
.../thrift/HAClientInvocationHandler.java | 52 ++++++-----
.../thrift/PoolClientInvocationHandler.java | 4 +-
.../sentry/service/thrift/ServiceConstants.java | 2 +-
.../TestSentryStoreToAuthorizable.java | 22 ++---
.../sentry/provider/file/PolicyFiles.java | 1 -
.../file/SimpleFileProviderBackend.java | 31 +++----
.../RollingFileWithoutDeleteAppender.java | 1 -
.../solr/sentry/SecureRequestHandlerUtil.java | 1 -
.../SentryIndexAuthorizationSingleton.java | 4 +-
.../solr/handler/admin/SecureAdminHandlers.java | 3 -
.../handler/admin/SecureCollectionsHandler.java | 2 -
.../solr/handler/admin/SecureInfoHandler.java | 3 -
.../QueryDocAuthorizationComponent.java | 10 +--
.../QueryIndexAuthorizationComponent.java | 4 -
.../UpdateIndexAuthorizationProcessor.java | 6 +-
...pdateIndexAuthorizationProcessorFactory.java | 1 -
.../handler/TestSecureReplicationHandler.java | 1 -
.../handler/admin/SecureAdminHandlersTest.java | 6 --
.../admin/SecureCoreAdminHandlerTest.java | 2 -
.../handler/admin/SecureInfoHandlerTest.java | 4 -
.../UpdateIndexAuthorizationProcessorTest.java | 2 +-
133 files changed, 739 insertions(+), 762 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/build-tools/sentry-pmd-ruleset.xml
----------------------------------------------------------------------
diff --git a/build-tools/sentry-pmd-ruleset.xml b/build-tools/sentry-pmd-ruleset.xml
new file mode 100644
index 0000000..87a761c
--- /dev/null
+++ b/build-tools/sentry-pmd-ruleset.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<ruleset name="sentry-pmd" xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd">
+ <description>
+ A PMD ruleset for Apache Sentry
+ </description>
+
+ <rule ref="rulesets/java/basic.xml"/>
+ <rule ref="rulesets/java/unusedcode.xml"/>
+ <rule ref="rulesets/java/imports.xml"/>
+ <rule ref="rulesets/java/braces.xml"/>
+ <rule ref="rulesets/java/empty.xml">
+ <exclude name="EmptyCatchBlock" />
+ </rule>
+ <rule ref="rulesets/java/migrating.xml"/>
+ <rule ref="rulesets/java/unnecessary.xml">
+ <exclude name="UselessParentheses" />
+ </rule>
+
+</ruleset>
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/pom.xml
----------------------------------------------------------------------
diff --git a/pom.xml b/pom.xml
index 6210454..0475f69 100644
--- a/pom.xml
+++ b/pom.xml
@@ -50,6 +50,7 @@ limitations under the License.
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+ <buildtools.dir>${basedir}/build-tools</buildtools.dir>
<maven.compile.source>1.7</maven.compile.source>
<maven.compile.target>1.7</maven.compile.target>
<!-- versions are in alphabetical order -->
@@ -623,6 +624,33 @@ limitations under the License.
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-pmd-plugin</artifactId>
+ <version>3.5</version>
+ <configuration>
+ <rulesets>
+ <ruleset>${buildtools.dir}/sentry-pmd-ruleset.xml</ruleset>
+ </rulesets>
+ <sourceEncoding>UTF-8</sourceEncoding>
+ <failOnViolation>true</failOnViolation>
+ <linkXRef>false</linkXRef>
+ <verbose>true</verbose>
+ <targetJdk>${targetJdk}</targetJdk>
+ <excludeRoots>
+ <excludeRoot>${basedir}/src/main/generated</excludeRoot>
+ </excludeRoots>
+ </configuration>
+ <executions>
+ <execution>
+ <id>validate</id>
+ <phase>validate</phase>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-eclipse-plugin</artifactId>
<version>${maven.eclipse.plugin.version}</version>
<configuration>
@@ -818,6 +846,38 @@ limitations under the License.
</pluginManagement>
</build>
+ <profiles>
+ <profile>
+ <id>nochecks</id>
+ <properties>
+ <pmd.skip>true</pmd.skip>
+ </properties>
+ </profile>
+ <profile>
+ <id>activate-buildtools-in-module</id>
+ <activation>
+ <file>
+ <exists>${basedir}/../build-tools/sentry-pmd-ruleset.xml</exists>
+ </file>
+ </activation>
+ <properties>
+ <buildtools.dir>${basedir}/../build-tools</buildtools.dir>
+ </properties>
+ </profile>
+ <profile>
+ <id>activate-buildtools-in-submodule</id>
+ <activation>
+ <file>
+ <exists>${basedir}/../../build-tools/sentry-pmd-ruleset.xml</exists>
+ </file>
+ </activation>
+ <properties>
+ <buildtools.dir>${basedir}/../../build-tools</buildtools.dir>
+ </properties>
+ </profile>
+
+ </profiles>
+
<repositories>
<repository>
<id>apache</id>
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryValidator.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryValidator.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryValidator.java
index 2bc8aad..70e0720 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryValidator.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/authorizer/DefaultSentryValidator.java
@@ -338,9 +338,9 @@ public class DefaultSentryValidator extends SentryHiveAuthorizationValidator {
Table currTbl = Table.ALL;
Database currDB = new Database(currDatabase);
Column currCol = Column.ALL;
- if ((DEFAULT_DATABASE_NAME.equalsIgnoreCase(currDatabase) && "false"
+ if (DEFAULT_DATABASE_NAME.equalsIgnoreCase(currDatabase) && "false"
.equalsIgnoreCase(authzConf.get(
- HiveAuthzConf.AuthzConfVars.AUTHZ_RESTRICT_DEFAULT_DB.getVar(), "false")))) {
+ HiveAuthzConf.AuthzConfVars.AUTHZ_RESTRICT_DEFAULT_DB.getVar(), "false"))) {
currDB = Database.ALL;
currTbl = Table.SOME;
}
@@ -419,7 +419,6 @@ public class DefaultSentryValidator extends SentryHiveAuthorizationValidator {
// squash the exception, user doesn't have privileges, so the table is
// not added to
// filtered list.
- ;
}
}
return filteredResult;
@@ -473,7 +472,6 @@ public class DefaultSentryValidator extends SentryHiveAuthorizationValidator {
// squash the exception, user doesn't have privileges, so the table is
// not added to
// filtered list.
