You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sentry.apache.org by sh...@apache.org on 2014/03/14 20:08:51 UTC
[1/6] SENTRY-142: Create database backed ProviderBackend (Brock
Noland via Shreepadma Venugopalan)
Repository: incubator-sentry
Updated Branches:
refs/heads/master 644e8be34 -> 90cdbefd5
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
index be3d078..f500c2d 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStore.java
@@ -23,17 +23,22 @@ import static junit.framework.Assert.fail;
import java.io.File;
import java.util.Collections;
+import java.util.HashSet;
import java.util.Set;
import org.apache.commons.io.FileUtils;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.provider.db.SentryAlreadyExistsException;
+import org.apache.sentry.provider.db.SentryNoSuchObjectException;
import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryRole;
import org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessor;
+import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
-import org.apache.sentry.provider.db.service.thrift.TSentryRole;
-import org.junit.AfterClass;
-import org.junit.BeforeClass;
+import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
+import org.junit.After;
+import org.junit.Before;
import org.junit.Test;
import com.google.common.collect.Iterables;
@@ -42,17 +47,20 @@ import com.google.common.io.Files;
public class TestSentryStore {
- private static File dataDir;
- private static SentryStore sentryStore;
+ private File dataDir;
+ private SentryStore sentryStore;
- @BeforeClass
- public static void setup() throws Exception {
- dataDir = new File(Files.createTempDir(), SentryStore.DEFAULT_DATA_DIR);
- sentryStore = new SentryStore(dataDir.getPath());
+ @Before
+ public void setup() throws Exception {
+ dataDir = new File(Files.createTempDir(), "sentry_policy_db");
+ Configuration conf = new Configuration(false);
+ conf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
+ "jdbc:derby:;databaseName=" + dataDir.getPath() + ";create=true");
+ sentryStore = new SentryStore(conf);
}
- @AfterClass
- public static void teardown() {
+ @After
+ public void teardown() {
if (sentryStore != null) {
sentryStore.stop();
}
@@ -61,21 +69,13 @@ public class TestSentryStore {
}
}
- private static CommitContext createRole(String r, String g) throws Exception {
- TSentryRole role = new TSentryRole();
- role.setGrantorPrincipal(g);
- role.setRoleName(r);
- return sentryStore.createSentryRole(role);
- }
-
-
@Test
public void testCreateDuplicateRole() throws Exception {
String roleName = "test-dup-role";
String grantor = "g1";
- createRole(roleName, grantor);
+ sentryStore.createSentryRole(roleName, grantor);
try {
- createRole(roleName, grantor);
+ sentryStore.createSentryRole(roleName, grantor);
fail("Expected SentryAlreadyExistsException");
} catch(SentryAlreadyExistsException e) {
// expected
@@ -86,7 +86,7 @@ public class TestSentryStore {
public void testCreateDropRole() throws Exception {
String roleName = "test-drop-role";
String grantor = "g1";
- long seqId = createRole(roleName, grantor).getSequenceId();
+ long seqId = sentryStore.createSentryRole(roleName, grantor).getSequenceId();
assertEquals(seqId + 1, sentryStore.dropSentryRole(roleName).getSequenceId());
}
@@ -103,7 +103,7 @@ public class TestSentryStore {
public void testAddDeleteGroups() throws Exception {
String roleName = "test-groups";
String grantor = "g1";
- long seqId = createRole(roleName, grantor).getSequenceId();
+ long seqId = sentryStore.createSentryRole(roleName, grantor).getSequenceId();
Set<TSentryGroup> groups = Sets.newHashSet();
TSentryGroup group = new TSentryGroup();
group.setGroupName("test-groups-g1");
@@ -123,7 +123,7 @@ public class TestSentryStore {
public void testGrantRevokePrivilege() throws Exception {
String roleName = "test-privilege";
String grantor = "g1";
- long seqId = createRole(roleName, grantor).getSequenceId();
+ long seqId = sentryStore.createSentryRole(roleName, grantor).getSequenceId();
TSentryPrivilege privilege = new TSentryPrivilege();
privilege.setPrivilegeScope("TABLE");
privilege.setServerName("server1");
@@ -142,4 +142,110 @@ public class TestSentryStore {
assertEquals(seqId + 2, sentryStore.alterSentryRoleRevokePrivilege(roleName, privilege.getPrivilegeName())
.getSequenceId());
}
+
+ @Test
+ public void testListSentryPrivilegesForProvider() throws Exception {
+ String roleName1 = "list-privs-r1", roleName2 = "list-privs-r2";
+ String groupName1 = "list-privs-g1", groupName2 = "list-privs-g2";
+ String grantor = "g1";
+ long seqId = sentryStore.createSentryRole(roleName1, grantor).getSequenceId();
+ assertEquals(seqId + 1, sentryStore.createSentryRole(roleName2, grantor).getSequenceId());
+ TSentryPrivilege privilege1 = new TSentryPrivilege();
+ privilege1.setPrivilegeScope("TABLE");
+ privilege1.setServerName("server1");
+ privilege1.setDbName("db1");
+ privilege1.setTableName("tbl1");
+ privilege1.setAction("SELECT");
+ privilege1.setGrantorPrincipal(grantor);
+ privilege1.setCreateTime(System.currentTimeMillis());
+ privilege1.setPrivilegeName(SentryPolicyStoreProcessor.constructPrivilegeName(privilege1));
+ assertEquals(seqId + 2, sentryStore.alterSentryRoleGrantPrivilege(roleName1, privilege1)
+ .getSequenceId());
+ assertEquals(seqId + 3, sentryStore.alterSentryRoleGrantPrivilege(roleName2, privilege1)
+ .getSequenceId());
+ TSentryPrivilege privilege2 = new TSentryPrivilege();
+ privilege2.setPrivilegeScope("SERVER");
+ privilege2.setServerName("server1");
+ privilege2.setGrantorPrincipal(grantor);
+ privilege2.setCreateTime(System.currentTimeMillis());
+ privilege2.setPrivilegeName(SentryPolicyStoreProcessor.constructPrivilegeName(privilege2));
+ assertEquals(seqId + 4, sentryStore.alterSentryRoleGrantPrivilege(roleName2, privilege2)
+ .getSequenceId());
+ Set<TSentryGroup> groups = Sets.newHashSet();
+ TSentryGroup group = new TSentryGroup();
+ group.setGroupName(groupName1);
+ groups.add(group);
+ assertEquals(seqId + 5, sentryStore.alterSentryRoleAddGroups(grantor,
+ roleName1, groups).getSequenceId());
+ groups.clear();
+ group = new TSentryGroup();
+ group.setGroupName(groupName2);
+ groups.add(group);
+ // group 2 has both roles 1 and 2
+ assertEquals(seqId + 6, sentryStore.alterSentryRoleAddGroups(grantor,
+ roleName1, groups).getSequenceId());
+ assertEquals(seqId + 7, sentryStore.alterSentryRoleAddGroups(grantor,
+ roleName2, groups).getSequenceId());
+ // group1 all roles
+ assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName1),
+ new TSentryActiveRoleSet(true, new HashSet<String>()))));
+ // one active role
+ assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName1),
+ new TSentryActiveRoleSet(false, Sets.newHashSet(roleName1)))));
+ // unknown active role
+ assertEquals(Sets.newHashSet(),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName1),
+ new TSentryActiveRoleSet(false, Sets.newHashSet("not a role")))));
+ // no active roles
+ assertEquals(Sets.newHashSet(),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName1),
+ new TSentryActiveRoleSet(false, new HashSet<String>()))));
+
+ // group2 all roles
+ assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select", "server=server1"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName2),
+ new TSentryActiveRoleSet(true, new HashSet<String>()))));
+ // one active role
+ assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName2),
+ new TSentryActiveRoleSet(false, Sets.newHashSet(roleName1)))));
+ assertEquals(Sets.newHashSet("server=server1"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName2),
+ new TSentryActiveRoleSet(false, Sets.newHashSet(roleName2)))));
+ // unknown active role
+ assertEquals(Sets.newHashSet(),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName2),
+ new TSentryActiveRoleSet(false, Sets.newHashSet("not a role")))));
+ // no active roles
+ assertEquals(Sets.newHashSet(),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.newHashSet(groupName2),
+ new TSentryActiveRoleSet(false, new HashSet<String>()))));
+
+ // both groups, all active roles
+ assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select", "server=server1"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.
+ newHashSet(groupName1, groupName2),
+ new TSentryActiveRoleSet(true, new HashSet<String>()))));
+ // one active role
+ assertEquals(Sets.newHashSet("server=server1->db=db1->table=tbl1->action=select"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.
+ newHashSet(groupName1, groupName2),
+ new TSentryActiveRoleSet(false, Sets.newHashSet(roleName1)))));
+ assertEquals(Sets.newHashSet("server=server1"),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.
+ newHashSet(groupName1, groupName2),
+ new TSentryActiveRoleSet(false, Sets.newHashSet(roleName2)))));
+ // unknown active role
+ assertEquals(Sets.newHashSet(),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.
+ newHashSet(groupName1, groupName2),
+ new TSentryActiveRoleSet(false, Sets.newHashSet("not a role")))));
+ // no active roles
+ assertEquals(Sets.newHashSet(),
+ SentryStore.toTrimedLower(sentryStore.listSentryPrivilegesForProvider(Sets.
+ newHashSet(groupName1, groupName2),
+ new TSentryActiveRoleSet(false, new HashSet<String>()))));
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
new file mode 100644
index 0000000..9c851eb
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/persistent/TestSentryStoreToAuthorizable.java
@@ -0,0 +1,86 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.provider.db.service.persistent;
+
+import static junit.framework.Assert.assertEquals;
+
+import org.apache.sentry.core.model.db.AccessConstants;
+import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
+import org.junit.Test;
+
+public class TestSentryStoreToAuthorizable {
+
+ private MSentryPrivilege privilege;
+
+ @Test
+ public void testServer() {
+ privilege = new MSentryPrivilege(null, null, "server1", null, null, null, null);
+ assertEquals("server=server1",
+ SentryStore.toAuthorizable(privilege));
+ privilege = new MSentryPrivilege(null, null, "server1", null, null, null,
+ AccessConstants.ALL);
+ assertEquals("server=server1->action=*",
+ SentryStore.toAuthorizable(privilege));
+ }
+
+ @Test
+ public void testTable() {
+ privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null, null);
+ assertEquals("server=server1->db=db1->table=tbl1",
+ SentryStore.toAuthorizable(privilege));
+ privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null,
+ AccessConstants.INSERT);
+ assertEquals("server=server1->db=db1->table=tbl1->action=insert",
+ SentryStore.toAuthorizable(privilege));
+ privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null,
+ AccessConstants.SELECT);
+ assertEquals("server=server1->db=db1->table=tbl1->action=select",
+ SentryStore.toAuthorizable(privilege));
+ privilege = new MSentryPrivilege(null, null, "server1", "db1", "tbl1", null,
+ AccessConstants.ALL);
+ assertEquals("server=server1->db=db1->table=tbl1->action=*",
+ SentryStore.toAuthorizable(privilege));
+ }
+
+ @Test
+ public void testDb() {
+ privilege = new MSentryPrivilege(null, null, "server1", "db1", null, null, null);
+ assertEquals("server=server1->db=db1",
+ SentryStore.toAuthorizable(privilege));
+ privilege = new MSentryPrivilege(null, null, "server1", "db1", null, null,
+ AccessConstants.ALL);
+ assertEquals("server=server1->db=db1->action=*",
+ SentryStore.toAuthorizable(privilege));
+ }
+
+ @Test
+ public void testUri() {
+ privilege = new MSentryPrivilege(null, null, "server1", null, null, "file:///", null);
+ assertEquals("server=server1->uri=file:///",
+ SentryStore.toAuthorizable(privilege));
+ privilege = new MSentryPrivilege(null, null, "server1", null, null, "file:///",
+ AccessConstants.SELECT);
+ assertEquals("server=server1->uri=file:///->action=select",
+ SentryStore.toAuthorizable(privilege));
+ privilege = new MSentryPrivilege(null, null, "server1", null, null, "file:///",
+ AccessConstants.ALL);
+ assertEquals("server=server1->uri=file:///->action=*",
+ SentryStore.toAuthorizable(privilege));
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
index d073d8b..aa1e860 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceIntegration.java
@@ -17,154 +17,83 @@
*/
package org.apache.sentry.provider.db.service.thrift;
+import static junit.framework.Assert.assertEquals;
+
import java.util.HashSet;
import java.util.Set;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.provider.common.ProviderBackendContext;
+import org.apache.sentry.provider.db.SimpleDBProviderBackend;
import org.apache.sentry.service.thrift.SentryServiceIntegrationBase;
import org.apache.sentry.service.thrift.ServiceConstants.ThriftConstants;
-import org.apache.sentry.service.thrift.Status;
import org.junit.Test;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import com.google.common.base.Preconditions;
+import com.google.common.collect.Sets;
+
public class TestSentryServiceIntegration extends SentryServiceIntegrationBase {
- private static final Logger LOGGER = LoggerFactory.getLogger(TestSentryServiceIntegration.class);
@Test
public void testCreateRole() throws Exception {
- Set<String> groupSet = new HashSet<String>();
- TDropSentryRoleRequest dropReq = new TDropSentryRoleRequest();
- dropReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- dropReq.setRoleName("admin_r");
- dropReq.setRequestorUserName("user_1");
- groupSet.add("admin");
- dropReq.setRequestorGroupName(groupSet);
- TDropSentryRoleResponse dropResp = client.dropRole(dropReq);
- assertStatus(Status.NO_SUCH_OBJECT, dropResp.getStatus());
- LOGGER.info("Successfully dropped role: admin_r");
- groupSet.clear();
-
- TCreateSentryRoleRequest createReq = new TCreateSentryRoleRequest();
- createReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- createReq.setRequestorUserName("user_1");
- groupSet.add("admin");
- createReq.setRequestorGroupName(groupSet);
- TSentryRole role = new TSentryRole();
- role.setRoleName("admin_r");
- role.setCreateTime(System.currentTimeMillis());
- role.setGrantorPrincipal("test");
- role.setPrivileges(new HashSet<TSentryPrivilege>());
- createReq.setRole(role);
- TCreateSentryRoleResponse createResp = client.createRole(createReq);
- assertOK(createResp.getStatus());
- LOGGER.info("Successfully create role: admin_r");
- groupSet.clear();
+ String requestorUserName = "user_1";
+ Set<String> requestorUserGroupNames = new HashSet<String>();
+ String roleName = "admin_r";
+
+ client.dropRoleIfExists(requestorUserName, requestorUserGroupNames, roleName);
+
+ client.createRole(requestorUserName, requestorUserGroupNames, roleName);
TListSentryRolesRequest listReq = new TListSentryRolesRequest();
listReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- listReq.setRoleName("admin_r");
- listReq.setRequestorUserName("user_1");
- groupSet.add("admin");
- listReq.setRequestorGroupName(groupSet);
+ listReq.setRoleName(roleName);
+ listReq.setRequestorUserName(requestorUserName);
TListSentryRolesResponse listResp = client.listRoleByName(listReq);
Set<TSentryRole> roles = listResp.getRoles();
- Preconditions.checkArgument(roles.size() == 1, "Incorrect number of roles");
- groupSet.clear();
-
- dropReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- dropReq.setRoleName("admin_r");
- dropReq.setRequestorUserName("user_1");
- groupSet.add("admin");
- dropReq.setRequestorGroupName(groupSet);
- dropResp = client.dropRole(dropReq);
- assertOK(dropResp.getStatus());
- LOGGER.info("Successfully dropped role: admin_r");
- groupSet.clear();
+ assertEquals("Incorrect number of roles:" + roles, 1, roles.size());
+
+ client.dropRole(requestorUserName, requestorUserGroupNames, roleName);
}
@Test
public void testGrantRevokePrivilege() throws Exception {
- Set<String> groupSet = new HashSet<String>();
- TDropSentryRoleRequest dropReq = new TDropSentryRoleRequest();
- dropReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- dropReq.setRoleName("admin_testdb");
- dropReq.setRequestorUserName("server_admin");
- groupSet.add("admin");
- dropReq.setRequestorGroupName(groupSet);
- TDropSentryRoleResponse dropResp = client.dropRole(dropReq);
- assertStatus(Status.NO_SUCH_OBJECT, dropResp.getStatus());
- LOGGER.info("Successfully dropped role: admin_testdb");
- groupSet.clear();
-
- TCreateSentryRoleRequest createReq = new TCreateSentryRoleRequest();
- createReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- createReq.setRequestorUserName("server_admin");
- groupSet.add("admin");
- createReq.setRequestorGroupName(groupSet);
- TSentryRole role = new TSentryRole();
- role.setRoleName("admin_testdb");
- role.setCreateTime(System.currentTimeMillis());
- role.setGrantorPrincipal("server_admin");
- role.setPrivileges(new HashSet<TSentryPrivilege>());
- createReq.setRole(role);
- TCreateSentryRoleResponse createResp = client.createRole(createReq);
- assertOK(createResp.getStatus());
- LOGGER.info("Successfully create role: admin_testdb");
- groupSet.clear();
+ String server = "server1";
+ String requestorUserName = "server_admin";
+ Set<String> requestorUserGroupNames = new HashSet<String>();
+ String roleName = "admin_testdb";
+ String db = "testDB";
+ String group = "group1";
+
+ client.dropRoleIfExists(requestorUserName, requestorUserGroupNames, roleName);
+ client.createRole(requestorUserName, requestorUserGroupNames, roleName);
TListSentryRolesRequest listReq = new TListSentryRolesRequest();
listReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
listReq.setRoleName("admin_testdb");
- listReq.setRequestorUserName("server_admin");
- groupSet.add("admin");
- listReq.setRequestorGroupName(groupSet);
+ listReq.setRequestorUserName(requestorUserName);
TListSentryRolesResponse listResp = client.listRoleByName(listReq);
Set<TSentryRole> roles = listResp.getRoles();
- Preconditions.checkArgument(roles.size() == 1, "Incorrect number of roles");
- groupSet.clear();
-
- TAlterSentryRoleGrantPrivilegeRequest grantReq = new TAlterSentryRoleGrantPrivilegeRequest();
- grantReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- grantReq.setRoleName("admin_testdb");
- grantReq.setRequestorUserName("server_admin");
- groupSet.add("admin");
- grantReq.setRequestorGroupName(groupSet);
- TSentryPrivilege privilege = new TSentryPrivilege();
- privilege.setPrivilegeScope("DB");
- privilege.setServerName("server1");
- privilege.setDbName("testDB");
- privilege.setAction("ALL");
- privilege.setGrantorPrincipal("server_admin");
- privilege.setCreateTime(System.currentTimeMillis());
- grantReq.setPrivilege(privilege);
- TAlterSentryRoleGrantPrivilegeResponse grantResp = client.grantPrivilege(grantReq);
- assertOK(grantResp.getStatus());
- LOGGER.info("Successfully granted privilege: " + privilege.toString());
- groupSet.clear();
-
- TAlterSentryRoleRevokePrivilegeRequest revokeReq = new TAlterSentryRoleRevokePrivilegeRequest();
- revokeReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- revokeReq.setRoleName("admin_testdb");
- revokeReq.setRequestorUserName("server_admin");
- groupSet.add("admin");
- revokeReq.setRequestorGroupName(groupSet);
- revokeReq.setPrivilege(privilege);
- TAlterSentryRoleRevokePrivilegeResponse revokeResp = client.revokePrivilege(revokeReq);
- assertOK(revokeResp.getStatus());
- LOGGER.info("Successfully revoked privilege: " + privilege.toString());
- groupSet.clear();
-
- dropReq.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
- dropReq.setRoleName("admin_testdb");
- dropReq.setRequestorUserName("server_admin");
- groupSet.add("admin");
- dropReq.setRequestorGroupName(groupSet);
- dropResp = client.dropRole(dropReq);
- assertOK(dropResp.getStatus());
- LOGGER.info("Successfully dropped role: admin_testdb");
- groupSet.clear();
+ assertEquals("Incorrect number of roles:" + roles, 1, roles.size());
+
+ client.grantDatabasePrivilege(requestorUserName, requestorUserGroupNames, roleName, server, db);
+
+ // verify we can get the privileges from the backend
+ SimpleDBProviderBackend dbBackend = new SimpleDBProviderBackend(client);
+ dbBackend.initialize(new ProviderBackendContext());
+ assertEquals(Sets.newHashSet(), dbBackend.getPrivileges(Sets.newHashSet(group),
+ new ActiveRoleSet(true)));
+ client.grantRoleToGroup(requestorUserName, requestorUserGroupNames, group, roleName);
+ assertEquals(Sets.newHashSet(), dbBackend.getPrivileges(Sets.newHashSet(group),
+ new ActiveRoleSet(new HashSet<String>())));
+ assertEquals(Sets.newHashSet("server="+ server + "->db=" + db + "->action=*"),
+ dbBackend.getPrivileges(Sets.newHashSet("group1"),
+ new ActiveRoleSet(true)));
+ assertEquals(Sets.newHashSet("server="+ server + "->db=" + db + "->action=*"),
+ dbBackend.getPrivileges(Sets.newHashSet(group),
+ new ActiveRoleSet(Sets.newHashSet(roleName))));
+
+ client.revokeDatabasePrivilege(requestorUserName, requestorUserGroupNames, roleName, server, db);
+ client.dropRole(requestorUserName, requestorUserGroupNames, roleName);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
index db76aa8..ee5ca69 100644
--- a/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
+++ b/sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/service/thrift/SentryServiceIntegrationBase.java
@@ -26,6 +26,7 @@ import javax.security.auth.Subject;
import javax.security.auth.kerberos.KerberosPrincipal;
import javax.security.auth.login.LoginContext;
+import org.apache.commons.io.FileUtils;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.minikdc.KerberosSecurityTestcase;
import org.apache.hadoop.minikdc.MiniKdc;
@@ -40,6 +41,7 @@ import org.slf4j.LoggerFactory;
import com.google.common.base.Strings;
import com.google.common.collect.Sets;
+import com.google.common.io.Files;
public abstract class SentryServiceIntegrationBase extends KerberosSecurityTestcase {
private static final Logger LOGGER = LoggerFactory.getLogger(SentryServiceIntegrationBase.class);
@@ -61,6 +63,7 @@ public abstract class SentryServiceIntegrationBase extends KerberosSecurityTestc
protected SentryPolicyServiceClient client;
protected MiniKdc kdc;
protected File kdcWorkDir;
+ protected File dbDir;
protected File serverKeytab;
protected File clientKeytab;
protected Subject clientSubject;
@@ -100,6 +103,9 @@ public abstract class SentryServiceIntegrationBase extends KerberosSecurityTestc
conf.set(ServerConfig.RPC_ADDRESS, SERVER_HOST);
conf.set(ServerConfig.RPC_PORT, String.valueOf(0));
conf.set(ServerConfig.ALLOW_CONNECT, CLIENT_KERBEROS_NAME);
+ dbDir = new File(Files.createTempDir(), "sentry_policy_db");
+ conf.set(ServerConfig.SENTRY_STORE_JDBC_URL,
+ "jdbc:derby:;databaseName=" + dbDir.getPath() + ";create=true");
server = new SentryServiceFactory().create(conf);
conf.set(ClientConfig.SERVER_RPC_ADDRESS, server.getAddress().getHostString());
conf.set(ClientConfig.SERVER_RPC_PORT, String.valueOf(server.getAddress().getPort()));
@@ -139,6 +145,9 @@ public abstract class SentryServiceIntegrationBase extends KerberosSecurityTestc
if(server != null) {
server.stop();
}
+ if (dbDir != null) {
+ FileUtils.deleteQuietly(dbDir);
+ }
afterTeardown();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupMappingService.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupMappingService.java
deleted file mode 100644
index f2bb39c..0000000
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupMappingService.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.file;
-
-import java.io.IOException;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.apache.hadoop.security.Groups;
-import org.apache.sentry.provider.common.GroupMappingService;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class HadoopGroupMappingService implements GroupMappingService {
-
- private static final Logger LOGGER = LoggerFactory
- .getLogger(HadoopGroupMappingService.class);
- private final Groups groups;
-
- public HadoopGroupMappingService(Groups groups) {
- this.groups = groups;
- }
-
- @Override
- public Set<String> getGroups(String user) {
- try {
- return new HashSet<String>(groups.getGroups(user));
- } catch (IOException e) {
- LOGGER.warn("Unable to obtain groups for " + user, e);
- }
- return Collections.emptySet();
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
deleted file mode 100644
index b2e4196..0000000
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.sentry.provider.file;
-
-import java.io.IOException;
-
-import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.security.Groups;
-import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.GroupMappingService;
-
-import com.google.common.annotations.VisibleForTesting;
-
-public class HadoopGroupResourceAuthorizationProvider extends
- ResourceAuthorizationProvider {
-
- // resource parameter present so that other AuthorizationProviders (e.g.
- // LocalGroupResourceAuthorizationProvider) has the same constructor params.
- public HadoopGroupResourceAuthorizationProvider(String resource, PolicyEngine policy) throws IOException {
- this(policy, new HadoopGroupMappingService(
- Groups.getUserToGroupsMappingService(new Configuration())));
- }
-
- @VisibleForTesting
- public HadoopGroupResourceAuthorizationProvider(PolicyEngine policy,
- GroupMappingService groupService) {
- super(policy, groupService);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupResourceAuthorizationProvider.java
index e8293f6..e66361b 100644
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupResourceAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/LocalGroupResourceAuthorizationProvider.java
@@ -21,6 +21,7 @@ import java.io.IOException;
import org.apache.hadoop.fs.Path;
import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
public class LocalGroupResourceAuthorizationProvider extends
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFileConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFileConstants.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFileConstants.java
index d28cde2..b2bc531 100644
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFileConstants.java
+++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/PolicyFileConstants.java
@@ -16,28 +16,13 @@
*/
package org.apache.sentry.provider.file;
-import com.google.common.base.Joiner;
-import com.google.common.base.Splitter;
+import org.apache.sentry.provider.common.ProviderConstants;
-public class PolicyFileConstants {
+public class PolicyFileConstants extends ProviderConstants {
public static final String DATABASES = "databases";
public static final String GROUPS = "groups";
public static final String ROLES = "roles";
public static final String USERS = "users";
- public static final String ROLE_SEPARATOR = ",";
- public static final String AUTHORIZABLE_SEPARATOR = "->";
- public static final String KV_SEPARATOR = "=";
-
- public static final Splitter ROLE_SPLITTER = Splitter.on(ROLE_SEPARATOR);
- public static final Splitter AUTHORIZABLE_SPLITTER = Splitter.on(AUTHORIZABLE_SEPARATOR);
- public static final Splitter KV_SPLITTER = Splitter.on(KV_SEPARATOR);
- public static final Joiner ROLE_JOINER = Joiner.on(ROLE_SEPARATOR);
- public static final Joiner AUTHORIZABLE_JOINER = Joiner.on(AUTHORIZABLE_SEPARATOR);
- public static final Joiner KV_JOINER = Joiner.on(KV_SEPARATOR);
-
- // TODO change to privilege
- public static final String PRIVILEGE_NAME = "action";
- public static final String PRIVILEGE_PREFIX = (PRIVILEGE_NAME + KV_SEPARATOR).toLowerCase();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/ResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/ResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/ResourceAuthorizationProvider.java
deleted file mode 100644
index 448d7c1..0000000
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/ResourceAuthorizationProvider.java
+++ /dev/null
@@ -1,179 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.file;
-
-import static org.apache.sentry.provider.file.PolicyFileConstants.AUTHORIZABLE_JOINER;
-import static org.apache.sentry.provider.file.PolicyFileConstants.KV_JOINER;
-import static org.apache.sentry.provider.file.PolicyFileConstants.PRIVILEGE_NAME;
-
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import org.apache.sentry.core.common.Action;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.core.common.Authorizable;
-import org.apache.sentry.core.common.SentryConfigurationException;
-import org.apache.sentry.core.common.Subject;
-import org.apache.sentry.policy.common.Privilege;
-import org.apache.sentry.policy.common.PrivilegeFactory;
-import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.AuthorizationProvider;
-import org.apache.sentry.provider.common.GroupMappingService;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import com.google.common.base.Function;
-import com.google.common.base.Preconditions;
-import com.google.common.collect.Iterables;
-import com.google.common.collect.Sets;
-
-public abstract class ResourceAuthorizationProvider implements AuthorizationProvider {
- private static final Logger LOGGER = LoggerFactory
- .getLogger(ResourceAuthorizationProvider.class);
- private final GroupMappingService groupService;
- private final PolicyEngine policy;
- private final PrivilegeFactory privilegeFactory;
- private final ThreadLocal<List<String>> lastFailedPrivileges;
-
- public ResourceAuthorizationProvider(PolicyEngine policy,
- GroupMappingService groupService) {
- this.policy = policy;
- this.groupService = groupService;
- this.privilegeFactory = policy.getPrivilegeFactory();
- this.lastFailedPrivileges = new ThreadLocal<List<String>>() {
- @Override
- protected List<String> initialValue() {
- return new ArrayList<String>();
- }
- };
- }
-
- /***
- * @param subject: UserID to validate privileges
- * @param authorizableHierarchy : List of object according to namespace hierarchy.
