You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sp...@apache.org on 2018/05/15 21:44:42 UTC
[24/51] [abbrv] [partial] sentry git commit: SENTRY-2206: Refactor
out sentry api from sentry-provider-db to own module (Steve Moist,
reviewed by Sergio Pena)
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
deleted file mode 100644
index 4cd8fd6..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientDefaultImpl.java
+++ /dev/null
@@ -1,559 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import com.google.common.collect.Lists;
-import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.core.common.transport.SentryConnection;
-import org.apache.sentry.core.common.transport.SentryTransportPool;
-import org.apache.sentry.core.common.transport.TTransportWrapper;
-import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericPolicyService.Client;
-import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
-import org.apache.sentry.service.thrift.Status;
-import org.apache.sentry.service.thrift.sentry_common_serviceConstants;
-import org.apache.thrift.TException;
-import org.apache.thrift.protocol.TBinaryProtocol;
-import org.apache.thrift.protocol.TMultiplexedProtocol;
-
-import java.io.IOException;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-
-/**
- * Sentry Generic Service Client.
- * <p>
- * Thread safety. This class is not thread safe - it is up to the
- * caller to ensure thread safety.
- */
-public class SentryGenericServiceClientDefaultImpl
- implements SentryGenericServiceClient, SentryConnection {
-
- private Client client;
- private final SentryTransportPool transportPool;
- private TTransportWrapper transport;
- private static final String THRIFT_EXCEPTION_MESSAGE = "Thrift exception occured ";
- private final long maxMessageSize;
-
- /**
- * Initialize client with the given configuration, using specified transport pool
- * implementation for obtaining transports.
- * @param conf Sentry Configuration
- * @param transportPool source of connected transports
- */
- SentryGenericServiceClientDefaultImpl(Configuration conf,
- SentryTransportPool transportPool) {
-
- //TODO(kalyan) need to find appropriate place to add it
- // if (kerberos) {
- // // since the client uses hadoop-auth, we need to set kerberos in
- // // hadoop-auth if we plan to use kerberos
- // conf.set(HADOOP_SECURITY_AUTHENTICATION, SentryConstants.KERBEROS_MoODE);
- // }
- maxMessageSize = conf.getLong(ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE,
- ClientConfig.SENTRY_POLICY_CLIENT_THRIFT_MAX_MESSAGE_SIZE_DEFAULT);
- this.transportPool = transportPool;
- }
-
- /**
- * Connect to the specified server configured
- *
- * @throws IOException
- */
- @Override
- public void connect() throws Exception {
- if ((transport != null) && transport.isOpen()) {
- return;
- }
-
- // Obtain connection to Sentry server
- transport = transportPool.getTransport();
- TMultiplexedProtocol protocol = new TMultiplexedProtocol(
- new TBinaryProtocol(transport.getTTransport(), maxMessageSize,
- maxMessageSize, true, true),
- SentryGenericPolicyProcessor.SENTRY_GENERIC_SERVICE_NAME);
- client = new Client(protocol);
- }
-
- /**
- * Create a sentry role
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @throws SentryUserException
- */
- @Override
- public void createRole(String requestorUserName, String roleName, String component)
- throws SentryUserException {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setComponent(component);
- try {
- TCreateSentryRoleResponse response = client.create_sentry_role(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public void createRoleIfNotExist(String requestorUserName, String roleName, String component) throws SentryUserException {
- TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setComponent(component);
- try {
- TCreateSentryRoleResponse response = client.create_sentry_role(request);
- Status status = Status.fromCode(response.getStatus().getValue());
- if (status == Status.ALREADY_EXISTS) {
- return;
- }
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Drop a sentry role
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @throws SentryUserException
- */
- @Override
- public void dropRole(String requestorUserName,
- String roleName, String component)
- throws SentryUserException {
- dropRole(requestorUserName, roleName, component, false);
- }
-
- @Override
- public void dropRoleIfExists(String requestorUserName,
- String roleName, String component)
- throws SentryUserException {
- dropRole(requestorUserName, roleName, component, true);
- }
-
- private void dropRole(String requestorUserName,
- String roleName, String component, boolean ifExists)
- throws SentryUserException {
- TDropSentryRoleRequest request = new TDropSentryRoleRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setComponent(component);
- try {
- TDropSentryRoleResponse response = client.drop_sentry_role(request);
- Status status = Status.fromCode(response.getStatus().getValue());
- if (ifExists && status == Status.NO_SUCH_OBJECT) {
- return;
- }
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Grant a sentry role to groups.
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param groups: The name of groups
- * @throws SentryUserException
- */
- @Override
- public void grantRoleToGroups(String requestorUserName, String roleName,
- String component, Set<String> groups) throws SentryUserException {
- TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setGroups(groups);
- request.setComponent(component);
-
- try {
- TAlterSentryRoleAddGroupsResponse response = client.alter_sentry_role_add_groups(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * revoke a sentry role from groups.