- ;
}
}
return filteredResult;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/AuthorizingObjectStoreV2.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/AuthorizingObjectStoreV2.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/AuthorizingObjectStoreV2.java
index ff648ff..726f5ad 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/AuthorizingObjectStoreV2.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/AuthorizingObjectStoreV2.java
@@ -39,7 +39,6 @@ import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.hadoop.hive.metastore.api.UnknownDBException;
import org.apache.hadoop.hive.ql.parse.SemanticException;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
-import org.apache.hadoop.hive.shims.ShimLoader;
import org.apache.hadoop.hive.shims.Utils;
import org.apache.sentry.binding.hive.HiveAuthzBindingHook;
import org.apache.sentry.binding.hive.authz.HiveAuthzBinding;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerV2.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerV2.java b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerV2.java
index a72e745..013d016 100644
--- a/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerV2.java
+++ b/sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/metastore/SentryMetastorePostEventListenerV2.java
@@ -40,7 +40,7 @@ public class SentryMetastorePostEventListenerV2 extends SentryMetastorePostEvent
Iterator<Partition> it = partitionEvent.getPartitionIterator();
while (it.hasNext()) {
Partition part = it.next();
- if ((part.getSd() != null) && (part.getSd().getLocation() != null)) {
+ if (part.getSd() != null && part.getSd().getLocation() != null) {
String authzObj = part.getDbName() + "." + part.getTableName();
String path = part.getSd().getLocation();
for (SentryMetastoreListenerPlugin plugin : sentryPlugins) {
@@ -60,7 +60,7 @@ public class SentryMetastorePostEventListenerV2 extends SentryMetastorePostEvent
Iterator<Partition> it = partitionEvent.getPartitionIterator();
while (it.hasNext()) {
Partition part = it.next();
- if ((part.getSd() != null) && (part.getSd().getLocation() != null)) {
+ if (part.getSd() != null && part.getSd().getLocation() != null) {
String path = part.getSd().getLocation();
for (SentryMetastoreListenerPlugin plugin : sentryPlugins) {
plugin.removePath(authzObj, path);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
index d47ca3b..8838368 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
@@ -20,7 +20,6 @@ import static org.apache.hadoop.util.StringUtils.stringifyException;
import java.io.DataOutputStream;
import java.io.IOException;
-import java.util.ArrayList;
import java.util.List;
import org.apache.commons.logging.Log;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
index 1e2b3b9..5e2d8a1 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
@@ -130,23 +130,23 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable
"Config " + AuthzConfVars.AUTHZ_SERVER_NAME.getVar() + " is required");
try {
if (work.getRoleDDLDesc() != null) {
- return processRoleDDL(conf, console, sentryClient, subject.getName(),
+ return processRoleDDL(console, sentryClient, subject.getName(),
hiveAuthzBinding, work.getRoleDDLDesc());
}
if (work.getGrantDesc() != null) {
- return processGrantDDL(conf, console, sentryClient,
+ return processGrantDDL(console, sentryClient,
subject.getName(), server, work.getGrantDesc());
}
if (work.getRevokeDesc() != null) {
- return processRevokeDDL(conf, console, sentryClient,
+ return processRevokeDDL(console, sentryClient,
subject.getName(), server, work.getRevokeDesc());
}
if (work.getShowGrantDesc() != null) {
- return processShowGrantDDL(conf, console, sentryClient, subject.getName(), server,
+ return processShowGrantDDL(console, sentryClient, subject.getName(),
work.getShowGrantDesc());
}
if (work.getGrantRevokeRoleDDL() != null) {
- return processGrantRevokeRoleDDL(conf, console, sentryClient,
+ return processGrantRevokeRoleDDL(console, sentryClient,
subject.getName(), work.getGrantRevokeRoleDDL());
}
throw new AssertionError(
@@ -217,7 +217,7 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable
this.stmtOperation = stmtOperation;
}
- private int processRoleDDL(HiveConf conf, LogHelper console,
+ private int processRoleDDL(LogHelper console,
SentryPolicyServiceClient sentryClient, String subject,
HiveAuthzBinding hiveAuthzBinding, RoleDDLDesc desc)
throws SentryUserException {
@@ -280,7 +280,7 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable
}
}
- private int processGrantDDL(HiveConf conf, LogHelper console,
+ private int processGrantDDL(LogHelper console,
SentryPolicyServiceClient sentryClient, String subject,
String server, GrantDesc desc) throws SentryUserException {
return processGrantRevokeDDL(console, sentryClient, subject,
@@ -289,7 +289,7 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable
}
// For grant option, we use null to stand for revoke the privilege ignore the grant option
- private int processRevokeDDL(HiveConf conf, LogHelper console,
+ private int processRevokeDDL(LogHelper console,
SentryPolicyServiceClient sentryClient, String subject,
String server, RevokeDesc desc) throws SentryUserException {
return processGrantRevokeDDL(console, sentryClient, subject,
@@ -297,8 +297,8 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable
desc.getPrivilegeSubjectDesc(), null);
}
- private int processShowGrantDDL(HiveConf conf, LogHelper console, SentryPolicyServiceClient sentryClient,
- String subject, String server, ShowGrantDesc desc) throws SentryUserException{
+ private int processShowGrantDDL(LogHelper console, SentryPolicyServiceClient sentryClient,
+ String subject, ShowGrantDesc desc) throws SentryUserException{
PrincipalDesc principalDesc = desc.getPrincipalDesc();
PrivilegeObjectDesc hiveObjectDesc = desc.getHiveObj();
String principalName = principalDesc.getName();
@@ -397,7 +397,7 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable
}
}
- private int processGrantRevokeRoleDDL(HiveConf conf, LogHelper console,
+ private int processGrantRevokeRoleDDL(LogHelper console,
SentryPolicyServiceClient sentryClient, String subject,
GrantRevokeRoleDDL desc) throws SentryUserException {
try {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryHivePrivilegeObjectDesc.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryHivePrivilegeObjectDesc.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryHivePrivilegeObjectDesc.java
index 8929357..4fa4221 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryHivePrivilegeObjectDesc.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryHivePrivilegeObjectDesc.java
@@ -17,9 +17,6 @@
package org.apache.hadoop.hive.ql.exec;
-import java.util.ArrayList;
-import java.util.List;
-
import org.apache.hadoop.hive.ql.plan.PrivilegeObjectDesc;
public class SentryHivePrivilegeObjectDesc extends PrivilegeObjectDesc {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
index 57e4689..699b6b2 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingHook.java
@@ -295,7 +295,7 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
private Database extractDatabase(ASTNode ast) throws SemanticException {
String tableName = BaseSemanticAnalyzer.getUnescapedName(ast);
if (tableName.contains(".")) {
- return new Database((tableName.split("\\."))[0]);
+ return new Database(tableName.split("\\.")[0]);
} else {
return getCanonicalDb();
}
@@ -303,7 +303,7 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
private Table extractTable(ASTNode ast) throws SemanticException {
String tableName = BaseSemanticAnalyzer.getUnescapedName(ast);
if (tableName.contains(".")) {
- return new Table((tableName.split("\\."))[1]);
+ return new Table(tableName.split("\\.")[1]);
} else {
return new Table(tableName);
}
@@ -560,9 +560,9 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
// by default allow connect access to default db
Table currTbl = Table.ALL;
Column currCol = Column.ALL;
- if ((DEFAULT_DATABASE_NAME.equalsIgnoreCase(currDB.getName()) &&
+ if (DEFAULT_DATABASE_NAME.equalsIgnoreCase(currDB.getName()) &&
"false".equalsIgnoreCase(authzConf.