- * eg. Server->Db->Table or Server->Function
- * The privileges will be validated from the higher to lower scope
- * @param actions : Privileges to validate
- * @return
- * True if the subject is authorized to perform requested action on the given object
- */
- @Override
- public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
- Set<? extends Action> actions, ActiveRoleSet roleSet) {
- if(LOGGER.isDebugEnabled()) {
- LOGGER.debug("Authorization Request for " + subject + " " +
- authorizableHierarchy + " and " + actions);
- }
- Preconditions.checkNotNull(subject, "Subject cannot be null");
- Preconditions.checkNotNull(authorizableHierarchy, "Authorizable cannot be null");
- Preconditions.checkArgument(!authorizableHierarchy.isEmpty(), "Authorizable cannot be empty");
- Preconditions.checkNotNull(actions, "Actions cannot be null");
- Preconditions.checkArgument(!actions.isEmpty(), "Actions cannot be empty");
- Preconditions.checkNotNull(roleSet, "ActiveRoleSet cannot be null");
- return doHasAccess(subject, authorizableHierarchy, actions, roleSet);
- }
-
- private boolean doHasAccess(Subject subject,
- List<? extends Authorizable> authorizables, Set<? extends Action> actions,
- ActiveRoleSet roleSet) {
- Set<String> groups = getGroups(subject);
- Set<String> hierarchy = new HashSet<String>();
- for (Authorizable authorizable : authorizables) {
- hierarchy.add(KV_JOINER.join(authorizable.getTypeName(), authorizable.getName()));
- }
- Iterable<Privilege> privileges = getPrivileges(groups, roleSet);
- List<String> requestPrivileges = buildPermissions(authorizables, actions);
- lastFailedPrivileges.get().clear();
-
- for (String requestPrivilege : requestPrivileges) {
- for (Privilege permission : privileges) {
- /*
- * Does the permission granted in the policy file imply the requested action?
- */
- boolean result = permission.implies(privilegeFactory.createPrivilege(requestPrivilege));
- if(LOGGER.isDebugEnabled()) {
- LOGGER.debug("ProviderPrivilege {}, RequestPrivilege {}, RoleSet, {}, Result {}",
- new Object[]{ permission, requestPrivilege, roleSet, result});
- }
- if (result) {
- return true;
- }
- }
- }
- lastFailedPrivileges.get().addAll(requestPrivileges);
- return false;
- }
-
- private Iterable<Privilege> getPrivileges(Set<String> groups, ActiveRoleSet roleSet) {
- return Iterables.transform(policy.getPrivileges(groups, roleSet),
- new Function<String, Privilege>() {
- @Override
- public Privilege apply(String privilege) {
- return privilegeFactory.createPrivilege(privilege);
- }
- });
- }
-
- @Override
- public GroupMappingService getGroupMapping() {
- return groupService;
- }
-
- private Set<String> getGroups(Subject subject) {
- return groupService.getGroups(subject.getName());
- }
-
- @Override
- public void validateResource(boolean strictValidation) throws SentryConfigurationException {
- policy.validatePolicy(strictValidation);
- }
-
- @Override
- public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException {
- return policy.getPrivileges(getGroups(subject), ActiveRoleSet.ALL);
- }
-
- @Override
- public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException {
- return policy.getPrivileges(Sets.newHashSet(groupName), ActiveRoleSet.ALL);
- }
-
- @Override
- public List<String> getLastFailedPrivileges() {
- return lastFailedPrivileges.get();
- }
-
- private List<String> buildPermissions(List<? extends Authorizable> authorizables,
- Set<? extends Action> actions) {
- List<String> hierarchy = new ArrayList<String>();
- List<String> requestedPermissions = new ArrayList<String>();
-
- for (Authorizable authorizable : authorizables) {
- hierarchy.add(KV_JOINER.join(authorizable.getTypeName(), authorizable.getName()));
- }
-
- for (Action action : actions) {
- String requestPermission = AUTHORIZABLE_JOINER.join(hierarchy);
- requestPermission = AUTHORIZABLE_JOINER.join(requestPermission,
- KV_JOINER.join(PRIVILEGE_NAME, action.getValue()));
- requestedPermissions.add(requestPermission);
- }
- return requestedPermissions;
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
index 89a2d31..9fcebbb 100644
--- a/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
+++ b/sentry-provider/sentry-provider-file/src/main/java/org/apache/sentry/provider/file/SimpleFileProviderBackend.java
@@ -163,6 +163,11 @@ public class SimpleFileProviderBackend implements ProviderBackend {
}
@Override
+ public void close() {
+ groupRolePrivilegeTable.clear();
+ }
+
+ @Override
public void validatePolicy(boolean strictValidation) throws SentryConfigurationException {
if (!initialized) {
throw new IllegalStateException("Backend has not been properly initialized");
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-file/src/test/java/org/apache/sentry/provider/file/TestGetGroupMapping.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-file/src/test/java/org/apache/sentry/provider/file/TestGetGroupMapping.java b/sentry-provider/sentry-provider-file/src/test/java/org/apache/sentry/provider/file/TestGetGroupMapping.java
deleted file mode 100644
index d3127d7..0000000
--- a/sentry-provider/sentry-provider-file/src/test/java/org/apache/sentry/provider/file/TestGetGroupMapping.java
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.file;
-
-import static org.junit.Assert.assertSame;
-
-import java.util.Set;
-
-import org.apache.sentry.core.common.SentryConfigurationException;
-import org.apache.sentry.core.common.ActiveRoleSet;
-import org.apache.sentry.policy.common.PrivilegeFactory;
-import org.apache.sentry.policy.common.PolicyEngine;
-import org.apache.sentry.provider.common.GroupMappingService;
-import org.junit.Test;
-
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.Sets;
-
-public class TestGetGroupMapping {
-
- private static class TestResourceAuthorizationProvider extends ResourceAuthorizationProvider {
- public TestResourceAuthorizationProvider(PolicyEngine policy,
- GroupMappingService groupService) {
- super(policy, groupService);
- }
- };
-
- @Test
- public void testResourceAuthorizationProvider() {
- final Set<String> set = Sets.newHashSet("a", "b", "c");
- GroupMappingService mappingService = new GroupMappingService() {
- public Set<String> getGroups(String user) { return set; }
- };
- PolicyEngine policyEngine = new PolicyEngine() {
- public PrivilegeFactory getPrivilegeFactory() { return null; }
-
- public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet) {
- return ImmutableSet.of();
- }
-
- public void validatePolicy(boolean strictValidation)
- throws SentryConfigurationException {
- return;
- }
- };
-
- TestResourceAuthorizationProvider authProvider =
- new TestResourceAuthorizationProvider(policyEngine, mappingService);
- assertSame(authProvider.getGroupMapping(), mappingService);
- }
-}
[6/6] git commit: SENTRY-142: Create database backed ProviderBackend
(Brock Noland via Shreepadma Venugopalan)
Posted by sh...@apache.org.
SENTRY-142: Create database backed ProviderBackend (Brock Noland via Shreepadma Venugopalan)
Project: http://git-wip-us.apache.org/repos/asf/incubator-sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-sentry/commit/90cdbefd
Tree: http://git-wip-us.apache.org/repos/asf/incubator-sentry/tree/90cdbefd
Diff: http://git-wip-us.apache.org/repos/asf/incubator-sentry/diff/90cdbefd
Branch: refs/heads/master
Commit: 90cdbefd57b46281a593894b3a9fbf4686669228
Parents: 644e8be
Author: Shreepadma Venugopalan <sh...@apache.org>
Authored: Fri Mar 14 12:08:30 2014 -0700
Committer: Shreepadma Venugopalan <sh...@apache.org>
Committed: Fri Mar 14 12:08:30 2014 -0700
----------------------------------------------------------------------
.../hive/HiveAuthzBindingPreExecHook.java | 2 +-
.../binding/hive/authz/HiveAuthzBinding.java | 21 +-
.../sentry/binding/hive/conf/HiveAuthzConf.java | 2 +-
.../sentry/binding/solr/conf/SolrAuthzConf.java | 2 +-
.../sentry/core/common/ActiveRoleSet.java | 8 +
.../sentry/policy/common/PolicyEngine.java | 2 +
.../sentry/policy/db/SimpleDBPolicyEngine.java | 7 +
...sourceAuthorizationProviderGeneralCases.java | 2 +-
.../policy/search/SimpleSearchPolicyEngine.java | 7 +
...SearchAuthorizationProviderGeneralCases.java | 2 +-
sentry-provider/sentry-provider-common/pom.xml | 4 +
.../provider/common/AuthorizationProvider.java | 5 +
.../common/HadoopGroupMappingService.java | 48 ++
...adoopGroupResourceAuthorizationProvider.java | 46 ++
.../common/NoAuthorizationProvider.java | 4 +
.../sentry/provider/common/ProviderBackend.java | 2 +
.../provider/common/ProviderConstants.java | 38 +
.../common/ResourceAuthorizationProvider.java | 184 +++++
...adoopGroupResourceAuthorizationProvider.java | 44 +
.../provider/common/TestGetGroupMapping.java | 69 ++
sentry-provider/sentry-provider-db/pom.xml | 4 +
.../db/service/thrift/SentryPolicyService.java | 806 +++++++++++++++++++
.../TAlterSentryRoleAddGroupsRequest.java | 302 +++----
.../TAlterSentryRoleDeleteGroupsRequest.java | 414 ++++++++--
.../TAlterSentryRoleGrantPrivilegeRequest.java | 246 +++---
.../TAlterSentryRoleRevokePrivilegeRequest.java | 246 +++---
.../thrift/TCreateSentryRoleRequest.java | 297 ++++---
.../service/thrift/TDropSentryRoleRequest.java | 268 +++---
...TListSentryPrivilegesForProviderRequest.java | 644 +++++++++++++++
...ListSentryPrivilegesForProviderResponse.java | 543 +++++++++++++
.../service/thrift/TListSentryRolesRequest.java | 269 ++-----
.../db/service/thrift/TSentryActiveRoleSet.java | 536 ++++++++++++
.../provider/db/service/thrift/TSentryRole.java | 143 +---
.../db/SentryAlreadyExistsException.java | 27 +
.../db/SentryInvalidInputException.java | 27 +
.../db/SentryNoSuchObjectException.java | 27 +
.../provider/db/SimpleDBProviderBackend.java | 108 +++
.../provider/db/service/model/MSentryGroup.java | 17 +-
.../db/service/model/MSentryPrivilege.java | 75 +-
.../provider/db/service/model/MSentryRole.java | 28 +-
.../SentryAlreadyExistsException.java | 27 -
.../persistent/SentryInvalidInputException.java | 27 -
.../persistent/SentryNoSuchObjectException.java | 27 -
.../db/service/persistent/SentryStore.java | 203 +++--
.../thrift/SentryPolicyServiceClient.java | 209 ++++-
.../thrift/SentryPolicyStoreProcessor.java | 39 +-
.../sentry/service/thrift/ServiceConstants.java | 29 +
.../apache/sentry/service/thrift/Status.java | 34 +
.../main/resources/sentry_policy_service.thrift | 109 ++-
.../db/service/persistent/TestSentryStore.java | 154 +++-
.../TestSentryStoreToAuthorizable.java | 86 ++
.../thrift/TestSentryServiceIntegration.java | 171 ++--
.../thrift/SentryServiceIntegrationBase.java | 9 +
.../file/HadoopGroupMappingService.java | 48 --
...adoopGroupResourceAuthorizationProvider.java | 45 --
...LocalGroupResourceAuthorizationProvider.java | 1 +
.../provider/file/PolicyFileConstants.java | 19 +-
.../file/ResourceAuthorizationProvider.java | 179 ----
.../file/SimpleFileProviderBackend.java | 5 +
.../provider/file/TestGetGroupMapping.java | 65 --
60 files changed, 5106 insertions(+), 1906 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingPreExecHook.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingPreExecHook.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingPreExecHook.java
index bed7917..7859521 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingPreExecHook.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/HiveAuthzBindingPreExecHook.java
@@ -49,7 +49,7 @@ public class HiveAuthzBindingPreExecHook implements ExecuteWithHookContext {
// validate server level permissions permission for transforms
if (qPlan.getQueryProperties().usesScript()) {
if (hiveAuthzBinding == null) {
- LOG.warn("No authorization binding fund, skipping the authorization for transform");
+ LOG.warn("No authorization binding found, skipping the authorization for transform");
return;
}
List<List<DBModelAuthorizable>> inputHierarchy = new ArrayList<List<DBModelAuthorizable>> ();
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
index 65854c3..3be0d69 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
@@ -58,10 +58,12 @@ public class HiveAuthzBinding {
private final Server authServer;
private final AuthorizationProvider authProvider;
+ private volatile boolean open;
public HiveAuthzBinding (HiveConf hiveConf, HiveAuthzConf authzConf) throws Exception {
this.authServer = new Server(authzConf.get(AuthzConfVars.AUTHZ_SERVER_NAME.getVar()));
this.authProvider = getAuthProvider(hiveConf, authzConf, authServer.getName());
+ this.open = true;
}
/**
@@ -83,6 +85,9 @@ public class HiveAuthzBinding {
* @param conf
*/
public void set (Configuration conf) {
+ if (!open) {
+ throw new IllegalStateException("Binding has been closed");
+ }
String tagName = SessionState.get().getSessionId() + "_" + queryID.incrementAndGet();
authzBindingMap.put(tagName, this);
conf.set(HIVE_BINDING_TAG, tagName);
@@ -93,10 +98,15 @@ public class HiveAuthzBinding {
* @param conf
*/
public void clear(Configuration conf) {
+ if (!open) {
+ throw new IllegalStateException("Binding has been closed");
+ }
String tagName = conf.get(HIVE_BINDING_TAG);
- if (tagName == null) {
+ if (tagName != null) {
authzBindingMap.remove(tagName);
}
+ open = false;
+ authProvider.close();
}
// Instantiate the configured authz provider
@@ -170,6 +180,9 @@ public class HiveAuthzBinding {
public void authorize(HiveOperation hiveOp, HiveAuthzPrivileges stmtAuthPrivileges,
Subject subject, List<List<DBModelAuthorizable>> inputHierarchyList, List<List<DBModelAuthorizable>> outputHierarchyList )
throws AuthorizationException {
+ if (!open) {
+ throw new IllegalStateException("Binding has been closed");
+ }
boolean isDebug = LOG.isDebugEnabled();
if(isDebug) {
LOG.debug("Going to authorize statement " + hiveOp.name() +
@@ -223,6 +236,9 @@ public class HiveAuthzBinding {
}
public Server getAuthServer() {
+ if (!open) {
+ throw new IllegalStateException("Binding has been closed");
+ }
return authServer;
}
@@ -231,6 +247,9 @@ public class HiveAuthzBinding {
}
public List<String> getLastQueryPrivilegeErrors() {
+ if (!open) {
+ throw new IllegalStateException("Binding has been closed");
+ }
return authProvider.getLastFailedPrivileges();
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
index c4f12b5..336b925 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/HiveAuthzConf.java
@@ -48,7 +48,7 @@ public class HiveAuthzConf extends Configuration {
*/
public static enum AuthzConfVars {
AUTHZ_PROVIDER("sentry.provider",
- "org.apache.sentry.provider.file.ResourceAuthorizationProvider"),
+ "org.apache.sentry.provider.common.HadoopGroupResourceAuthorizationProvider"),
AUTHZ_PROVIDER_RESOURCE("sentry.hive.provider.resource", ""),
AUTHZ_PROVIDER_BACKEND("sentry.hive.provider.backend", "org.apache.sentry.provider.file.SimpleFileProviderBackend"),
AUTHZ_POLICY_ENGINE("sentry.hive.policy.engine", "org.apache.sentry.policy.db.SimpleDBPolicyEngine"),
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/conf/SolrAuthzConf.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/conf/SolrAuthzConf.java b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/conf/SolrAuthzConf.java
index 70983c4..2d7bae8 100644
--- a/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/conf/SolrAuthzConf.java
+++ b/sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/conf/SolrAuthzConf.java
@@ -30,7 +30,7 @@ public class SolrAuthzConf extends Configuration {
*/
public static enum AuthzConfVars {
AUTHZ_PROVIDER("sentry.provider",
- "org.apache.sentry.provider.file.ResourceAuthorizationProvider"),
+ "org.apache.sentry.provider.common.HadoopGroupResourceAuthorizationProvider"),
AUTHZ_PROVIDER_RESOURCE("sentry.solr.provider.resource", ""),
AUTHZ_PROVIDER_BACKEND("sentry.solr.provider.backend", "org.apache.sentry.provider.file.SimpleFileProviderBackend"),
AUTHZ_POLICY_ENGINE("sentry.solr.policy.engine", "org.apache.sentry.policy.search.SimpleSearchPolicyEngine");
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/ActiveRoleSet.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/ActiveRoleSet.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/ActiveRoleSet.java
index c1f1f66..a0199fa 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/ActiveRoleSet.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/ActiveRoleSet.java
@@ -58,6 +58,14 @@ public class ActiveRoleSet {
return allRoles || roles.contains(role.toLowerCase());
}
+ public boolean isAll() {
+ return allRoles;
+ }
+
+ public Set<String> getRoles() {
+ return roles;
+ }
+
@Override
public String toString() {
StringBuilder builder = new StringBuilder("ActiveRoleSet = [ roles = ");
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
index 512e28e..c378a38 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PolicyEngine.java
@@ -50,5 +50,7 @@ public interface PolicyEngine {
public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet)
throws SentryConfigurationException;
+ public void close();
+
public void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
index e67daf4..a95ef7b 100644
--- a/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
+++ b/sentry-policy/sentry-policy-db/src/main/java/org/apache/sentry/policy/db/SimpleDBPolicyEngine.java
@@ -77,6 +77,13 @@ public class SimpleDBPolicyEngine implements PolicyEngine {
this.providerBackend.validatePolicy(strictValidation);
}
+ @Override
+ public void close() {
+ if (providerBackend != null) {
+ providerBackend.close();
+ }
+ }
+
public static ImmutableList<PrivilegeValidator> createPrivilegeValidators(String serverName) {
return ImmutableList.<PrivilegeValidator>of(new ServersAllIsInvalid(), new DatabaseMustMatch(),
new DatabaseRequiredInPrivilege(), new ServerNameMustMatch(serverName));
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
index 469be14..53b83a5 100644
--- a/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
+++ b/sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/TestResourceAuthorizationProviderGeneralCases.java
@@ -36,9 +36,9 @@ import org.apache.sentry.core.model.db.Database;
import org.apache.sentry.core.model.db.Server;
import org.apache.sentry.core.model.db.Table;
import org.apache.sentry.provider.common.MockGroupMappingServiceProvider;
+import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
import org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider;
import org.apache.sentry.provider.file.PolicyFiles;
-import org.apache.sentry.provider.file.ResourceAuthorizationProvider;
import org.junit.After;
import org.junit.Test;
import org.slf4j.Logger;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java b/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
index 728e356..8adcb6f 100644
--- a/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
+++ b/sentry-policy/sentry-policy-search/src/main/java/org/apache/sentry/policy/search/SimpleSearchPolicyEngine.java
@@ -81,4 +81,11 @@ public class SimpleSearchPolicyEngine implements PolicyEngine {
public static ImmutableList<PrivilegeValidator> createPrivilegeValidators() {
return ImmutableList.<PrivilegeValidator>of(new CollectionRequiredInPrivilege());
}
+
+ @Override
+ public void close() {
+ if (providerBackend != null) {
+ providerBackend.close();
+ }
+ }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
index 6f36243..bdb1c96 100644
--- a/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
+++ b/sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/TestSearchAuthorizationProviderGeneralCases.java
@@ -33,9 +33,9 @@ import org.apache.sentry.core.common.Subject;
import org.apache.sentry.core.model.search.Collection;
import org.apache.sentry.core.model.search.SearchModelAction;
import org.apache.sentry.provider.common.MockGroupMappingServiceProvider;
+import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
import org.apache.sentry.provider.file.HadoopGroupResourceAuthorizationProvider;
import org.apache.sentry.provider.file.PolicyFiles;
-import org.apache.sentry.provider.file.ResourceAuthorizationProvider;
import org.junit.After;
import org.junit.Test;
import org.slf4j.Logger;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/pom.xml b/sentry-provider/sentry-provider-common/pom.xml
index 1e9dc1b..7c17950 100644
--- a/sentry-provider/sentry-provider-common/pom.xml
+++ b/sentry-provider/sentry-provider-common/pom.xml
@@ -34,6 +34,10 @@ limitations under the License.
<scope>test</scope>
</dependency>
<dependency>
+ <groupId>org.apache.hadoop</groupId>
+ <artifactId>hadoop-common</artifactId>
+ </dependency>
+ <dependency>
<groupId>org.apache.sentry</groupId>
<artifactId>sentry-core-common</artifactId>
</dependency>
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
index cd6f8a1..de774f4 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
@@ -83,4 +83,9 @@ public interface AuthorizationProvider {
* @return
*/
public List<String> getLastFailedPrivileges();
+
+ /**
+ * Frees any resources held by the the provider
+ */
+ public void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
new file mode 100644
index 0000000..6c8fa95
--- /dev/null
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupMappingService.java
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.common;
+
+import java.io.IOException;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.hadoop.security.Groups;
+import org.apache.sentry.provider.common.GroupMappingService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class HadoopGroupMappingService implements GroupMappingService {
+
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(HadoopGroupMappingService.class);
+ private final Groups groups;
+
+ public HadoopGroupMappingService(Groups groups) {
+ this.groups = groups;
+ }
+
+ @Override
+ public Set<String> getGroups(String user) {
+ try {
+ return new HashSet<String>(groups.getGroups(user));
+ } catch (IOException e) {
+ LOGGER.warn("Unable to obtain groups for " + user, e);
+ }
+ return Collections.emptySet();
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
new file mode 100644
index 0000000..47ba77a
--- /dev/null
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/HadoopGroupResourceAuthorizationProvider.java
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.provider.common;
+
+import java.io.IOException;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.security.Groups;
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.provider.common.HadoopGroupMappingService;
+
+import com.google.common.annotations.VisibleForTesting;
+
+public class HadoopGroupResourceAuthorizationProvider extends
+ ResourceAuthorizationProvider {
+
+ // resource parameter present so that other AuthorizationProviders (e.g.
+ // LocalGroupResourceAuthorizationProvider) has the same constructor params.
+ public HadoopGroupResourceAuthorizationProvider(String resource, PolicyEngine policy) throws IOException {
+ this(policy, new HadoopGroupMappingService(
+ Groups.getUserToGroupsMappingService(new Configuration())));
+ }
+
+ @VisibleForTesting
+ public HadoopGroupResourceAuthorizationProvider(PolicyEngine policy,
+ GroupMappingService groupService) {
+ super(policy, groupService);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
index ed32224..a814527 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
@@ -63,4 +63,8 @@ public class NoAuthorizationProvider implements AuthorizationProvider {
return new ArrayList<String>();
}
+ @Override
+ public void close() {
+
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
index 6d6da25..26c4878 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
@@ -56,4 +56,6 @@ public interface ProviderBackend {
* @throws SentryConfigurationException
*/
public void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
+
+ public void close();
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderConstants.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderConstants.java
new file mode 100644
index 0000000..c6f7e2c
--- /dev/null
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderConstants.java
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.common;
+
+import com.google.common.base.Joiner;
+import com.google.common.base.Splitter;
+
+public class ProviderConstants {
+
+ public static final String ROLE_SEPARATOR = ",";
+ public static final String AUTHORIZABLE_SEPARATOR = "->";
+ public static final String KV_SEPARATOR = "=";
+
+ public static final Splitter ROLE_SPLITTER = Splitter.on(ROLE_SEPARATOR);
+ public static final Splitter AUTHORIZABLE_SPLITTER = Splitter.on(AUTHORIZABLE_SEPARATOR);
+ public static final Splitter KV_SPLITTER = Splitter.on(KV_SEPARATOR);
+ public static final Joiner ROLE_JOINER = Joiner.on(ROLE_SEPARATOR);
+ public static final Joiner AUTHORIZABLE_JOINER = Joiner.on(AUTHORIZABLE_SEPARATOR);
+ public static final Joiner KV_JOINER = Joiner.on(KV_SEPARATOR);
+
+ // TODO change to privilege
+ public static final String PRIVILEGE_NAME = "action";
+ public static final String PRIVILEGE_PREFIX = (PRIVILEGE_NAME + KV_SEPARATOR).toLowerCase();
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
new file mode 100644
index 0000000..e1e7f4a
--- /dev/null
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ResourceAuthorizationProvider.java
@@ -0,0 +1,184 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.common;
+
+import static org.apache.sentry.provider.common.ProviderConstants.AUTHORIZABLE_JOINER;
+import static org.apache.sentry.provider.common.ProviderConstants.KV_JOINER;
+import static org.apache.sentry.provider.common.ProviderConstants.PRIVILEGE_NAME;
+
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import org.apache.sentry.core.common.Action;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.Authorizable;
+import org.apache.sentry.core.common.SentryConfigurationException;
+import org.apache.sentry.core.common.Subject;
+import org.apache.sentry.policy.common.Privilege;
+import org.apache.sentry.policy.common.PrivilegeFactory;
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.base.Function;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.Iterables;
+import com.google.common.collect.Sets;
+
+public abstract class ResourceAuthorizationProvider implements AuthorizationProvider {
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(ResourceAuthorizationProvider.class);
+ private final GroupMappingService groupService;
+ private final PolicyEngine policy;
+ private final PrivilegeFactory privilegeFactory;
+ private final ThreadLocal<List<String>> lastFailedPrivileges;
+
+ public ResourceAuthorizationProvider(PolicyEngine policy,
+ GroupMappingService groupService) {
+ this.policy = policy;
+ this.groupService = groupService;
+ this.privilegeFactory = policy.getPrivilegeFactory();
+ this.lastFailedPrivileges = new ThreadLocal<List<String>>() {
+ @Override
+ protected List<String> initialValue() {
+ return new ArrayList<String>();
+ }
+ };
+ }
+
+ /***
+ * @param subject: UserID to validate privileges
+ * @param authorizableHierarchy : List of object according to namespace hierarchy.
+ * eg. Server->Db->Table or Server->Function
+ * The privileges will be validated from the higher to lower scope
+ * @param actions : Privileges to validate
+ * @return
+ * True if the subject is authorized to perform requested action on the given object
+ */
+ @Override
+ public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
+ Set<? extends Action> actions, ActiveRoleSet roleSet) {
+ if(LOGGER.isDebugEnabled()) {
+ LOGGER.debug("Authorization Request for " + subject + " " +
+ authorizableHierarchy + " and " + actions);
+ }
+ Preconditions.checkNotNull(subject, "Subject cannot be null");
+ Preconditions.checkNotNull(authorizableHierarchy, "Authorizable cannot be null");
+ Preconditions.checkArgument(!authorizableHierarchy.isEmpty(), "Authorizable cannot be empty");
+ Preconditions.checkNotNull(actions, "Actions cannot be null");
+ Preconditions.checkArgument(!actions.isEmpty(), "Actions cannot be empty");
+ Preconditions.checkNotNull(roleSet, "ActiveRoleSet cannot be null");
+ return doHasAccess(subject, authorizableHierarchy, actions, roleSet);
+ }
+
+ private boolean doHasAccess(Subject subject,
+ List<? extends Authorizable> authorizables, Set<? extends Action> actions,
+ ActiveRoleSet roleSet) {
+ Set<String> groups = getGroups(subject);
+ Set<String> hierarchy = new HashSet<String>();
+ for (Authorizable authorizable : authorizables) {
+ hierarchy.add(KV_JOINER.join(authorizable.getTypeName(), authorizable.getName()));
+ }
+ Iterable<Privilege> privileges = getPrivileges(groups, roleSet);
+ List<String> requestPrivileges = buildPermissions(authorizables, actions);
+ lastFailedPrivileges.get().clear();
+
+ for (String requestPrivilege : requestPrivileges) {
+ for (Privilege permission : privileges) {
+ /*
+ * Does the permission granted in the policy file imply the requested action?