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param groups: The name of groups
- * @throws SentryUserException
- */
- @Override
- public void revokeRoleFromGroups(String requestorUserName, String roleName,
- String component, Set<String> groups) throws SentryUserException {
- TAlterSentryRoleDeleteGroupsRequest request = new TAlterSentryRoleDeleteGroupsRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setGroups(groups);
- request.setComponent(component);
-
- try {
- TAlterSentryRoleDeleteGroupsResponse response = client.alter_sentry_role_delete_groups(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * grant privilege
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- @Override
- public void grantPrivilege(String requestorUserName, String roleName,
- String component, TSentryPrivilege privilege) throws SentryUserException {
- TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRoleName(roleName);
- request.setRequestorUserName(requestorUserName);
- request.setPrivilege(privilege);
-
- try {
- TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * revoke privilege
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName: Name of the role
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- @Override
- public void revokePrivilege(String requestorUserName, String roleName,
- String component, TSentryPrivilege privilege) throws SentryUserException {
- TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- request.setPrivilege(privilege);
-
- try {
- TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * drop privilege
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param component: The request is issued to which component
- * @param privilege
- * @throws SentryUserException
- */
- @Override
- public void dropPrivilege(String requestorUserName, String component,
- TSentryPrivilege privilege) throws SentryUserException {
- TDropPrivilegesRequest request = new TDropPrivilegesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRequestorUserName(requestorUserName);
- request.setPrivilege(privilege);
-
- try {
- TDropPrivilegesResponse response = client.drop_sentry_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * rename privilege
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param component: The request is issued to which component
- * @param serviceName: The Authorizable belongs to which service
- * @param oldAuthorizables
- * @param newAuthorizables
- * @throws SentryUserException
- */
- @Override
- public void renamePrivilege(String requestorUserName, String component,
- String serviceName, List<? extends Authorizable> oldAuthorizables,
- List<? extends Authorizable> newAuthorizables) throws SentryUserException {
- if (oldAuthorizables == null || oldAuthorizables.isEmpty()
- || newAuthorizables == null || newAuthorizables.isEmpty()) {
- throw new SentryUserException("oldAuthorizables or newAuthorizables can not be null or empty");
- }
-
- TRenamePrivilegesRequest request = new TRenamePrivilegesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setRequestorUserName(requestorUserName);
- request.setServiceName(serviceName);
-
- List<TAuthorizable> oldTAuthorizables = Lists.newArrayList();
- List<TAuthorizable> newTAuthorizables = Lists.newArrayList();
- for (Authorizable authorizable : oldAuthorizables) {
- oldTAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- request.setOldAuthorizables(oldTAuthorizables);
- }
- for (Authorizable authorizable : newAuthorizables) {
- newTAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- request.setNewAuthorizables(newTAuthorizables);
- }
-
- try {
- TRenamePrivilegesResponse response = client.rename_sentry_privilege(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Gets sentry role objects for a given groupName using the Sentry service
- *
- * @param requestorUserName : user on whose behalf the request is issued
- * @param groupName : groupName to look up ( if null returns all roles for groups related to requestorUserName)
- * @param component: The request is issued to which component
- * @return Set of thrift sentry role objects
- * @throws SentryUserException
- */
- @Override
- public Set<TSentryRole> listRolesByGroupName(
- String requestorUserName,
- String groupName,
- String component)
- throws SentryUserException {
- TListSentryRolesRequest request = new TListSentryRolesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setRequestorUserName(requestorUserName);
- request.setGroupName(groupName);
- request.setComponent(component);
- TListSentryRolesResponse response;
- try {
- response = client.list_sentry_roles_by_group(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getRoles();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public Set<TSentryRole> listUserRoles(String requestorUserName, String component)
- throws SentryUserException {
- return listRolesByGroupName(requestorUserName, AccessConstants.ALL, component);
- }
-
- @Override
- public Set<TSentryRole> listAllRoles(String requestorUserName, String component)
- throws SentryUserException {
- return listRolesByGroupName(requestorUserName, null, component);
- }
-
- /**
- * Gets sentry privileges for a given roleName and Authorizable Hirerchys using the Sentry service
- *
- * @param requestorUserName: user on whose behalf the request is issued
- * @param roleName:
- * @param component: The request is issued to which component
- * @param serviceName
- * @param authorizables
- * @return
- * @throws SentryUserException
- */
- @Override
- public Set<TSentryPrivilege> listPrivilegesByRoleName(
- String requestorUserName, String roleName, String component,
- String serviceName, List<? extends Authorizable> authorizables)
- throws SentryUserException {
- TListSentryPrivilegesRequest request = new TListSentryPrivilegesRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setServiceName(serviceName);
- request.setRequestorUserName(requestorUserName);
- request.setRoleName(roleName);
- if (authorizables != null && !authorizables.isEmpty()) {
- List<TAuthorizable> tAuthorizables = Lists.newArrayList();
- for (Authorizable authorizable : authorizables) {
- tAuthorizables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- }
- request.setAuthorizables(tAuthorizables);
- }
-
- TListSentryPrivilegesResponse response;
- try {
- response = client.list_sentry_privileges_by_role(request);
- Status.throwIfNotOk(response.getStatus());
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- return response.getPrivileges();
- }
-
- @Override
- public Set<TSentryPrivilege> listAllPrivilegesByRoleName(
- String requestorUserName, String roleName, String component,
- String serviceName) throws SentryUserException {
- return listPrivilegesByRoleName(requestorUserName, roleName, component, serviceName, null);
- }
-
- /**
- * get sentry permissions from provider as followings:
- *
- * @throws SentryUserException
- * @param: component: The request is issued to which component
- * @param: serviceName: The privilege belongs to which service
- * @param: roleSet
- * @param: groupNames
- * @param: the authorizables
- * @returns the set of permissions
- */
- @Override
- public Set<String> listPrivilegesForProvider(String component,
- String serviceName, ActiveRoleSet roleSet, Set<String> groups,
- List<? extends Authorizable> authorizables) throws SentryUserException {
- TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles());
- TListSentryPrivilegesForProviderRequest request = new TListSentryPrivilegesForProviderRequest();
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setServiceName(serviceName);
- request.setRoleSet(thriftRoleSet);
- if (groups == null) {
- request.setGroups(new HashSet<String>());
- } else {
- request.setGroups(groups);
- }
- List<TAuthorizable> tAuthoriables = Lists.newArrayList();
- if (authorizables != null && !authorizables.isEmpty()) {
- for (Authorizable authorizable : authorizables) {
- tAuthoriables.add(new TAuthorizable(authorizable.getTypeName(), authorizable.getName()));
- }
- request.setAuthorizables(tAuthoriables);
- }
-
- try {
- TListSentryPrivilegesForProviderResponse response = client.list_sentry_privileges_for_provider(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivileges();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- /**
- * Get sentry privileges based on valid active roles and the authorize objects. Note that
- * it is client responsibility to ensure the requestor username, etc. is not impersonated.