- get(HiveAuthzConf.AuthzConfVars.AUTHZ_RESTRICT_DEFAULT_DB.getVar(), "false")))) {
+ get(HiveAuthzConf.AuthzConfVars.AUTHZ_RESTRICT_DEFAULT_DB.getVar(), "false"))) {
currDB = Database.ALL;
currTbl = Table.SOME;
}
@@ -769,7 +769,6 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
// squash the exception, user doesn't have privileges, so the table is
// not added to
// filtered list.
- ;
}
}
return filteredResult;
@@ -807,7 +806,6 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
// squash the exception, user doesn't have privileges, so the column is
// not added to
// filtered list.
- ;
}
}
return filteredResult;
@@ -860,7 +858,6 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
// squash the exception, user doesn't have privileges, so the table is
// not added to
// filtered list.
- ;
}
}
@@ -880,7 +877,7 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
if (!readEntity.getType().equals(Type.TABLE) && !readEntity.getType().equals(Type.PARTITION)) {
return false;
}
- if ((readEntity.getParents() != null) && (readEntity.getParents().size() > 0)) {
+ if (readEntity.getParents() != null && readEntity.getParents().size() > 0) {
for (ReadEntity parentEntity : readEntity.getParents()) {
if (!parentEntity.getType().equals(Type.TABLE)) {
return false;
@@ -893,31 +890,15 @@ public class HiveAuthzBindingHook extends AbstractSemanticAnalyzerHook {
}
/**
- * Returns a set of hooks specified in a configuration variable.
- *
- * See getHooks(HiveAuthzConf.AuthzConfVars hookConfVar, Class<T> clazz)
- * @param hookConfVar
- * @return
- * @throws Exception
- */
- private static List<Hook> getHooks(String csHooks) throws Exception {
- return getHooks(csHooks, Hook.class);
- }
-
- /**
* Returns the hooks specified in a configuration variable. The hooks are returned in a list in
* the order they were specified in the configuration variable.
*
* @param hookConfVar The configuration variable specifying a comma separated list of the hook
* class names.
- * @param clazz The super type of the hooks.
- * @return A list of the hooks cast as the type specified in clazz, in the order
- * they are listed in the value of hookConfVar
+ * @return A list of the hooks, in the order they are listed in the value of hookConfVar
* @throws Exception
*/
- private static <T extends Hook> List<T> getHooks(String csHooks,
- Class<T> clazz)
- throws Exception {
+ private static <T extends Hook> List<T> getHooks(String csHooks) throws Exception {
List<T> hooks = new ArrayList<T>();
if (csHooks.isEmpty()) {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingSessionHook.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingSessionHook.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingSessionHook.java
index a51653c..17b9003 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingSessionHook.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingSessionHook.java
@@ -85,7 +85,6 @@ public class HiveAuthzBindingSessionHook
@Override
public void applyAuthorizationConfigPolicy(HiveConf conf) {
- return;
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
index 5898b7e..617a8bc 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
@@ -34,7 +34,6 @@ import org.apache.hadoop.hive.ql.hooks.WriteEntity;
import org.apache.hadoop.hive.ql.metadata.Hive;
import org.apache.hadoop.hive.ql.parse.ASTNode;
import org.apache.hadoop.hive.ql.parse.BaseSemanticAnalyzer;
-import org.apache.hadoop.hive.ql.parse.DDLSemanticAnalyzer;
import org.apache.hadoop.hive.ql.parse.HiveParser;
import org.apache.hadoop.hive.ql.parse.SemanticException;
import org.apache.hadoop.hive.ql.parse.authorization.HiveAuthorizationTaskFactory;
@@ -61,7 +60,7 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
private static final Logger LOG = LoggerFactory.getLogger(SentryHiveAuthorizationTaskFactoryImpl.class);
- public SentryHiveAuthorizationTaskFactoryImpl(HiveConf conf, Hive db) {
+ public SentryHiveAuthorizationTaskFactoryImpl(HiveConf conf, Hive db) { //NOPMD
}
@@ -207,13 +206,11 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
PrincipalDesc principalDesc = new PrincipalDesc(principalName, type);
// Partition privileges are not supported by Sentry
- List<String> cols = null;
if (ast.getChildCount() > 1) {
ASTNode child = (ASTNode) ast.getChild(1);
if (child.getToken().getType() == HiveParser.TOK_PRIV_OBJECT_COL) {
privHiveObj = analyzePrivilegeObject(child);
- cols = privHiveObj.getColumns();
- }else {
+ } else {
throw new SemanticException("Unrecognized Token: " + child.getToken().getType());
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryOnFailureHookContext.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryOnFailureHookContext.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryOnFailureHookContext.java
index a380651..c101a4f 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryOnFailureHookContext.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryOnFailureHookContext.java
@@ -38,61 +38,61 @@ public interface SentryOnFailureHookContext {
/**
* @return the command attempted by user
*/
- public String getCommand();
+ String getCommand();
/**
* @return the set of read entities
*/
- public Set<ReadEntity> getInputs();
+ Set<ReadEntity> getInputs();
/**
* @return the set of write entities
*/
- public Set<WriteEntity> getOutputs();
+ Set<WriteEntity> getOutputs();
/**
* @return the operation
*/
- public HiveOperation getHiveOp();
+ HiveOperation getHiveOp();
/**
* @return the user name
*/
- public String getUserName();
+ String getUserName();
/**
* @return the ip address
*/
- public String getIpAddress();
+ String getIpAddress();
/**
* @return the database object
*/
- public Database getDatabase();
+ Database getDatabase();
/**
* @return the table object
*/
- public Table getTable();
+ Table getTable();
/**
* @return the udf URI
*/
- public AccessURI getUdfURI();
+ AccessURI getUdfURI();
/**
* @return the partition URI
*/
- public AccessURI getPartitionURI();
+ AccessURI getPartitionURI();
/**
* @return the authorization failure exception
*/
- public AuthorizationException getException();
+ AuthorizationException getException();
/**
* @return the config
*/
- public Configuration getConf();
+ Configuration getConf();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatter.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatter.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatter.java
index 14437ca..4f465b3 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatter.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatter.java
@@ -29,11 +29,11 @@ import org.apache.hadoop.conf.Configuration;
public interface SentryPolicyFileFormatter {
// write the sentry mapping data to file
- public void write(String resourcePath, Map<String, Map<String, Set<String>>> sentryMappingData)
+ void write(String resourcePath, Map<String, Map<String, Set<String>>> sentryMappingData)
throws Exception;
// parse the sentry mapping data from file
- public Map<String, Map<String, Set<String>>> parse(String resourcePath, Configuration conf)
+ Map<String, Map<String, Set<String>>> parse(String resourcePath, Configuration conf)
throws Exception;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
index 926c46c..6066100 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
@@ -22,7 +22,6 @@ import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
-import java.util.concurrent.atomic.AtomicInteger;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.fs.CommonConfigurationKeys;
@@ -58,7 +57,6 @@ import com.google.common.collect.Sets;
public class HiveAuthzBinding {
private static final Logger LOG = LoggerFactory
.getLogger(HiveAuthzBinding.class);
- private static final AtomicInteger queryID = new AtomicInteger();
private static final Splitter ROLE_SET_SPLITTER = Splitter.on(",").trimResults()
.omitEmptyStrings();
public static final String HIVE_BINDING_TAG = "hive.authz.bindings.tag";
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
index d35b09d..0c3bee3 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
@@ -23,7 +23,6 @@ import java.util.Map;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
import org.apache.sentry.binding.hive.authz.HiveAuthzPrivileges.HiveOperationScope;
import org.apache.sentry.binding.hive.authz.HiveAuthzPrivileges.HiveOperationType;
-import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.model.db.DBModelAction;
import org.apache.sentry.core.model.db.DBModelAuthorizable.AuthorizableType;
@@ -31,12 +30,6 @@ public class HiveAuthzPrivilegesMap {
private static final Map <HiveOperation, HiveAuthzPrivileges> hiveAuthzStmtPrivMap =
new HashMap<HiveOperation, HiveAuthzPrivileges>();
static {
- HiveAuthzPrivileges serverPrivilege = new HiveAuthzPrivileges.AuthzPrivilegeBuilder().