+ */
+ boolean result = permission.implies(privilegeFactory.createPrivilege(requestPrivilege));
+ if(LOGGER.isDebugEnabled()) {
+ LOGGER.debug("ProviderPrivilege {}, RequestPrivilege {}, RoleSet, {}, Result {}",
+ new Object[]{ permission, requestPrivilege, roleSet, result});
+ }
+ if (result) {
+ return true;
+ }
+ }
+ }
+ lastFailedPrivileges.get().addAll(requestPrivileges);
+ return false;
+ }
+
+ private Iterable<Privilege> getPrivileges(Set<String> groups, ActiveRoleSet roleSet) {
+ return Iterables.transform(policy.getPrivileges(groups, roleSet),
+ new Function<String, Privilege>() {
+ @Override
+ public Privilege apply(String privilege) {
+ return privilegeFactory.createPrivilege(privilege);
+ }
+ });
+ }
+
+ @Override
+ public GroupMappingService getGroupMapping() {
+ return groupService;
+ }
+
+ private Set<String> getGroups(Subject subject) {
+ return groupService.getGroups(subject.getName());
+ }
+
+ @Override
+ public void validateResource(boolean strictValidation) throws SentryConfigurationException {
+ policy.validatePolicy(strictValidation);
+ }
+
+ @Override
+ public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException {
+ return policy.getPrivileges(getGroups(subject), ActiveRoleSet.ALL);
+ }
+
+ @Override
+ public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException {
+ return policy.getPrivileges(Sets.newHashSet(groupName), ActiveRoleSet.ALL);
+ }
+
+ @Override
+ public List<String> getLastFailedPrivileges() {
+ return lastFailedPrivileges.get();
+ }
+
+ @Override
+ public void close() {
+ if (policy != null) {
+ policy.close();
+ }
+ }
+
+ private List<String> buildPermissions(List<? extends Authorizable> authorizables,
+ Set<? extends Action> actions) {
+ List<String> hierarchy = new ArrayList<String>();
+ List<String> requestedPermissions = new ArrayList<String>();
+
+ for (Authorizable authorizable : authorizables) {
+ hierarchy.add(KV_JOINER.join(authorizable.getTypeName(), authorizable.getName()));
+ }
+
+ for (Action action : actions) {
+ String requestPermission = AUTHORIZABLE_JOINER.join(hierarchy);
+ requestPermission = AUTHORIZABLE_JOINER.join(requestPermission,
+ KV_JOINER.join(PRIVILEGE_NAME, action.getValue()));
+ requestedPermissions.add(requestPermission);
+ }
+ return requestedPermissions;
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
new file mode 100644
index 0000000..1cbc70c
--- /dev/null
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/file/HadoopGroupResourceAuthorizationProvider.java
@@ -0,0 +1,44 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.sentry.provider.file;
+
+import java.io.IOException;
+
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.GroupMappingService;
+
+import com.google.common.annotations.VisibleForTesting;
+
+/**
+ * Kept for backwards compatibility
+ */
+@Deprecated
+public class HadoopGroupResourceAuthorizationProvider extends
+ org.apache.sentry.provider.common.HadoopGroupResourceAuthorizationProvider {
+
+ public HadoopGroupResourceAuthorizationProvider(String resource, PolicyEngine policy) throws IOException {
+ super(resource, policy);
+ }
+
+ @VisibleForTesting
+ public HadoopGroupResourceAuthorizationProvider(PolicyEngine policy,
+ GroupMappingService groupService) {
+ super(policy, groupService);
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
new file mode 100644
index 0000000..ece740b
--- /dev/null
+++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestGetGroupMapping.java
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.common;
+
+import static org.junit.Assert.assertSame;
+
+import java.util.Set;
+
+import org.apache.sentry.core.common.SentryConfigurationException;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.policy.common.PrivilegeFactory;
+import org.apache.sentry.policy.common.PolicyEngine;
+import org.apache.sentry.provider.common.GroupMappingService;
+import org.apache.sentry.provider.common.ResourceAuthorizationProvider;
+import org.junit.Test;
+
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.Sets;
+
+public class TestGetGroupMapping {
+
+ private static class TestResourceAuthorizationProvider extends ResourceAuthorizationProvider {
+ public TestResourceAuthorizationProvider(PolicyEngine policy,
+ GroupMappingService groupService) {
+ super(policy, groupService);
+ }
+ };
+
+ @Test
+ public void testResourceAuthorizationProvider() {
+ final Set<String> set = Sets.newHashSet("a", "b", "c");
+ GroupMappingService mappingService = new GroupMappingService() {
+ public Set<String> getGroups(String user) { return set; }
+ };
+ PolicyEngine policyEngine = new PolicyEngine() {
+ public PrivilegeFactory getPrivilegeFactory() { return null; }
+
+ public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet) {
+ return ImmutableSet.of();
+ }
+
+ public void validatePolicy(boolean strictValidation)
+ throws SentryConfigurationException {
+ return;
+ }
+
+ @Override
+ public void close() {}
+ };
+
+ TestResourceAuthorizationProvider authProvider =
+ new TestResourceAuthorizationProvider(policyEngine, mappingService);
+ assertSame(authProvider.getGroupMapping(), mappingService);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml
index aa511c8..d82a564 100644
--- a/sentry-provider/sentry-provider-db/pom.xml
+++ b/sentry-provider/sentry-provider-db/pom.xml
@@ -71,6 +71,10 @@ limitations under the License.
</dependency>
<dependency>
<groupId>org.apache.sentry</groupId>
+ <artifactId>sentry-core-model-db</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sentry</groupId>
<artifactId>sentry-provider-common</artifactId>
</dependency>
<dependency>
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
index 6f02595..cc6eb4f 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/SentryPolicyService.java
@@ -51,6 +51,8 @@ public class SentryPolicyService {
public TListSentryRolesResponse list_sentry_roles_by_role_name(TListSentryRolesRequest request) throws org.apache.thrift.TException;
+ public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException;
+
}
public interface AsyncIface {
@@ -71,6 +73,8 @@ public class SentryPolicyService {
public void list_sentry_roles_by_role_name(TListSentryRolesRequest request, org.apache.thrift.async.AsyncMethodCallback<AsyncClient.list_sentry_roles_by_role_name_call> resultHandler) throws org.apache.thrift.TException;
+ public void list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback<AsyncClient.list_sentry_privileges_for_provider_call> resultHandler) throws org.apache.thrift.TException;
+
}
public static class Client extends org.apache.thrift.TServiceClient implements Iface {
@@ -277,6 +281,29 @@ public class SentryPolicyService {
throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_roles_by_role_name failed: unknown result");
}
+ public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException
+ {
+ send_list_sentry_privileges_for_provider(request);
+ return recv_list_sentry_privileges_for_provider();
+ }
+
+ public void send_list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request) throws org.apache.thrift.TException
+ {
+ list_sentry_privileges_for_provider_args args = new list_sentry_privileges_for_provider_args();
+ args.setRequest(request);
+ sendBase("list_sentry_privileges_for_provider", args);
+ }
+
+ public TListSentryPrivilegesForProviderResponse recv_list_sentry_privileges_for_provider() throws org.apache.thrift.TException
+ {
+ list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
+ receiveBase(result, "list_sentry_privileges_for_provider");
+ if (result.isSetSuccess()) {
+ return result.success;
+ }
+ throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_for_provider failed: unknown result");
+ }
+
}
public static class AsyncClient extends org.apache.thrift.async.TAsyncClient implements AsyncIface {
public static class Factory implements org.apache.thrift.async.TAsyncClientFactory<AsyncClient> {
@@ -551,6 +578,38 @@ public class SentryPolicyService {
}
}
+ public void list_sentry_privileges_for_provider(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback<list_sentry_privileges_for_provider_call> resultHandler) throws org.apache.thrift.TException {
+ checkReady();
+ list_sentry_privileges_for_provider_call method_call = new list_sentry_privileges_for_provider_call(request, resultHandler, this, ___protocolFactory, ___transport);
+ this.___currentMethod = method_call;
+ ___manager.call(method_call);
+ }
+
+ public static class list_sentry_privileges_for_provider_call extends org.apache.thrift.async.TAsyncMethodCall {
+ private TListSentryPrivilegesForProviderRequest request;
+ public list_sentry_privileges_for_provider_call(TListSentryPrivilegesForProviderRequest request, org.apache.thrift.async.AsyncMethodCallback<list_sentry_privileges_for_provider_call> resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException {
+ super(client, protocolFactory, transport, resultHandler, false);
+ this.request = request;
+ }
+
+ public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException {
+ prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_for_provider", org.apache.thrift.protocol.TMessageType.CALL, 0));
+ list_sentry_privileges_for_provider_args args = new list_sentry_privileges_for_provider_args();
+ args.setRequest(request);
+ args.write(prot);
+ prot.writeMessageEnd();
+ }
+
+ public TListSentryPrivilegesForProviderResponse getResult() throws org.apache.thrift.TException {
+ if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) {
+ throw new IllegalStateException("Method call not finished!");
+ }
+ org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array());
+ org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport);
+ return (new Client(prot)).recv_list_sentry_privileges_for_provider();
+ }
+ }
+
}
public static class Processor<I extends Iface> extends org.apache.thrift.TBaseProcessor<I> implements org.apache.thrift.TProcessor {
@@ -572,6 +631,7 @@ public class SentryPolicyService {
processMap.put("alter_sentry_role_delete_groups", new alter_sentry_role_delete_groups());
processMap.put("list_sentry_roles_by_group", new list_sentry_roles_by_group());
processMap.put("list_sentry_roles_by_role_name", new list_sentry_roles_by_role_name());
+ processMap.put("list_sentry_privileges_for_provider", new list_sentry_privileges_for_provider());
return processMap;
}
@@ -735,6 +795,26 @@ public class SentryPolicyService {
}
}
+ public static class list_sentry_privileges_for_provider<I extends Iface> extends org.apache.thrift.ProcessFunction<I, list_sentry_privileges_for_provider_args> {
+ public list_sentry_privileges_for_provider() {
+ super("list_sentry_privileges_for_provider");
+ }
+
+ public list_sentry_privileges_for_provider_args getEmptyArgsInstance() {
+ return new list_sentry_privileges_for_provider_args();
+ }
+
+ protected boolean isOneway() {
+ return false;
+ }
+
+ public list_sentry_privileges_for_provider_result getResult(I iface, list_sentry_privileges_for_provider_args args) throws org.apache.thrift.TException {
+ list_sentry_privileges_for_provider_result result = new list_sentry_privileges_for_provider_result();
+ result.success = iface.list_sentry_privileges_for_provider(args.request);
+ return result;
+ }
+ }
+
}
public static class create_sentry_role_args implements org.apache.thrift.TBase<create_sentry_role_args, create_sentry_role_args._Fields>, java.io.Serializable, Cloneable {
@@ -6545,4 +6625,730 @@ public class SentryPolicyService {
}
+ public static class list_sentry_privileges_for_provider_args implements org.apache.thrift.TBase<list_sentry_privileges_for_provider_args, list_sentry_privileges_for_provider_args._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("list_sentry_privileges_for_provider_args");
+
+ private static final org.apache.thrift.protocol.TField REQUEST_FIELD_DESC = new org.apache.thrift.protocol.TField("request", org.apache.thrift.protocol.TType.STRUCT, (short)1);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new list_sentry_privileges_for_provider_argsStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new list_sentry_privileges_for_provider_argsTupleSchemeFactory());
+ }
+
+ private TListSentryPrivilegesForProviderRequest request; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ REQUEST((short)1, "request");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // REQUEST
+ return REQUEST;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.REQUEST, new org.apache.thrift.meta_data.FieldMetaData("request", org.apache.thrift.TFieldRequirementType.DEFAULT,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TListSentryPrivilegesForProviderRequest.class)));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(list_sentry_privileges_for_provider_args.class, metaDataMap);
+ }
+
+ public list_sentry_privileges_for_provider_args() {
+ }
+
+ public list_sentry_privileges_for_provider_args(
+ TListSentryPrivilegesForProviderRequest request)
+ {
+ this();
+ this.request = request;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public list_sentry_privileges_for_provider_args(list_sentry_privileges_for_provider_args other) {
+ if (other.isSetRequest()) {
+ this.request = new TListSentryPrivilegesForProviderRequest(other.request);
+ }
+ }
+
+ public list_sentry_privileges_for_provider_args deepCopy() {
+ return new list_sentry_privileges_for_provider_args(this);
+ }
+
+ @Override
+ public void clear() {
+ this.request = null;
+ }
+
+ public TListSentryPrivilegesForProviderRequest getRequest() {
+ return this.request;
+ }
+
+ public void setRequest(TListSentryPrivilegesForProviderRequest request) {
+ this.request = request;
+ }
+
+ public void unsetRequest() {
+ this.request = null;
+ }
+
+ /** Returns true if field request is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequest() {
+ return this.request != null;
+ }
+
+ public void setRequestIsSet(boolean value) {
+ if (!value) {
+ this.request = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case REQUEST:
+ if (value == null) {
+ unsetRequest();
+ } else {
+ setRequest((TListSentryPrivilegesForProviderRequest)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case REQUEST:
+ return getRequest();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case REQUEST:
+ return isSetRequest();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof list_sentry_privileges_for_provider_args)
+ return this.equals((list_sentry_privileges_for_provider_args)that);
+ return false;
+ }
+
+ public boolean equals(list_sentry_privileges_for_provider_args that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_request = true && this.isSetRequest();
+ boolean that_present_request = true && that.isSetRequest();
+ if (this_present_request || that_present_request) {
+ if (!(this_present_request && that_present_request))
+ return false;
+ if (!this.request.equals(that.request))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_request = true && (isSetRequest());
+ builder.append(present_request);
+ if (present_request)
+ builder.append(request);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(list_sentry_privileges_for_provider_args other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ list_sentry_privileges_for_provider_args typedOther = (list_sentry_privileges_for_provider_args)other;
+
+ lastComparison = Boolean.valueOf(isSetRequest()).compareTo(typedOther.isSetRequest());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetRequest()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.request, typedOther.request);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("list_sentry_privileges_for_provider_args(");
+ boolean first = true;
+
+ sb.append("request:");
+ if (this.request == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.request);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ // check for sub-struct validity
+ if (request != null) {
+ request.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class list_sentry_privileges_for_provider_argsStandardSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_for_provider_argsStandardScheme getScheme() {
+ return new list_sentry_privileges_for_provider_argsStandardScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_for_provider_argsStandardScheme extends StandardScheme<list_sentry_privileges_for_provider_args> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, list_sentry_privileges_for_provider_args struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // REQUEST
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.request = new TListSentryPrivilegesForProviderRequest();
+ struct.request.read(iprot);
+ struct.setRequestIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, list_sentry_privileges_for_provider_args struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ if (struct.request != null) {
+ oprot.writeFieldBegin(REQUEST_FIELD_DESC);
+ struct.request.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class list_sentry_privileges_for_provider_argsTupleSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_for_provider_argsTupleScheme getScheme() {
+ return new list_sentry_privileges_for_provider_argsTupleScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_for_provider_argsTupleScheme extends TupleScheme<list_sentry_privileges_for_provider_args> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_for_provider_args struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ BitSet optionals = new BitSet();
+ if (struct.isSetRequest()) {
+ optionals.set(0);
+ }
+ oprot.writeBitSet(optionals, 1);
+ if (struct.isSetRequest()) {
+ struct.request.write(oprot);
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_for_provider_args struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ BitSet incoming = iprot.readBitSet(1);
+ if (incoming.get(0)) {
+ struct.request = new TListSentryPrivilegesForProviderRequest();
+ struct.request.read(iprot);
+ struct.setRequestIsSet(true);
+ }
+ }
+ }
+
+ }
+
+ public static class list_sentry_privileges_for_provider_result implements org.apache.thrift.TBase<list_sentry_privileges_for_provider_result, list_sentry_privileges_for_provider_result._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("list_sentry_privileges_for_provider_result");
+
+ private static final org.apache.thrift.protocol.TField SUCCESS_FIELD_DESC = new org.apache.thrift.protocol.TField("success", org.apache.thrift.protocol.TType.STRUCT, (short)0);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new list_sentry_privileges_for_provider_resultStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new list_sentry_privileges_for_provider_resultTupleSchemeFactory());
+ }
+
+ private TListSentryPrivilegesForProviderResponse success; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ SUCCESS((short)0, "success");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 0: // SUCCESS
+ return SUCCESS;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TListSentryPrivilegesForProviderResponse.class)));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(list_sentry_privileges_for_provider_result.class, metaDataMap);
+ }
+
+ public list_sentry_privileges_for_provider_result() {
+ }
+
+ public list_sentry_privileges_for_provider_result(
+ TListSentryPrivilegesForProviderResponse success)
+ {
+ this();
+ this.success = success;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public list_sentry_privileges_for_provider_result(list_sentry_privileges_for_provider_result other) {
+ if (other.isSetSuccess()) {
+ this.success = new TListSentryPrivilegesForProviderResponse(other.success);
+ }
+ }
+
+ public list_sentry_privileges_for_provider_result deepCopy() {
+ return new list_sentry_privileges_for_provider_result(this);
+ }
+
+ @Override
+ public void clear() {
+ this.success = null;
+ }
+
+ public TListSentryPrivilegesForProviderResponse getSuccess() {
+ return this.success;
+ }
+
+ public void setSuccess(TListSentryPrivilegesForProviderResponse success) {
+ this.success = success;
+ }
+
+ public void unsetSuccess() {
+ this.success = null;
+ }
+
+ /** Returns true if field success is set (has been assigned a value) and false otherwise */
+ public boolean isSetSuccess() {
+ return this.success != null;
+ }
+
+ public void setSuccessIsSet(boolean value) {
+ if (!value) {
+ this.success = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case SUCCESS:
+ if (value == null) {
+ unsetSuccess();
+ } else {
+ setSuccess((TListSentryPrivilegesForProviderResponse)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case SUCCESS:
+ return getSuccess();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case SUCCESS:
+ return isSetSuccess();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof list_sentry_privileges_for_provider_result)
+ return this.equals((list_sentry_privileges_for_provider_result)that);
+ return false;
+ }
+
+ public boolean equals(list_sentry_privileges_for_provider_result that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_success = true && this.isSetSuccess();
+ boolean that_present_success = true && that.isSetSuccess();
+ if (this_present_success || that_present_success) {
+ if (!(this_present_success && that_present_success))
+ return false;
+ if (!this.success.equals(that.success))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_success = true && (isSetSuccess());
+ builder.append(present_success);
+ if (present_success)
+ builder.append(success);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(list_sentry_privileges_for_provider_result other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ list_sentry_privileges_for_provider_result typedOther = (list_sentry_privileges_for_provider_result)other;
+
+ lastComparison = Boolean.valueOf(isSetSuccess()).compareTo(typedOther.isSetSuccess());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetSuccess()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.success, typedOther.success);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("list_sentry_privileges_for_provider_result(");
+ boolean first = true;
+
+ sb.append("success:");
+ if (this.success == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.success);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ // check for sub-struct validity
+ if (success != null) {
+ success.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class list_sentry_privileges_for_provider_resultStandardSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_for_provider_resultStandardScheme getScheme() {
+ return new list_sentry_privileges_for_provider_resultStandardScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_for_provider_resultStandardScheme extends StandardScheme<list_sentry_privileges_for_provider_result> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, list_sentry_privileges_for_provider_result struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 0: // SUCCESS
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.success = new TListSentryPrivilegesForProviderResponse();
+ struct.success.read(iprot);
+ struct.setSuccessIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, list_sentry_privileges_for_provider_result struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ if (struct.success != null) {
+ oprot.writeFieldBegin(SUCCESS_FIELD_DESC);
+ struct.success.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class list_sentry_privileges_for_provider_resultTupleSchemeFactory implements SchemeFactory {
+ public list_sentry_privileges_for_provider_resultTupleScheme getScheme() {
+ return new list_sentry_privileges_for_provider_resultTupleScheme();
+ }
+ }
+
+ private static class list_sentry_privileges_for_provider_resultTupleScheme extends TupleScheme<list_sentry_privileges_for_provider_result> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_for_provider_result struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ BitSet optionals = new BitSet();
+ if (struct.isSetSuccess()) {
+ optionals.set(0);
+ }
+ oprot.writeBitSet(optionals, 1);
+ if (struct.isSetSuccess()) {
+ struct.success.write(oprot);
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_for_provider_result struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ BitSet incoming = iprot.readBitSet(1);
+ if (incoming.get(0)) {
+ struct.success = new TListSentryPrivilegesForProviderResponse();
+ struct.success.read(iprot);
+ struct.setSuccessIsSet(true);
+ }
+ }
+ }
+
+ }
+
}
[2/6] SENTRY-142: Create database backed ProviderBackend (Brock
Noland via Shreepadma Venugopalan)
Posted by sh...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java
index 71f7479..dbddcad 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryRole.java
@@ -36,8 +36,7 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)1);
private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)2);
- private static final org.apache.thrift.protocol.TField CREATE_TIME_FIELD_DESC = new org.apache.thrift.protocol.TField("createTime", org.apache.thrift.protocol.TType.I64, (short)3);
- private static final org.apache.thrift.protocol.TField GRANTOR_PRINCIPAL_FIELD_DESC = new org.apache.thrift.protocol.TField("grantorPrincipal", org.apache.thrift.protocol.TType.STRING, (short)4);
+ private static final org.apache.thrift.protocol.TField GRANTOR_PRINCIPAL_FIELD_DESC = new org.apache.thrift.protocol.TField("grantorPrincipal", org.apache.thrift.protocol.TType.STRING, (short)3);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
static {
@@ -47,15 +46,13 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
private String roleName; // required
private Set<TSentryPrivilege> privileges; // required
- private long createTime; // required
private String grantorPrincipal; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
ROLE_NAME((short)1, "roleName"),
PRIVILEGES((short)2, "privileges"),
- CREATE_TIME((short)3, "createTime"),
- GRANTOR_PRINCIPAL((short)4, "grantorPrincipal");
+ GRANTOR_PRINCIPAL((short)3, "grantorPrincipal");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -74,9 +71,7 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
return ROLE_NAME;
case 2: // PRIVILEGES
return PRIVILEGES;
- case 3: // CREATE_TIME
- return CREATE_TIME;
- case 4: // GRANTOR_PRINCIPAL
+ case 3: // GRANTOR_PRINCIPAL
return GRANTOR_PRINCIPAL;
default:
return null;
@@ -118,8 +113,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
}
// isset id assignments
- private static final int __CREATETIME_ISSET_ID = 0;
- private byte __isset_bitfield = 0;
public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
static {
Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
@@ -128,8 +121,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class))));
- tmpMap.put(_Fields.CREATE_TIME, new org.apache.thrift.meta_data.FieldMetaData("createTime", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I64)));
tmpMap.put(_Fields.GRANTOR_PRINCIPAL, new org.apache.thrift.meta_data.FieldMetaData("grantorPrincipal", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
metaDataMap = Collections.unmodifiableMap(tmpMap);
@@ -142,14 +133,11 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
public TSentryRole(
String roleName,
Set<TSentryPrivilege> privileges,
- long createTime,
String grantorPrincipal)
{
this();
this.roleName = roleName;
this.privileges = privileges;
- this.createTime = createTime;
- setCreateTimeIsSet(true);
this.grantorPrincipal = grantorPrincipal;
}
@@ -157,7 +145,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
* Performs a deep copy on <i>other</i>.