- *
- * @param component: The request respond to which component.
- * @param serviceName: The name of service.
- * @param requestorUserName: The requestor user name.
- * @param authorizablesSet: The set of authorize objects. One authorize object is represented
- * as a string. e.g resourceType1=resourceName1->resourceType2=resourceName2->resourceType3=resourceName3.
- * @param groups: The requested groups.
- * @param roleSet: The active roles set.
- * @throws SentryUserException
- * @returns The mapping of authorize objects and TSentryPrivilegeMap(<role, set<privileges>).
- */
- @Override
- public Map<String, TSentryPrivilegeMap> listPrivilegesbyAuthorizable(String component,
- String serviceName, String requestorUserName, Set<String> authorizablesSet,
- Set<String> groups, ActiveRoleSet roleSet) throws SentryUserException {
-
- TListSentryPrivilegesByAuthRequest request = new TListSentryPrivilegesByAuthRequest();
-
- request.setProtocol_version(sentry_common_serviceConstants.TSENTRY_SERVICE_V2);
- request.setComponent(component);
- request.setServiceName(serviceName);
- request.setRequestorUserName(requestorUserName);
- request.setAuthorizablesSet(authorizablesSet);
-
- if (groups == null) {
- request.setGroups(new HashSet<String>());
- } else {
- request.setGroups(groups);
- }
-
- if (roleSet != null) {
- request.setRoleSet(new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles()));
- }
-
- try {
- TListSentryPrivilegesByAuthResponse response = client.list_sentry_privileges_by_authorizable(request);
- Status.throwIfNotOk(response.getStatus());
- return response.getPrivilegesMapByAuth();
- } catch (TException e) {
- throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e);
- }
- }
-
- @Override
- public void close() {
- done();
- }
-
- @Override
- public void done() {
- if (transport != null) {
- transportPool.returnTransport(transport);
- transport = null;
- }
- }
-
- @Override
- public void invalidate() {
- if (transport != null) {
- transportPool.invalidateTransport(transport);
- transport = null;
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java
deleted file mode 100644
index b663e3d..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java
+++ /dev/null
@@ -1,123 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.generic.service.thrift;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.UserGroupInformation;
-import org.apache.sentry.core.common.transport.RetryClientInvocationHandler;
-import org.apache.sentry.core.common.transport.SentryPolicyClientTransportConfig;
-import org.apache.sentry.core.common.transport.SentryTransportFactory;
-import org.apache.sentry.core.common.transport.SentryTransportPool;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.annotation.concurrent.ThreadSafe;
-import java.lang.reflect.Proxy;
-import java.util.concurrent.atomic.AtomicReference;
-
-/**
- * Produces client connection for Sentry clients using Generic model.
- * Factory is [alost] a singleton. Tests can call {@link #factoryReset()} to destroy the
- * existing factory and create a new one. This may be needed because tests modify
- * configuration and start and stop servers.
- */
-@ThreadSafe
-public final class SentryGenericServiceClientFactory {
- private static final Logger LOGGER = LoggerFactory.getLogger(SentryGenericServiceClientFactory.class);
-
- // Used to implement a singleton
- private static final AtomicReference<SentryGenericServiceClientFactory> clientFactory =
- new AtomicReference<>();
-
- private final SentryPolicyClientTransportConfig transportConfig =
- new SentryPolicyClientTransportConfig();
- private final SentryTransportPool transportPool;
- private final Configuration conf;
-
- /**
- * Obtain an Generic policy client instance.
- * @param conf Configuration that should be used. Configuration is only used for the
- * initial creation and ignored afterwords.
- */
- public static SentryGenericServiceClient create(Configuration conf) throws Exception {
- SentryGenericServiceClientFactory factory = clientFactory.get();
- if (factory != null) {
- return factory.create();
- }
- factory = new SentryGenericServiceClientFactory(conf);
- boolean ok = clientFactory.compareAndSet(null, factory);
- if (ok) {
- return factory.create();
- }
- factory.close();
- return clientFactory.get().create();
- }
-
- /**
- * Create a new factory instance and atach it to a connection pool instance.
- * @param conf Configuration
- */
- private SentryGenericServiceClientFactory(Configuration conf) {
- if (transportConfig.isKerberosEnabled(conf) &&
- transportConfig.useUserGroupInformation(conf)) {
- LOGGER.info("Using UserGroupInformation authentication");
- UserGroupInformation.setConfiguration(conf);
- }
-
- this.conf = conf;
-
- transportPool = new SentryTransportPool(this.conf, transportConfig,
- new SentryTransportFactory(this.conf, transportConfig));
- }
-
- /**
- * Create a new client connection to the server for Generic model clients
- * @return client instance
- * @throws Exception if something goes wrong
- */
- @SuppressWarnings("squid:S00112")
- private SentryGenericServiceClient create() throws Exception {
- return (SentryGenericServiceClient) Proxy
- .newProxyInstance(SentryGenericServiceClientDefaultImpl.class.getClassLoader(),
- SentryGenericServiceClientDefaultImpl.class.getInterfaces(),
- new RetryClientInvocationHandler(conf,
- new SentryGenericServiceClientDefaultImpl(conf, transportPool), transportConfig));
- }
-
- // Should only be used by tests.