- addInputObjectPriviledge(AuthorizableType.Server, EnumSet.of(DBModelAction.ALL)).
- setOperationScope(HiveOperationScope.SERVER).
- setOperationType(HiveOperationType.DDL).
- build();
-
HiveAuthzPrivileges createServerPrivilege = new HiveAuthzPrivileges.AuthzPrivilegeBuilder().
addInputObjectPriviledge(AuthorizableType.Server, EnumSet.of(DBModelAction.CREATE)).
setOperationScope(HiveOperationScope.SERVER).
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
index 2e0f299..616d46c 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
@@ -45,7 +45,6 @@ import org.apache.log4j.Level;
import org.apache.log4j.LogManager;
import org.apache.sentry.Command;
import org.apache.sentry.binding.hive.HiveAuthzBindingHook;
-import org.apache.sentry.binding.hive.HiveAuthzBindingSessionHook;
import org.apache.sentry.binding.hive.SentryPolicyFileFormatFactory;
import org.apache.sentry.binding.hive.SentryPolicyFileFormatter;
import org.apache.sentry.binding.hive.conf.HiveAuthzConf;
@@ -221,7 +220,7 @@ public class SentryConfigTool {
getHiveConf().setVar(ConfVars.SEMANTIC_ANALYZER_HOOK,
HiveAuthzBindingHook.class.getName());
try {
- System.out.println("Hive config: " + getHiveConf().getHiveSiteLocation());
+ System.out.println("Hive config: " + HiveConf.getHiveSiteLocation());
} catch (NullPointerException e) {
// Hack, hiveConf doesn't provide a reliable way check if it found a valid
// hive-site
@@ -559,10 +558,10 @@ public class SentryConfigTool {
}
}
- if (isListPrivs() && (getUser() == null)) {
+ if (isListPrivs() && getUser() == null) {
throw new ParseException("Can't use -l without -u ");
}
- if ((getQuery() != null) && (getUser() == null)) {
+ if (getQuery() != null && getUser() == null) {
throw new ParseException("Must use -u with -e ");
}
} catch (ParseException e1) {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
index e76fad1..6b79dda 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
@@ -150,7 +150,6 @@ public class HiveAuthzConf extends Configuration {
currentToDeprecatedProps.put(AuthzConfVars.AUTHZ_ONFAILURE_HOOKS.getVar(), AuthzConfVars.AUTHZ_ONFAILURE_HOOKS_DEPRECATED);
};
- @SuppressWarnings("unused")
private static final Logger LOG = LoggerFactory
.getLogger(HiveAuthzConf.class);
public static final String AUTHZ_SITE_FILE = "sentry-site.xml";
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
index 9938373..37781b9 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
@@ -39,7 +39,6 @@ import org.apache.hadoop.hive.metastore.api.Table;
import org.apache.hadoop.hive.metastore.api.UnknownDBException;
import org.apache.hadoop.hive.ql.parse.SemanticException;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
-import org.apache.hadoop.hive.shims.ShimLoader;
import org.apache.hadoop.hive.shims.Utils;
import org.apache.sentry.binding.hive.HiveAuthzBindingHook;
import org.apache.sentry.binding.hive.authz.HiveAuthzBinding;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
index f6b9c7a..b1148d8 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
@@ -39,7 +39,6 @@ import org.apache.hadoop.hive.metastore.api.StorageDescriptor;
import org.apache.hadoop.hive.metastore.events.PreAddPartitionEvent;
import org.apache.hadoop.hive.metastore.events.PreAlterPartitionEvent;
import org.apache.hadoop.hive.metastore.events.PreAlterTableEvent;
-import org.apache.hadoop.hive.metastore.events.PreCreateDatabaseEvent;
import org.apache.hadoop.hive.metastore.events.PreCreateTableEvent;
import org.apache.hadoop.hive.metastore.events.PreDropDatabaseEvent;
import org.apache.hadoop.hive.metastore.events.PreDropPartitionEvent;
@@ -47,7 +46,6 @@ import org.apache.hadoop.hive.metastore.events.PreDropTableEvent;
import org.apache.hadoop.hive.metastore.events.PreEventContext;
import org.apache.hadoop.hive.ql.metadata.AuthorizationException;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
-import org.apache.hadoop.hive.shims.ShimLoader;
import org.apache.hadoop.hive.shims.Utils;
import org.apache.sentry.SentryUserException;
import org.apache.sentry.binding.hive.authz.HiveAuthzBinding;
@@ -197,7 +195,7 @@ public class MetastoreAuthzBinding extends MetaStorePreEventListener {
authorizeAlterPartition((PreAlterPartitionEvent) context);
break;
case CREATE_DATABASE:
- authorizeCreateDatabase((PreCreateDatabaseEvent) context);
+ authorizeCreateDatabase();
break;
case DROP_DATABASE:
authorizeDropDatabase((PreDropDatabaseEvent) context);
@@ -210,7 +208,7 @@ public class MetastoreAuthzBinding extends MetaStorePreEventListener {
}
}
- private void authorizeCreateDatabase(PreCreateDatabaseEvent context)
+ private void authorizeCreateDatabase()
throws InvalidOperationException, MetaException {
authorizeMetastoreAccess(HiveOperation.CREATEDATABASE,
new HierarcyBuilder().addServerToOutput(getAuthServer()).build(),
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryHiveMetaStoreClient.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryHiveMetaStoreClient.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryHiveMetaStoreClient.java
index 6a33ef9..0330db9 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryHiveMetaStoreClient.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryHiveMetaStoreClient.java
@@ -42,17 +42,14 @@ public class SentryHiveMetaStoreClient extends HiveMetaStoreClient implements
private HiveAuthzBinding hiveAuthzBinding;
private HiveAuthzConf authzConf;
- private final HiveConf hiveConf;
public SentryHiveMetaStoreClient(HiveConf conf) throws MetaException {
super(conf);
- this.hiveConf = conf;
}
public SentryHiveMetaStoreClient(HiveConf conf, HiveMetaHookLoader hookLoader)
throws MetaException {
super(conf, hookLoader);
- this.hiveConf = conf;