*/
public TSentryRole(TSentryRole other) {
- __isset_bitfield = other.__isset_bitfield;
if (other.isSetRoleName()) {
this.roleName = other.roleName;
}
@@ -168,7 +155,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
}
this.privileges = __this__privileges;
}
- this.createTime = other.createTime;
if (other.isSetGrantorPrincipal()) {
this.grantorPrincipal = other.grantorPrincipal;
}
@@ -182,8 +168,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
public void clear() {
this.roleName = null;
this.privileges = null;
- setCreateTimeIsSet(false);
- this.createTime = 0;
this.grantorPrincipal = null;
}
@@ -248,28 +232,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
}
}
- public long getCreateTime() {
- return this.createTime;
- }
-
- public void setCreateTime(long createTime) {
- this.createTime = createTime;
- setCreateTimeIsSet(true);
- }
-
- public void unsetCreateTime() {
- __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __CREATETIME_ISSET_ID);
- }
-
- /** Returns true if field createTime is set (has been assigned a value) and false otherwise */
- public boolean isSetCreateTime() {
- return EncodingUtils.testBit(__isset_bitfield, __CREATETIME_ISSET_ID);
- }
-
- public void setCreateTimeIsSet(boolean value) {
- __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __CREATETIME_ISSET_ID, value);
- }
-
public String getGrantorPrincipal() {
return this.grantorPrincipal;
}
@@ -311,14 +273,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
}
break;
- case CREATE_TIME:
- if (value == null) {
- unsetCreateTime();
- } else {
- setCreateTime((Long)value);
- }
- break;
-
case GRANTOR_PRINCIPAL:
if (value == null) {
unsetGrantorPrincipal();
@@ -338,9 +292,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
case PRIVILEGES:
return getPrivileges();
- case CREATE_TIME:
- return Long.valueOf(getCreateTime());
-
case GRANTOR_PRINCIPAL:
return getGrantorPrincipal();
@@ -359,8 +310,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
return isSetRoleName();
case PRIVILEGES:
return isSetPrivileges();
- case CREATE_TIME:
- return isSetCreateTime();
case GRANTOR_PRINCIPAL:
return isSetGrantorPrincipal();
}
@@ -398,15 +347,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
return false;
}
- boolean this_present_createTime = true;
- boolean that_present_createTime = true;
- if (this_present_createTime || that_present_createTime) {
- if (!(this_present_createTime && that_present_createTime))
- return false;
- if (this.createTime != that.createTime)
- return false;
- }
-
boolean this_present_grantorPrincipal = true && this.isSetGrantorPrincipal();
boolean that_present_grantorPrincipal = true && that.isSetGrantorPrincipal();
if (this_present_grantorPrincipal || that_present_grantorPrincipal) {
@@ -433,11 +373,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
if (present_privileges)
builder.append(privileges);
- boolean present_createTime = true;
- builder.append(present_createTime);
- if (present_createTime)
- builder.append(createTime);
-
boolean present_grantorPrincipal = true && (isSetGrantorPrincipal());
builder.append(present_grantorPrincipal);
if (present_grantorPrincipal)
@@ -474,16 +409,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetCreateTime()).compareTo(typedOther.isSetCreateTime());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetCreateTime()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.createTime, typedOther.createTime);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
lastComparison = Boolean.valueOf(isSetGrantorPrincipal()).compareTo(typedOther.isSetGrantorPrincipal());
if (lastComparison != 0) {
return lastComparison;
@@ -530,10 +455,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
}
first = false;
if (!first) sb.append(", ");
- sb.append("createTime:");
- sb.append(this.createTime);
- first = false;
- if (!first) sb.append(", ");
sb.append("grantorPrincipal:");
if (this.grantorPrincipal == null) {
sb.append("null");
@@ -555,10 +476,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
throw new org.apache.thrift.protocol.TProtocolException("Required field 'privileges' is unset! Struct:" + toString());
}
- if (!isSetCreateTime()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'createTime' is unset! Struct:" + toString());
- }
-
if (!isSetGrantorPrincipal()) {
throw new org.apache.thrift.protocol.TProtocolException("Required field 'grantorPrincipal' is unset! Struct:" + toString());
}
@@ -576,8 +493,6 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
try {
- // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
- __isset_bitfield = 0;
read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
} catch (org.apache.thrift.TException te) {
throw new java.io.IOException(te);
@@ -613,14 +528,14 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
case 2: // PRIVILEGES
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
- org.apache.thrift.protocol.TSet _set0 = iprot.readSetBegin();
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set0.size);
- for (int _i1 = 0; _i1 < _set0.size; ++_i1)
+ org.apache.thrift.protocol.TSet _set16 = iprot.readSetBegin();
+ struct.privileges = new HashSet<TSentryPrivilege>(2*_set16.size);
+ for (int _i17 = 0; _i17 < _set16.size; ++_i17)
{
- TSentryPrivilege _elem2; // required
- _elem2 = new TSentryPrivilege();
- _elem2.read(iprot);
- struct.privileges.add(_elem2);
+ TSentryPrivilege _elem18; // required
+ _elem18 = new TSentryPrivilege();
+ _elem18.read(iprot);
+ struct.privileges.add(_elem18);
}
iprot.readSetEnd();
}
@@ -629,15 +544,7 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // CREATE_TIME
- if (schemeField.type == org.apache.thrift.protocol.TType.I64) {
- struct.createTime = iprot.readI64();
- struct.setCreateTimeIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // GRANTOR_PRINCIPAL
+ case 3: // GRANTOR_PRINCIPAL
if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
struct.grantorPrincipal = iprot.readString();
struct.setGrantorPrincipalIsSet(true);
@@ -667,17 +574,14 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
{
oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.privileges.size()));
- for (TSentryPrivilege _iter3 : struct.privileges)
+ for (TSentryPrivilege _iter19 : struct.privileges)
{
- _iter3.write(oprot);
+ _iter19.write(oprot);
}
oprot.writeSetEnd();
}
oprot.writeFieldEnd();
}
- oprot.writeFieldBegin(CREATE_TIME_FIELD_DESC);
- oprot.writeI64(struct.createTime);
- oprot.writeFieldEnd();
if (struct.grantorPrincipal != null) {
oprot.writeFieldBegin(GRANTOR_PRINCIPAL_FIELD_DESC);
oprot.writeString(struct.grantorPrincipal);
@@ -703,12 +607,11 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
oprot.writeString(struct.roleName);
{
oprot.writeI32(struct.privileges.size());
- for (TSentryPrivilege _iter4 : struct.privileges)
+ for (TSentryPrivilege _iter20 : struct.privileges)
{
- _iter4.write(oprot);
+ _iter20.write(oprot);
}
}
- oprot.writeI64(struct.createTime);
oprot.writeString(struct.grantorPrincipal);
}
@@ -718,19 +621,17 @@ public class TSentryRole implements org.apache.thrift.TBase<TSentryRole, TSentry
struct.roleName = iprot.readString();
struct.setRoleNameIsSet(true);
{
- org.apache.thrift.protocol.TSet _set5 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.privileges = new HashSet<TSentryPrivilege>(2*_set5.size);
- for (int _i6 = 0; _i6 < _set5.size; ++_i6)
+ org.apache.thrift.protocol.TSet _set21 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
+ struct.privileges = new HashSet<TSentryPrivilege>(2*_set21.size);
+ for (int _i22 = 0; _i22 < _set21.size; ++_i22)
{
- TSentryPrivilege _elem7; // required
- _elem7 = new TSentryPrivilege();
- _elem7.read(iprot);
- struct.privileges.add(_elem7);
+ TSentryPrivilege _elem23; // required
+ _elem23 = new TSentryPrivilege();
+ _elem23.read(iprot);
+ struct.privileges.add(_elem23);
}
}
struct.setPrivilegesIsSet(true);
- struct.createTime = iprot.readI64();
- struct.setCreateTimeIsSet(true);
struct.grantorPrincipal = iprot.readString();
struct.setGrantorPrincipalIsSet(true);
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryAlreadyExistsException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryAlreadyExistsException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryAlreadyExistsException.java
new file mode 100644
index 0000000..d878cc6
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryAlreadyExistsException.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db;
+
+import org.apache.sentry.SentryUserException;
+
+public class SentryAlreadyExistsException extends SentryUserException {
+ private static final long serialVersionUID = 1298632655835L;
+ public SentryAlreadyExistsException(String msg) {
+ super(msg);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryInvalidInputException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryInvalidInputException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryInvalidInputException.java
new file mode 100644
index 0000000..a05970e
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryInvalidInputException.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db;
+
+import org.apache.sentry.SentryUserException;
+
+public class SentryInvalidInputException extends SentryUserException {
+ private static final long serialVersionUID = 2962080655835L;
+ public SentryInvalidInputException(String msg) {
+ super(msg);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryNoSuchObjectException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryNoSuchObjectException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryNoSuchObjectException.java
new file mode 100644
index 0000000..fa9ee22
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryNoSuchObjectException.java
@@ -0,0 +1,27 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db;
+
+import org.apache.sentry.SentryUserException;
+
+public class SentryNoSuchObjectException extends SentryUserException {
+ private static final long serialVersionUID = 2962080655835L;
+ public SentryNoSuchObjectException(String msg) {
+ super(msg);
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
new file mode 100644
index 0000000..bc4d7b5
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SimpleDBProviderBackend.java
@@ -0,0 +1,108 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.db;
+
+import java.io.IOException;
+import java.util.Set;
+
+import org.apache.hadoop.conf.Configuration;
+import org.apache.hadoop.fs.Path;
+import org.apache.sentry.SentryUserException;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.common.SentryConfigurationException;
+import org.apache.sentry.provider.common.ProviderBackend;
+import org.apache.sentry.provider.common.ProviderBackendContext;
+import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.collect.ImmutableSet;
+
+public class SimpleDBProviderBackend implements ProviderBackend {
+
+ private static final Logger LOGGER = LoggerFactory
+ .getLogger(SimpleDBProviderBackend.class);
+
+ private final SentryPolicyServiceClient policyServiceClient;
+
+ private volatile boolean initialized;
+
+ public SimpleDBProviderBackend(String resourcePath) throws IOException {
+ this(new Configuration(), new Path(resourcePath));
+ }
+
+ public SimpleDBProviderBackend(Configuration conf, String resourcePath) throws IOException {
+ this(conf, new Path(resourcePath));
+ }
+
+ public SimpleDBProviderBackend(Configuration conf, Path resourcePath) throws IOException {
+ this(new SentryPolicyServiceClient(conf));
+ }
+
+ @VisibleForTesting
+ public SimpleDBProviderBackend(SentryPolicyServiceClient policyServiceClient) throws IOException {
+ this.initialized = false;
+ this.policyServiceClient = policyServiceClient;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public void initialize(ProviderBackendContext context) {
+ if (initialized) {
+ throw new IllegalStateException("Backend has already been initialized, cannot be initialized twice");
+ }
+ this.initialized = true;
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet) {
+ if (!initialized) {
+ throw new IllegalStateException("Backend has not been properly initialized");
+ }
+ try {
+ return ImmutableSet.copyOf(policyServiceClient.listPrivileges(groups, roleSet));
+ } catch (SentryUserException e) {
+ String msg = "Unable to obtain privileges from server: " + e.getMessage();
+ LOGGER.error(msg, e);
+ }
+ return ImmutableSet.of();
+ }
+
+ @Override
+ public void close() {
+ if (policyServiceClient != null) {
+ policyServiceClient.close();
+ }
+ }
+
+ /**
+ * SimpleDBProviderBackend does not implement validatePolicy()
+ */
+ @Override
+ public void validatePolicy(boolean strictValidation) throws SentryConfigurationException {
+ if (!initialized) {
+ throw new IllegalStateException("Backend has not been properly initialized");
+ }
+ // db provider does not implement validation
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
index b5de36e..3f68f0d 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
@@ -29,6 +29,9 @@ import javax.jdo.annotations.PersistenceCapable;
@PersistenceCapable
public class MSentryGroup {
+ /**
+ * Group name is unique
+ */
private String groupName;
// set of roles granted to this group
private Set<MSentryRole> roles;
@@ -40,7 +43,7 @@ public class MSentryGroup {
this.setGroupName(groupName);
this.createTime = createTime;
this.grantorPrincipal = grantorPrincipal;
- this.setRoles(roles);
+ this.roles = roles;
}
public long getCreateTime() {
@@ -63,10 +66,6 @@ public class MSentryGroup {
return roles;
}
- public void setRoles(Set<MSentryRole> roles) {
- this.roles = roles;
- }
-
public String getGroupName() {
return groupName;
}
@@ -98,9 +97,6 @@ public class MSentryGroup {
public int hashCode() {
final int prime = 31;
int result = 1;
- result = prime * result + (int) (createTime ^ (createTime >>> 32));
- result = prime * result
- + ((grantorPrincipal == null) ? 0 : grantorPrincipal.hashCode());
result = prime * result + ((groupName == null) ? 0 : groupName.hashCode());
return result;
}
@@ -116,11 +112,6 @@ public class MSentryGroup {
MSentryGroup other = (MSentryGroup) obj;
if (createTime != other.createTime)
return false;
- if (grantorPrincipal == null) {
- if (other.grantorPrincipal != null)
- return false;
- } else if (!grantorPrincipal.equals(other.grantorPrincipal))
- return false;
if (groupName == null) {
if (other.groupName != null)
return false;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
index 7215435..4030205 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
@@ -19,7 +19,6 @@
package org.apache.sentry.provider.db.service.model;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.Set;
import javax.jdo.annotations.PersistenceCapable;
@@ -32,6 +31,9 @@ import javax.jdo.annotations.PersistenceCapable;
public class MSentryPrivilege {
private String privilegeScope;
+ /**
+ * Privilege name is unique
+ */
private String privilegeName;
private String serverName;
private String dbName;
@@ -132,10 +134,6 @@ public class MSentryPrivilege {
this.privilegeName = privilegeName;
}
- public void appendRoles(Set<MSentryRole> roles) {
- this.roles.addAll(roles);
- }
-
public void appendRole(MSentryRole role) {
if (!roles.contains(role)) {
roles.add(role);
@@ -144,21 +142,8 @@ public class MSentryPrivilege {
}
public void removeRole(MSentryRole role) {
- for (Iterator<MSentryRole> iter = roles.iterator(); iter.hasNext();) {
- if (iter.next().getRoleName().equalsIgnoreCase(role.getRoleName())) {
- iter.remove();
- role.removePrivilege(this);
- return;
- }
- }
- }
-
- public void removeRole(String roleName) {
- for (MSentryRole role: roles) {
- if (role.getRoleName().equalsIgnoreCase(roleName)) {
- roles.remove(role);
- return;
- }
+ if (roles.remove(role)) {
+ role.removePrivilege(this);
}
}
@@ -175,19 +160,8 @@ public class MSentryPrivilege {
public int hashCode() {
final int prime = 31;
int result = 1;
- result = prime * result + ((URI == null) ? 0 : URI.hashCode());
- result = prime * result + ((action == null) ? 0 : action.hashCode());
- result = prime * result + (int) (createTime ^ (createTime >>> 32));
- result = prime * result + ((dbName == null) ? 0 : dbName.hashCode());
- result = prime * result
- + ((grantorPrincipal == null) ? 0 : grantorPrincipal.hashCode());
result = prime * result
+ ((privilegeName == null) ? 0 : privilegeName.hashCode());
- result = prime * result
- + ((privilegeScope == null) ? 0 : privilegeScope.hashCode());
- result = prime * result
- + ((serverName == null) ? 0 : serverName.hashCode());
- result = prime * result + ((tableName == null) ? 0 : tableName.hashCode());
return result;
}
@@ -200,48 +174,11 @@ public class MSentryPrivilege {
if (getClass() != obj.getClass())
return false;
MSentryPrivilege other = (MSentryPrivilege) obj;
- if (URI == null) {
- if (other.URI != null)
- return false;
- } else if (!URI.equals(other.URI))
- return false;
- if (action == null) {
- if (other.action != null)
- return false;
- } else if (!action.equals(other.action))
- return false;
- if (createTime != other.createTime)
- return false;
- if (dbName == null) {
- if (other.dbName != null)
- return false;
- } else if (!dbName.equals(other.dbName))
- return false;
- if (grantorPrincipal == null) {
- if (other.grantorPrincipal != null)
- return false;
- } else if (!grantorPrincipal.equals(other.grantorPrincipal))
- return false;
if (privilegeName == null) {
if (other.privilegeName != null)
return false;
} else if (!privilegeName.equals(other.privilegeName))
return false;
- if (privilegeScope == null) {
- if (other.privilegeScope != null)
- return false;
- } else if (!privilegeScope.equals(other.privilegeScope))
- return false;
- if (serverName == null) {
- if (other.serverName != null)
- return false;
- } else if (!serverName.equals(other.serverName))
- return false;
- if (tableName == null) {
- if (other.tableName != null)
- return false;
- } else if (!tableName.equals(other.tableName))
- return false;
return true;
}
-}
\ No newline at end of file
+}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
index 16be80b..1dfc0cf 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
@@ -19,12 +19,12 @@
package org.apache.sentry.provider.db.service.model;
import java.util.HashSet;
-import java.util.Iterator;
import java.util.Set;
import javax.jdo.annotations.PersistenceCapable;
-import org.apache.sentry.provider.db.service.persistent.SentryNoSuchObjectException;
+import com.google.common.base.Preconditions;
+import com.google.common.collect.ImmutableSet;
/**
* Database backed Sentry Role. Any changes to this object
@@ -95,12 +95,8 @@ public class MSentryRole {
}
public void removePrivilege(MSentryPrivilege privilege) {
- for (Iterator<MSentryPrivilege> iter = privileges.iterator(); iter.hasNext();) {
- if (iter.next().getPrivilegeName().equalsIgnoreCase(privilege.getPrivilegeName())) {
- iter.remove();
- privilege.removeRole(this);
- return;
- }
+ if (privileges.remove(privilege)) {
+ privilege.removeRole(this);
}
}
@@ -132,7 +128,11 @@ public class MSentryRole {
}
public void removePrivileges() {
- this.privileges.clear();
+ // copy is required since privilege.removeRole will call remotePrivilege
+ for (MSentryPrivilege privilege : ImmutableSet.copyOf(privileges)) {
+ privilege.removeRole(this);
+ }
+ Preconditions.checkState(privileges.isEmpty(), "Privileges should be empty: " + privileges);
}
@Override
@@ -146,9 +146,6 @@ public class MSentryRole {
public int hashCode() {
final int prime = 31;
int result = 1;
- result = prime * result + (int) (createTime ^ (createTime >>> 32));
- result = prime * result
- + ((grantorPrincipal == null) ? 0 : grantorPrincipal.hashCode());
result = prime * result + ((roleName == null) ? 0 : roleName.hashCode());
return result;
}
@@ -162,13 +159,6 @@ public class MSentryRole {
if (getClass() != obj.getClass())
return false;
MSentryRole other = (MSentryRole) obj;
- if (createTime != other.createTime)
- return false;
- if (grantorPrincipal == null) {
- if (other.grantorPrincipal != null)
- return false;
- } else if (!grantorPrincipal.equals(other.grantorPrincipal))
- return false;
if (roleName == null) {
if (other.roleName != null)
return false;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryAlreadyExistsException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryAlreadyExistsException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryAlreadyExistsException.java
deleted file mode 100644
index 965e64c..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryAlreadyExistsException.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.persistent;
-
-import org.apache.sentry.SentryUserException;
-
-public class SentryAlreadyExistsException extends SentryUserException {
- private static final long serialVersionUID = 1298632655835L;
- public SentryAlreadyExistsException(String msg) {
- super(msg);
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryInvalidInputException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryInvalidInputException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryInvalidInputException.java
deleted file mode 100644
index 6ac9942..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryInvalidInputException.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.persistent;
-
-import org.apache.sentry.SentryUserException;
-
-public class SentryInvalidInputException extends SentryUserException {
- private static final long serialVersionUID = 2962080655835L;
- public SentryInvalidInputException(String msg) {
- super(msg);
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryNoSuchObjectException.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryNoSuchObjectException.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryNoSuchObjectException.java
deleted file mode 100644
index a976880..0000000
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryNoSuchObjectException.java
+++ /dev/null
@@ -1,27 +0,0 @@
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.db.service.persistent;
-
-import org.apache.sentry.SentryUserException;
-
-public class SentryNoSuchObjectException extends SentryUserException {
- private static final long serialVersionUID = 2962080655835L;
- public SentryNoSuchObjectException(String msg) {
- super(msg);
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index f1e502a..5c87d95 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -18,8 +18,13 @@
package org.apache.sentry.provider.db.service.persistent;
+import static org.apache.sentry.provider.common.ProviderConstants.AUTHORIZABLE_JOINER;
+import static org.apache.sentry.provider.common.ProviderConstants.KV_JOINER;
+
+import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
+import java.util.Map;
import java.util.Properties;
import java.util.Set;
import java.util.UUID;
@@ -30,18 +35,33 @@ import javax.jdo.PersistenceManagerFactory;
import javax.jdo.Query;
import javax.jdo.Transaction;
+import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.core.model.db.DBModelAuthorizable.AuthorizableType;
+import org.apache.sentry.provider.common.ProviderConstants;
+import org.apache.sentry.provider.db.SentryAlreadyExistsException;
+import org.apache.sentry.provider.db.SentryNoSuchObjectException;
import org.apache.sentry.provider.db.service.model.MSentryGroup;
import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
import org.apache.sentry.provider.db.service.model.MSentryRole;
+import org.apache.sentry.provider.db.service.thrift.TSentryActiveRoleSet;
import org.apache.sentry.provider.db.service.thrift.TSentryGroup;
import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
import org.apache.sentry.provider.db.service.thrift.TSentryRole;
+import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
+import com.google.common.base.Strings;
+import com.google.common.collect.HashMultimap;
import com.google.common.collect.Lists;
+import com.google.common.collect.SetMultimap;
import com.google.common.collect.Sets;
+/**
+ * SentryStore is the data access object for Sentry data. Strings
+ * such as role and group names will be normalized to lowercase
+ * in addition to starting and ending whitespace.
+ */
public class SentryStore {
private static final UUID SERVER_UUID = UUID.randomUUID();
static final String DEFAULT_DATA_DIR = "sentry_policy_db";
@@ -53,59 +73,25 @@ public class SentryStore {
* is required to read commitSequenceId.
*/
private long commitSequenceId;
- private final Properties prop;
private final PersistenceManagerFactory pmf;
- private final String databaseName;
- public SentryStore(String dataDir) {
+ public SentryStore(Configuration conf) {
commitSequenceId = 0;
- databaseName = (dataDir = dataDir.trim()).isEmpty() ? DEFAULT_DATA_DIR : dataDir;
- prop = getDataSourceProperties();
+ Properties prop = new Properties();
+ prop.putAll(ServerConfig.SENTRY_STORE_DEFAULTS);
+ String jdbcUrl = conf.get(ServerConfig.SENTRY_STORE_JDBC_URL, "").trim();
+ Preconditions.checkArgument(!jdbcUrl.isEmpty(), "Required parameter " +
+ ServerConfig.SENTRY_STORE_JDBC_URL + " missing");
+ prop.setProperty("javax.jdo.option.ConnectionURL", jdbcUrl);
pmf = JDOHelper.getPersistenceManagerFactory(prop);
}
- public SentryStore() {
- this("");
- }
-
public synchronized void stop() {
if (pmf != null) {
pmf.close();
}
}
- private Properties getDataSourceProperties() {
- Properties prop = new Properties();
- // FIXME: Read from configuration, override the default
- //prop.setProperty("datanucleus.connectionPoolingType", "BONECP");
- prop.setProperty("datanucleus.validateTables", "false");
- prop.setProperty("datanucleus.validateColumns", "false");
- prop.setProperty("datanucleus.validateConstraints", "false");
- prop.setProperty("datanucleus.storeManagerType", "rdbms");
- prop.setProperty("datanucleus.autoCreateSchema", "true");
- prop.setProperty("datanucleus.fixedDatastore", "false");
- prop.setProperty("datanucleus.autoStartMechanismMode", "checked");
- prop.setProperty("datanucleus.transactionIsolation", "read-committed");
- prop.setProperty("datanucleus.cache.level2", "false");
- prop.setProperty("datanucleus.cache.level2.type", "none");
- prop.setProperty("datanucleus.identifierFactory", "datanucleus1");
- prop.setProperty("datanucleus.rdbms.useLegacyNativeValueStrategy", "true");
- prop.setProperty("datanucleus.plugin.pluginRegistryBundleCheck", "LOG");
- prop.setProperty("javax.jdo.option.ConnectionDriverName",
- "org.apache.derby.jdbc.EmbeddedDriver");
- prop.setProperty("javax.jdo.PersistenceManagerFactoryClass",
- "org.datanucleus.api.jdo.JDOPersistenceManagerFactory");
- prop.setProperty("javax.jdo.option.DetachAllOnCommit", "true");
- prop.setProperty("javax.jdo.option.NonTransactionalRead", "false");
- prop.setProperty("javax.jdo.option.NonTransactionalWrite", "false");
- prop.setProperty("javax.jdo.option.ConnectionUserName", "Sentry");
- prop.setProperty("javax.jdo.option.ConnectionPassword", "Sentry");
- prop.setProperty("javax.jdo.option.Multithreaded", "true");
- prop.setProperty("javax.jdo.option.ConnectionURL",
- "jdbc:derby:;databaseName=" + databaseName + ";create=true");
- return prop;
- }
-
/**
* PersistenceManager object and Transaction object have a one to one
* correspondence. Each PersistenceManager object is associated with a
@@ -168,25 +154,26 @@ public class SentryStore {
}
}
- public CommitContext createSentryRole(TSentryRole role)
+ public CommitContext createSentryRole(String roleName, String grantorPrincipal)
throws SentryAlreadyExistsException {
boolean rollbackTransaction = true;
PersistenceManager pm = null;
+ roleName = roleName.trim().toLowerCase();
try {
pm = openTransaction();
Query query = pm.newQuery(MSentryRole.class);
query.setFilter("this.roleName == t");
query.declareParameters("java.lang.String t");
query.setUnique(true);
- MSentryRole sentryRole = (MSentryRole) query.execute(role.getRoleName());
+ MSentryRole sentryRole = (MSentryRole) query.execute(roleName);
if (sentryRole == null) {
- MSentryRole mRole = convertToMSentryRole(role);
+ MSentryRole mRole = convertToMSentryRole(roleName, grantorPrincipal);
pm.makePersistent(mRole);
CommitContext commit = commitUpdateTransaction(pm);
rollbackTransaction = false;
return commit;
} else {
- throw new SentryAlreadyExistsException("Role: " + role.getRoleName());
+ throw new SentryAlreadyExistsException("Role: " + roleName);
}
} finally {
if (rollbackTransaction) {
@@ -200,6 +187,7 @@ public class SentryStore {
TSentryPrivilege privilege) throws SentryNoSuchObjectException {
boolean rollbackTransaction = true;
PersistenceManager pm = null;
+ roleName = roleName.trim().toLowerCase();
try {
pm = openTransaction();
Query query = pm.newQuery(MSentryRole.class);
@@ -269,7 +257,7 @@ public class SentryStore {
throws SentryNoSuchObjectException {
boolean rollbackTransaction = true;
PersistenceManager pm = null;
- roleName = roleName.trim();
+ roleName = roleName.trim().toLowerCase();
try {
pm = openTransaction();
Query query = pm.newQuery(MSentryRole.class);
@@ -340,6 +328,7 @@ public class SentryStore {
throws SentryNoSuchObjectException {
boolean rollbackTransaction = true;
PersistenceManager pm = null;
+ roleName = roleName.trim().toLowerCase();
try {
pm = openTransaction();
Query query = pm.newQuery(MSentryRole.class);
@@ -356,7 +345,8 @@ public class SentryStore {
query.setUnique(true);
List<MSentryGroup> groups = Lists.newArrayList();
for (TSentryGroup tGroup : groupNames) {
- MSentryGroup group = (MSentryGroup) query.execute(tGroup.getGroupName());
+ String groupName = tGroup.getGroupName().trim().toLowerCase();
+ MSentryGroup group = (MSentryGroup) query.execute(groupName);
if (group != null) {
group.removeRole(role);
groups.add(group);
@@ -379,7 +369,7 @@ public class SentryStore {
throws SentryNoSuchObjectException {
boolean rollbackTransaction = true;
PersistenceManager pm = null;
- roleName = roleName.trim();
+ roleName = roleName.trim().toLowerCase();
try {
pm = openTransaction();
Query query = pm.newQuery(MSentryRole.class);
@@ -407,17 +397,98 @@ public class SentryStore {
return convertToSentryRole(getMSentryRoleByName(roleName));
}
- private MSentryRole convertToMSentryRole(TSentryRole role) {
+ private SetMultimap<String, String> getRoleToPrivilegeMap(Set<String> groups) {
+ SetMultimap<String, String> result = HashMultimap.create();
+ boolean rollbackTransaction = true;
+ PersistenceManager pm = null;
+ try {
+ pm = openTransaction();
+ Query query = pm.newQuery(MSentryGroup.class);
+ query.setFilter("this.groupName == t");
+ query.declareParameters("java.lang.String t");
+ query.setUnique(true);
+ for (String group : toTrimedLower(groups)) {
+ MSentryGroup sentryGroup = (MSentryGroup) query.execute(group);
+ if (sentryGroup != null) {
+ for (MSentryRole role : sentryGroup.getRoles()) {
+ for (MSentryPrivilege privilege : role.getPrivileges()) {
+ result.put(role.getRoleName(), toAuthorizable(privilege));
+ }
+ }
+ }
+ }
+ rollbackTransaction = false;
+ commitTransaction(pm);
+ return result;
+ } finally {
+ if (rollbackTransaction) {
+ rollbackTransaction(pm);
+ }
+ }
+ }
+
+ public Set<String> listSentryPrivilegesForProvider(Set<String> groups,
+ TSentryActiveRoleSet roleSet) {
+ Set<String> result = Sets.newHashSet();
+ Set<String> activeRoleNames = toTrimedLower(roleSet.getRoles());
+ for (Map.Entry<String, String> entry : getRoleToPrivilegeMap(groups).entries()) {
+ if (roleSet.isAll()) {
+ result.add(entry.getValue());
+ } else if (activeRoleNames.contains(entry.getKey())) {
+ result.add(entry.getValue());
+ }
+ }
+ return result;
+ }
+
+ @VisibleForTesting
+ static String toAuthorizable(MSentryPrivilege privilege) {
+ List<String> authorizable = new ArrayList<>(4);
+ authorizable.add(KV_JOINER.join(AuthorizableType.Server.name().toLowerCase(),
+ privilege.getServerName()));
+ if (Strings.nullToEmpty(privilege.getURI()).isEmpty()) {
+ if (!Strings.nullToEmpty(privilege.getDbName()).isEmpty()) {
+ authorizable.add(KV_JOINER.join(AuthorizableType.Db.name().toLowerCase(),
+ privilege.getDbName()));
+ if (!Strings.nullToEmpty(privilege.getTableName()).isEmpty()) {
+ authorizable.add(KV_JOINER.join(AuthorizableType.Table.name().toLowerCase(),
+ privilege.getTableName()));
+ }
+ }
+ } else {
+ authorizable.add(KV_JOINER.join(AuthorizableType.URI.name().toLowerCase(),
+ privilege.getURI()));
+ }
+ if (!Strings.nullToEmpty(privilege.getAction()).isEmpty()) {
+ authorizable.add(KV_JOINER.join(ProviderConstants.PRIVILEGE_NAME.toLowerCase(),
+ privilege.getAction()));
+ }
+ return AUTHORIZABLE_JOINER.join(authorizable);
+ }
+
+ @VisibleForTesting
+ static Set<String> toTrimedLower(Set<String> s) {
+ Set<String> result = Sets.newHashSet();
+ for (String v : s) {
+ result.add(v.trim().toLowerCase());
+ }
+ return result;
+ }
+
+ /**
+ * Converts thrift object to model object. Additionally does normalization
+ * such as trimming whitespace and setting appropriate case.
+ */
+ private MSentryRole convertToMSentryRole(String roleName, String grantorPrincipal) {
MSentryRole mRole = new MSentryRole();
- mRole.setCreateTime(role.getCreateTime());
- mRole.setRoleName(role.getRoleName());
- mRole.setGrantorPrincipal(role.getGrantorPrincipal());
+ mRole.setCreateTime(System.currentTimeMillis());
+ mRole.setRoleName(roleName.trim().toLowerCase());
+ mRole.setGrantorPrincipal(grantorPrincipal.trim());
return mRole;
}
private TSentryRole convertToSentryRole(MSentryRole mSentryRole) {
TSentryRole role = new TSentryRole();
- role.setCreateTime(mSentryRole.getCreateTime());
role.setRoleName(mSentryRole.getRoleName());
role.setGrantorPrincipal(mSentryRole.getGrantorPrincipal());
@@ -445,17 +516,27 @@ public class SentryStore {
return privilege;
}
+ /**
+ * Converts thrift object to model object. Additionally does normalization
+ * such as trimming whitespace and setting appropriate case.
