You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@atlas.apache.org by ma...@apache.org on 2018/03/17 18:13:01 UTC
atlas git commit: ATLAS-2503: authorization of create/update/delete
of enumDef and relationshipDef
Repository: atlas
Updated Branches:
refs/heads/master b161859ee -> dee8a2da4
ATLAS-2503: authorization of create/update/delete of enumDef and relationshipDef
Signed-off-by: Madhan Neethiraj <ma...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/atlas/repo
Commit: http://git-wip-us.apache.org/repos/asf/atlas/commit/dee8a2da
Tree: http://git-wip-us.apache.org/repos/asf/atlas/tree/dee8a2da
Diff: http://git-wip-us.apache.org/repos/asf/atlas/diff/dee8a2da
Branch: refs/heads/master
Commit: dee8a2da438963c4ed535cb3c207165277bb1e4e
Parents: b161859
Author: nixonrodrigues <ni...@apache.org>
Authored: Fri Mar 16 15:13:00 2018 +0530
Committer: Madhan Neethiraj <ma...@apache.org>
Committed: Sat Mar 17 11:09:04 2018 -0700
----------------------------------------------------------------------
.../store/graph/v1/AtlasEnumDefStoreV1.java | 22 +++++++++++++++++++-
.../graph/v1/AtlasRelationshipDefStoreV1.java | 22 +++++++++++++++++++-
2 files changed, 42 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/atlas/blob/dee8a2da/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEnumDefStoreV1.java
----------------------------------------------------------------------
diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEnumDefStoreV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEnumDefStoreV1.java
index 5bd9c12..dcb36dd 100644
--- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEnumDefStoreV1.java
+++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasEnumDefStoreV1.java
@@ -29,7 +29,9 @@ import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
+import org.apache.atlas.authorize.AtlasPrivilege;
+import org.apache.atlas.authorize.AtlasTypeAccessRequest;
+import org.apache.atlas.authorize.AtlasAuthorizationUtils;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -75,6 +77,8 @@ class AtlasEnumDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEnumDef> {
LOG.debug("==> AtlasEnumDefStoreV1.create({}, {})", enumDef, preCreateResult);
}
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_CREATE, enumDef), "create enum-def ", enumDef.getName());
+
AtlasVertex vertex = (preCreateResult == null) ? preCreate(enumDef) : preCreateResult;
AtlasEnumDef ret = toEnumDef(vertex);
@@ -174,6 +178,10 @@ class AtlasEnumDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEnumDef> {
LOG.debug("==> AtlasEnumDefStoreV1.updateByName({}, {})", name, enumDef);
}
+ AtlasEnumDef existingDef = typeRegistry.getEnumDefByName(name);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update enum-def ", name);
+
validateType(enumDef);
AtlasVertex vertex = typeDefStore.findTypeVertexByNameAndCategory(name, TypeCategory.ENUM);
@@ -201,6 +209,10 @@ class AtlasEnumDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEnumDef> {
LOG.debug("==> AtlasEnumDefStoreV1.updateByGuid({})", guid);
}
+ AtlasEnumDef existingDef = typeRegistry.getEnumDefByGuid(guid);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update enum-def ", (existingDef != null ? existingDef.getName() : guid));
+
validateType(enumDef);
AtlasVertex vertex = typeDefStore.findTypeVertexByGuidAndCategory(guid, TypeCategory.ENUM);
@@ -230,6 +242,10 @@ class AtlasEnumDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEnumDef> {
throw new AtlasBaseException(AtlasErrorCode.TYPE_NAME_NOT_FOUND, name);
}
+ AtlasEnumDef existingDef = typeRegistry.getEnumDefByName(name);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete enum-def ", (existingDef != null ? existingDef.getName() : name));
+
return vertex;
}
@@ -241,6 +257,10 @@ class AtlasEnumDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasEnumDef> {
throw new AtlasBaseException(AtlasErrorCode.TYPE_GUID_NOT_FOUND, guid);
}
+ AtlasEnumDef existingDef = typeRegistry.getEnumDefByGuid(guid);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete enum-def ", (existingDef != null ? existingDef.getName() : guid));
+
return vertex;
}
http://git-wip-us.apache.org/repos/asf/atlas/blob/dee8a2da/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipDefStoreV1.java
----------------------------------------------------------------------
diff --git a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipDefStoreV1.java b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipDefStoreV1.java
index 7163e42..e287c0d 100644
--- a/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipDefStoreV1.java
+++ b/repository/src/main/java/org/apache/atlas/repository/store/graph/v1/AtlasRelationshipDefStoreV1.java
@@ -36,7 +36,9 @@ import org.apache.atlas.typesystem.types.DataTypes.TypeCategory;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-
+import org.apache.atlas.authorize.AtlasPrivilege;
+import org.apache.atlas.authorize.AtlasTypeAccessRequest;
+import org.apache.atlas.authorize.AtlasAuthorizationUtils;
import javax.inject.Inject;
import java.util.ArrayList;
import java.util.Iterator;
@@ -129,6 +131,8 @@ public class AtlasRelationshipDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasRe
LOG.debug("==> AtlasRelationshipDefStoreV1.create({}, {})", relationshipDef, preCreateResult);
}
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_CREATE, relationshipDef), "create relationship-def ", relationshipDef.getName());
+
AtlasVertex vertex = (preCreateResult == null) ? preCreate(relationshipDef) : preCreateResult;
AtlasRelationshipDef ret = toRelationshipDef(vertex);
@@ -230,6 +234,10 @@ public class AtlasRelationshipDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasRe
LOG.debug("==> AtlasRelationshipDefStoreV1.updateByName({}, {})", name, relationshipDef);
}
+ AtlasRelationshipDef existingDef = typeRegistry.getRelationshipDefByName(name);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update relationship-def ", name);
+
validateType(relationshipDef);
AtlasType type = typeRegistry.getType(relationshipDef.getName());
@@ -262,6 +270,10 @@ public class AtlasRelationshipDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasRe
LOG.debug("==> AtlasRelationshipDefStoreV1.updateByGuid({})", guid);
}
+ AtlasRelationshipDef existingDef = typeRegistry.getRelationshipDefByGuid(guid);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_UPDATE, existingDef), "update relationship-Def ", (existingDef != null ? existingDef.getName() : guid));
+
validateType(relationshipDef);
AtlasType type = typeRegistry.getTypeByGuid(guid);
@@ -294,6 +306,10 @@ public class AtlasRelationshipDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasRe
LOG.debug("==> AtlasRelationshipDefStoreV1.preDeleteByName({})", name);
}
+ AtlasRelationshipDef existingDef = typeRegistry.getRelationshipDefByName(name);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete relationship-def ", name);
+
AtlasVertex ret = typeDefStore.findTypeVertexByNameAndCategory(name, TypeCategory.RELATIONSHIP);
if (ret == null) {
@@ -319,6 +335,10 @@ public class AtlasRelationshipDefStoreV1 extends AtlasAbstractDefStoreV1<AtlasRe
LOG.debug("==> AtlasRelationshipDefStoreV1.preDeleteByGuid({})", guid);
}
+ AtlasRelationshipDef existingDef = typeRegistry.getRelationshipDefByGuid(guid);
+
+ AtlasAuthorizationUtils.verifyAccess(new AtlasTypeAccessRequest(AtlasPrivilege.TYPE_DELETE, existingDef), "delete relationship-def ", (existingDef != null ? existingDef.getName() : guid));
+
AtlasVertex ret = typeDefStore.findTypeVertexByGuidAndCategory(guid, TypeCategory.RELATIONSHIP);
if (ret == null) {