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetaStoreFilterHook.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetaStoreFilterHook.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetaStoreFilterHook.java
index 9f33f3d..b551788 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetaStoreFilterHook.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetaStoreFilterHook.java
@@ -33,25 +33,20 @@ import org.apache.hadoop.hive.metastore.api.NoSuchObjectException;
import org.apache.hadoop.hive.metastore.api.Partition;
import org.apache.hadoop.hive.metastore.api.PartitionSpec;
import org.apache.hadoop.hive.metastore.api.Table;
-import org.apache.hadoop.hive.ql.parse.SemanticException;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
import org.apache.hadoop.hive.ql.session.SessionState;
import org.apache.sentry.binding.hive.HiveAuthzBindingHook;
import org.apache.sentry.binding.hive.authz.HiveAuthzBinding;
import org.apache.sentry.binding.hive.conf.HiveAuthzConf;
-import com.google.common.collect.Lists;
-
public class SentryMetaStoreFilterHook implements MetaStoreFilterHook {
static final protected Log LOG = LogFactory.getLog(SentryMetaStoreFilterHook.class);
private HiveAuthzBinding hiveAuthzBinding;
private HiveAuthzConf authzConf;
- private final HiveConf hiveConf;
- public SentryMetaStoreFilterHook(HiveConf hiveConf) {
- this.hiveConf = hiveConf;
+ public SentryMetaStoreFilterHook(HiveConf hiveConf) { //NOPMD
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListener.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListener.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListener.java
index 3c8ad1f..a45d115 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListener.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/SentryMetastorePostEventListener.java
@@ -212,7 +212,7 @@ public class SentryMetastorePostEventListener extends MetaStoreEventListener {
newLoc = partitionEvent.getNewPartition().getSd().getLocation();
}
- if ((oldLoc != null) && (newLoc != null) && (!oldLoc.equals(newLoc))) {
+ if (oldLoc != null && newLoc != null && !oldLoc.equals(newLoc)) {
String authzObj =
partitionEvent.getOldPartition().getDbName() + "."
+ partitionEvent.getOldPartition().getTableName();
@@ -227,7 +227,7 @@ public class SentryMetastorePostEventListener extends MetaStoreEventListener {
public void onAddPartition(AddPartitionEvent partitionEvent)
throws MetaException {
for (Partition part : partitionEvent.getPartitions()) {
- if ((part.getSd() != null) && (part.getSd().getLocation() != null)) {
+ if (part.getSd() != null && part.getSd().getLocation() != null) {
String authzObj = part.getDbName() + "." + part.getTableName();
String path = part.getSd().getLocation();
for (SentryMetastoreListenerPlugin plugin : sentryPlugins) {
@@ -349,7 +349,7 @@ public class SentryMetastorePostEventListener extends MetaStoreEventListener {
private boolean syncWithPolicyStore(AuthzConfVars syncConfVar) {
return "true"
- .equalsIgnoreCase((authzConf.get(syncConfVar.getVar(), "true")));
+ .equalsIgnoreCase(authzConf.get(syncConfVar.getVar(), "true"));
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
index 6980c7c..88148c4 100644
--- a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
+++ b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SolrAuthzBinding.java
@@ -228,7 +228,7 @@ public class SolrAuthzBinding {
}
synchronized (SolrAuthzBinding.class) {
if (kerberosInit == null) {
- kerberosInit = new Boolean(true);
+ kerberosInit = Boolean.TRUE;
final String authVal = authzConf.get(HADOOP_SECURITY_AUTHENTICATION);
final String kerberos = "kerberos";
if (authVal != null && !authVal.equals(kerberos)) {
@@ -258,7 +258,7 @@ public class SolrAuthzBinding {
* If the binding uses the searchProviderBackend, it can sync privilege with Sentry Service
*/
public boolean isSyncEnabled() {
- return (providerBackend instanceof SentryGenericProviderBackend);
+ return providerBackend instanceof SentryGenericProviderBackend;
}
public SentryGenericServiceClient getClient() throws Exception {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/authz/SentryAuthorizationValidator.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/authz/SentryAuthorizationValidator.java b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/authz/SentryAuthorizationValidator.java
index 5f96767..51f3f29 100644
--- a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/authz/SentryAuthorizationValidator.java
+++ b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/authz/SentryAuthorizationValidator.java
@@ -42,7 +42,7 @@ public class SentryAuthorizationValidator extends AuthorizationValidator {
@Override
public void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException {
- if ((privileges == null) || privileges.isEmpty()) {
+ if (privileges == null || privileges.isEmpty()) {
return;
}
PrincipalDesc principalDesc = new PrincipalDesc(principal.getName(), principal.getType());
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
index 42638f8..8456031 100644
--- a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
+++ b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBinding.java
@@ -312,7 +312,7 @@ public class SqoopAuthBinding {
}
private MResource toSqoopResource(List<TAuthorizable> authorizables) {
- if ((authorizables == null) || authorizables.isEmpty()) {
+ if (authorizables == null || authorizables.isEmpty()) {
//server resource
return new MResource(sqoopServer.getName(), MResource.TYPE.SERVER);
} else {
@@ -385,7 +385,7 @@ public class SqoopAuthBinding {
* functions to execute, which centralizes connection error
* handling. Command is parameterized on the return type of the function.