+ */
private MSentryPrivilege convertToMSentryPrivilege(TSentryPrivilege privilege) {
MSentryPrivilege mSentryPrivilege = new MSentryPrivilege();
- mSentryPrivilege.setServerName(privilege.getServerName());
- mSentryPrivilege.setDbName(privilege.getDbName());
- mSentryPrivilege.setTableName(privilege.getTableName());
- mSentryPrivilege.setPrivilegeScope(privilege.getPrivilegeScope());
- mSentryPrivilege.setAction(privilege.getAction());
+ mSentryPrivilege.setServerName(safeTrim(privilege.getServerName()));
+ mSentryPrivilege.setDbName(safeTrim(privilege.getDbName()));
+ mSentryPrivilege.setTableName(safeTrim(privilege.getTableName()));
+ mSentryPrivilege.setPrivilegeScope(safeTrim(privilege.getPrivilegeScope()));
+ mSentryPrivilege.setAction(safeTrim(privilege.getAction()));
mSentryPrivilege.setCreateTime(privilege.getCreateTime());
- mSentryPrivilege.setGrantorPrincipal(privilege.getGrantorPrincipal());
- mSentryPrivilege.setURI(privilege.getURI());
- mSentryPrivilege.setPrivilegeName(privilege.getPrivilegeName());
+ mSentryPrivilege.setGrantorPrincipal(safeTrim(privilege.getGrantorPrincipal()));
+ mSentryPrivilege.setURI(safeTrim(privilege.getURI()));
+ mSentryPrivilege.setPrivilegeName(safeTrim(privilege.getPrivilegeName()));
return mSentryPrivilege;
}
+ private String safeTrim(String s) {
+ if (s == null) {
+ return null;
+ }
+ return s.trim();
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
index a4487ee..84d9d8d 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
@@ -18,24 +18,33 @@
package org.apache.sentry.provider.db.service.thrift;
+import java.io.IOException;
import java.net.InetSocketAddress;
+import java.util.Set;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.net.NetUtils;
import org.apache.hadoop.security.SaslRpcServer;
import org.apache.hadoop.security.SaslRpcServer.AuthMethod;
+import org.apache.sentry.SentryUserException;
+import org.apache.sentry.core.common.ActiveRoleSet;
+import org.apache.sentry.core.model.db.AccessConstants;
import org.apache.sentry.service.thrift.ServiceConstants.ClientConfig;
import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
+import org.apache.sentry.service.thrift.ServiceConstants.ThriftConstants;
+import org.apache.sentry.service.thrift.Status;
import org.apache.thrift.TException;
import org.apache.thrift.protocol.TBinaryProtocol;
import org.apache.thrift.protocol.TMultiplexedProtocol;
import org.apache.thrift.transport.TSaslClientTransport;
import org.apache.thrift.transport.TSocket;
import org.apache.thrift.transport.TTransport;
+import org.apache.thrift.transport.TTransportException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.google.common.base.Preconditions;
+import com.google.common.collect.Sets;
public class SentryPolicyServiceClient {
@@ -49,7 +58,7 @@ public class SentryPolicyServiceClient {
private static final Logger LOGGER = LoggerFactory
.getLogger(SentryPolicyServiceClient.class);
- public SentryPolicyServiceClient(Configuration conf) throws Exception {
+ public SentryPolicyServiceClient(Configuration conf) throws IOException {
this.conf = conf;
this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(
conf.get(ClientConfig.SERVER_RPC_ADDRESS), "Config key "
@@ -68,7 +77,11 @@ public class SentryPolicyServiceClient {
TTransport saslTransport = new TSaslClientTransport(
AuthMethod.KERBEROS.getMechanismName(), null, serverPrincipalParts[0],
serverPrincipalParts[1], ClientConfig.SASL_PROPERTIES, null, transport);
- saslTransport.open();
+ try {
+ saslTransport.open();
+ } catch (TTransportException e) {
+ throw new IOException("Transport exception while opening transport: " + e.getMessage(), e);
+ }
LOGGER.info("Successfully opened transport");
TMultiplexedProtocol protocol = new TMultiplexedProtocol(
new TBinaryProtocol(saslTransport),
@@ -77,9 +90,53 @@ public class SentryPolicyServiceClient {
LOGGER.info("Successfully created client");
}
- public TCreateSentryRoleResponse createRole(TCreateSentryRoleRequest req)
- throws TException {
- return client.create_sentry_role(req);
+ public void createRole(String requestorUserName, Set<String> requestorUserGroupNames, String roleName)
+ throws SentryUserException {
+ TCreateSentryRoleRequest request = new TCreateSentryRoleRequest();
+ request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
+ request.setRequestorUserName(requestorUserName);
+ request.setRequestorGroupNames(requestorUserGroupNames);
+ request.setRoleName(roleName);
+ try {
+ TCreateSentryRoleResponse response = client.create_sentry_role(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ String msg = "Thrift exception occured: " + e.getMessage();
+ throw new SentryUserException(msg, e);
+ }
+ }
+
+ public void dropRole(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName)
+ throws SentryUserException {
+ dropRole(requestorUserName, requestorUserGroupNames, roleName, false);
+ }
+
+ public void dropRoleIfExists(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName)
+ throws SentryUserException {
+ dropRole(requestorUserName, requestorUserGroupNames, roleName, true);
+ }
+
+ private void dropRole(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, boolean ifExists)
+ throws SentryUserException {
+ TDropSentryRoleRequest request = new TDropSentryRoleRequest();
+ request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
+ request.setRequestorUserName(requestorUserName);
+ request.setRequestorGroupNames(requestorUserGroupNames);
+ request.setRoleName(roleName);
+ try {
+ TDropSentryRoleResponse response = client.drop_sentry_role(request);
+ Status status = Status.fromCode(response.getStatus().getValue());
+ if (ifExists && status == Status.NO_SUCH_OBJECT) {
+ return;
+ }
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ String msg = "Thrift exception occured: " + e.getMessage();
+ throw new SentryUserException(msg, e);
+ }
}
public TListSentryRolesResponse listRoleByName(TListSentryRolesRequest req)
@@ -87,19 +144,143 @@ public class SentryPolicyServiceClient {
return client.list_sentry_roles_by_role_name(req);
}
- public TDropSentryRoleResponse dropRole(TDropSentryRoleRequest req)
- throws TException {
- return client.drop_sentry_role(req);
+ public void grantURIPrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server, String uri)
+ throws SentryUserException {
+ grantPrivilege(requestorUserName, requestorUserGroupNames, roleName, "SERVER", server, uri,
+ null, null, AccessConstants.ALL);
}
- public TAlterSentryRoleGrantPrivilegeResponse grantPrivilege(TAlterSentryRoleGrantPrivilegeRequest req)
- throws TException {
- return client.alter_sentry_role_grant_privilege(req);
+ public void grantServerPrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server)
+ throws SentryUserException {
+ grantPrivilege(requestorUserName, requestorUserGroupNames, roleName, "SERVER", server, null,
+ null, null, AccessConstants.ALL);
}
- public TAlterSentryRoleRevokePrivilegeResponse revokePrivilege(TAlterSentryRoleRevokePrivilegeRequest req)
- throws TException {
- return client.alter_sentry_role_revoke_privilege(req);
+ public void grantDatabasePrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server, String db)
+ throws SentryUserException {
+ grantPrivilege(requestorUserName, requestorUserGroupNames, roleName, "DATABASE", server, null,
+ db, null, AccessConstants.ALL);
+ }
+
+ public void grantTablePrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server, String db, String table, String action)
+ throws SentryUserException {
+ grantPrivilege(requestorUserName, requestorUserGroupNames, roleName, "TABLE", server, null,
+ db, table, action);
+ }
+
+ private void grantPrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String scope, String serverName, String uri, String db, String table, String action)
+ throws SentryUserException {
+ TAlterSentryRoleGrantPrivilegeRequest request = new TAlterSentryRoleGrantPrivilegeRequest();
+ request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
+ request.setRequestorUserName(requestorUserName);
+ request.setRequestorGroupNames(requestorUserGroupNames);
+ request.setRoleName(roleName);
+ TSentryPrivilege privilege = new TSentryPrivilege();
+ privilege.setPrivilegeScope(scope);
+ privilege.setServerName(serverName);
+ privilege.setURI(uri);
+ privilege.setDbName(db);
+ privilege.setAction(action);
+ privilege.setGrantorPrincipal(requestorUserName);
+ privilege.setCreateTime(System.currentTimeMillis());
+ request.setPrivilege(privilege);
+ try {
+ TAlterSentryRoleGrantPrivilegeResponse response = client.alter_sentry_role_grant_privilege(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ String msg = "Thrift exception occured: " + e.getMessage();
+ throw new SentryUserException(msg, e);
+ }
+ }
+
+ public void revokeURIPrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server, String uri)
+ throws SentryUserException {
+ revokePrivilege(requestorUserName, requestorUserGroupNames, roleName, "SERVER", server, uri,
+ null, null, AccessConstants.ALL);
+ }
+
+ public void revokeServerPrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server)
+ throws SentryUserException {
+ revokePrivilege(requestorUserName, requestorUserGroupNames, roleName, "SERVER", server, null,
+ null, null, AccessConstants.ALL);
+ }
+
+ public void revokeDatabasePrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server, String db)
+ throws SentryUserException {
+ revokePrivilege(requestorUserName, requestorUserGroupNames, roleName, "DATABASE", server, null,
+ db, null, AccessConstants.ALL);
+ }
+
+ public void revokeTablePrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String server, String db, String table, String action)
+ throws SentryUserException {
+ revokePrivilege(requestorUserName, requestorUserGroupNames, roleName, "TABLE", server, null,
+ db, table, action);
+ }
+
+ private void revokePrivilege(String requestorUserName, Set<String> requestorUserGroupNames,
+ String roleName, String scope, String serverName, String uri, String db, String table, String action)
+ throws SentryUserException {
+ TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest();
+ request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT);
+ request.setRequestorUserName(requestorUserName);
+ request.setRequestorGroupNames(requestorUserGroupNames);
+ request.setRoleName(roleName);
+ TSentryPrivilege privilege = new TSentryPrivilege();
+ privilege.setPrivilegeScope(scope);
+ privilege.setServerName(serverName);
+ privilege.setURI(uri);
+ privilege.setDbName(db);
+ privilege.setAction(action);
+ privilege.setGrantorPrincipal(requestorUserName);
+ privilege.setCreateTime(System.currentTimeMillis());
+ request.setPrivilege(privilege);
+ try {
+ TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ String msg = "Thrift exception occured: " + e.getMessage();
+ throw new SentryUserException(msg, e);
+ }
+ }
+
+ public Set<String> listPrivileges(Set<String> groups, ActiveRoleSet roleSet)
+ throws SentryUserException {
+ TSentryActiveRoleSet thriftRoleSet = new TSentryActiveRoleSet(roleSet.isAll(), roleSet.getRoles());
+ TListSentryPrivilegesForProviderRequest request =
+ new TListSentryPrivilegesForProviderRequest(ThriftConstants.
+ TSENTRY_SERVICE_VERSION_CURRENT, groups, thriftRoleSet);
+ try {
+ TListSentryPrivilegesForProviderResponse response = client.list_sentry_privileges_for_provider(request);
+ Status.throwIfNotOk(response.getStatus());
+ return response.getPrivileges();
+ } catch (TException e) {
+ String msg = "Thrift exception occured: " + e.getMessage();
+ throw new SentryUserException(msg, e);
+ }
+ }
+
+ public void grantRoleToGroup(String requestorUserName, Set<String> requestorUserGroupName,
+ String groupName, String roleName)
+ throws SentryUserException {
+ TAlterSentryRoleAddGroupsRequest request = new TAlterSentryRoleAddGroupsRequest(ThriftConstants.
+ TSENTRY_SERVICE_VERSION_CURRENT, requestorUserName, requestorUserGroupName,
+ roleName, Sets.newHashSet(new TSentryGroup(groupName)));
+ try {
+ TAlterSentryRoleAddGroupsResponse response = client.alter_sentry_role_add_groups(request);
+ Status.throwIfNotOk(response.getStatus());
+ } catch (TException e) {
+ String msg = "Thrift exception occured: " + e.getMessage();
+ throw new SentryUserException(msg, e);
+ }
}
public void close() {
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
index 3fe47dc..722b490 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
@@ -24,10 +24,10 @@ import java.util.List;
import java.util.Set;
import org.apache.hadoop.conf.Configuration;
+import org.apache.sentry.provider.db.SentryAlreadyExistsException;
+import org.apache.sentry.provider.db.SentryInvalidInputException;
+import org.apache.sentry.provider.db.SentryNoSuchObjectException;
import org.apache.sentry.provider.db.service.persistent.CommitContext;
-import org.apache.sentry.provider.db.service.persistent.SentryAlreadyExistsException;
-import org.apache.sentry.provider.db.service.persistent.SentryInvalidInputException;
-import org.apache.sentry.provider.db.service.persistent.SentryNoSuchObjectException;
import org.apache.sentry.provider.db.service.persistent.SentryStore;
import org.apache.sentry.provider.db.service.thrift.PolicyStoreConstants.PolicyStoreServerConfig;
import org.apache.sentry.service.thrift.Status;
@@ -61,7 +61,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
this.notificationHandlerInvoker = new NotificationHandlerInvoker(conf,
createHandlers(conf));
isReady = false;
- sentryStore = new SentryStore();
+ sentryStore = new SentryStore(conf);
isReady = true;
}
@@ -114,7 +114,7 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
throw new SentryInvalidInputException("Server name is null");
}
- if (action.equalsIgnoreCase("SELECT") || action.equalsIgnoreCase("INSERT")) {
+ if ("SELECT".equalsIgnoreCase(action) || "INSERT".equalsIgnoreCase(action)) {
if (tableName == null || tableName.equals("")) {
throw new SentryInvalidInputException("Table name can't be null for SELECT/INSERT privilege");
}
@@ -150,7 +150,8 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
TCreateSentryRoleRequest request) throws TException {
TCreateSentryRoleResponse response = new TCreateSentryRoleResponse();
try {
- CommitContext commitContext = sentryStore.createSentryRole(request.getRole());
+ CommitContext commitContext = sentryStore.createSentryRole(request.getRoleName(),
+ request.getRequestorUserName());
response.setStatus(Status.OK());
notificationHandlerInvoker.create_sentry_role(commitContext,
request, response);
@@ -272,10 +273,10 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
@Override
public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(
TAlterSentryRoleDeleteGroupsRequest request) throws TException {
- // TODO implement
TAlterSentryRoleDeleteGroupsResponse response = new TAlterSentryRoleDeleteGroupsResponse();
try {
- CommitContext commitContext = sentryStore.alterSentryRoleDeleteGroups(null, null);
+ CommitContext commitContext = sentryStore.alterSentryRoleDeleteGroups(request.getRoleName(),
+ request.getGroups());
response.setStatus(Status.OK());
notificationHandlerInvoker.alter_sentry_role_delete_groups(commitContext,
request, response);
@@ -321,7 +322,6 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
public TListSentryRolesResponse list_sentry_roles_by_role_name(
TListSentryRolesRequest request) throws TException {
TListSentryRolesResponse response = new TListSentryRolesResponse();
- TSentryResponseStatus status;
TSentryRole role = null;
Set<TSentryRole> roleSet = new HashSet<TSentryRole>();
try {
@@ -341,4 +341,25 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
}
return response;
}
+
+ /**
+ * This method was created specifically for ProviderBackend.getPrivileges() and is not meant
+ * to be used for general privilege retrieval. More details in the .thrift file.
+ */
+ @Override
+ public TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(
+ TListSentryPrivilegesForProviderRequest request) throws TException {
+ TListSentryPrivilegesForProviderResponse response = new TListSentryPrivilegesForProviderResponse();
+ response.setPrivileges(new HashSet<String>());
+ try {
+ response.setPrivileges(sentryStore.listSentryPrivilegesForProvider(
+ request.getGroups(), request.getRoleSet()));
+ response.setStatus(Status.OK());
+ } catch (Exception e) {
+ String msg = "Unknown error for request: " + request + ", message: " + e.getMessage();
+ LOGGER.error(msg, e);
+ response.setStatus(Status.RuntimeError(msg, e));
+ }
+ return response;
+ }
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
index 253f88e..29df4c4 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ServiceConstants.java
@@ -59,6 +59,35 @@ public class ServiceConstants {
public static final String PROCESSOR_FACTORIES = "sentry.service.processor.factories";
public static final String PROCESSOR_FACTORIES_DEFAULT =
"org.apache.sentry.provider.db.service.thrift.SentryPolicyStoreProcessorFactory";
+ public static final String SENTRY_STORE_JDBC_URL = "sentry.store.jdbc.url";
+
+ public static final ImmutableMap<String, String> SENTRY_STORE_DEFAULTS =
+ ImmutableMap.<String, String>builder()
+ .put("datanucleus.validateTables", "false")
+ .put("datanucleus.validateColumns", "false")
+ .put("datanucleus.validateConstraints", "false")
+ .put("datanucleus.storeManagerType", "rdbms")
+ .put("datanucleus.autoCreateSchema", "true")
+ .put("datanucleus.fixedDatastore", "false")
+ .put("datanucleus.autoStartMechanismMode", "checked")
+ .put("datanucleus.transactionIsolation", "read-committed")
+ .put("datanucleus.cache.level2", "false")
+ .put("datanucleus.cache.level2.type", "none")
+ .put("datanucleus.identifierFactory", "datanucleus1")
+ .put("datanucleus.rdbms.useLegacyNativeValueStrategy", "true")
+ .put("datanucleus.plugin.pluginRegistryBundleCheck", "LOG")
+ .put("javax.jdo.option.ConnectionDriverName",
+ "org.apache.derby.jdbc.EmbeddedDriver")
+ .put("javax.jdo.PersistenceManagerFactoryClass",
+ "org.datanucleus.api.jdo.JDOPersistenceManagerFactory")
+ .put("javax.jdo.option.DetachAllOnCommit", "true")
+ .put("javax.jdo.option.NonTransactionalRead", "false")
+ .put("javax.jdo.option.NonTransactionalWrite", "false")
+ .put("javax.jdo.option.ConnectionUserName", "Sentry")
+ .put("javax.jdo.option.ConnectionPassword", "Sentry")
+ .put("javax.jdo.option.Multithreaded", "true")
+ .build();
+
}
public static class ClientConfig {
public static final ImmutableMap<String, String> SASL_PROPERTIES = ServiceConstants.SASL_PROPERTIES;
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java
index 1686780..e1549ca 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/Status.java
@@ -22,6 +22,10 @@ import java.io.StringWriter;
import javax.annotation.Nullable;
+import org.apache.sentry.SentryUserException;
+import org.apache.sentry.provider.db.SentryAlreadyExistsException;
+import org.apache.sentry.provider.db.SentryInvalidInputException;
+import org.apache.sentry.provider.db.SentryNoSuchObjectException;
import org.apache.sentry.service.thrift.ServiceConstants.ThriftConstants;
/**
@@ -81,4 +85,34 @@ public enum Status {
}
return status;
}
+ public static void throwIfNotOk(TSentryResponseStatus thriftStatus)
+ throws SentryUserException {
+ Status status = Status.fromCode(thriftStatus.getValue());
+ switch(status) {
+ case OK:
+ break;
+ case ALREADY_EXISTS:
+ throw new SentryAlreadyExistsException(serverErrorToString(thriftStatus));
+ case NO_SUCH_OBJECT:
+ throw new SentryNoSuchObjectException(serverErrorToString(thriftStatus));
+ case RUNTIME_ERROR:
+ throw new RuntimeException(serverErrorToString(thriftStatus));
+ case INVALID_INPUT:
+ throw new SentryInvalidInputException(serverErrorToString(thriftStatus));
+ case UNKNOWN:
+ throw new AssertionError(serverErrorToString(thriftStatus));
+ default:
+ throw new AssertionError("Unknown status code: " + status + ". Msg: " +
+ serverErrorToString(thriftStatus));
+ }
+ }
+
+ private static String serverErrorToString(TSentryResponseStatus thriftStatus) {
+ String msg = thriftStatus.getMessage();
+ String stack = thriftStatus.getStack();
+ if (stack == null) {
+ return msg;
+ }
+ return msg + ". Server Stacktrace: " + stack;
+ }
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
index b3f7d6e..677047f 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
@@ -29,6 +29,8 @@ namespace java org.apache.sentry.provider.db.service.thrift
namespace php sentry.provider.db.service.thrift
namespace cpp Apache.Sentry.Provider.Db.Service.Thrift
+
+# Represents a Privilege in transport from the client to the server
struct TSentryPrivilege {
1: required string privilegeScope, # Valid values are SERVER, DATABASE, TABLE
2: optional string privilegeName, # Generated on server side
@@ -41,59 +43,58 @@ struct TSentryPrivilege {
9: optional string grantorPrincipal # Set on server side
}
-struct TSentryRole {
-1: required string roleName,
-# TODO privs should not be part of Sentry role as
-# they are created when a grant is executed
-# They need to be returned as part of the list role API, else
-# there would be another round trip
-2: required set<TSentryPrivilege> privileges,
-3: required i64 createTime,
-4: required string grantorPrincipal
-}
-
-// TODO fill out
+# TODO can this be deleted? it's not adding value to TAlterSentryRoleAddGroupsRequest
struct TSentryGroup {
1: required string groupName
}
+# CREATE ROLE r1
struct TCreateSentryRoleRequest {
1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName,
-3: required TSentryRole role,
-4: required set<string> requestorGroupName
+2: required string requestorUserName, # user on whose behalf the request is issued
+3: required set<string> requestorGroupNames # groups the requesting user belongs to
+4: required string roleName, # TSentryRole is not required for this request
}
struct TCreateSentryRoleResponse {
1: required sentry_common_service.TSentryResponseStatus status
}
-struct TListSentryRolesRequest {
+# DROP ROLE r1
+struct TDropSentryRoleRequest {
1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
2: required string requestorUserName, # user on whose behalf the request is issued
-3: optional string rolerequestorGroupName, # list roles for this group
-4: required string roleName,
-5: required set<string> requestorGroupName # groups the requesting user belongs to
+3: required set<string> requestorGroupNames # groups the requesting user belongs to
+4: required string roleName # role to drop
}
-struct TListSentryRolesResponse {
+struct TDropSentryRoleResponse {
1: required sentry_common_service.TSentryResponseStatus status
-2: required set<TSentryRole> roles
}
-struct TDropSentryRoleRequest {
+# TODO what is this implementing SHOW GRANT/SHOW ROLE GRANT?
+# We should have seperate requests for those commands
+struct TListSentryRolesRequest {
1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName,
-3: required string roleName,
-4: required set<string> requestorGroupName
+2: required string requestorUserName, # user on whose behalf the request is issued
+3: optional string rolerequestorGroupNames, # list roles for this group
+4: required string roleName # role get prirvilges for
}
-struct TDropSentryRoleResponse {
+# used only for TListSentryRolesResponse
+struct TSentryRole {
+1: required string roleName,
+2: required set<TSentryPrivilege> privileges,
+3: required string grantorPrincipal
+}
+struct TListSentryRolesResponse {
1: required sentry_common_service.TSentryResponseStatus status
+2: required set<TSentryRole> roles
}
+# GRANT ROLE r1 TO GROUP g1
struct TAlterSentryRoleAddGroupsRequest {
1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName,
-3: required string roleName,
-4: required set<string> requestorGroupName,
+2: required string requestorUserName, # user on whose behalf the request is issued
+3: required set<string> requestorGroupNames # groups the requesting user belongs to
+4: required string roleName,
5: required set<TSentryGroup> groups
}
@@ -101,50 +102,74 @@ struct TAlterSentryRoleAddGroupsResponse {
1: required sentry_common_service.TSentryResponseStatus status
}
+# REVOLE ROLE r1 FROM GROUP g1
struct TAlterSentryRoleDeleteGroupsRequest {
1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName,
-3: required set<string> requestorGroupName
+2: required string requestorUserName, # user on whose behalf the request is issued
+3: required set<string> requestorGroupNames # groups the requesting user belongs to
+4: required string roleName,
+5: required set<TSentryGroup> groups
}
struct TAlterSentryRoleDeleteGroupsResponse {
1: required sentry_common_service.TSentryResponseStatus status
}
+# GRANT ... ON ... TO ROLE ...
struct TAlterSentryRoleGrantPrivilegeRequest {
1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName,
-3: required string roleName,
-4: required set<string> requestorGroupName,
+2: required string requestorUserName, # user on whose behalf the request is issued
+3: required set<string> requestorGroupNames # groups the requesting user belongs to
+4: required string roleName,
5: required TSentryPrivilege privilege
}
-
struct TAlterSentryRoleGrantPrivilegeResponse {
1: required sentry_common_service.TSentryResponseStatus status
}
+# REVOKE ... ON ... FROM ROLE ...
struct TAlterSentryRoleRevokePrivilegeRequest {
1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName,
-3: required string roleName,
-4: required set<string> requestorGroupName,
+2: required string requestorUserName, # user on whose behalf the request is issued
+3: required set<string> requestorGroupNames # groups the requesting user belongs to
+4: required string roleName,
5: required TSentryPrivilege privilege
}
-
struct TAlterSentryRoleRevokePrivilegeResponse {
1: required sentry_common_service.TSentryResponseStatus status
}
+# This API was created specifically for ProviderBackend.getPrivileges
+# and is not mean for general purpose privilege retrieval.