- // Resets the factory and destroys any pooled connections
- public static void factoryReset() {
- LOGGER.debug("factory reset");
- SentryGenericServiceClientFactory factory = clientFactory.getAndSet(null);
- if (factory != null) {
- try {
- factory.transportPool.close();
- } catch (Exception e) {
- LOGGER.error("failed to close transport pool", e);
- }
- }
- }
-
- private void close() {
- try {
- transportPool.close();
- } catch (Exception e) {
- LOGGER.error("failed to close transport pool", e);
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
index 82b21ef..6a2c77f 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/GenericPrivilegeConverter.java
@@ -29,6 +29,9 @@ import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
+import org.apache.sentry.api.generic.thrift.TAuthorizable;
+import org.apache.sentry.api.generic.thrift.TSentryGrantOption;
+import org.apache.sentry.api.generic.thrift.TSentryPrivilege;
import org.apache.sentry.core.common.Authorizable;
import org.apache.sentry.core.common.exception.SentryUserException;
import org.apache.sentry.core.common.utils.KeyValue;
@@ -46,9 +49,6 @@ import org.apache.sentry.core.model.solr.SolrPrivilegeModel;
import org.apache.sentry.core.model.sqoop.SqoopModelAuthorizables;
import org.apache.sentry.core.model.sqoop.SqoopPrivilegeModel;
import org.apache.sentry.provider.common.AuthorizationComponent;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
import org.apache.shiro.config.ConfigurationException;
/**
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/TSentryPrivilegeConverter.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/TSentryPrivilegeConverter.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/TSentryPrivilegeConverter.java
index 5e48483..fc55575 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/TSentryPrivilegeConverter.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/TSentryPrivilegeConverter.java
@@ -18,8 +18,8 @@
*/
package org.apache.sentry.provider.db.generic.tools;
+import org.apache.sentry.api.generic.thrift.TSentryPrivilege;
import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege;
public interface TSentryPrivilegeConverter {
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
index 09f7d13..61becce 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntityFactory.java
@@ -25,30 +25,30 @@ import java.util.Map;
import java.util.Set;
import org.apache.hadoop.conf.Configuration;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
+import org.apache.sentry.api.generic.thrift.TAuthorizable;
import org.apache.sentry.provider.db.log.util.CommandUtil;
import org.apache.sentry.provider.db.log.util.Constants;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddUsersRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleAddUsersResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteUsersRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleDeleteUsersResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TCreateSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleRequest;
-import org.apache.sentry.provider.db.service.thrift.TDropSentryRoleResponse;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddGroupsRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddGroupsResponse;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddUsersRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleAddUsersResponse;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteGroupsRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteGroupsResponse;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteUsersRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleDeleteUsersResponse;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleGrantPrivilegeResponse;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleRevokePrivilegeResponse;
+import org.apache.sentry.api.service.thrift.TCreateSentryRoleRequest;
+import org.apache.sentry.api.service.thrift.TCreateSentryRoleResponse;
+import org.apache.sentry.api.service.thrift.TDropSentryRoleRequest;
+import org.apache.sentry.api.service.thrift.TDropSentryRoleResponse;
+import org.apache.sentry.api.service.thrift.TSentryGroup;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
import org.apache.sentry.core.common.utils.ThriftUtil;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
-import org.apache.sentry.service.thrift.Status;
+import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
+import org.apache.sentry.api.common.Status;
import org.apache.sentry.service.thrift.TSentryResponseStatus;
import com.google.common.base.Joiner;
@@ -225,8 +225,8 @@ public final class JsonLogEntityFactory {
// log entity for generic model create role
public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleResponse response,
+ org.apache.sentry.api.generic.thrift.TCreateSentryRoleRequest request,
+ org.apache.sentry.api.generic.thrift.TCreateSentryRoleResponse response,
Configuration conf) {
GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
@@ -237,8 +237,8 @@ public final class JsonLogEntityFactory {
// log entity for generic model drop role
public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleResponse response,
+ org.apache.sentry.api.generic.thrift.TDropSentryRoleRequest request,
+ org.apache.sentry.api.generic.thrift.TDropSentryRoleResponse response,
Configuration conf) {
GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
@@ -249,8 +249,8 @@ public final class JsonLogEntityFactory {
// log entity for generic model grant privilege
public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeResponse response,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleGrantPrivilegeRequest request,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleGrantPrivilegeResponse response,
Configuration conf) {
GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
@@ -271,8 +271,8 @@ public final class JsonLogEntityFactory {
// log entity for generic model revoke privilege
public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeResponse response,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleRevokePrivilegeRequest request,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleRevokePrivilegeResponse response,
Configuration conf) {
GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
@@ -293,8 +293,8 @@ public final class JsonLogEntityFactory {
// log entity for generic model add role to group
