You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by co...@apache.org on 2017/11/22 15:56:32 UTC
[12/23] sentry git commit: Making use of the refactored Command
implementations in ShellUtil
Making use of the refactored Command implementations in ShellUtil
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/cd4c80d4
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/cd4c80d4
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/cd4c80d4
Branch: refs/heads/master
Commit: cd4c80d48547d75320b4832a127978569f8b2743
Parents: 8be6279
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon Nov 6 17:13:28 2017 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Mon Nov 6 17:13:28 2017 +0000
----------------------------------------------------------------------
.../org/apache/sentry/shell/GroupShell.java | 5 -
.../org/apache/sentry/shell/PrivsShell.java | 5 -
.../java/org/apache/sentry/shell/ShellUtil.java | 137 ++++---------------
.../org/apache/sentry/shell/TopLevelShell.java | 5 -
4 files changed, 30 insertions(+), 122 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/cd4c80d4/sentry-tools/src/main/java/org/apache/sentry/shell/GroupShell.java
----------------------------------------------------------------------
diff --git a/sentry-tools/src/main/java/org/apache/sentry/shell/GroupShell.java b/sentry-tools/src/main/java/org/apache/sentry/shell/GroupShell.java
index 7510114..a59da04 100644
--- a/sentry-tools/src/main/java/org/apache/sentry/shell/GroupShell.java
+++ b/sentry-tools/src/main/java/org/apache/sentry/shell/GroupShell.java
@@ -37,11 +37,6 @@ public class GroupShell implements ShellDependent {
this.tools = new ShellUtil(sentryClient, authUser);
}
- @Command
- public List<String> list() {
- return tools.listGroups();
- }
-
@Command(abbrev = "lr", header = "[groups]",
description = "list groups and their roles")
public List<String> listRoles() {
http://git-wip-us.apache.org/repos/asf/sentry/blob/cd4c80d4/sentry-tools/src/main/java/org/apache/sentry/shell/PrivsShell.java
----------------------------------------------------------------------
diff --git a/sentry-tools/src/main/java/org/apache/sentry/shell/PrivsShell.java b/sentry-tools/src/main/java/org/apache/sentry/shell/PrivsShell.java
index b7db42e..a03c47d 100644
--- a/sentry-tools/src/main/java/org/apache/sentry/shell/PrivsShell.java
+++ b/sentry-tools/src/main/java/org/apache/sentry/shell/PrivsShell.java
@@ -45,11 +45,6 @@ public class PrivsShell implements ShellDependent {
}
@Command
- public String list() {
- return tools.listPrivileges();
- }
-
- @Command
public List<String> list(
@Param(name = "roleName")
String roleName) {
http://git-wip-us.apache.org/repos/asf/sentry/blob/cd4c80d4/sentry-tools/src/main/java/org/apache/sentry/shell/ShellUtil.java
----------------------------------------------------------------------
diff --git a/sentry-tools/src/main/java/org/apache/sentry/shell/ShellUtil.java b/sentry-tools/src/main/java/org/apache/sentry/shell/ShellUtil.java
index daf9b73..13d194d 100644
--- a/sentry-tools/src/main/java/org/apache/sentry/shell/ShellUtil.java
+++ b/sentry-tools/src/main/java/org/apache/sentry/shell/ShellUtil.java
@@ -18,28 +18,25 @@
package org.apache.sentry.shell;
-import com.google.common.collect.Sets;
-import org.apache.commons.lang.StringUtils;
import org.apache.sentry.core.common.exception.SentryUserException;
import org.apache.sentry.provider.db.service.thrift.*;
-import org.apache.sentry.provider.db.tools.command.hive.CommandUtil;
+import org.apache.sentry.provider.db.tools.SentryShellCommon;