+# This request/response pair are created specifically so we can
+# efficiently obtain the specific privilges for a user query
+struct TSentryActiveRoleSet {
+1: required bool all,
+2: required set<string> roles,
+}
+struct TListSentryPrivilegesForProviderRequest {
+1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
+2: required set<string> groups,
+3: required TSentryActiveRoleSet roleSet,
+}
+struct TListSentryPrivilegesForProviderResponse {
+1: required sentry_common_service.TSentryResponseStatus status
+2: required set<string> privileges
+}
+
service SentryPolicyService
{
TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
-
+
TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(1:TAlterSentryRoleGrantPrivilegeRequest request)
TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(1:TAlterSentryRoleRevokePrivilegeRequest request)
-
+
TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(1:TAlterSentryRoleAddGroupsRequest request)
TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(1:TAlterSentryRoleDeleteGroupsRequest request)
TListSentryRolesResponse list_sentry_roles_by_group(1:TListSentryRolesRequest request)
- TListSentryRolesResponse list_sentry_roles_by_role_name(1:TListSentryRolesRequest request)
+ TListSentryRolesResponse list_sentry_roles_by_role_name(1:TListSentryRolesRequest request)
+
+ # For use with ProviderBackend.getPrivileges only
+ TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(1:TListSentryPrivilegesForProviderRequest request)
}
[4/6] SENTRY-142: Create database backed ProviderBackend (Brock
Noland via Shreepadma Venugopalan)
Posted by sh...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
index dea8fa8..50f1f8e 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleRevokePrivilegeRequest.java
@@ -36,8 +36,8 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupName", org.apache.thrift.protocol.TType.SET, (short)4);
+ private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAMES_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupNames", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)5);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
@@ -48,16 +48,16 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
private int protocol_version; // required
private String requestorUserName; // required
+ private Set<String> requestorGroupNames; // required
private String roleName; // required
- private Set<String> requestorGroupName; // required
private TSentryPrivilege privilege; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
PROTOCOL_VERSION((short)1, "protocol_version"),
REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- REQUESTOR_GROUP_NAME((short)4, "requestorGroupName"),
+ REQUESTOR_GROUP_NAMES((short)3, "requestorGroupNames"),
+ ROLE_NAME((short)4, "roleName"),
PRIVILEGE((short)5, "privilege");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -77,10 +77,10 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
return PROTOCOL_VERSION;
case 2: // REQUESTOR_USER_NAME
return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
+ return REQUESTOR_GROUP_NAMES;
+ case 4: // ROLE_NAME
return ROLE_NAME;
- case 4: // REQUESTOR_GROUP_NAME
- return REQUESTOR_GROUP_NAME;
case 5: // PRIVILEGE
return PRIVILEGE;
default:
@@ -132,11 +132,11 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.REQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ tmpMap.put(_Fields.REQUESTOR_GROUP_NAMES, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupNames", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
metaDataMap = Collections.unmodifiableMap(tmpMap);
@@ -151,16 +151,16 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
public TAlterSentryRoleRevokePrivilegeRequest(
int protocol_version,
String requestorUserName,
+ Set<String> requestorGroupNames,
String roleName,
- Set<String> requestorGroupName,
TSentryPrivilege privilege)
{
this();
this.protocol_version = protocol_version;
setProtocol_versionIsSet(true);
this.requestorUserName = requestorUserName;
+ this.requestorGroupNames = requestorGroupNames;
this.roleName = roleName;
- this.requestorGroupName = requestorGroupName;
this.privilege = privilege;
}
@@ -173,16 +173,16 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
if (other.isSetRequestorUserName()) {
this.requestorUserName = other.requestorUserName;
}
+ if (other.isSetRequestorGroupNames()) {
+ Set<String> __this__requestorGroupNames = new HashSet<String>();
+ for (String other_element : other.requestorGroupNames) {
+ __this__requestorGroupNames.add(other_element);
+ }
+ this.requestorGroupNames = __this__requestorGroupNames;
+ }
if (other.isSetRoleName()) {
this.roleName = other.roleName;
}
- if (other.isSetRequestorGroupName()) {
- Set<String> __this__requestorGroupName = new HashSet<String>();
- for (String other_element : other.requestorGroupName) {
- __this__requestorGroupName.add(other_element);
- }
- this.requestorGroupName = __this__requestorGroupName;
- }
if (other.isSetPrivilege()) {
this.privilege = new TSentryPrivilege(other.privilege);
}
@@ -197,8 +197,8 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
this.protocol_version = 1;
this.requestorUserName = null;
+ this.requestorGroupNames = null;
this.roleName = null;
- this.requestorGroupName = null;
this.privilege = null;
}
@@ -247,64 +247,64 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
}
}
- public String getRoleName() {
- return this.roleName;
+ public int getRequestorGroupNamesSize() {
+ return (this.requestorGroupNames == null) ? 0 : this.requestorGroupNames.size();
}
- public void setRoleName(String roleName) {
- this.roleName = roleName;
+ public java.util.Iterator<String> getRequestorGroupNamesIterator() {
+ return (this.requestorGroupNames == null) ? null : this.requestorGroupNames.iterator();
}
- public void unsetRoleName() {
- this.roleName = null;
+ public void addToRequestorGroupNames(String elem) {
+ if (this.requestorGroupNames == null) {
+ this.requestorGroupNames = new HashSet<String>();
+ }
+ this.requestorGroupNames.add(elem);
}
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
+ public Set<String> getRequestorGroupNames() {
+ return this.requestorGroupNames;
}
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
+ public void setRequestorGroupNames(Set<String> requestorGroupNames) {
+ this.requestorGroupNames = requestorGroupNames;
}
- public int getRequestorGroupNameSize() {
- return (this.requestorGroupName == null) ? 0 : this.requestorGroupName.size();
+ public void unsetRequestorGroupNames() {
+ this.requestorGroupNames = null;
}
- public java.util.Iterator<String> getRequestorGroupNameIterator() {
- return (this.requestorGroupName == null) ? null : this.requestorGroupName.iterator();
+ /** Returns true if field requestorGroupNames is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequestorGroupNames() {
+ return this.requestorGroupNames != null;
}
- public void addToRequestorGroupName(String elem) {
- if (this.requestorGroupName == null) {
- this.requestorGroupName = new HashSet<String>();
+ public void setRequestorGroupNamesIsSet(boolean value) {
+ if (!value) {
+ this.requestorGroupNames = null;
}
- this.requestorGroupName.add(elem);
}
- public Set<String> getRequestorGroupName() {
- return this.requestorGroupName;
+ public String getRoleName() {
+ return this.roleName;
}
- public void setRequestorGroupName(Set<String> requestorGroupName) {
- this.requestorGroupName = requestorGroupName;
+ public void setRoleName(String roleName) {
+ this.roleName = roleName;
}
- public void unsetRequestorGroupName() {
- this.requestorGroupName = null;
+ public void unsetRoleName() {
+ this.roleName = null;
}
- /** Returns true if field requestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorGroupName() {
- return this.requestorGroupName != null;
+ /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleName() {
+ return this.roleName != null;
}
- public void setRequestorGroupNameIsSet(boolean value) {
+ public void setRoleNameIsSet(boolean value) {
if (!value) {
- this.requestorGroupName = null;
+ this.roleName = null;
}
}
@@ -349,19 +349,19 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
}
break;
- case ROLE_NAME:
+ case REQUESTOR_GROUP_NAMES:
if (value == null) {
- unsetRoleName();
+ unsetRequestorGroupNames();
} else {
- setRoleName((String)value);
+ setRequestorGroupNames((Set<String>)value);
}
break;
- case REQUESTOR_GROUP_NAME:
+ case ROLE_NAME:
if (value == null) {
- unsetRequestorGroupName();
+ unsetRoleName();
} else {
- setRequestorGroupName((Set<String>)value);
+ setRoleName((String)value);
}
break;
@@ -384,12 +384,12 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
case REQUESTOR_USER_NAME:
return getRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return getRequestorGroupNames();
+
case ROLE_NAME:
return getRoleName();
- case REQUESTOR_GROUP_NAME:
- return getRequestorGroupName();
-
case PRIVILEGE:
return getPrivilege();
@@ -408,10 +408,10 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
return isSetProtocol_version();
case REQUESTOR_USER_NAME:
return isSetRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return isSetRequestorGroupNames();
case ROLE_NAME:
return isSetRoleName();
- case REQUESTOR_GROUP_NAME:
- return isSetRequestorGroupName();
case PRIVILEGE:
return isSetPrivilege();
}
@@ -449,6 +449,15 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
return false;
}
+ boolean this_present_requestorGroupNames = true && this.isSetRequestorGroupNames();
+ boolean that_present_requestorGroupNames = true && that.isSetRequestorGroupNames();
+ if (this_present_requestorGroupNames || that_present_requestorGroupNames) {
+ if (!(this_present_requestorGroupNames && that_present_requestorGroupNames))
+ return false;
+ if (!this.requestorGroupNames.equals(that.requestorGroupNames))
+ return false;
+ }
+
boolean this_present_roleName = true && this.isSetRoleName();
boolean that_present_roleName = true && that.isSetRoleName();
if (this_present_roleName || that_present_roleName) {
@@ -458,15 +467,6 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
return false;
}
- boolean this_present_requestorGroupName = true && this.isSetRequestorGroupName();
- boolean that_present_requestorGroupName = true && that.isSetRequestorGroupName();
- if (this_present_requestorGroupName || that_present_requestorGroupName) {
- if (!(this_present_requestorGroupName && that_present_requestorGroupName))
- return false;
- if (!this.requestorGroupName.equals(that.requestorGroupName))
- return false;
- }
-
boolean this_present_privilege = true && this.isSetPrivilege();
boolean that_present_privilege = true && that.isSetPrivilege();
if (this_present_privilege || that_present_privilege) {
@@ -493,16 +493,16 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
if (present_requestorUserName)
builder.append(requestorUserName);
+ boolean present_requestorGroupNames = true && (isSetRequestorGroupNames());
+ builder.append(present_requestorGroupNames);
+ if (present_requestorGroupNames)
+ builder.append(requestorGroupNames);
+
boolean present_roleName = true && (isSetRoleName());
builder.append(present_roleName);
if (present_roleName)
builder.append(roleName);
- boolean present_requestorGroupName = true && (isSetRequestorGroupName());
- builder.append(present_requestorGroupName);
- if (present_requestorGroupName)
- builder.append(requestorGroupName);
-
boolean present_privilege = true && (isSetPrivilege());
builder.append(present_privilege);
if (present_privilege)
@@ -539,22 +539,22 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
+ lastComparison = Boolean.valueOf(isSetRequestorGroupNames()).compareTo(typedOther.isSetRequestorGroupNames());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
+ if (isSetRequestorGroupNames()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupNames, typedOther.requestorGroupNames);
if (lastComparison != 0) {
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRequestorGroupName()).compareTo(typedOther.isSetRequestorGroupName());
+ lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupName, typedOther.requestorGroupName);
+ if (isSetRoleName()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
if (lastComparison != 0) {
return lastComparison;
}
@@ -601,19 +601,19 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
}
first = false;
if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
+ sb.append("requestorGroupNames:");
+ if (this.requestorGroupNames == null) {
sb.append("null");
} else {
- sb.append(this.roleName);
+ sb.append(this.requestorGroupNames);
}
first = false;
if (!first) sb.append(", ");
- sb.append("requestorGroupName:");
- if (this.requestorGroupName == null) {
+ sb.append("roleName:");
+ if (this.roleName == null) {
sb.append("null");
} else {
- sb.append(this.requestorGroupName);
+ sb.append(this.roleName);
}
first = false;
if (!first) sb.append(", ");
@@ -638,12 +638,12 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
}
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
+ if (!isSetRequestorGroupNames()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupNames' is unset! Struct:" + toString());
}
- if (!isSetRequestorGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupName' is unset! Struct:" + toString());
+ if (!isSetRoleName()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
}
if (!isSetPrivilege()) {
@@ -708,28 +708,28 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // REQUESTOR_GROUP_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
org.apache.thrift.protocol.TSet _set72 = iprot.readSetBegin();
- struct.requestorGroupName = new HashSet<String>(2*_set72.size);
+ struct.requestorGroupNames = new HashSet<String>(2*_set72.size);
for (int _i73 = 0; _i73 < _set72.size; ++_i73)
{
String _elem74; // required
_elem74 = iprot.readString();
- struct.requestorGroupName.add(_elem74);
+ struct.requestorGroupNames.add(_elem74);
}
iprot.readSetEnd();
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 4: // ROLE_NAME
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
} else {
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -764,16 +764,11 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
oprot.writeString(struct.requestorUserName);
oprot.writeFieldEnd();
}
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.requestorGroupName != null) {
- oprot.writeFieldBegin(REQUESTOR_GROUP_NAME_FIELD_DESC);
+ if (struct.requestorGroupNames != null) {
+ oprot.writeFieldBegin(REQUESTOR_GROUP_NAMES_FIELD_DESC);
{
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupName.size()));
- for (String _iter75 : struct.requestorGroupName)
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupNames.size()));
+ for (String _iter75 : struct.requestorGroupNames)
{
oprot.writeString(_iter75);
}
@@ -781,6 +776,11 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
}
oprot.writeFieldEnd();
}
+ if (struct.roleName != null) {
+ oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
+ oprot.writeString(struct.roleName);
+ oprot.writeFieldEnd();
+ }
if (struct.privilege != null) {
oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
struct.privilege.write(oprot);
@@ -805,14 +805,14 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
TTupleProtocol oprot = (TTupleProtocol) prot;
oprot.writeI32(struct.protocol_version);
oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
{
- oprot.writeI32(struct.requestorGroupName.size());
- for (String _iter76 : struct.requestorGroupName)
+ oprot.writeI32(struct.requestorGroupNames.size());
+ for (String _iter76 : struct.requestorGroupNames)
{
oprot.writeString(_iter76);
}
}
+ oprot.writeString(struct.roleName);
struct.privilege.write(oprot);
}
@@ -823,19 +823,19 @@ public class TAlterSentryRoleRevokePrivilegeRequest implements org.apache.thrift
struct.setProtocol_versionIsSet(true);
struct.requestorUserName = iprot.readString();
struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
{
org.apache.thrift.protocol.TSet _set77 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.requestorGroupName = new HashSet<String>(2*_set77.size);
+ struct.requestorGroupNames = new HashSet<String>(2*_set77.size);
for (int _i78 = 0; _i78 < _set77.size; ++_i78)
{
String _elem79; // required
_elem79 = iprot.readString();
- struct.requestorGroupName.add(_elem79);
+ struct.requestorGroupNames.add(_elem79);
}
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
struct.privilege = new TSentryPrivilege();
struct.privilege.read(iprot);
struct.setPrivilegeIsSet(true);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java
index 1f9eace..6067a25 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TCreateSentryRoleRequest.java
@@ -36,8 +36,8 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_FIELD_DESC = new org.apache.thrift.protocol.TField("role", org.apache.thrift.protocol.TType.STRUCT, (short)3);
- private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupName", org.apache.thrift.protocol.TType.SET, (short)4);
+ private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAMES_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupNames", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
static {
@@ -47,15 +47,15 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
private int protocol_version; // required
private String requestorUserName; // required
- private TSentryRole role; // required
- private Set<String> requestorGroupName; // required
+ private Set<String> requestorGroupNames; // required
+ private String roleName; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
PROTOCOL_VERSION((short)1, "protocol_version"),
REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE((short)3, "role"),
- REQUESTOR_GROUP_NAME((short)4, "requestorGroupName");
+ REQUESTOR_GROUP_NAMES((short)3, "requestorGroupNames"),
+ ROLE_NAME((short)4, "roleName");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -74,10 +74,10 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
return PROTOCOL_VERSION;
case 2: // REQUESTOR_USER_NAME
return REQUESTOR_USER_NAME;
- case 3: // ROLE
- return ROLE;
- case 4: // REQUESTOR_GROUP_NAME
- return REQUESTOR_GROUP_NAME;
+ case 3: // REQUESTOR_GROUP_NAMES
+ return REQUESTOR_GROUP_NAMES;
+ case 4: // ROLE_NAME
+ return ROLE_NAME;
default:
return null;
}
@@ -127,11 +127,11 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE, new org.apache.thrift.meta_data.FieldMetaData("role", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryRole.class)));
- tmpMap.put(_Fields.REQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ tmpMap.put(_Fields.REQUESTOR_GROUP_NAMES, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupNames", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
metaDataMap = Collections.unmodifiableMap(tmpMap);
org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TCreateSentryRoleRequest.class, metaDataMap);
}
@@ -144,15 +144,15 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
public TCreateSentryRoleRequest(
int protocol_version,
String requestorUserName,
- TSentryRole role,
- Set<String> requestorGroupName)
+ Set<String> requestorGroupNames,
+ String roleName)
{
this();
this.protocol_version = protocol_version;
setProtocol_versionIsSet(true);
this.requestorUserName = requestorUserName;
- this.role = role;
- this.requestorGroupName = requestorGroupName;
+ this.requestorGroupNames = requestorGroupNames;
+ this.roleName = roleName;
}
/**
@@ -164,15 +164,15 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
if (other.isSetRequestorUserName()) {
this.requestorUserName = other.requestorUserName;
}
- if (other.isSetRole()) {
- this.role = new TSentryRole(other.role);
- }
- if (other.isSetRequestorGroupName()) {
- Set<String> __this__requestorGroupName = new HashSet<String>();
- for (String other_element : other.requestorGroupName) {
- __this__requestorGroupName.add(other_element);
+ if (other.isSetRequestorGroupNames()) {
+ Set<String> __this__requestorGroupNames = new HashSet<String>();
+ for (String other_element : other.requestorGroupNames) {
+ __this__requestorGroupNames.add(other_element);
}
- this.requestorGroupName = __this__requestorGroupName;
+ this.requestorGroupNames = __this__requestorGroupNames;
+ }
+ if (other.isSetRoleName()) {
+ this.roleName = other.roleName;
}
}
@@ -185,8 +185,8 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
this.protocol_version = 1;
this.requestorUserName = null;
- this.role = null;
- this.requestorGroupName = null;
+ this.requestorGroupNames = null;
+ this.roleName = null;
}
public int getProtocol_version() {
@@ -234,64 +234,64 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
}
}
- public TSentryRole getRole() {
- return this.role;
+ public int getRequestorGroupNamesSize() {
+ return (this.requestorGroupNames == null) ? 0 : this.requestorGroupNames.size();
}
- public void setRole(TSentryRole role) {
- this.role = role;
+ public java.util.Iterator<String> getRequestorGroupNamesIterator() {
+ return (this.requestorGroupNames == null) ? null : this.requestorGroupNames.iterator();
}
- public void unsetRole() {
- this.role = null;
+ public void addToRequestorGroupNames(String elem) {
+ if (this.requestorGroupNames == null) {
+ this.requestorGroupNames = new HashSet<String>();
+ }
+ this.requestorGroupNames.add(elem);
}
- /** Returns true if field role is set (has been assigned a value) and false otherwise */
- public boolean isSetRole() {
- return this.role != null;
+ public Set<String> getRequestorGroupNames() {
+ return this.requestorGroupNames;
}
- public void setRoleIsSet(boolean value) {
- if (!value) {
- this.role = null;
- }
+ public void setRequestorGroupNames(Set<String> requestorGroupNames) {
+ this.requestorGroupNames = requestorGroupNames;
}
- public int getRequestorGroupNameSize() {
- return (this.requestorGroupName == null) ? 0 : this.requestorGroupName.size();
+ public void unsetRequestorGroupNames() {
+ this.requestorGroupNames = null;
}
- public java.util.Iterator<String> getRequestorGroupNameIterator() {
- return (this.requestorGroupName == null) ? null : this.requestorGroupName.iterator();
+ /** Returns true if field requestorGroupNames is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequestorGroupNames() {
+ return this.requestorGroupNames != null;
}
- public void addToRequestorGroupName(String elem) {
- if (this.requestorGroupName == null) {
- this.requestorGroupName = new HashSet<String>();
+ public void setRequestorGroupNamesIsSet(boolean value) {
+ if (!value) {
+ this.requestorGroupNames = null;
}
- this.requestorGroupName.add(elem);
}
- public Set<String> getRequestorGroupName() {
- return this.requestorGroupName;
+ public String getRoleName() {
+ return this.roleName;
}
- public void setRequestorGroupName(Set<String> requestorGroupName) {
- this.requestorGroupName = requestorGroupName;
+ public void setRoleName(String roleName) {
+ this.roleName = roleName;
}
- public void unsetRequestorGroupName() {
- this.requestorGroupName = null;
+ public void unsetRoleName() {
+ this.roleName = null;
}
- /** Returns true if field requestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorGroupName() {
- return this.requestorGroupName != null;
+ /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleName() {
+ return this.roleName != null;
}
- public void setRequestorGroupNameIsSet(boolean value) {
+ public void setRoleNameIsSet(boolean value) {
if (!value) {
- this.requestorGroupName = null;
+ this.roleName = null;
}
}
@@ -313,19 +313,19 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
}
break;
- case ROLE:
+ case REQUESTOR_GROUP_NAMES:
if (value == null) {
- unsetRole();
+ unsetRequestorGroupNames();
} else {
- setRole((TSentryRole)value);
+ setRequestorGroupNames((Set<String>)value);
}
break;
- case REQUESTOR_GROUP_NAME:
+ case ROLE_NAME:
if (value == null) {
- unsetRequestorGroupName();
+ unsetRoleName();
} else {
- setRequestorGroupName((Set<String>)value);
+ setRoleName((String)value);
}
break;
@@ -340,11 +340,11 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
case REQUESTOR_USER_NAME:
return getRequestorUserName();
- case ROLE:
- return getRole();
+ case REQUESTOR_GROUP_NAMES:
+ return getRequestorGroupNames();
- case REQUESTOR_GROUP_NAME:
- return getRequestorGroupName();
+ case ROLE_NAME:
+ return getRoleName();
}
throw new IllegalStateException();
@@ -361,10 +361,10 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
return isSetProtocol_version();
case REQUESTOR_USER_NAME:
return isSetRequestorUserName();
- case ROLE:
- return isSetRole();
- case REQUESTOR_GROUP_NAME:
- return isSetRequestorGroupName();
+ case REQUESTOR_GROUP_NAMES:
+ return isSetRequestorGroupNames();
+ case ROLE_NAME:
+ return isSetRoleName();
}
throw new IllegalStateException();
}
@@ -400,21 +400,21 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
return false;
}
- boolean this_present_role = true && this.isSetRole();
- boolean that_present_role = true && that.isSetRole();
- if (this_present_role || that_present_role) {
- if (!(this_present_role && that_present_role))
+ boolean this_present_requestorGroupNames = true && this.isSetRequestorGroupNames();
+ boolean that_present_requestorGroupNames = true && that.isSetRequestorGroupNames();
+ if (this_present_requestorGroupNames || that_present_requestorGroupNames) {
+ if (!(this_present_requestorGroupNames && that_present_requestorGroupNames))
return false;
- if (!this.role.equals(that.role))
+ if (!this.requestorGroupNames.equals(that.requestorGroupNames))
return false;
}
- boolean this_present_requestorGroupName = true && this.isSetRequestorGroupName();
- boolean that_present_requestorGroupName = true && that.isSetRequestorGroupName();
- if (this_present_requestorGroupName || that_present_requestorGroupName) {
- if (!(this_present_requestorGroupName && that_present_requestorGroupName))
+ boolean this_present_roleName = true && this.isSetRoleName();
+ boolean that_present_roleName = true && that.isSetRoleName();
+ if (this_present_roleName || that_present_roleName) {
+ if (!(this_present_roleName && that_present_roleName))
return false;
- if (!this.requestorGroupName.equals(that.requestorGroupName))
+ if (!this.roleName.equals(that.roleName))
return false;
}
@@ -435,15 +435,15 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
if (present_requestorUserName)
builder.append(requestorUserName);
- boolean present_role = true && (isSetRole());
- builder.append(present_role);
- if (present_role)
- builder.append(role);
+ boolean present_requestorGroupNames = true && (isSetRequestorGroupNames());
+ builder.append(present_requestorGroupNames);
+ if (present_requestorGroupNames)
+ builder.append(requestorGroupNames);
- boolean present_requestorGroupName = true && (isSetRequestorGroupName());
- builder.append(present_requestorGroupName);
- if (present_requestorGroupName)
- builder.append(requestorGroupName);
+ boolean present_roleName = true && (isSetRoleName());
+ builder.append(present_roleName);
+ if (present_roleName)
+ builder.append(roleName);
return builder.toHashCode();
}
@@ -476,22 +476,22 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRole()).compareTo(typedOther.isSetRole());
+ lastComparison = Boolean.valueOf(isSetRequestorGroupNames()).compareTo(typedOther.isSetRequestorGroupNames());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRole()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.role, typedOther.role);
+ if (isSetRequestorGroupNames()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupNames, typedOther.requestorGroupNames);
if (lastComparison != 0) {
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRequestorGroupName()).compareTo(typedOther.isSetRequestorGroupName());
+ lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupName, typedOther.requestorGroupName);
+ if (isSetRoleName()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
if (lastComparison != 0) {
return lastComparison;
}
@@ -528,19 +528,19 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
}
first = false;
if (!first) sb.append(", ");
- sb.append("role:");
- if (this.role == null) {
+ sb.append("requestorGroupNames:");
+ if (this.requestorGroupNames == null) {
sb.append("null");
} else {
- sb.append(this.role);
+ sb.append(this.requestorGroupNames);
}
first = false;
if (!first) sb.append(", ");
- sb.append("requestorGroupName:");
- if (this.requestorGroupName == null) {
+ sb.append("roleName:");
+ if (this.roleName == null) {
sb.append("null");
} else {
- sb.append(this.requestorGroupName);
+ sb.append(this.roleName);
}
first = false;
sb.append(")");
@@ -557,18 +557,15 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
}
- if (!isSetRole()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'role' is unset! Struct:" + toString());
+ if (!isSetRequestorGroupNames()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupNames' is unset! Struct:" + toString());
}
- if (!isSetRequestorGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupName' is unset! Struct:" + toString());
+ if (!isSetRoleName()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
}
// check for sub-struct validity
- if (role != null) {
- role.validate();
- }
}
private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
@@ -623,29 +620,28 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // ROLE
- if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
- struct.role = new TSentryRole();
- struct.role.read(iprot);
- struct.setRoleIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // REQUESTOR_GROUP_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
- org.apache.thrift.protocol.TSet _set8 = iprot.readSetBegin();
- struct.requestorGroupName = new HashSet<String>(2*_set8.size);
- for (int _i9 = 0; _i9 < _set8.size; ++_i9)
+ org.apache.thrift.protocol.TSet _set0 = iprot.readSetBegin();
+ struct.requestorGroupNames = new HashSet<String>(2*_set0.size);
+ for (int _i1 = 0; _i1 < _set0.size; ++_i1)
{
- String _elem10; // required
- _elem10 = iprot.readString();
- struct.requestorGroupName.add(_elem10);
+ String _elem2; // required
+ _elem2 = iprot.readString();
+ struct.requestorGroupNames.add(_elem2);
}
iprot.readSetEnd();
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 4: // ROLE_NAME
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
} else {
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -671,23 +667,23 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
oprot.writeString(struct.requestorUserName);
oprot.writeFieldEnd();
}
- if (struct.role != null) {
- oprot.writeFieldBegin(ROLE_FIELD_DESC);
- struct.role.write(oprot);
- oprot.writeFieldEnd();
- }
- if (struct.requestorGroupName != null) {
- oprot.writeFieldBegin(REQUESTOR_GROUP_NAME_FIELD_DESC);
+ if (struct.requestorGroupNames != null) {
+ oprot.writeFieldBegin(REQUESTOR_GROUP_NAMES_FIELD_DESC);
{
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupName.size()));
- for (String _iter11 : struct.requestorGroupName)
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupNames.size()));
+ for (String _iter3 : struct.requestorGroupNames)
{
- oprot.writeString(_iter11);
+ oprot.writeString(_iter3);
}
oprot.writeSetEnd();
}
oprot.writeFieldEnd();
}
+ if (struct.roleName != null) {
+ oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
+ oprot.writeString(struct.roleName);
+ oprot.writeFieldEnd();
+ }
oprot.writeFieldStop();
oprot.writeStructEnd();
}
@@ -707,14 +703,14 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
TTupleProtocol oprot = (TTupleProtocol) prot;
oprot.writeI32(struct.protocol_version);
oprot.writeString(struct.requestorUserName);
- struct.role.write(oprot);
{
- oprot.writeI32(struct.requestorGroupName.size());
- for (String _iter12 : struct.requestorGroupName)
+ oprot.writeI32(struct.requestorGroupNames.size());
+ for (String _iter4 : struct.requestorGroupNames)
{
- oprot.writeString(_iter12);
+ oprot.writeString(_iter4);
}
}
+ oprot.writeString(struct.roleName);
}
@Override
@@ -724,20 +720,19 @@ public class TCreateSentryRoleRequest implements org.apache.thrift.TBase<TCreate
struct.setProtocol_versionIsSet(true);
struct.requestorUserName = iprot.readString();
struct.setRequestorUserNameIsSet(true);
- struct.role = new TSentryRole();
- struct.role.read(iprot);
- struct.setRoleIsSet(true);
{
- org.apache.thrift.protocol.TSet _set13 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.requestorGroupName = new HashSet<String>(2*_set13.size);
- for (int _i14 = 0; _i14 < _set13.size; ++_i14)
+ org.apache.thrift.protocol.TSet _set5 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.requestorGroupNames = new HashSet<String>(2*_set5.size);
+ for (int _i6 = 0; _i6 < _set5.size; ++_i6)
{
- String _elem15; // required
- _elem15 = iprot.readString();
- struct.requestorGroupName.add(_elem15);
+ String _elem7; // required
+ _elem7 = iprot.readString();
+ struct.requestorGroupNames.add(_elem7);
}
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
index 353a82f..d804e2f 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
@@ -36,8 +36,8 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupName", org.apache.thrift.protocol.TType.SET, (short)4);
+ private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAMES_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupNames", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
static {
@@ -47,15 +47,15 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
private int protocol_version; // required
private String requestorUserName; // required
+ private Set<String> requestorGroupNames; // required
private String roleName; // required
- private Set<String> requestorGroupName; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
PROTOCOL_VERSION((short)1, "protocol_version"),
REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- REQUESTOR_GROUP_NAME((short)4, "requestorGroupName");
+ REQUESTOR_GROUP_NAMES((short)3, "requestorGroupNames"),
+ ROLE_NAME((short)4, "roleName");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -74,10 +74,10 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
return PROTOCOL_VERSION;
case 2: // REQUESTOR_USER_NAME
return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
+ return REQUESTOR_GROUP_NAMES;
+ case 4: // ROLE_NAME
return ROLE_NAME;
- case 4: // REQUESTOR_GROUP_NAME
- return REQUESTOR_GROUP_NAME;
default:
return null;
}
@@ -127,11 +127,11 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.REQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ tmpMap.put(_Fields.REQUESTOR_GROUP_NAMES, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupNames", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
metaDataMap = Collections.unmodifiableMap(tmpMap);
org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropSentryRoleRequest.class, metaDataMap);