public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsResponse response,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleAddGroupsRequest request,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleAddGroupsResponse response,
Configuration conf) {
GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
@@ -307,8 +307,8 @@ public final class JsonLogEntityFactory {
// log entity for hive delete role from group
public JsonLogEntity createJsonLogEntity(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest request,
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsResponse response,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleDeleteGroupsRequest request,
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleDeleteGroupsResponse response,
Configuration conf) {
GMAuditMetadataLogEntity gmamle = createCommonGMAMLE(conf, response.getStatus(),
request.getRequestorUserName(), request.getClass().getName(), request.getComponent());
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
index 328bbbb..6479a60 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/CommandUtil.java
@@ -25,12 +25,12 @@ import java.util.List;
import java.util.Set;
import org.apache.sentry.core.model.db.AccessConstants;
-import org.apache.sentry.provider.db.generic.service.thrift.TAuthorizable;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
+import org.apache.sentry.api.generic.thrift.TAuthorizable;
+import org.apache.sentry.api.common.ApiConstants.PrivilegeScope;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleGrantPrivilegeRequest;
+import org.apache.sentry.api.service.thrift.TAlterSentryRoleRevokePrivilegeRequest;
+import org.apache.sentry.api.service.thrift.TSentryGrantOption;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
import org.datanucleus.util.StringUtils;
import com.google.common.annotations.VisibleForTesting;
@@ -159,18 +159,18 @@ public final class CommandUtil {
}
public static String createCmdForGrantGMPrivilege(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest request) {
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleGrantPrivilegeRequest request) {
return createCmdForGrantOrRevokeGMPrivilege(request.getRoleName(), request.getPrivilege(), true);
}
public static String createCmdForRevokeGMPrivilege(
- org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest request) {
+ org.apache.sentry.api.generic.thrift.TAlterSentryRoleRevokePrivilegeRequest request) {
return createCmdForGrantOrRevokeGMPrivilege(request.getRoleName(), request.getPrivilege(),
false);
}
private static String createCmdForGrantOrRevokeGMPrivilege(String roleName,
- org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege privilege,
+ org.apache.sentry.api.generic.thrift.TSentryPrivilege privilege,
boolean isGrant) {
StringBuilder sb = new StringBuilder();
if (isGrant) {
@@ -205,7 +205,7 @@ public final class CommandUtil {
}
sb.append(roleName);
- if (privilege.getGrantOption() == org.apache.sentry.provider.db.generic.service.thrift.TSentryGrantOption.TRUE) {
+ if (privilege.getGrantOption() == org.apache.sentry.api.generic.thrift.TSentryGrantOption.TRUE) {
sb.append(" WITH GRANT OPTION");
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
index 6a4f2e0..6e91f8b 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/util/Constants.java
@@ -21,7 +21,7 @@ package org.apache.sentry.provider.db.log.util;
import java.util.Map;
import com.google.common.collect.ImmutableMap;
-import org.apache.sentry.provider.db.service.thrift.*;
+import org.apache.sentry.api.service.thrift.*;
public final class Constants {
public static final String AUDIT_LOGGER_NAME = "sentry.hive.authorization.ddl.logger";
@@ -69,17 +69,17 @@ public final class Constants {
.put(TAlterSentryRoleDeleteUsersRequest.class.getName(), Constants.OPERATION_DELETE_ROLE_USER)
// for generic model audit log
- .put(org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TCreateSentryRoleRequest.class.getName(),
Constants.OPERATION_CREATE_ROLE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TDropSentryRoleRequest.class.getName(),
Constants.OPERATION_DROP_ROLE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
Constants.OPERATION_GRANT_PRIVILEGE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
Constants.OPERATION_REVOKE_PRIVILEGE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleAddGroupsRequest.class.getName(),
Constants.OPERATION_ADD_ROLE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleDeleteGroupsRequest.class.getName(),
Constants.OPERATION_DELETE_ROLE)
.build();
@@ -95,17 +95,17 @@ public final class Constants {
.put(TAlterSentryRoleRevokePrivilegeRequest.class.getName(), Constants.OBJECT_TYPE_PRINCIPAL)
// for generic model audit log
- .put(org.apache.sentry.provider.db.generic.service.thrift.TCreateSentryRoleRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TCreateSentryRoleRequest.class.getName(),
Constants.OBJECT_TYPE_ROLE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TDropSentryRoleRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TDropSentryRoleRequest.class.getName(),
Constants.OBJECT_TYPE_ROLE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleAddGroupsRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleAddGroupsRequest.class.getName(),
Constants.OBJECT_TYPE_ROLE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleDeleteGroupsRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleDeleteGroupsRequest.class.getName(),
Constants.OBJECT_TYPE_ROLE)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleGrantPrivilegeRequest.class.getName(),
Constants.OBJECT_TYPE_PRINCIPAL)
- .put(org.apache.sentry.provider.db.generic.service.thrift.TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
+ .put(org.apache.sentry.api.generic.thrift.TAlterSentryRoleRevokePrivilegeRequest.class.getName(),
Constants.OBJECT_TYPE_PRINCIPAL)
.build();
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
index 71865ca..2505da9 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HAContext.java
@@ -47,7 +47,7 @@ import java.util.concurrent.ThreadFactory;
import static com.google.common.base.Preconditions.checkArgument;
import static com.google.common.base.Preconditions.checkNotNull;
-import static org.apache.sentry.service.thrift.ServiceConstants.ServerConfig.*;
+import static org.apache.sentry.service.common.ServiceConstants.ServerConfig.*;
/**
* HAContext stores the global ZooKeeper related context.