+import org.apache.sentry.provider.db.tools.ShellCommand;
+import org.apache.sentry.provider.db.tools.command.hive.HiveShellCommand;
import java.util.*;
-import static org.apache.sentry.service.thrift.SentryServiceUtil.convertTSentryPrivilegeToStr;
-import static org.apache.sentry.service.thrift.SentryServiceUtil.convertToTSentryPrivilege;
-
/**
* ShellUtil implements actual commands
*/
class ShellUtil {
- private final SentryPolicyServiceClient sentryClient;
+ private final ShellCommand command;
private final String authUser;
ShellUtil(SentryPolicyServiceClient sentryClient, String authUser) {
- this.sentryClient = sentryClient;
this.authUser = authUser;
+ command = new HiveShellCommand(sentryClient);
}
List<String> listRoles() {
@@ -47,33 +44,22 @@ class ShellUtil {
}
List<String> listRoles(String group) {
- Set<TSentryRole> roles = null;
try {
- if (StringUtils.isEmpty(group)) {
- roles = sentryClient.listAllRoles(authUser);
- } else {
- roles = sentryClient.listRolesByGroupName(authUser, group);
- }
- } catch (SentryUserException e) {
- System.out.println("Error listing roles: " + e.toString());
- }
- List<String> result = new ArrayList<>();
- if (roles == null || roles.isEmpty()) {
+ // TODO remove "null" here
+ List<String> result = command.listRoles(authUser, null, group);
+ Collections.sort(result);
return result;
+ } catch (SentryUserException e) {
+ System.out.printf("failed to list roles with group %s: %s\n",
+ group, e.toString());
+ return Collections.emptyList();
}
-
- for (TSentryRole role : roles) {
- result.add(role.getRoleName());
- }
-
- Collections.sort(result);
- return result;
}
void createRoles(String ...roles) {
for (String role : roles) {
try {
- sentryClient.createRole(authUser, role);
+ command.createRole(authUser, role);
} catch (SentryUserException e) {
System.out.printf("failed to create role %s: %s\n",
role, e.toString());
@@ -84,7 +70,7 @@ class ShellUtil {
void dropRoles(String ...roles) {
for (String role : roles) {
try {
- sentryClient.dropRole(authUser, role);
+ command.dropRole(authUser, role);
} catch (SentryUserException e) {
System.out.printf("failed to drop role %s: %s\n",
role, e.toString());
@@ -92,36 +78,10 @@ class ShellUtil {
}
}
- List<String> listGroups() {
- Set<TSentryRole> roles = null;
-
- try {
- roles = sentryClient.listAllRoles(authUser);
- } catch (SentryUserException e) {
- System.out.println("Error reading roles: " + e.toString());
- }
-
- if (roles == null || roles.isEmpty()) {
- return new ArrayList<>();
- }
-
- // Set of all group names
- Set<String> groupNames = new HashSet<>();
-
- // Get all group names
- for (TSentryRole role: roles) {
- for (TSentryGroup group: role.getGroups()) {
- groupNames.add(group.getGroupName());
- }
- }
-
- List<String> result = new ArrayList<>(groupNames);
-
- Collections.sort(result);
- return result;
- }
-
List<String> listGroupRoles() {
+ // TODO
+ return Collections.emptyList();
+ /*
Set<TSentryRole> roles = null;
try {
@@ -170,11 +130,14 @@ class ShellUtil {
StringUtils.join(groupInfo.get(groupName), ", "));
}
return result;
+ */
}
void grantGroupsToRole(String roleName, String ...groups) {
try {
- sentryClient.grantRoleToGroups(authUser, roleName, Sets.newHashSet(groups));
+ // TODO change grantRoleToGroups
+ String joinedGroups = String.join(SentryShellCommon.GROUP_SPLIT_CHAR, groups);
+ command.grantRoleToGroups(authUser, roleName, joinedGroups);
} catch (SentryUserException e) {
System.out.printf("Failed to gran role %s to groups: %s\n",
roleName, e.toString());
@@ -183,7 +146,9 @@ class ShellUtil {
void revokeGroupsFromRole(String roleName, String ...groups) {