*/
- private static interface Command<T> {
+ private interface Command<T> {
T run(SentryGenericServiceClient client) throws Exception;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/Command.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/Command.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/Command.java
index 528f7d7..5af4cad 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/Command.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/Command.java
@@ -19,5 +19,5 @@ package org.apache.sentry;
public interface Command {
- public void run(String[] args) throws Exception;
+ void run(String[] args) throws Exception;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
index e081a86..1ccf7de 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
@@ -59,7 +59,7 @@ public class SentryMain {
CommandLine commandLine = parser.parse(options, args, true);
String log4jconf = commandLine.getOptionValue(LOG4J_CONF);
- if ((log4jconf != null)&&(log4jconf.length() > 0)) {
+ if (log4jconf != null && log4jconf.length() > 0) {
Properties log4jProperties = new Properties();
// Firstly load log properties from properties file
@@ -121,9 +121,10 @@ public class SentryMain {
private static void printHelp(Options options, String msg) {
String sentry = "sentry";
- if(msg != null)
+ if (msg != null) {
sentry = msg + sentry;
+ }
(new HelpFormatter()).printHelp(sentry, options);
System.exit(1);
}
-}
\ No newline at end of file
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Action.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Action.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Action.java
index 1479e5c..77c91d2 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Action.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Action.java
@@ -17,6 +17,6 @@
package org.apache.sentry.core.common;
public interface Action {
- public static final String ALL = "*";
- public String getValue();
+ String ALL = "*";
+ String getValue();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Authorizable.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Authorizable.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Authorizable.java
index 3523237..d49a53d 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Authorizable.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Authorizable.java
@@ -17,7 +17,7 @@
package org.apache.sentry.core.common;
public interface Authorizable {
- public String getName();
+ String getName();
- public String getTypeName();
+ String getTypeName();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/BitFieldAction.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/BitFieldAction.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/BitFieldAction.java
index 5aa0f83..ce0e4fb 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/BitFieldAction.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/BitFieldAction.java
@@ -55,7 +55,7 @@ public abstract class BitFieldAction implements Action {
return false;
}
BitFieldAction that = (BitFieldAction)obj;
- return (code == that.code) && (name.equalsIgnoreCase(that.name));
+ return code == that.code && name.equalsIgnoreCase(that.name);
}
@Override
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
index 6cb599c..c7002e0 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
@@ -42,11 +42,10 @@ public class PathUtils {
return false;
}
// ensure that either both schemes are null or equal
- if (privilegeURI.getScheme() == null) {
- if (requestURI.getScheme() != null) {
- return false;
- }
- } else if (!privilegeURI.getScheme().equals(requestURI.getScheme())) {
+ if (privilegeURI.getScheme() == null && requestURI.getScheme() != null) {
+ return false;
+ }
+ if (privilegeURI.getScheme() != null && !privilegeURI.getScheme().equals(requestURI.getScheme())) {
return false;
}
// request path does not contain relative parts /a/../b &&
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizable.java b/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizable.java
index 4d74356..4ce01b2 100644
--- a/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizable.java
+++ b/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizable.java
@@ -29,5 +29,5 @@ public interface DBModelAuthorizable extends Authorizable {
URI
};
- public AuthorizableType getAuthzType();
+ AuthorizableType getAuthzType();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizable.java b/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizable.java
index d92a5c8..b3a3873 100644
--- a/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizable.java
+++ b/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizable.java
@@ -24,5 +24,5 @@ public interface IndexerModelAuthorizable extends Authorizable {
Indexer
};
- public AuthorizableType getAuthzType();
+ AuthorizableType getAuthzType();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-model-indexer/src/test/java/org/apache/sentry/core/indexer/TestIndexerBitFieldAction.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-indexer/src/test/java/org/apache/sentry/core/indexer/TestIndexerBitFieldAction.java b/sentry-core/sentry-core-model-indexer/src/test/java/org/apache/sentry/core/indexer/TestIndexerBitFieldAction.java
index a490cd8..4e2f1fa 100644
--- a/sentry-core/sentry-core-model-indexer/src/test/java/org/apache/sentry/core/indexer/TestIndexerBitFieldAction.java
+++ b/sentry-core/sentry-core-model-indexer/src/test/java/org/apache/sentry/core/indexer/TestIndexerBitFieldAction.java
@@ -17,8 +17,6 @@
*/
package org.apache.sentry.core.indexer;
-import java.util.List;
-
import org.apache.sentry.core.model.indexer.IndexerActionFactory;
import org.apache.sentry.core.model.indexer.IndexerActionFactory.IndexerAction;
import org.apache.sentry.core.model.indexer.IndexerActionFactory.IndexerBitFieldAction;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizable.java b/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizable.java
index d6a9d54..5a55963 100644
--- a/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizable.java
+++ b/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizable.java
@@ -25,5 +25,5 @@ public interface SearchModelAuthorizable extends Authorizable {
Field
};
- public AuthorizableType getAuthzType();
+ AuthorizableType getAuthzType();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-model-search/src/test/java/org/apache/sentry/core/search/TestSearchBitFieldAction.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-search/src/test/java/org/apache/sentry/core/search/TestSearchBitFieldAction.java b/sentry-core/sentry-core-model-search/src/test/java/org/apache/sentry/core/search/TestSearchBitFieldAction.java
index 0ae49d6..b490cb6 100644
--- a/sentry-core/sentry-core-model-search/src/test/java/org/apache/sentry/core/search/TestSearchBitFieldAction.java
+++ b/sentry-core/sentry-core-model-search/src/test/java/org/apache/sentry/core/search/TestSearchBitFieldAction.java
@@ -17,8 +17,6 @@
*/
package org.apache.sentry.core.search;
-import java.util.List;
-
import org.apache.sentry.core.model.search.SearchActionFactory;
import org.apache.sentry.core.model.search.SearchActionFactory.SearchAction;
import org.apache.sentry.core.model.search.SearchActionFactory.SearchBitFieldAction;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionFactory.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionFactory.java b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionFactory.java
index c1f33ec..e7ba5f1 100644
--- a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionFactory.java
+++ b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionFactory.java
@@ -56,8 +56,7 @@ public class SqoopActionFactory extends BitFieldActionFactory {
static List<SqoopActionType> getActionByCode(int code) {
List<SqoopActionType> actions = Lists.newArrayList();
for (SqoopActionType action : SqoopActionType.values()) {
- if (((action.code & code) == action.code ) &&
- (action != SqoopActionType.ALL)) {
+ if ((action.code & code) == action.code && action != SqoopActionType.ALL) {
//SqoopActionType.ALL action should not return in the list
actions.add(action);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopAuthorizable.java b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopAuthorizable.java
index b57f4a7..934875e 100644
--- a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopAuthorizable.java
+++ b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopAuthorizable.java
@@ -23,7 +23,7 @@ import org.apache.sentry.core.common.Authorizable;
* It used conjunction with the generic authorization model(SENTRY-398).