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HMSFollower.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HMSFollower.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HMSFollower.java
index 929e6be..42770df 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HMSFollower.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/HMSFollower.java
@@ -36,7 +36,7 @@ import org.apache.thrift.TException;
import org.apache.sentry.service.thrift.SentryHMSClient;
import org.apache.sentry.service.thrift.HiveConnectionFactory;
import org.apache.sentry.service.thrift.HiveNotificationFetcher;
-import org.apache.sentry.service.thrift.SentryServiceUtil;
+import org.apache.sentry.api.common.SentryServiceUtil;
import org.apache.sentry.service.thrift.SentryStateBank;
import org.apache.sentry.service.thrift.SentryServiceState;
import org.apache.sentry.service.thrift.HMSFollowerState;
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/LeaderStatusMonitor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/LeaderStatusMonitor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/LeaderStatusMonitor.java
index 0a208d4..c2f1ad0 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/LeaderStatusMonitor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/LeaderStatusMonitor.java
@@ -33,7 +33,7 @@ import java.util.concurrent.locks.ReentrantLock;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import static org.apache.sentry.service.thrift.ServiceConstants.ServerConfig.*;
+import static org.apache.sentry.service.common.ServiceConstants.ServerConfig.*;
/**
* LeaderStatusMonitor participates in the distributed leader election protocol
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/NotificationProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/NotificationProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/NotificationProcessor.java
index 6134778..228d37c 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/NotificationProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/NotificationProcessor.java
@@ -45,11 +45,11 @@ import org.apache.sentry.hdfs.SentryMalformedPathException;
import org.apache.sentry.hdfs.UniquePathsUpdate;
import org.apache.sentry.hdfs.Updateable.Update;
import org.apache.sentry.hdfs.service.thrift.TPrivilegeChanges;
+import org.apache.sentry.api.service.thrift.SentryMetrics;
+import org.apache.sentry.api.service.thrift.TSentryAuthorizable;
+import org.apache.sentry.api.common.SentryServiceUtil;
import org.apache.sentry.hdfs.service.thrift.TPrivilegeEntityType;
-import org.apache.sentry.provider.db.service.thrift.SentryMetrics;
-import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
import org.apache.sentry.hdfs.service.thrift.TPrivilegeEntity;
-import org.apache.sentry.service.thrift.SentryServiceUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 625f0ae..cafe2b5 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -70,18 +70,18 @@ import org.apache.sentry.provider.db.service.model.MSentryVersion;
import org.apache.sentry.provider.db.service.model.MSentryRole;
import org.apache.sentry.provider.db.service.model.MSentryUtil;
import org.apache.sentry.provider.db.service.model.MPath;
-import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor;
-import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
-import org.apache.sentry.provider.db.service.thrift.TSentryAuthorizable;
-import org.apache.sentry.provider.db.service.thrift.TSentryGrantOption;
-import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
-import org.apache.sentry.provider.db.service.thrift.TSentryMappingData;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryPrivilegeMap;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
import org.apache.sentry.hdfs.service.thrift.TPrivilegeEntity;
-import org.apache.sentry.service.thrift.ServiceConstants.PrivilegeScope;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
+import org.apache.sentry.api.common.ApiConstants.PrivilegeScope;
+import org.apache.sentry.api.service.thrift.SentryPolicyStoreProcessor;
+import org.apache.sentry.api.service.thrift.TSentryActiveRoleSet;
+import org.apache.sentry.api.service.thrift.TSentryAuthorizable;
+import org.apache.sentry.api.service.thrift.TSentryGrantOption;
+import org.apache.sentry.api.service.thrift.TSentryGroup;
+import org.apache.sentry.api.service.thrift.TSentryMappingData;
+import org.apache.sentry.api.service.thrift.TSentryPrivilege;
+import org.apache.sentry.api.service.thrift.TSentryPrivilegeMap;
+import org.apache.sentry.api.service.thrift.TSentryRole;
+import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
import org.datanucleus.store.rdbms.exceptions.MissingTableException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/TransactionManager.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/TransactionManager.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/TransactionManager.java
index f4ff962..ba6e845 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/TransactionManager.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/TransactionManager.java
@@ -25,7 +25,7 @@ import com.codahale.metrics.Timer;
import com.codahale.metrics.Timer.Context;
import org.apache.hadoop.conf.Configuration;
import org.apache.sentry.core.common.exception.SentryUserException;
-import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
+import org.apache.sentry.service.common.ServiceConstants.ServerConfig;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -33,7 +33,7 @@ import javax.jdo.PersistenceManager;
import javax.jdo.PersistenceManagerFactory;
import javax.jdo.Transaction;
-import org.apache.sentry.provider.db.service.thrift.SentryMetrics;
+import org.apache.sentry.api.service.thrift.SentryMetrics;
import java.util.Random;
import java.util.concurrent.Callable;
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java
deleted file mode 100644
index 1233fbc..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/ConfServlet.java
+++ /dev/null
@@ -1,71 +0,0 @@
-package org.apache.sentry.provider.db.service.thrift;
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import java.io.IOException;
-import java.io.Writer;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.hadoop.conf.Configuration;
-
-import static org.apache.commons.lang.StringEscapeUtils.escapeHtml;
-
-/**
- * Servlet to print out all sentry configuration.
- */
-public class ConfServlet extends HttpServlet {
- public static final String CONF_CONTEXT_ATTRIBUTE = "sentry.conf";
- public static final String FORMAT_JSON = "json";
- public static final String FORMAT_XML = "xml";
- public static final String FORMAT_PARAM = "format";
- private static final long serialVersionUID = 1L;
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String format = request.getParameter(FORMAT_PARAM);
- if (format == null) {
- format = FORMAT_XML;
- }
-
- if (FORMAT_XML.equals(format)) {
- response.setContentType("text/xml; charset=utf-8");
- } else if (FORMAT_JSON.equals(format)) {
- response.setContentType("application/json; charset=utf-8");
- }
-
- Configuration conf = (Configuration)getServletContext().getAttribute(
- CONF_CONTEXT_ATTRIBUTE);
- assert conf != null;
-
- Writer out = response.getWriter();
- if (FORMAT_JSON.equals(format)) {
- Configuration.dumpConfiguration(conf, out);
- } else if (FORMAT_XML.equals(format)) {
- conf.writeXml(out);
- } else {
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Bad format: " + escapeHtml(format));
- }
- out.close();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/LogLevelServlet.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/LogLevelServlet.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/LogLevelServlet.java
deleted file mode 100644
index 68d6d90..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/LogLevelServlet.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.log4j.Level;
-import org.apache.log4j.LogManager;
-import org.apache.log4j.Logger;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import static org.apache.commons.lang.StringEscapeUtils.escapeHtml;
-
-public class LogLevelServlet extends HttpServlet {
- private static final String LF = "\n";
- private static final String BR = "<br />";
- private static final String B_BR = "<b>%s</b><br />";
- private static final String FORMS_HEAD =
- "<h1>" + "Log Level" + "</h1>"
- + LF + BR + "<hr /><h3>Results</h3>"
- + LF + " Submitted Log Name: " + B_BR;
- private static final String FORMS_CONTENT_GET =
- LF + " Effective level: " + B_BR;
- private static final String FORMS_CONTENT_SET =
- LF + " Submitted Level: " + B_BR
- + LF + " Setting Level to %s" + BR
- + LF + " Effective level: " + B_BR;
- private static final String FORMS_END =
- LF + BR + "<hr /><h3>Get / Set</h3>"
- + LF + "<form>Log: <input type='text' size='50' name='log' /> "
- + "<input type='submit' value='Get Log Level' />" + "</form>"
- + LF + "<form>Log: <input type='text' size='50' name='log' /> "
- + "Level: <input type='text' name='level' /> "
- + "<input type='submit' value='Set Log Level' />" + "</form>";
- private static final String FORMS_GET = FORMS_HEAD + FORMS_CONTENT_GET;
- private static final String FORMS_SET = FORMS_HEAD + FORMS_CONTENT_SET;
-
- /**
- * Return parameter on servlet request for the given name
- *
- * @param request: Servlet request
- * @param name: Name of parameter in servlet request
- * @return Parameter in servlet request for the given name, return null if can't find parameter.