try {
- sentryClient.revokeRoleFromGroups(authUser, roleName, Sets.newHashSet(groups));
+ // TODO change revokeRoleFromGroups
+ String joinedGroups = String.join(SentryShellCommon.GROUP_SPLIT_CHAR, groups);
+ command.revokeRoleFromGroups(authUser, roleName, joinedGroups);
} catch (SentryUserException e) {
System.out.printf("Failed to revoke role %s to groups: %s\n",
roleName, e.toString());
@@ -191,68 +156,26 @@ class ShellUtil {
}
void grantPrivilegeToRole(String roleName, String privilege) {
- TSentryPrivilege tPriv = convertToTSentryPrivilege(privilege);
try {
- CommandUtil.validatePrivilegeHierarchy(tPriv);
- sentryClient.grantPrivilege(authUser, roleName, tPriv);
- } catch (SentryUserException | IllegalArgumentException e) {
+ command.grantPrivilegeToRole(authUser, roleName, privilege);
+ } catch (SentryUserException e) {
System.out.println("Error granting privilege: " + e.toString());
}
}
List<String> listPrivileges(String roleName) {
- Set<TSentryPrivilege> privileges = null;
try {
- privileges = sentryClient
- .listAllPrivilegesByRoleName(authUser, roleName);
+ return command.listPrivileges(authUser, roleName);
} catch (SentryUserException e) {
System.out.println("Failed to list privileges: " + e.toString());
+ return Collections.emptyList();
}
-
- List<String> result = new LinkedList<>();
- if (privileges == null || privileges.isEmpty()) {
- return result;
- }
-
- for (TSentryPrivilege privilege : privileges) {
- String privilegeStr = convertTSentryPrivilegeToStr(privilege);
- if (privilegeStr.isEmpty()) {
- continue;
- }
- result.add(privilegeStr);
- }
- return result;
- }
-
- /**
- * List all privileges
- * @return string with privilege info for all roles
- */
- String listPrivileges() {
- List<String> roles = listRoles(null);
- if (roles == null || roles.isEmpty()) {
- return "";
- }
-
- StringBuilder result = new StringBuilder();
- for (String role: roles) {
- List<String> privs = listPrivileges(role);
- if (privs.isEmpty()) {
- continue;
- }
- result.append(role).append(" = ");
- result.append(StringUtils.join(listPrivileges(role), ",\n\t"));
- result.append('\n');
- }
- return result.toString();
}
void revokePrivilegeFromRole(String roleName, String privilegeStr) {
- TSentryPrivilege tSentryPrivilege = convertToTSentryPrivilege(privilegeStr);
try {
- CommandUtil.validatePrivilegeHierarchy(tSentryPrivilege);
- sentryClient.revokePrivilege(authUser, roleName, tSentryPrivilege);
- } catch (SentryUserException | IllegalArgumentException e) {
+ command.revokePrivilegeFromRole(authUser, roleName, privilegeStr);
+ } catch (SentryUserException e) {
System.out.println("failed to revoke privilege: " + e.toString());
}
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/cd4c80d4/sentry-tools/src/main/java/org/apache/sentry/shell/TopLevelShell.java
----------------------------------------------------------------------
diff --git a/sentry-tools/src/main/java/org/apache/sentry/shell/TopLevelShell.java b/sentry-tools/src/main/java/org/apache/sentry/shell/TopLevelShell.java
index 738a992..ba4a204 100644
--- a/sentry-tools/src/main/java/org/apache/sentry/shell/TopLevelShell.java
+++ b/sentry-tools/src/main/java/org/apache/sentry/shell/TopLevelShell.java
@@ -116,11 +116,6 @@ public class TopLevelShell implements ShellDependent, Runnable {
}
@Command(description = "list Sentry privileges")
- public String listPrivileges() {
- return tools.listPrivileges();
- }
-
- @Command(description = "list Sentry privileges")
public List<String> listPrivileges(
@Param(name = "roleName")
String roleName) {