}
@@ -144,15 +144,15 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
public TDropSentryRoleRequest(
int protocol_version,
String requestorUserName,
- String roleName,
- Set<String> requestorGroupName)
+ Set<String> requestorGroupNames,
+ String roleName)
{
this();
this.protocol_version = protocol_version;
setProtocol_versionIsSet(true);
this.requestorUserName = requestorUserName;
+ this.requestorGroupNames = requestorGroupNames;
this.roleName = roleName;
- this.requestorGroupName = requestorGroupName;
}
/**
@@ -164,16 +164,16 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
if (other.isSetRequestorUserName()) {
this.requestorUserName = other.requestorUserName;
}
+ if (other.isSetRequestorGroupNames()) {
+ Set<String> __this__requestorGroupNames = new HashSet<String>();
+ for (String other_element : other.requestorGroupNames) {
+ __this__requestorGroupNames.add(other_element);
+ }
+ this.requestorGroupNames = __this__requestorGroupNames;
+ }
if (other.isSetRoleName()) {
this.roleName = other.roleName;
}
- if (other.isSetRequestorGroupName()) {
- Set<String> __this__requestorGroupName = new HashSet<String>();
- for (String other_element : other.requestorGroupName) {
- __this__requestorGroupName.add(other_element);
- }
- this.requestorGroupName = __this__requestorGroupName;
- }
}
public TDropSentryRoleRequest deepCopy() {
@@ -185,8 +185,8 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
this.protocol_version = 1;
this.requestorUserName = null;
+ this.requestorGroupNames = null;
this.roleName = null;
- this.requestorGroupName = null;
}
public int getProtocol_version() {
@@ -234,64 +234,64 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
}
}
- public String getRoleName() {
- return this.roleName;
+ public int getRequestorGroupNamesSize() {
+ return (this.requestorGroupNames == null) ? 0 : this.requestorGroupNames.size();
}
- public void setRoleName(String roleName) {
- this.roleName = roleName;
+ public java.util.Iterator<String> getRequestorGroupNamesIterator() {
+ return (this.requestorGroupNames == null) ? null : this.requestorGroupNames.iterator();
}
- public void unsetRoleName() {
- this.roleName = null;
+ public void addToRequestorGroupNames(String elem) {
+ if (this.requestorGroupNames == null) {
+ this.requestorGroupNames = new HashSet<String>();
+ }
+ this.requestorGroupNames.add(elem);
}
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
+ public Set<String> getRequestorGroupNames() {
+ return this.requestorGroupNames;
}
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
+ public void setRequestorGroupNames(Set<String> requestorGroupNames) {
+ this.requestorGroupNames = requestorGroupNames;
}
- public int getRequestorGroupNameSize() {
- return (this.requestorGroupName == null) ? 0 : this.requestorGroupName.size();
+ public void unsetRequestorGroupNames() {
+ this.requestorGroupNames = null;
}
- public java.util.Iterator<String> getRequestorGroupNameIterator() {
- return (this.requestorGroupName == null) ? null : this.requestorGroupName.iterator();
+ /** Returns true if field requestorGroupNames is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequestorGroupNames() {
+ return this.requestorGroupNames != null;
}
- public void addToRequestorGroupName(String elem) {
- if (this.requestorGroupName == null) {
- this.requestorGroupName = new HashSet<String>();
+ public void setRequestorGroupNamesIsSet(boolean value) {
+ if (!value) {
+ this.requestorGroupNames = null;
}
- this.requestorGroupName.add(elem);
}
- public Set<String> getRequestorGroupName() {
- return this.requestorGroupName;
+ public String getRoleName() {
+ return this.roleName;
}
- public void setRequestorGroupName(Set<String> requestorGroupName) {
- this.requestorGroupName = requestorGroupName;
+ public void setRoleName(String roleName) {
+ this.roleName = roleName;
}
- public void unsetRequestorGroupName() {
- this.requestorGroupName = null;
+ public void unsetRoleName() {
+ this.roleName = null;
}
- /** Returns true if field requestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorGroupName() {
- return this.requestorGroupName != null;
+ /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleName() {
+ return this.roleName != null;
}
- public void setRequestorGroupNameIsSet(boolean value) {
+ public void setRoleNameIsSet(boolean value) {
if (!value) {
- this.requestorGroupName = null;
+ this.roleName = null;
}
}
@@ -313,19 +313,19 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
}
break;
- case ROLE_NAME:
+ case REQUESTOR_GROUP_NAMES:
if (value == null) {
- unsetRoleName();
+ unsetRequestorGroupNames();
} else {
- setRoleName((String)value);
+ setRequestorGroupNames((Set<String>)value);
}
break;
- case REQUESTOR_GROUP_NAME:
+ case ROLE_NAME:
if (value == null) {
- unsetRequestorGroupName();
+ unsetRoleName();
} else {
- setRequestorGroupName((Set<String>)value);
+ setRoleName((String)value);
}
break;
@@ -340,12 +340,12 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
case REQUESTOR_USER_NAME:
return getRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return getRequestorGroupNames();
+
case ROLE_NAME:
return getRoleName();
- case REQUESTOR_GROUP_NAME:
- return getRequestorGroupName();
-
}
throw new IllegalStateException();
}
@@ -361,10 +361,10 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
return isSetProtocol_version();
case REQUESTOR_USER_NAME:
return isSetRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return isSetRequestorGroupNames();
case ROLE_NAME:
return isSetRoleName();
- case REQUESTOR_GROUP_NAME:
- return isSetRequestorGroupName();
}
throw new IllegalStateException();
}
@@ -400,6 +400,15 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
return false;
}
+ boolean this_present_requestorGroupNames = true && this.isSetRequestorGroupNames();
+ boolean that_present_requestorGroupNames = true && that.isSetRequestorGroupNames();
+ if (this_present_requestorGroupNames || that_present_requestorGroupNames) {
+ if (!(this_present_requestorGroupNames && that_present_requestorGroupNames))
+ return false;
+ if (!this.requestorGroupNames.equals(that.requestorGroupNames))
+ return false;
+ }
+
boolean this_present_roleName = true && this.isSetRoleName();
boolean that_present_roleName = true && that.isSetRoleName();
if (this_present_roleName || that_present_roleName) {
@@ -409,15 +418,6 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
return false;
}
- boolean this_present_requestorGroupName = true && this.isSetRequestorGroupName();
- boolean that_present_requestorGroupName = true && that.isSetRequestorGroupName();
- if (this_present_requestorGroupName || that_present_requestorGroupName) {
- if (!(this_present_requestorGroupName && that_present_requestorGroupName))
- return false;
- if (!this.requestorGroupName.equals(that.requestorGroupName))
- return false;
- }
-
return true;
}
@@ -435,16 +435,16 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
if (present_requestorUserName)
builder.append(requestorUserName);
+ boolean present_requestorGroupNames = true && (isSetRequestorGroupNames());
+ builder.append(present_requestorGroupNames);
+ if (present_requestorGroupNames)
+ builder.append(requestorGroupNames);
+
boolean present_roleName = true && (isSetRoleName());
builder.append(present_roleName);
if (present_roleName)
builder.append(roleName);
- boolean present_requestorGroupName = true && (isSetRequestorGroupName());
- builder.append(present_requestorGroupName);
- if (present_requestorGroupName)
- builder.append(requestorGroupName);
-
return builder.toHashCode();
}
@@ -476,22 +476,22 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
+ lastComparison = Boolean.valueOf(isSetRequestorGroupNames()).compareTo(typedOther.isSetRequestorGroupNames());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
+ if (isSetRequestorGroupNames()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupNames, typedOther.requestorGroupNames);
if (lastComparison != 0) {
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRequestorGroupName()).compareTo(typedOther.isSetRequestorGroupName());
+ lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupName, typedOther.requestorGroupName);
+ if (isSetRoleName()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
if (lastComparison != 0) {
return lastComparison;
}
@@ -528,19 +528,19 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
}
first = false;
if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
+ sb.append("requestorGroupNames:");
+ if (this.requestorGroupNames == null) {
sb.append("null");
} else {
- sb.append(this.roleName);
+ sb.append(this.requestorGroupNames);
}
first = false;
if (!first) sb.append(", ");
- sb.append("requestorGroupName:");
- if (this.requestorGroupName == null) {
+ sb.append("roleName:");
+ if (this.roleName == null) {
sb.append("null");
} else {
- sb.append(this.requestorGroupName);
+ sb.append(this.roleName);
}
first = false;
sb.append(")");
@@ -557,12 +557,12 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
}
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
+ if (!isSetRequestorGroupNames()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupNames' is unset! Struct:" + toString());
}
- if (!isSetRequestorGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupName' is unset! Struct:" + toString());
+ if (!isSetRoleName()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
}
// check for sub-struct validity
@@ -620,28 +620,28 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // REQUESTOR_GROUP_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
- org.apache.thrift.protocol.TSet _set32 = iprot.readSetBegin();
- struct.requestorGroupName = new HashSet<String>(2*_set32.size);
- for (int _i33 = 0; _i33 < _set32.size; ++_i33)
+ org.apache.thrift.protocol.TSet _set8 = iprot.readSetBegin();
+ struct.requestorGroupNames = new HashSet<String>(2*_set8.size);
+ for (int _i9 = 0; _i9 < _set8.size; ++_i9)
{
- String _elem34; // required
- _elem34 = iprot.readString();
- struct.requestorGroupName.add(_elem34);
+ String _elem10; // required
+ _elem10 = iprot.readString();
+ struct.requestorGroupNames.add(_elem10);
}
iprot.readSetEnd();
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 4: // ROLE_NAME
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
} else {
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -667,23 +667,23 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
oprot.writeString(struct.requestorUserName);
oprot.writeFieldEnd();
}
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.requestorGroupName != null) {
- oprot.writeFieldBegin(REQUESTOR_GROUP_NAME_FIELD_DESC);
+ if (struct.requestorGroupNames != null) {
+ oprot.writeFieldBegin(REQUESTOR_GROUP_NAMES_FIELD_DESC);
{
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupName.size()));
- for (String _iter35 : struct.requestorGroupName)
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupNames.size()));
+ for (String _iter11 : struct.requestorGroupNames)
{
- oprot.writeString(_iter35);
+ oprot.writeString(_iter11);
}
oprot.writeSetEnd();
}
oprot.writeFieldEnd();
}
+ if (struct.roleName != null) {
+ oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
+ oprot.writeString(struct.roleName);
+ oprot.writeFieldEnd();
+ }
oprot.writeFieldStop();
oprot.writeStructEnd();
}
@@ -703,14 +703,14 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
TTupleProtocol oprot = (TTupleProtocol) prot;
oprot.writeI32(struct.protocol_version);
oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
{
- oprot.writeI32(struct.requestorGroupName.size());
- for (String _iter36 : struct.requestorGroupName)
+ oprot.writeI32(struct.requestorGroupNames.size());
+ for (String _iter12 : struct.requestorGroupNames)
{
- oprot.writeString(_iter36);
+ oprot.writeString(_iter12);
}
}
+ oprot.writeString(struct.roleName);
}
@Override
@@ -720,19 +720,19 @@ public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSent
struct.setProtocol_versionIsSet(true);
struct.requestorUserName = iprot.readString();
struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
{
- org.apache.thrift.protocol.TSet _set37 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.requestorGroupName = new HashSet<String>(2*_set37.size);
- for (int _i38 = 0; _i38 < _set37.size; ++_i38)
+ org.apache.thrift.protocol.TSet _set13 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.requestorGroupNames = new HashSet<String>(2*_set13.size);
+ for (int _i14 = 0; _i14 < _set13.size; ++_i14)
{
- String _elem39; // required
- _elem39 = iprot.readString();
- struct.requestorGroupName.add(_elem39);
+ String _elem15; // required
+ _elem15 = iprot.readString();
+ struct.requestorGroupNames.add(_elem15);
}
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
}
}
[3/6] SENTRY-142: Create database backed ProviderBackend (Brock
Noland via Shreepadma Venugopalan)
Posted by sh...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java
new file mode 100644
index 0000000..4e7dad9
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderRequest.java
@@ -0,0 +1,644 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TListSentryPrivilegesForProviderRequest implements org.apache.thrift.TBase<TListSentryPrivilegesForProviderRequest, TListSentryPrivilegesForProviderRequest._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesForProviderRequest");
+
+ private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
+ private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)2);
+ private static final org.apache.thrift.protocol.TField ROLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("roleSet", org.apache.thrift.protocol.TType.STRUCT, (short)3);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new TListSentryPrivilegesForProviderRequestStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new TListSentryPrivilegesForProviderRequestTupleSchemeFactory());
+ }
+
+ private int protocol_version; // required
+ private Set<String> groups; // required
+ private TSentryActiveRoleSet roleSet; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ PROTOCOL_VERSION((short)1, "protocol_version"),
+ GROUPS((short)2, "groups"),
+ ROLE_SET((short)3, "roleSet");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // PROTOCOL_VERSION
+ return PROTOCOL_VERSION;
+ case 2: // GROUPS
+ return GROUPS;
+ case 3: // ROLE_SET
+ return ROLE_SET;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
+ private byte __isset_bitfield = 0;
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+ tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_SET, new org.apache.thrift.meta_data.FieldMetaData("roleSet", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryActiveRoleSet.class)));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesForProviderRequest.class, metaDataMap);
+ }
+
+ public TListSentryPrivilegesForProviderRequest() {
+ this.protocol_version = 1;
+
+ }
+
+ public TListSentryPrivilegesForProviderRequest(
+ int protocol_version,
+ Set<String> groups,
+ TSentryActiveRoleSet roleSet)
+ {
+ this();
+ this.protocol_version = protocol_version;
+ setProtocol_versionIsSet(true);
+ this.groups = groups;
+ this.roleSet = roleSet;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public TListSentryPrivilegesForProviderRequest(TListSentryPrivilegesForProviderRequest other) {
+ __isset_bitfield = other.__isset_bitfield;
+ this.protocol_version = other.protocol_version;
+ if (other.isSetGroups()) {
+ Set<String> __this__groups = new HashSet<String>();
+ for (String other_element : other.groups) {
+ __this__groups.add(other_element);
+ }
+ this.groups = __this__groups;
+ }
+ if (other.isSetRoleSet()) {
+ this.roleSet = new TSentryActiveRoleSet(other.roleSet);
+ }
+ }
+
+ public TListSentryPrivilegesForProviderRequest deepCopy() {
+ return new TListSentryPrivilegesForProviderRequest(this);
+ }
+
+ @Override
+ public void clear() {
+ this.protocol_version = 1;
+
+ this.groups = null;
+ this.roleSet = null;
+ }
+
+ public int getProtocol_version() {
+ return this.protocol_version;
+ }
+
+ public void setProtocol_version(int protocol_version) {
+ this.protocol_version = protocol_version;
+ setProtocol_versionIsSet(true);
+ }
+
+ public void unsetProtocol_version() {
+ __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
+ }
+
+ /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
+ public boolean isSetProtocol_version() {
+ return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
+ }
+
+ public void setProtocol_versionIsSet(boolean value) {
+ __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
+ }
+
+ public int getGroupsSize() {
+ return (this.groups == null) ? 0 : this.groups.size();
+ }
+
+ public java.util.Iterator<String> getGroupsIterator() {
+ return (this.groups == null) ? null : this.groups.iterator();
+ }
+
+ public void addToGroups(String elem) {
+ if (this.groups == null) {
+ this.groups = new HashSet<String>();
+ }
+ this.groups.add(elem);
+ }
+
+ public Set<String> getGroups() {
+ return this.groups;
+ }
+
+ public void setGroups(Set<String> groups) {
+ this.groups = groups;
+ }
+
+ public void unsetGroups() {
+ this.groups = null;
+ }
+
+ /** Returns true if field groups is set (has been assigned a value) and false otherwise */
+ public boolean isSetGroups() {
+ return this.groups != null;
+ }
+
+ public void setGroupsIsSet(boolean value) {
+ if (!value) {
+ this.groups = null;
+ }
+ }
+
+ public TSentryActiveRoleSet getRoleSet() {
+ return this.roleSet;
+ }
+
+ public void setRoleSet(TSentryActiveRoleSet roleSet) {
+ this.roleSet = roleSet;
+ }
+
+ public void unsetRoleSet() {
+ this.roleSet = null;
+ }
+
+ /** Returns true if field roleSet is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleSet() {
+ return this.roleSet != null;
+ }
+
+ public void setRoleSetIsSet(boolean value) {
+ if (!value) {
+ this.roleSet = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case PROTOCOL_VERSION:
+ if (value == null) {
+ unsetProtocol_version();
+ } else {
+ setProtocol_version((Integer)value);
+ }
+ break;
+
+ case GROUPS:
+ if (value == null) {
+ unsetGroups();
+ } else {
+ setGroups((Set<String>)value);
+ }
+ break;
+
+ case ROLE_SET:
+ if (value == null) {
+ unsetRoleSet();
+ } else {
+ setRoleSet((TSentryActiveRoleSet)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case PROTOCOL_VERSION:
+ return Integer.valueOf(getProtocol_version());
+
+ case GROUPS:
+ return getGroups();
+
+ case ROLE_SET:
+ return getRoleSet();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case PROTOCOL_VERSION:
+ return isSetProtocol_version();
+ case GROUPS:
+ return isSetGroups();
+ case ROLE_SET:
+ return isSetRoleSet();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof TListSentryPrivilegesForProviderRequest)
+ return this.equals((TListSentryPrivilegesForProviderRequest)that);
+ return false;
+ }
+
+ public boolean equals(TListSentryPrivilegesForProviderRequest that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_protocol_version = true;
+ boolean that_present_protocol_version = true;
+ if (this_present_protocol_version || that_present_protocol_version) {
+ if (!(this_present_protocol_version && that_present_protocol_version))
+ return false;
+ if (this.protocol_version != that.protocol_version)
+ return false;
+ }
+
+ boolean this_present_groups = true && this.isSetGroups();
+ boolean that_present_groups = true && that.isSetGroups();
+ if (this_present_groups || that_present_groups) {
+ if (!(this_present_groups && that_present_groups))
+ return false;
+ if (!this.groups.equals(that.groups))
+ return false;
+ }
+
+ boolean this_present_roleSet = true && this.isSetRoleSet();
+ boolean that_present_roleSet = true && that.isSetRoleSet();
+ if (this_present_roleSet || that_present_roleSet) {
+ if (!(this_present_roleSet && that_present_roleSet))
+ return false;
+ if (!this.roleSet.equals(that.roleSet))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_protocol_version = true;
+ builder.append(present_protocol_version);
+ if (present_protocol_version)
+ builder.append(protocol_version);
+
+ boolean present_groups = true && (isSetGroups());
+ builder.append(present_groups);
+ if (present_groups)
+ builder.append(groups);
+
+ boolean present_roleSet = true && (isSetRoleSet());
+ builder.append(present_roleSet);
+ if (present_roleSet)
+ builder.append(roleSet);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(TListSentryPrivilegesForProviderRequest other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ TListSentryPrivilegesForProviderRequest typedOther = (TListSentryPrivilegesForProviderRequest)other;
+
+ lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(typedOther.isSetProtocol_version());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetProtocol_version()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, typedOther.protocol_version);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetGroups()).compareTo(typedOther.isSetGroups());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetGroups()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, typedOther.groups);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetRoleSet()).compareTo(typedOther.isSetRoleSet());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetRoleSet()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleSet, typedOther.roleSet);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("TListSentryPrivilegesForProviderRequest(");
+ boolean first = true;
+
+ sb.append("protocol_version:");
+ sb.append(this.protocol_version);
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("groups:");
+ if (this.groups == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.groups);
+ }
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("roleSet:");
+ if (this.roleSet == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.roleSet);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ if (!isSetProtocol_version()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
+ }
+
+ if (!isSetGroups()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
+ }
+
+ if (!isSetRoleSet()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleSet' is unset! Struct:" + toString());
+ }
+
+ // check for sub-struct validity
+ if (roleSet != null) {
+ roleSet.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+ __isset_bitfield = 0;
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class TListSentryPrivilegesForProviderRequestStandardSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesForProviderRequestStandardScheme getScheme() {
+ return new TListSentryPrivilegesForProviderRequestStandardScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesForProviderRequestStandardScheme extends StandardScheme<TListSentryPrivilegesForProviderRequest> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // PROTOCOL_VERSION
+ if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+ struct.protocol_version = iprot.readI32();
+ struct.setProtocol_versionIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 2: // GROUPS
+ if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
+ {
+ org.apache.thrift.protocol.TSet _set88 = iprot.readSetBegin();
+ struct.groups = new HashSet<String>(2*_set88.size);
+ for (int _i89 = 0; _i89 < _set88.size; ++_i89)
+ {
+ String _elem90; // required
+ _elem90 = iprot.readString();
+ struct.groups.add(_elem90);
+ }
+ iprot.readSetEnd();
+ }
+ struct.setGroupsIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 3: // ROLE_SET
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.roleSet = new TSentryActiveRoleSet();
+ struct.roleSet.read(iprot);
+ struct.setRoleSetIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
+ oprot.writeI32(struct.protocol_version);
+ oprot.writeFieldEnd();
+ if (struct.groups != null) {
+ oprot.writeFieldBegin(GROUPS_FIELD_DESC);
+ {
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.groups.size()));
+ for (String _iter91 : struct.groups)
+ {
+ oprot.writeString(_iter91);
+ }
+ oprot.writeSetEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ if (struct.roleSet != null) {
+ oprot.writeFieldBegin(ROLE_SET_FIELD_DESC);
+ struct.roleSet.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class TListSentryPrivilegesForProviderRequestTupleSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesForProviderRequestTupleScheme getScheme() {
+ return new TListSentryPrivilegesForProviderRequestTupleScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesForProviderRequestTupleScheme extends TupleScheme<TListSentryPrivilegesForProviderRequest> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ oprot.writeI32(struct.protocol_version);
+ {
+ oprot.writeI32(struct.groups.size());
+ for (String _iter92 : struct.groups)
+ {
+ oprot.writeString(_iter92);
+ }
+ }
+ struct.roleSet.write(oprot);
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderRequest struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ struct.protocol_version = iprot.readI32();
+ struct.setProtocol_versionIsSet(true);
+ {
+ org.apache.thrift.protocol.TSet _set93 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.groups = new HashSet<String>(2*_set93.size);
+ for (int _i94 = 0; _i94 < _set93.size; ++_i94)
+ {
+ String _elem95; // required
+ _elem95 = iprot.readString();
+ struct.groups.add(_elem95);
+ }
+ }
+ struct.setGroupsIsSet(true);
+ struct.roleSet = new TSentryActiveRoleSet();
+ struct.roleSet.read(iprot);
+ struct.setRoleSetIsSet(true);
+ }
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java
new file mode 100644
index 0000000..341a016
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryPrivilegesForProviderResponse.java
@@ -0,0 +1,543 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TListSentryPrivilegesForProviderResponse implements org.apache.thrift.TBase<TListSentryPrivilegesForProviderResponse, TListSentryPrivilegesForProviderResponse._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesForProviderResponse");
+
+ private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
+ private static final org.apache.thrift.protocol.TField PRIVILEGES_FIELD_DESC = new org.apache.thrift.protocol.TField("privileges", org.apache.thrift.protocol.TType.SET, (short)2);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new TListSentryPrivilegesForProviderResponseStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new TListSentryPrivilegesForProviderResponseTupleSchemeFactory());
+ }
+
+ private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
+ private Set<String> privileges; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ STATUS((short)1, "status"),
+ PRIVILEGES((short)2, "privileges");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // STATUS
+ return STATUS;
+ case 2: // PRIVILEGES
+ return PRIVILEGES;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
+ tmpMap.put(_Fields.PRIVILEGES, new org.apache.thrift.meta_data.FieldMetaData("privileges", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesForProviderResponse.class, metaDataMap);
+ }
+
+ public TListSentryPrivilegesForProviderResponse() {
+ }
+
+ public TListSentryPrivilegesForProviderResponse(
+ org.apache.sentry.service.thrift.TSentryResponseStatus status,
+ Set<String> privileges)
+ {
+ this();
+ this.status = status;
+ this.privileges = privileges;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public TListSentryPrivilegesForProviderResponse(TListSentryPrivilegesForProviderResponse other) {
+ if (other.isSetStatus()) {
+ this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
+ }
+ if (other.isSetPrivileges()) {
+ Set<String> __this__privileges = new HashSet<String>();
+ for (String other_element : other.privileges) {
+ __this__privileges.add(other_element);
+ }
+ this.privileges = __this__privileges;
+ }
+ }
+
+ public TListSentryPrivilegesForProviderResponse deepCopy() {
+ return new TListSentryPrivilegesForProviderResponse(this);
+ }
+
+ @Override
+ public void clear() {
+ this.status = null;
+ this.privileges = null;
+ }
+
+ public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
+ return this.status;
+ }
+
+ public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
+ this.status = status;
+ }
+
+ public void unsetStatus() {
+ this.status = null;
+ }
+
+ /** Returns true if field status is set (has been assigned a value) and false otherwise */
+ public boolean isSetStatus() {
+ return this.status != null;
+ }
+
+ public void setStatusIsSet(boolean value) {
+ if (!value) {
+ this.status = null;
+ }
+ }
+
+ public int getPrivilegesSize() {
+ return (this.privileges == null) ? 0 : this.privileges.size();
+ }
+
+ public java.util.Iterator<String> getPrivilegesIterator() {
+ return (this.privileges == null) ? null : this.privileges.iterator();
+ }
+
+ public void addToPrivileges(String elem) {
+ if (this.privileges == null) {
+ this.privileges = new HashSet<String>();
+ }
+ this.privileges.add(elem);
+ }
+
+ public Set<String> getPrivileges() {
+ return this.privileges;
+ }
+
+ public void setPrivileges(Set<String> privileges) {
+ this.privileges = privileges;
+ }
+
+ public void unsetPrivileges() {
+ this.privileges = null;
+ }
+
+ /** Returns true if field privileges is set (has been assigned a value) and false otherwise */
+ public boolean isSetPrivileges() {
+ return this.privileges != null;
+ }
+
+ public void setPrivilegesIsSet(boolean value) {
+ if (!value) {
+ this.privileges = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case STATUS:
+ if (value == null) {
+ unsetStatus();
+ } else {
+ setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
+ }
+ break;
+
+ case PRIVILEGES:
+ if (value == null) {
+ unsetPrivileges();
+ } else {
+ setPrivileges((Set<String>)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case STATUS:
+ return getStatus();
+
+ case PRIVILEGES:
+ return getPrivileges();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case STATUS:
+ return isSetStatus();
+ case PRIVILEGES:
+ return isSetPrivileges();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof TListSentryPrivilegesForProviderResponse)
+ return this.equals((TListSentryPrivilegesForProviderResponse)that);
+ return false;
+ }
+
+ public boolean equals(TListSentryPrivilegesForProviderResponse that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_status = true && this.isSetStatus();
+ boolean that_present_status = true && that.isSetStatus();
+ if (this_present_status || that_present_status) {
+ if (!(this_present_status && that_present_status))
+ return false;
+ if (!this.status.equals(that.status))
+ return false;
+ }
+
+ boolean this_present_privileges = true && this.isSetPrivileges();
+ boolean that_present_privileges = true && that.isSetPrivileges();
+ if (this_present_privileges || that_present_privileges) {
+ if (!(this_present_privileges && that_present_privileges))
+ return false;
+ if (!this.privileges.equals(that.privileges))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_status = true && (isSetStatus());
+ builder.append(present_status);
+ if (present_status)
+ builder.append(status);
+
+ boolean present_privileges = true && (isSetPrivileges());
+ builder.append(present_privileges);
+ if (present_privileges)
+ builder.append(privileges);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(TListSentryPrivilegesForProviderResponse other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ TListSentryPrivilegesForProviderResponse typedOther = (TListSentryPrivilegesForProviderResponse)other;
+
+ lastComparison = Boolean.valueOf(isSetStatus()).compareTo(typedOther.isSetStatus());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetStatus()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, typedOther.status);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetPrivileges()).compareTo(typedOther.isSetPrivileges());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetPrivileges()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privileges, typedOther.privileges);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("TListSentryPrivilegesForProviderResponse(");
+ boolean first = true;
+
+ sb.append("status:");
+ if (this.status == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.status);
+ }
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("privileges:");
+ if (this.privileges == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.privileges);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ if (!isSetStatus()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
+ }
+
+ if (!isSetPrivileges()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'privileges' is unset! Struct:" + toString());
+ }
+
+ // check for sub-struct validity
+ if (status != null) {
+ status.validate();
+ }
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class TListSentryPrivilegesForProviderResponseStandardSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesForProviderResponseStandardScheme getScheme() {
+ return new TListSentryPrivilegesForProviderResponseStandardScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesForProviderResponseStandardScheme extends StandardScheme<TListSentryPrivilegesForProviderResponse> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // STATUS
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+ struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
+ struct.status.read(iprot);
+ struct.setStatusIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 2: // PRIVILEGES
+ if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
+ {
+ org.apache.thrift.protocol.TSet _set96 = iprot.readSetBegin();
+ struct.privileges = new HashSet<String>(2*_set96.size);
+ for (int _i97 = 0; _i97 < _set96.size; ++_i97)
+ {
+ String _elem98; // required
+ _elem98 = iprot.readString();
+ struct.privileges.add(_elem98);
+ }
+ iprot.readSetEnd();
+ }
+ struct.setPrivilegesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ if (struct.status != null) {
+ oprot.writeFieldBegin(STATUS_FIELD_DESC);
+ struct.status.write(oprot);
+ oprot.writeFieldEnd();
+ }
+ if (struct.privileges != null) {
+ oprot.writeFieldBegin(PRIVILEGES_FIELD_DESC);
+ {
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.privileges.size()));
+ for (String _iter99 : struct.privileges)
+ {
+ oprot.writeString(_iter99);
+ }
+ oprot.writeSetEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class TListSentryPrivilegesForProviderResponseTupleSchemeFactory implements SchemeFactory {
+ public TListSentryPrivilegesForProviderResponseTupleScheme getScheme() {
+ return new TListSentryPrivilegesForProviderResponseTupleScheme();
+ }
+ }
+
+ private static class TListSentryPrivilegesForProviderResponseTupleScheme extends TupleScheme<TListSentryPrivilegesForProviderResponse> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ struct.status.write(oprot);