- */
- private String getParameter(ServletRequest request, String name) {
- String s = request.getParameter(name);
- if (s == null) {
- return null;
- }
- s = s.trim();
- return s.length() == 0 ? null : s;
- }
-
- /**
- * Check the validity of the log level.
- * @param level: The log level to be checked
- * @return
- * true: The log level is valid
- * false: The log level is invalid
- */
- private boolean isLogLevelValid(String level) {
- return level.equals(Level.toLevel(level).toString());
- }
-
- /**
- * Parse the class name and log level in the http servlet request.
- * If the request contains only class name, return the log level in the response message.
- * If the request contains both class name and level, set the log level to the requested level
- * and return the setting result in the response message.
- */
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String logName = getParameter(request, "log");
- String level = getParameter(request, "level");
- response.setContentType("text/html;charset=utf-8");
- response.setStatus(HttpServletResponse.SC_OK);
- PrintWriter out = response.getWriter();
-
- if (logName != null) {
- Logger logInstance = LogManager.getLogger(logName);
- if (level == null) {
- out.write(String.format(FORMS_GET,
- escapeHtml(logName),
- logInstance.getEffectiveLevel().toString()));
- } else if (isLogLevelValid(level)) {
- logInstance.setLevel(Level.toLevel(level));
- out.write(String.format(FORMS_SET,
- escapeHtml(logName),
- escapeHtml(level),
- escapeHtml(level),
- logInstance.getEffectiveLevel().toString()));
- } else {
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Invalid log level: " + escapeHtml(level));
- return;
- }
- }
- out.write(FORMS_END);
- out.close();
- response.flushBuffer();
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java
deleted file mode 100644
index e853394..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandler.java
+++ /dev/null
@@ -1,73 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.hadoop.conf.Configuration;
-
-/**
- * Users wishing to be notified when a metadata changing event occurs
- * should extend this abstract class. All methods which modify the underlying
- * metadata in SentryPolicyStoreProcessor will have a corresponding method
- * on this class. Each method will contain a copy of the request and response
- * object. Therefore any change to the request or response object will be ignored.
- *
- * Sub-classes should be thread-safe.
- */
-public abstract class NotificationHandler {
-
- private final Configuration config;
-
- public NotificationHandler(Configuration config) throws Exception {
- this.config = config;
- }
-
- protected Configuration getConf() {
- return config;
- }
-
- public void create_sentry_role(TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) {
- }
-
- public void drop_sentry_role(TDropSentryRoleRequest request, TDropSentryRoleResponse response) {
- }
-
- public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response) {
- }
-
- public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response) {
- }
-
- public void alter_sentry_role_add_groups(TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response) {
- }
-
- public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response) {
- }
-
- public void alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request,
- TAlterSentryRoleAddUsersResponse response) {
- }
-
- public void alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request,
- TAlterSentryRoleDeleteUsersResponse response) {
- }
-}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java
deleted file mode 100644
index 75b4260..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/NotificationHandlerInvoker.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.db.service.thrift;
-
-import java.util.List;
-
-import org.apache.hadoop.conf.Configuration;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.collect.ImmutableList;
-
-/**
- * Invokes configured instances of NotificationHandler. Importantly
- * NotificationHandler's each receive a copy of the request and
- * response thrift objects from each successful request.