*/
public interface SqoopAuthorizable extends Authorizable {
- public static final String ALL = "*";
+ String ALL = "*";
public enum AuthorizableType {
SERVER,
CONNECTOR,
@@ -31,5 +31,5 @@ public interface SqoopAuthorizable extends Authorizable {
JOB
};
- public AuthorizableType getAuthzType();
+ AuthorizableType getAuthzType();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPathsDumper.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPathsDumper.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPathsDumper.java
index 2bd2a88..0950957 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPathsDumper.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPathsDumper.java
@@ -21,8 +21,8 @@ import org.apache.sentry.hdfs.service.thrift.TPathsDump;
public interface AuthzPathsDumper<K extends AuthzPaths> {
- public TPathsDump createPathsDump();
+ TPathsDump createPathsDump();
- public K initializeFromDump(TPathsDump pathsDump);
+ K initializeFromDump(TPathsDump pathsDump);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPermissions.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPermissions.java
index 1631ae5..b575e81 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPermissions.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPermissions.java
@@ -23,6 +23,6 @@ import java.util.List;
public interface AuthzPermissions {
- public List<AclEntry> getAcls(String authzObj);
+ List<AclEntry> getAcls(String authzObj);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
index 4b38def..135ea20 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
@@ -232,7 +232,7 @@ public class HMSPaths implements AuthzPaths {
}
public static Entry createRoot(boolean asPrefix) {
- return new Entry(null, "/", (asPrefix)
+ return new Entry(null, "/", asPrefix
? EntryType.PREFIX : EntryType.DIR, (String) null);
}
@@ -366,7 +366,7 @@ public class HMSPaths implements AuthzPaths {
boolean isPartialMatchOk, Entry lastAuthObj) {
Entry found = null;
if (index == pathElements.length) {
- if (isPartialMatchOk && (getAuthzObjs().size() != 0)) {
+ if (isPartialMatchOk && getAuthzObjs().size() != 0) {
found = this;
}
} else {
@@ -444,7 +444,7 @@ public class HMSPaths implements AuthzPaths {
if (e != null) {
newEntries.add(e);
} else {
- // LOG WARN IGNORING PATH, no prefix
+ LOG.warn("Ignoring path, no prefix");
}
}
authzObjToPath.put(authzObj, newEntries);
@@ -468,7 +468,7 @@ public class HMSPaths implements AuthzPaths {
if (e != null) {
newEntries.add(e);
} else {
- // LOG WARN IGNORING PATH, no prefix
+ LOG.warn("Ignoring path, no prefix");
}
}
entries.addAll(newEntries);
@@ -476,7 +476,7 @@ public class HMSPaths implements AuthzPaths {
if (createNew) {
addAuthzObject(authzObj, authzObjPathElements);
}
- // LOG WARN object does not exist
+ LOG.warn("Object does not exist");
}
}
@@ -500,12 +500,12 @@ public class HMSPaths implements AuthzPaths {
entry.deleteAuthzObject(authzObj);
toDelEntries.add(entry);
} else {
- // LOG WARN IGNORING PATH, it was not in registered
+ LOG.warn("Ignoring path, it was not registered");
}
}
entries.removeAll(toDelEntries);
} else {
- // LOG WARN object does not exist
+ LOG.warn("Object does not exist");
}
}
@@ -540,7 +540,9 @@ public class HMSPaths implements AuthzPaths {
*/
public Set<String> findAuthzObject(String[] pathElements, boolean isPartialOk) {
// Handle '/'
- if ((pathElements == null)||(pathElements.length == 0)) return null;
+ if (pathElements == null || pathElements.length == 0) {
+ return null;
+ }
Entry entry = root.find(pathElements, isPartialOk);
return (entry != null) ? entry.getAuthzObjs() : null;
}
@@ -548,10 +550,12 @@ public class HMSPaths implements AuthzPaths {
boolean renameAuthzObject(String oldName, List<String> oldPathElems,
String newName, List<String> newPathElems) {
// Handle '/'
- if ((oldPathElems == null)||(oldPathElems.size() == 0)) return false;
+ if (oldPathElems == null || oldPathElems.size() == 0) {
+ return false;
+ }
Entry entry =
root.find(oldPathElems.toArray(new String[oldPathElems.size()]), false);
- if ((entry != null) && (entry.getAuthzObjs().contains(oldName))) {
+ if (entry != null && entry.getAuthzObjs().contains(oldName)) {
// Update pathElements
String[] newPath = newPathElems.toArray(new String[newPathElems.size()]);
// Can't use Lists.newArrayList() because of whacky generics
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
index d62222b..3203ecd 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
@@ -102,7 +102,9 @@ public class HMSPathsDumper implements AuthzPathsDumper<HMSPaths> {
child = parent.getChildren().get(tChild.getPathElement());
// If we havn't reached a prefix entry yet, then child should
// already exists.. else it is not part of the prefix
- if (child == null) continue;
+ if (child == null) {
+ continue;
+ }
isChildPrefix = child.getType() == EntryType.PREFIX;
// Handle case when prefix entry has an authzObject
// For Eg (default table mapped to /user/hive/warehouse)
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClient.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClient.java
index 956b855..ab12bf4 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClient.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClient.java
@@ -17,19 +17,17 @@
*/
package org.apache.sentry.hdfs;
-import java.io.IOException;
-
public interface SentryHDFSServiceClient {
- public static final String SENTRY_HDFS_SERVICE_NAME = "SentryHDFSService";
+ String SENTRY_HDFS_SERVICE_NAME = "SentryHDFSService";
- public void notifyHMSUpdate(PathsUpdate update)
+ void notifyHMSUpdate(PathsUpdate update)
throws SentryHdfsServiceException;
- public long getLastSeenHMSPathSeqNum() throws SentryHdfsServiceException;
+ long getLastSeenHMSPathSeqNum() throws SentryHdfsServiceException;
- public SentryAuthzUpdate getAllUpdatesFrom(long permSeqNum, long pathSeqNum)
+ SentryAuthzUpdate getAllUpdatesFrom(long permSeqNum, long pathSeqNum)
throws SentryHdfsServiceException;
- public void close();
+ void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/Updateable.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/Updateable.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/Updateable.java
index 117fde2..4dc3a0c 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/Updateable.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/Updateable.java
@@ -28,7 +28,7 @@ public interface Updateable<K extends Updateable.Update> {
* implementing this interface and containing the generated thrift class as
* a work around
*/
- public interface Update {
+ interface Update {
boolean hasFullImage();
@@ -47,27 +47,27 @@ public interface Updateable<K extends Updateable.Update> {
* @param lock External Lock.