- */
-public class NotificationHandlerInvoker extends NotificationHandler {
- private static final Logger LOGGER = LoggerFactory.getLogger(NotificationHandlerInvoker.class);
-
- private final ImmutableList<NotificationHandler> handlers;
-
- public NotificationHandlerInvoker(Configuration conf, List<NotificationHandler> handlers)
- throws Exception {
- super(conf);
- this.handlers = ImmutableList.copyOf(handlers);
- }
-
- @Override
- public void create_sentry_role(TCreateSentryRoleRequest request, TCreateSentryRoleResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.create_sentry_role(new TCreateSentryRoleRequest(request),
- new TCreateSentryRoleResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void drop_sentry_role(TDropSentryRoleRequest request,
- TDropSentryRoleResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.drop_sentry_role(new TDropSentryRoleRequest(request),
- new TDropSentryRoleResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_grant_privilege(TAlterSentryRoleGrantPrivilegeRequest request,
- TAlterSentryRoleGrantPrivilegeResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_grant_privilege(new TAlterSentryRoleGrantPrivilegeRequest(request),
- new TAlterSentryRoleGrantPrivilegeResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_revoke_privilege(TAlterSentryRoleRevokePrivilegeRequest request,
- TAlterSentryRoleRevokePrivilegeResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_revoke_privilege(new TAlterSentryRoleRevokePrivilegeRequest(request),
- new TAlterSentryRoleRevokePrivilegeResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_add_groups(
- TAlterSentryRoleAddGroupsRequest request,
- TAlterSentryRoleAddGroupsResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_add_groups(new TAlterSentryRoleAddGroupsRequest(request),
- new TAlterSentryRoleAddGroupsResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_delete_groups(TAlterSentryRoleDeleteGroupsRequest request,
- TAlterSentryRoleDeleteGroupsResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_delete_groups(new TAlterSentryRoleDeleteGroupsRequest(request),
- new TAlterSentryRoleDeleteGroupsResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: "
- + request + ", Response: " + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_add_users(TAlterSentryRoleAddUsersRequest request,
- TAlterSentryRoleAddUsersResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_add_users(new TAlterSentryRoleAddUsersRequest(request),
- new TAlterSentryRoleAddUsersResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: "
- + response, ex);
- }
- }
- }
-
- @Override
- public void alter_sentry_role_delete_users(TAlterSentryRoleDeleteUsersRequest request,
- TAlterSentryRoleDeleteUsersResponse response) {
- for (NotificationHandler handler : handlers) {
- try {
- LOGGER.debug("Calling " + handler);
- handler.alter_sentry_role_delete_users(new TAlterSentryRoleDeleteUsersRequest(
- request), new TAlterSentryRoleDeleteUsersResponse(response));
- } catch (Exception ex) {
- LOGGER.error("Unexpected error in " + handler + ". Request: " + request + ", Response: "
- + response, ex);
- }
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/sentry/blob/48422f4c/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PubSubServlet.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PubSubServlet.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PubSubServlet.java
deleted file mode 100644
index 6756d91..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PubSubServlet.java
+++ /dev/null
@@ -1,128 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- * <p>
- * http://www.apache.org/licenses/LICENSE-2.0
- * <p>
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.thrift;
-
-import org.apache.sentry.core.common.utils.PubSub;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
-
-import static org.apache.commons.lang.StringEscapeUtils.escapeHtml;
-
-/**
- * This servlet facilitates sending {topic, message } tuples to Servlet components
- * subscribed to specific topics.
- * <p>
- * It uses publish-subscribe mechanism implemented by PubSub class.
- * The form generated by this servlet consists of the following elements:
- * <p>
- * a) Topic: pull-down menu of existing topics, i.e. the topics registered with
- * PubSub by calling PubSub.subscribe() API. This prevents entering invalid topic.
- * <p>
- * b) Message: text field for entering a message
- * <p>
- * c) Submit: button to submit (topic, message) tuple
- * <p>
- * d) Status: text area printing status of the request or help information.
- */
-public class PubSubServlet extends HttpServlet {
-
- private static final Logger LOGGER = LoggerFactory.getLogger(PubSubServlet.class);
-
- private static final String FORM_GET =
- "<!DOCTYPE html>" +
- "<html>" +
- "<body>" +
- "<form>" +
- "<br><br><b>Topic:</b><br><br>" +
- "<select name='topic'/>%s</select>" +
- "<br><br><b>Message:</b><br><br>" +
- "<input type='text' size='50' name='message'/>" +
- "<br><br>" +
- "<input type='submit' value='Submit'/>" +
- "</form>" +
- "<br><br><b>Status:</b><br><br>" +
- "<textarea rows='4' cols='50'>%s</textarea>" +
- "</body>" +
- "</html>";
-
- /**
- * Return parameter on servlet request for the given name
- *
- * @param request: Servlet request
- * @param name: Name of parameter in servlet request
- * @return Parameter in servlet request for the given name, return null if can't find parameter.
- */
- private static String getParameter(ServletRequest request, String name) {
- String s = request.getParameter(name);
- if (s == null) {
- return null;
- }
- s = s.trim();
- return s.isEmpty() ? null : s;
- }
-
- /**
- * Parse the topic and message values and submit them via PubSub.submit() API.
- * Reject request for unknown topic, i.e. topic no one is subscribed to.
- */
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String topic = getParameter(request, "topic");
- String message = getParameter(request, "message");
- response.setContentType("text/html;charset=utf-8");
- response.setStatus(HttpServletResponse.SC_OK);
- PrintWriter out = response.getWriter();
-
- String msg = "Topic is required, Message is optional.\nValid topics: " + PubSub.getInstance().getTopics();
- if (topic != null) {
- LOGGER.info("Submitting topic " + topic + ", message " + message);
- try {
- PubSub.getInstance().publish(PubSub.Topic.fromString(topic), message);
- msg = "Submitted topic " + topic + ", message " + message;
- } catch (Exception e) {
- msg = "Failed to submit topic " + topic + ", message " + message + " - " + e.getMessage();
- LOGGER.error(msg);
- response.sendError(HttpServletResponse.SC_BAD_REQUEST, msg);
- return;
- }
- }
-
- StringBuilder topics = new StringBuilder();
- for (PubSub.Topic t : PubSub.getInstance().getTopics()) {
- topics.append("<option>").append(t.getName()).append("</option>");
- }
-
- String output = String.format(FORM_GET, topics.toString(), escapeHtml(msg));
- if (LOGGER.isDebugEnabled()) {
- LOGGER.debug("HTML Page: " + output);
- }
- out.write(output);
- out.close();
- response.flushBuffer();
- }
-}