* @return
*/
- public void updatePartial(Iterable<K> update, ReadWriteLock lock);
+ void updatePartial(Iterable<K> update, ReadWriteLock lock);
/**
* This returns a new object with the full update applied
* @param update
* @return
*/
- public Updateable<K> updateFull(K update);
+ Updateable<K> updateFull(K update);
/**
* Return sequence number of Last Update
*/
- public long getLastUpdatedSeqNum();
+ long getLastUpdatedSeqNum();
/**
* Create and Full image update of the local data structure
* @param currSeqNum
* @return
*/
- public K createFullImageUpdate(long currSeqNum);
+ K createFullImageUpdate(long currSeqNum);
- public String getUpdateableTypeName();
+ String getUpdateableTypeName();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
index 364a1f6..8fc5470 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
@@ -50,12 +50,12 @@ public class UpdateableAuthzPaths implements AuthzPaths, Updateable<PathsUpdate>
@Override
public Set<String> findAuthzObject(String[] pathElements) {
- return paths.findAuthzObject(pathElements);
+ return paths.findAuthzObject(pathElements);
}
@Override
public Set<String> findAuthzObjectExactMatches(String[] pathElements) {
- return paths.findAuthzObjectExactMatches(pathElements);
+ return paths.findAuthzObjectExactMatches(pathElements);
}
@Override
@@ -93,16 +93,16 @@ public class UpdateableAuthzPaths implements AuthzPaths, Updateable<PathsUpdate>
List<TPathChanges> pathChanges = update.getPathChanges();
TPathChanges newPathInfo = null;
TPathChanges oldPathInfo = null;
- if ((pathChanges.get(0).getAddPathsSize() == 1)
- && (pathChanges.get(1).getDelPathsSize() == 1)) {
+ if (pathChanges.get(0).getAddPathsSize() == 1
+ && pathChanges.get(1).getDelPathsSize() == 1) {
newPathInfo = pathChanges.get(0);
oldPathInfo = pathChanges.get(1);
- } else if ((pathChanges.get(1).getAddPathsSize() == 1)
- && (pathChanges.get(0).getDelPathsSize() == 1)) {
+ } else if (pathChanges.get(1).getAddPathsSize() == 1
+ && pathChanges.get(0).getDelPathsSize() == 1) {
newPathInfo = pathChanges.get(1);
oldPathInfo = pathChanges.get(0);
}
- if ((newPathInfo != null)&&(oldPathInfo != null)) {
+ if (newPathInfo != null && oldPathInfo != null) {
paths.renameAuthzObject(
oldPathInfo.getAuthzObj(), oldPathInfo.getDelPaths().get(0),
newPathInfo.getAuthzObj(), newPathInfo.getAddPaths().get(0));
@@ -113,8 +113,8 @@ public class UpdateableAuthzPaths implements AuthzPaths, Updateable<PathsUpdate>
paths.addPathsToAuthzObject(pathChanges.getAuthzObj(), pathChanges
.getAddPaths(), true);
List<List<String>> delPaths = pathChanges.getDelPaths();
- if ((delPaths.size() == 1) && (delPaths.get(0).size() == 1)
- && (delPaths.get(0).get(0).equals(PathsUpdate.ALL_PATHS))) {
+ if (delPaths.size() == 1 && delPaths.get(0).size() == 1
+ && delPaths.get(0).get(0).equals(PathsUpdate.ALL_PATHS)) {
// Remove all paths.. eg. drop table
paths.deleteAuthzObject(pathChanges.getAuthzObj());
} else {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ha/HdfsHAClientInvocationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ha/HdfsHAClientInvocationHandler.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ha/HdfsHAClientInvocationHandler.java
index ec66b2d..6138b8c 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ha/HdfsHAClientInvocationHandler.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ha/HdfsHAClientInvocationHandler.java
@@ -59,44 +59,42 @@ public class HdfsHAClientInvocationHandler implements InvocationHandler {
public Object invoke(Object proxy, Method method, Object[] args) throws
SentryHdfsServiceException {
Object result = null;
- while (true) {
- try {
- if (!method.isAccessible()) {
- method.setAccessible(true);
- }
- // The client is initialized in the first call instead of constructor.
- // This way we can propagate the connection exception to caller cleanly
- if (client == null) {
- renewSentryClient();
- }
- result = method.invoke(client, args);
- } catch (IllegalAccessException e) {
- throw new SentryHdfsServiceException(e.getMessage(), e.getCause());
- } catch (InvocationTargetException e) {
- if (!(e.getTargetException() instanceof SentryHdfsServiceException)) {
- throw new SentryHdfsServiceException("Error in Sentry HDFS client",
- e.getTargetException());
- } else {
- LOGGER.warn(THRIFT_EXCEPTION_MESSAGE + ": Error in connect current" +
- " service, will retry other service.", e);
- if (client != null) {
- client.close();
- client = null;
- }
- throw (SentryHdfsServiceException) e.getTargetException();
- }
- } catch (IOException e1) {
- // close() doesn't throw exception we supress that in case of connection
- // loss. Changing SentryPolicyServiceClient#close() to throw an
- // exception would be a backward incompatible change for Sentry clients.
- if ("close".equals(method.getName())) {
- return null;
+ try {
+ if (!method.isAccessible()) {
+ method.setAccessible(true);
+ }
+ // The client is initialized in the first call instead of constructor.
+ // This way we can propagate the connection exception to caller cleanly
+ if (client == null) {
+ renewSentryClient();
+ }
+ result = method.invoke(client, args);
+ } catch (IllegalAccessException e) {
+ throw new SentryHdfsServiceException(e.getMessage(), e.getCause());
+ } catch (InvocationTargetException e) {
+ if (!(e.getTargetException() instanceof SentryHdfsServiceException)) {
+ throw new SentryHdfsServiceException("Error in Sentry HDFS client",
+ e.getTargetException());
+ } else {
+ LOGGER.warn(THRIFT_EXCEPTION_MESSAGE + ": Error in connect current" +
+ " service, will retry other service.", e);
+ if (client != null) {
+ client.close();
+ client = null;
}
- throw new SentryHdfsServiceException(
- "Error connecting to sentry service " + e1.getMessage(), e1);
+ throw (SentryHdfsServiceException) e.getTargetException();
+ }
+ } catch (IOException e1) {
+ // close() doesn't throw exception we supress that in case of connection
+ // loss. Changing SentryPolicyServiceClient#close() to throw an
+ // exception would be a backward incompatible change for Sentry clients.
+ if ("close".equals(method.getName())) {
+ return null;
}
- return result;
+ throw new SentryHdfsServiceException(
+ "Error connecting to sentry service " + e1.getMessage(), e1);
}
+ return result;
}
// Retrieve the new connection endpoint from ZK and connect to new server
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/95b1e40e/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestHMSPathsFullDump.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestHMSPathsFullDump.java b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestHMSPathsFullDump.java
index b43ad0e..735b5d7 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestHMSPathsFullDump.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestHMSPathsFullDump.java
@@ -33,10 +33,6 @@ import java.util.Arrays;
import java.util.HashSet;
import java.io.IOException;
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNull;
-
public class TestHMSPathsFullDump {
private static boolean useCompact = true;