+ {
+ oprot.writeI32(struct.privileges.size());
+ for (String _iter100 : struct.privileges)
+ {
+ oprot.writeString(_iter100);
+ }
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesForProviderResponse struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
+ struct.status.read(iprot);
+ struct.setStatusIsSet(true);
+ {
+ org.apache.thrift.protocol.TSet _set101 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.privileges = new HashSet<String>(2*_set101.size);
+ for (int _i102 = 0; _i102 < _set101.size; ++_i102)
+ {
+ String _elem103; // required
+ _elem103 = iprot.readString();
+ struct.privileges.add(_elem103);
+ }
+ }
+ struct.setPrivilegesIsSet(true);
+ }
+ }
+
+}
+
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
index e144ac9..eef34f8 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
@@ -36,9 +36,8 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLEREQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("rolerequestorGroupName", org.apache.thrift.protocol.TType.STRING, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLEREQUESTOR_GROUP_NAMES_FIELD_DESC = new org.apache.thrift.protocol.TField("rolerequestorGroupNames", org.apache.thrift.protocol.TType.STRING, (short)3);
private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
- private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupName", org.apache.thrift.protocol.TType.SET, (short)5);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
static {
@@ -48,17 +47,15 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
private int protocol_version; // required
private String requestorUserName; // required
- private String rolerequestorGroupName; // optional
+ private String rolerequestorGroupNames; // optional
private String roleName; // required
- private Set<String> requestorGroupName; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
PROTOCOL_VERSION((short)1, "protocol_version"),
REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLEREQUESTOR_GROUP_NAME((short)3, "rolerequestorGroupName"),
- ROLE_NAME((short)4, "roleName"),
- REQUESTOR_GROUP_NAME((short)5, "requestorGroupName");
+ ROLEREQUESTOR_GROUP_NAMES((short)3, "rolerequestorGroupNames"),
+ ROLE_NAME((short)4, "roleName");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -77,12 +74,10 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
return PROTOCOL_VERSION;
case 2: // REQUESTOR_USER_NAME
return REQUESTOR_USER_NAME;
- case 3: // ROLEREQUESTOR_GROUP_NAME
- return ROLEREQUESTOR_GROUP_NAME;
+ case 3: // ROLEREQUESTOR_GROUP_NAMES
+ return ROLEREQUESTOR_GROUP_NAMES;
case 4: // ROLE_NAME
return ROLE_NAME;
- case 5: // REQUESTOR_GROUP_NAME
- return REQUESTOR_GROUP_NAME;
default:
return null;
}
@@ -125,7 +120,7 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
// isset id assignments
private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
private byte __isset_bitfield = 0;
- private _Fields optionals[] = {_Fields.ROLEREQUESTOR_GROUP_NAME};
+ private _Fields optionals[] = {_Fields.ROLEREQUESTOR_GROUP_NAMES};
public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
static {
Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
@@ -133,13 +128,10 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLEREQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("rolerequestorGroupName", org.apache.thrift.TFieldRequirementType.OPTIONAL,
+ tmpMap.put(_Fields.ROLEREQUESTOR_GROUP_NAMES, new org.apache.thrift.meta_data.FieldMetaData("rolerequestorGroupNames", org.apache.thrift.TFieldRequirementType.OPTIONAL,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.REQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
metaDataMap = Collections.unmodifiableMap(tmpMap);
org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryRolesRequest.class, metaDataMap);
}
@@ -152,15 +144,13 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
public TListSentryRolesRequest(
int protocol_version,
String requestorUserName,
- String roleName,
- Set<String> requestorGroupName)
+ String roleName)
{
this();
this.protocol_version = protocol_version;
setProtocol_versionIsSet(true);
this.requestorUserName = requestorUserName;
this.roleName = roleName;
- this.requestorGroupName = requestorGroupName;
}
/**
@@ -172,19 +162,12 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
if (other.isSetRequestorUserName()) {
this.requestorUserName = other.requestorUserName;
}
- if (other.isSetRolerequestorGroupName()) {
- this.rolerequestorGroupName = other.rolerequestorGroupName;
+ if (other.isSetRolerequestorGroupNames()) {
+ this.rolerequestorGroupNames = other.rolerequestorGroupNames;
}
if (other.isSetRoleName()) {
this.roleName = other.roleName;
}
- if (other.isSetRequestorGroupName()) {
- Set<String> __this__requestorGroupName = new HashSet<String>();
- for (String other_element : other.requestorGroupName) {
- __this__requestorGroupName.add(other_element);
- }
- this.requestorGroupName = __this__requestorGroupName;
- }
}
public TListSentryRolesRequest deepCopy() {
@@ -196,9 +179,8 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
this.protocol_version = 1;
this.requestorUserName = null;
- this.rolerequestorGroupName = null;
+ this.rolerequestorGroupNames = null;
this.roleName = null;
- this.requestorGroupName = null;
}
public int getProtocol_version() {
@@ -246,26 +228,26 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
}
}
- public String getRolerequestorGroupName() {
- return this.rolerequestorGroupName;
+ public String getRolerequestorGroupNames() {
+ return this.rolerequestorGroupNames;
}
- public void setRolerequestorGroupName(String rolerequestorGroupName) {
- this.rolerequestorGroupName = rolerequestorGroupName;
+ public void setRolerequestorGroupNames(String rolerequestorGroupNames) {
+ this.rolerequestorGroupNames = rolerequestorGroupNames;
}
- public void unsetRolerequestorGroupName() {
- this.rolerequestorGroupName = null;
+ public void unsetRolerequestorGroupNames() {
+ this.rolerequestorGroupNames = null;
}
- /** Returns true if field rolerequestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRolerequestorGroupName() {
- return this.rolerequestorGroupName != null;
+ /** Returns true if field rolerequestorGroupNames is set (has been assigned a value) and false otherwise */
+ public boolean isSetRolerequestorGroupNames() {
+ return this.rolerequestorGroupNames != null;
}
- public void setRolerequestorGroupNameIsSet(boolean value) {
+ public void setRolerequestorGroupNamesIsSet(boolean value) {
if (!value) {
- this.rolerequestorGroupName = null;
+ this.rolerequestorGroupNames = null;
}
}
@@ -292,44 +274,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
}
}
- public int getRequestorGroupNameSize() {
- return (this.requestorGroupName == null) ? 0 : this.requestorGroupName.size();
- }
-
- public java.util.Iterator<String> getRequestorGroupNameIterator() {
- return (this.requestorGroupName == null) ? null : this.requestorGroupName.iterator();
- }
-
- public void addToRequestorGroupName(String elem) {
- if (this.requestorGroupName == null) {
- this.requestorGroupName = new HashSet<String>();
- }
- this.requestorGroupName.add(elem);
- }
-
- public Set<String> getRequestorGroupName() {
- return this.requestorGroupName;
- }
-
- public void setRequestorGroupName(Set<String> requestorGroupName) {
- this.requestorGroupName = requestorGroupName;
- }
-
- public void unsetRequestorGroupName() {
- this.requestorGroupName = null;
- }
-
- /** Returns true if field requestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorGroupName() {
- return this.requestorGroupName != null;
- }
-
- public void setRequestorGroupNameIsSet(boolean value) {
- if (!value) {
- this.requestorGroupName = null;
- }
- }
-
public void setFieldValue(_Fields field, Object value) {
switch (field) {
case PROTOCOL_VERSION:
@@ -348,11 +292,11 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
}
break;
- case ROLEREQUESTOR_GROUP_NAME:
+ case ROLEREQUESTOR_GROUP_NAMES:
if (value == null) {
- unsetRolerequestorGroupName();
+ unsetRolerequestorGroupNames();
} else {
- setRolerequestorGroupName((String)value);
+ setRolerequestorGroupNames((String)value);
}
break;
@@ -364,14 +308,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
}
break;
- case REQUESTOR_GROUP_NAME:
- if (value == null) {
- unsetRequestorGroupName();
- } else {
- setRequestorGroupName((Set<String>)value);
- }
- break;
-
}
}
@@ -383,15 +319,12 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
case REQUESTOR_USER_NAME:
return getRequestorUserName();
- case ROLEREQUESTOR_GROUP_NAME:
- return getRolerequestorGroupName();
+ case ROLEREQUESTOR_GROUP_NAMES:
+ return getRolerequestorGroupNames();
case ROLE_NAME:
return getRoleName();
- case REQUESTOR_GROUP_NAME:
- return getRequestorGroupName();
-
}
throw new IllegalStateException();
}
@@ -407,12 +340,10 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
return isSetProtocol_version();
case REQUESTOR_USER_NAME:
return isSetRequestorUserName();
- case ROLEREQUESTOR_GROUP_NAME:
- return isSetRolerequestorGroupName();
+ case ROLEREQUESTOR_GROUP_NAMES:
+ return isSetRolerequestorGroupNames();
case ROLE_NAME:
return isSetRoleName();
- case REQUESTOR_GROUP_NAME:
- return isSetRequestorGroupName();
}
throw new IllegalStateException();
}
@@ -448,12 +379,12 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
return false;
}
- boolean this_present_rolerequestorGroupName = true && this.isSetRolerequestorGroupName();
- boolean that_present_rolerequestorGroupName = true && that.isSetRolerequestorGroupName();
- if (this_present_rolerequestorGroupName || that_present_rolerequestorGroupName) {
- if (!(this_present_rolerequestorGroupName && that_present_rolerequestorGroupName))
+ boolean this_present_rolerequestorGroupNames = true && this.isSetRolerequestorGroupNames();
+ boolean that_present_rolerequestorGroupNames = true && that.isSetRolerequestorGroupNames();
+ if (this_present_rolerequestorGroupNames || that_present_rolerequestorGroupNames) {
+ if (!(this_present_rolerequestorGroupNames && that_present_rolerequestorGroupNames))
return false;
- if (!this.rolerequestorGroupName.equals(that.rolerequestorGroupName))
+ if (!this.rolerequestorGroupNames.equals(that.rolerequestorGroupNames))
return false;
}
@@ -466,15 +397,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
return false;
}
- boolean this_present_requestorGroupName = true && this.isSetRequestorGroupName();
- boolean that_present_requestorGroupName = true && that.isSetRequestorGroupName();
- if (this_present_requestorGroupName || that_present_requestorGroupName) {
- if (!(this_present_requestorGroupName && that_present_requestorGroupName))
- return false;
- if (!this.requestorGroupName.equals(that.requestorGroupName))
- return false;
- }
-
return true;
}
@@ -492,21 +414,16 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
if (present_requestorUserName)
builder.append(requestorUserName);
- boolean present_rolerequestorGroupName = true && (isSetRolerequestorGroupName());
- builder.append(present_rolerequestorGroupName);
- if (present_rolerequestorGroupName)
- builder.append(rolerequestorGroupName);
+ boolean present_rolerequestorGroupNames = true && (isSetRolerequestorGroupNames());
+ builder.append(present_rolerequestorGroupNames);
+ if (present_rolerequestorGroupNames)
+ builder.append(rolerequestorGroupNames);
boolean present_roleName = true && (isSetRoleName());
builder.append(present_roleName);
if (present_roleName)
builder.append(roleName);
- boolean present_requestorGroupName = true && (isSetRequestorGroupName());
- builder.append(present_requestorGroupName);
- if (present_requestorGroupName)
- builder.append(requestorGroupName);
-
return builder.toHashCode();
}
@@ -538,12 +455,12 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRolerequestorGroupName()).compareTo(typedOther.isSetRolerequestorGroupName());
+ lastComparison = Boolean.valueOf(isSetRolerequestorGroupNames()).compareTo(typedOther.isSetRolerequestorGroupNames());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRolerequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.rolerequestorGroupName, typedOther.rolerequestorGroupName);
+ if (isSetRolerequestorGroupNames()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.rolerequestorGroupNames, typedOther.rolerequestorGroupNames);
if (lastComparison != 0) {
return lastComparison;
}
@@ -558,16 +475,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRequestorGroupName()).compareTo(typedOther.isSetRequestorGroupName());
- if (lastComparison != 0) {
- return lastComparison;
- }
- if (isSetRequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupName, typedOther.requestorGroupName);
- if (lastComparison != 0) {
- return lastComparison;
- }
- }
return 0;
}
@@ -599,13 +506,13 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
sb.append(this.requestorUserName);
}
first = false;
- if (isSetRolerequestorGroupName()) {
+ if (isSetRolerequestorGroupNames()) {
if (!first) sb.append(", ");
- sb.append("rolerequestorGroupName:");
- if (this.rolerequestorGroupName == null) {
+ sb.append("rolerequestorGroupNames:");
+ if (this.rolerequestorGroupNames == null) {
sb.append("null");
} else {
- sb.append(this.rolerequestorGroupName);
+ sb.append(this.rolerequestorGroupNames);
}
first = false;
}
@@ -617,14 +524,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
sb.append(this.roleName);
}
first = false;
- if (!first) sb.append(", ");
- sb.append("requestorGroupName:");
- if (this.requestorGroupName == null) {
- sb.append("null");
- } else {
- sb.append(this.requestorGroupName);
- }
- first = false;
sb.append(")");
return sb.toString();
}
@@ -643,10 +542,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
}
- if (!isSetRequestorGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupName' is unset! Struct:" + toString());
- }
-
// check for sub-struct validity
}
@@ -702,10 +597,10 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // ROLEREQUESTOR_GROUP_NAME
+ case 3: // ROLEREQUESTOR_GROUP_NAMES
if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.rolerequestorGroupName = iprot.readString();
- struct.setRolerequestorGroupNameIsSet(true);
+ struct.rolerequestorGroupNames = iprot.readString();
+ struct.setRolerequestorGroupNamesIsSet(true);
} else {
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -718,24 +613,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 5: // REQUESTOR_GROUP_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
- {
- org.apache.thrift.protocol.TSet _set16 = iprot.readSetBegin();
- struct.requestorGroupName = new HashSet<String>(2*_set16.size);
- for (int _i17 = 0; _i17 < _set16.size; ++_i17)
- {
- String _elem18; // required
- _elem18 = iprot.readString();
- struct.requestorGroupName.add(_elem18);
- }
- iprot.readSetEnd();
- }
- struct.setRequestorGroupNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
default:
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -757,10 +634,10 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
oprot.writeString(struct.requestorUserName);
oprot.writeFieldEnd();
}
- if (struct.rolerequestorGroupName != null) {
- if (struct.isSetRolerequestorGroupName()) {
- oprot.writeFieldBegin(ROLEREQUESTOR_GROUP_NAME_FIELD_DESC);
- oprot.writeString(struct.rolerequestorGroupName);
+ if (struct.rolerequestorGroupNames != null) {
+ if (struct.isSetRolerequestorGroupNames()) {
+ oprot.writeFieldBegin(ROLEREQUESTOR_GROUP_NAMES_FIELD_DESC);
+ oprot.writeString(struct.rolerequestorGroupNames);
oprot.writeFieldEnd();
}
}
@@ -769,18 +646,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
oprot.writeString(struct.roleName);
oprot.writeFieldEnd();
}
- if (struct.requestorGroupName != null) {
- oprot.writeFieldBegin(REQUESTOR_GROUP_NAME_FIELD_DESC);
- {
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupName.size()));
- for (String _iter19 : struct.requestorGroupName)
- {
- oprot.writeString(_iter19);
- }
- oprot.writeSetEnd();
- }
- oprot.writeFieldEnd();
- }
oprot.writeFieldStop();
oprot.writeStructEnd();
}
@@ -801,20 +666,13 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
oprot.writeI32(struct.protocol_version);
oprot.writeString(struct.requestorUserName);
oprot.writeString(struct.roleName);
- {
- oprot.writeI32(struct.requestorGroupName.size());
- for (String _iter20 : struct.requestorGroupName)
- {
- oprot.writeString(_iter20);
- }
- }
BitSet optionals = new BitSet();
- if (struct.isSetRolerequestorGroupName()) {
+ if (struct.isSetRolerequestorGroupNames()) {
optionals.set(0);
}
oprot.writeBitSet(optionals, 1);
- if (struct.isSetRolerequestorGroupName()) {
- oprot.writeString(struct.rolerequestorGroupName);
+ if (struct.isSetRolerequestorGroupNames()) {
+ oprot.writeString(struct.rolerequestorGroupNames);
}
}
@@ -827,21 +685,10 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
struct.setRequestorUserNameIsSet(true);
struct.roleName = iprot.readString();
struct.setRoleNameIsSet(true);
- {
- org.apache.thrift.protocol.TSet _set21 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.requestorGroupName = new HashSet<String>(2*_set21.size);
- for (int _i22 = 0; _i22 < _set21.size; ++_i22)
- {
- String _elem23; // required
- _elem23 = iprot.readString();
- struct.requestorGroupName.add(_elem23);
- }
- }
- struct.setRequestorGroupNameIsSet(true);
BitSet incoming = iprot.readBitSet(1);
if (incoming.get(0)) {
- struct.rolerequestorGroupName = iprot.readString();
- struct.setRolerequestorGroupNameIsSet(true);
+ struct.rolerequestorGroupNames = iprot.readString();
+ struct.setRolerequestorGroupNamesIsSet(true);
}
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java
new file mode 100644
index 0000000..9d96139
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryActiveRoleSet.java
@@ -0,0 +1,536 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ * @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TSentryActiveRoleSet implements org.apache.thrift.TBase<TSentryActiveRoleSet, TSentryActiveRoleSet._Fields>, java.io.Serializable, Cloneable {
+ private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TSentryActiveRoleSet");
+
+ private static final org.apache.thrift.protocol.TField ALL_FIELD_DESC = new org.apache.thrift.protocol.TField("all", org.apache.thrift.protocol.TType.BOOL, (short)1);
+ private static final org.apache.thrift.protocol.TField ROLES_FIELD_DESC = new org.apache.thrift.protocol.TField("roles", org.apache.thrift.protocol.TType.SET, (short)2);
+
+ private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+ static {
+ schemes.put(StandardScheme.class, new TSentryActiveRoleSetStandardSchemeFactory());
+ schemes.put(TupleScheme.class, new TSentryActiveRoleSetTupleSchemeFactory());
+ }
+
+ private boolean all; // required
+ private Set<String> roles; // required
+
+ /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+ public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+ ALL((short)1, "all"),
+ ROLES((short)2, "roles");
+
+ private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+ static {
+ for (_Fields field : EnumSet.allOf(_Fields.class)) {
+ byName.put(field.getFieldName(), field);
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, or null if its not found.
+ */
+ public static _Fields findByThriftId(int fieldId) {
+ switch(fieldId) {
+ case 1: // ALL
+ return ALL;
+ case 2: // ROLES
+ return ROLES;
+ default:
+ return null;
+ }
+ }
+
+ /**
+ * Find the _Fields constant that matches fieldId, throwing an exception
+ * if it is not found.
+ */
+ public static _Fields findByThriftIdOrThrow(int fieldId) {
+ _Fields fields = findByThriftId(fieldId);
+ if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+ return fields;
+ }
+
+ /**
+ * Find the _Fields constant that matches name, or null if its not found.
+ */
+ public static _Fields findByName(String name) {
+ return byName.get(name);
+ }
+
+ private final short _thriftId;
+ private final String _fieldName;
+
+ _Fields(short thriftId, String fieldName) {
+ _thriftId = thriftId;
+ _fieldName = fieldName;
+ }
+
+ public short getThriftFieldId() {
+ return _thriftId;
+ }
+
+ public String getFieldName() {
+ return _fieldName;
+ }
+ }
+
+ // isset id assignments
+ private static final int __ALL_ISSET_ID = 0;
+ private byte __isset_bitfield = 0;
+ public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+ static {
+ Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+ tmpMap.put(_Fields.ALL, new org.apache.thrift.meta_data.FieldMetaData("all", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.BOOL)));
+ tmpMap.put(_Fields.ROLES, new org.apache.thrift.meta_data.FieldMetaData("roles", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ metaDataMap = Collections.unmodifiableMap(tmpMap);
+ org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TSentryActiveRoleSet.class, metaDataMap);
+ }
+
+ public TSentryActiveRoleSet() {
+ }
+
+ public TSentryActiveRoleSet(
+ boolean all,
+ Set<String> roles)
+ {
+ this();
+ this.all = all;
+ setAllIsSet(true);
+ this.roles = roles;
+ }
+
+ /**
+ * Performs a deep copy on <i>other</i>.
+ */
+ public TSentryActiveRoleSet(TSentryActiveRoleSet other) {
+ __isset_bitfield = other.__isset_bitfield;
+ this.all = other.all;
+ if (other.isSetRoles()) {
+ Set<String> __this__roles = new HashSet<String>();
+ for (String other_element : other.roles) {
+ __this__roles.add(other_element);
+ }
+ this.roles = __this__roles;
+ }
+ }
+
+ public TSentryActiveRoleSet deepCopy() {
+ return new TSentryActiveRoleSet(this);
+ }
+
+ @Override
+ public void clear() {
+ setAllIsSet(false);
+ this.all = false;
+ this.roles = null;
+ }
+
+ public boolean isAll() {
+ return this.all;
+ }
+
+ public void setAll(boolean all) {
+ this.all = all;
+ setAllIsSet(true);
+ }
+
+ public void unsetAll() {
+ __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __ALL_ISSET_ID);
+ }
+
+ /** Returns true if field all is set (has been assigned a value) and false otherwise */
+ public boolean isSetAll() {
+ return EncodingUtils.testBit(__isset_bitfield, __ALL_ISSET_ID);
+ }
+
+ public void setAllIsSet(boolean value) {
+ __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __ALL_ISSET_ID, value);
+ }
+
+ public int getRolesSize() {
+ return (this.roles == null) ? 0 : this.roles.size();
+ }
+
+ public java.util.Iterator<String> getRolesIterator() {
+ return (this.roles == null) ? null : this.roles.iterator();
+ }
+
+ public void addToRoles(String elem) {
+ if (this.roles == null) {
+ this.roles = new HashSet<String>();
+ }
+ this.roles.add(elem);
+ }
+
+ public Set<String> getRoles() {
+ return this.roles;
+ }
+
+ public void setRoles(Set<String> roles) {
+ this.roles = roles;
+ }
+
+ public void unsetRoles() {
+ this.roles = null;
+ }
+
+ /** Returns true if field roles is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoles() {
+ return this.roles != null;
+ }
+
+ public void setRolesIsSet(boolean value) {
+ if (!value) {
+ this.roles = null;
+ }
+ }
+
+ public void setFieldValue(_Fields field, Object value) {
+ switch (field) {
+ case ALL:
+ if (value == null) {
+ unsetAll();
+ } else {
+ setAll((Boolean)value);
+ }
+ break;
+
+ case ROLES:
+ if (value == null) {
+ unsetRoles();
+ } else {
+ setRoles((Set<String>)value);
+ }
+ break;
+
+ }
+ }
+
+ public Object getFieldValue(_Fields field) {
+ switch (field) {
+ case ALL:
+ return Boolean.valueOf(isAll());
+
+ case ROLES:
+ return getRoles();
+
+ }
+ throw new IllegalStateException();
+ }
+
+ /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+ public boolean isSet(_Fields field) {
+ if (field == null) {
+ throw new IllegalArgumentException();
+ }
+
+ switch (field) {
+ case ALL:
+ return isSetAll();
+ case ROLES:
+ return isSetRoles();
+ }
+ throw new IllegalStateException();
+ }
+
+ @Override
+ public boolean equals(Object that) {
+ if (that == null)
+ return false;
+ if (that instanceof TSentryActiveRoleSet)
+ return this.equals((TSentryActiveRoleSet)that);
+ return false;
+ }
+
+ public boolean equals(TSentryActiveRoleSet that) {
+ if (that == null)
+ return false;
+
+ boolean this_present_all = true;
+ boolean that_present_all = true;
+ if (this_present_all || that_present_all) {
+ if (!(this_present_all && that_present_all))
+ return false;
+ if (this.all != that.all)
+ return false;
+ }
+
+ boolean this_present_roles = true && this.isSetRoles();
+ boolean that_present_roles = true && that.isSetRoles();
+ if (this_present_roles || that_present_roles) {
+ if (!(this_present_roles && that_present_roles))
+ return false;
+ if (!this.roles.equals(that.roles))
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode() {
+ HashCodeBuilder builder = new HashCodeBuilder();
+
+ boolean present_all = true;
+ builder.append(present_all);
+ if (present_all)
+ builder.append(all);
+
+ boolean present_roles = true && (isSetRoles());
+ builder.append(present_roles);
+ if (present_roles)
+ builder.append(roles);
+
+ return builder.toHashCode();
+ }
+
+ public int compareTo(TSentryActiveRoleSet other) {
+ if (!getClass().equals(other.getClass())) {
+ return getClass().getName().compareTo(other.getClass().getName());
+ }
+
+ int lastComparison = 0;
+ TSentryActiveRoleSet typedOther = (TSentryActiveRoleSet)other;
+
+ lastComparison = Boolean.valueOf(isSetAll()).compareTo(typedOther.isSetAll());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetAll()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.all, typedOther.all);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetRoles()).compareTo(typedOther.isSetRoles());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetRoles()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roles, typedOther.roles);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ return 0;
+ }
+
+ public _Fields fieldForId(int fieldId) {
+ return _Fields.findByThriftId(fieldId);
+ }
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+ schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+ schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+ }
+
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder("TSentryActiveRoleSet(");
+ boolean first = true;
+
+ sb.append("all:");
+ sb.append(this.all);
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("roles:");
+ if (this.roles == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.roles);
+ }
+ first = false;
+ sb.append(")");
+ return sb.toString();
+ }
+
+ public void validate() throws org.apache.thrift.TException {
+ // check for required fields
+ if (!isSetAll()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'all' is unset! Struct:" + toString());
+ }
+
+ if (!isSetRoles()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roles' is unset! Struct:" + toString());
+ }
+
+ // check for sub-struct validity
+ }
+
+ private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+ try {
+ write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+ try {
+ // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+ __isset_bitfield = 0;
+ read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+ } catch (org.apache.thrift.TException te) {
+ throw new java.io.IOException(te);
+ }
+ }
+
+ private static class TSentryActiveRoleSetStandardSchemeFactory implements SchemeFactory {
+ public TSentryActiveRoleSetStandardScheme getScheme() {
+ return new TSentryActiveRoleSetStandardScheme();
+ }
+ }
+
+ private static class TSentryActiveRoleSetStandardScheme extends StandardScheme<TSentryActiveRoleSet> {
+
+ public void read(org.apache.thrift.protocol.TProtocol iprot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
+ org.apache.thrift.protocol.TField schemeField;
+ iprot.readStructBegin();
+ while (true)
+ {
+ schemeField = iprot.readFieldBegin();
+ if (schemeField.type == org.apache.thrift.protocol.TType.STOP) {
+ break;
+ }
+ switch (schemeField.id) {
+ case 1: // ALL
+ if (schemeField.type == org.apache.thrift.protocol.TType.BOOL) {
+ struct.all = iprot.readBool();
+ struct.setAllIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 2: // ROLES
+ if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
+ {
+ org.apache.thrift.protocol.TSet _set80 = iprot.readSetBegin();
+ struct.roles = new HashSet<String>(2*_set80.size);
+ for (int _i81 = 0; _i81 < _set80.size; ++_i81)
+ {
+ String _elem82; // required
+ _elem82 = iprot.readString();
+ struct.roles.add(_elem82);
+ }
+ iprot.readSetEnd();
+ }
+ struct.setRolesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ default:
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ iprot.readFieldEnd();
+ }
+ iprot.readStructEnd();
+ struct.validate();
+ }
+
+ public void write(org.apache.thrift.protocol.TProtocol oprot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
+ struct.validate();
+
+ oprot.writeStructBegin(STRUCT_DESC);
+ oprot.writeFieldBegin(ALL_FIELD_DESC);
+ oprot.writeBool(struct.all);
+ oprot.writeFieldEnd();
+ if (struct.roles != null) {
+ oprot.writeFieldBegin(ROLES_FIELD_DESC);
+ {
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.roles.size()));
+ for (String _iter83 : struct.roles)
+ {
+ oprot.writeString(_iter83);
+ }
+ oprot.writeSetEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ oprot.writeFieldStop();
+ oprot.writeStructEnd();
+ }
+
+ }
+
+ private static class TSentryActiveRoleSetTupleSchemeFactory implements SchemeFactory {
+ public TSentryActiveRoleSetTupleScheme getScheme() {
+ return new TSentryActiveRoleSetTupleScheme();
+ }
+ }
+
+ private static class TSentryActiveRoleSetTupleScheme extends TupleScheme<TSentryActiveRoleSet> {
+
+ @Override
+ public void write(org.apache.thrift.protocol.TProtocol prot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
+ TTupleProtocol oprot = (TTupleProtocol) prot;
+ oprot.writeBool(struct.all);
+ {
+ oprot.writeI32(struct.roles.size());
+ for (String _iter84 : struct.roles)
+ {
+ oprot.writeString(_iter84);
+ }
+ }
+ }
+
+ @Override
+ public void read(org.apache.thrift.protocol.TProtocol prot, TSentryActiveRoleSet struct) throws org.apache.thrift.TException {
+ TTupleProtocol iprot = (TTupleProtocol) prot;
+ struct.all = iprot.readBool();
+ struct.setAllIsSet(true);
+ {
+ org.apache.thrift.protocol.TSet _set85 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.roles = new HashSet<String>(2*_set85.size);
+ for (int _i86 = 0; _i86 < _set85.size; ++_i86)
+ {
+ String _elem87; // required
+ _elem87 = iprot.readString();
+ struct.roles.add(_elem87);
+ }
+ }
+ struct.setRolesIsSet(true);
+ }
+ }
+
+}
+
[5/6] SENTRY-142: Create database backed ProviderBackend (Brock
Noland via Shreepadma Venugopalan)
Posted by sh...@apache.org.
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java
index de4985d..397813f 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleAddGroupsRequest.java
@@ -36,8 +36,8 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupName", org.apache.thrift.protocol.TType.SET, (short)4);
+ private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAMES_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupNames", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)5);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
@@ -48,16 +48,16 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
private int protocol_version; // required
private String requestorUserName; // required
+ private Set<String> requestorGroupNames; // required
private String roleName; // required
- private Set<String> requestorGroupName; // required
private Set<TSentryGroup> groups; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
PROTOCOL_VERSION((short)1, "protocol_version"),
REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- REQUESTOR_GROUP_NAME((short)4, "requestorGroupName"),
+ REQUESTOR_GROUP_NAMES((short)3, "requestorGroupNames"),
+ ROLE_NAME((short)4, "roleName"),
GROUPS((short)5, "groups");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -77,10 +77,10 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
return PROTOCOL_VERSION;
case 2: // REQUESTOR_USER_NAME
return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
+ return REQUESTOR_GROUP_NAMES;
+ case 4: // ROLE_NAME
return ROLE_NAME;
- case 4: // REQUESTOR_GROUP_NAME
- return REQUESTOR_GROUP_NAME;
case 5: // GROUPS
return GROUPS;
default:
@@ -132,11 +132,11 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.REQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ tmpMap.put(_Fields.REQUESTOR_GROUP_NAMES, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupNames", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryGroup.class))));
@@ -152,16 +152,16 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
public TAlterSentryRoleAddGroupsRequest(
int protocol_version,
String requestorUserName,
+ Set<String> requestorGroupNames,
String roleName,
- Set<String> requestorGroupName,
Set<TSentryGroup> groups)
{
this();
this.protocol_version = protocol_version;
setProtocol_versionIsSet(true);
this.requestorUserName = requestorUserName;
+ this.requestorGroupNames = requestorGroupNames;
this.roleName = roleName;
- this.requestorGroupName = requestorGroupName;
this.groups = groups;
}
@@ -174,16 +174,16 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
if (other.isSetRequestorUserName()) {
this.requestorUserName = other.requestorUserName;
}
+ if (other.isSetRequestorGroupNames()) {
+ Set<String> __this__requestorGroupNames = new HashSet<String>();
+ for (String other_element : other.requestorGroupNames) {
+ __this__requestorGroupNames.add(other_element);
+ }
+ this.requestorGroupNames = __this__requestorGroupNames;
+ }
if (other.isSetRoleName()) {
this.roleName = other.roleName;
}
- if (other.isSetRequestorGroupName()) {
- Set<String> __this__requestorGroupName = new HashSet<String>();
- for (String other_element : other.requestorGroupName) {
- __this__requestorGroupName.add(other_element);
- }
- this.requestorGroupName = __this__requestorGroupName;
- }
if (other.isSetGroups()) {
Set<TSentryGroup> __this__groups = new HashSet<TSentryGroup>();
for (TSentryGroup other_element : other.groups) {
@@ -202,8 +202,8 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
this.protocol_version = 1;
this.requestorUserName = null;
+ this.requestorGroupNames = null;
this.roleName = null;
- this.requestorGroupName = null;
this.groups = null;
}
@@ -252,64 +252,64 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
}
}
- public String getRoleName() {
- return this.roleName;
+ public int getRequestorGroupNamesSize() {
+ return (this.requestorGroupNames == null) ? 0 : this.requestorGroupNames.size();
}
- public void setRoleName(String roleName) {
- this.roleName = roleName;
+ public java.util.Iterator<String> getRequestorGroupNamesIterator() {
+ return (this.requestorGroupNames == null) ? null : this.requestorGroupNames.iterator();
}
- public void unsetRoleName() {
- this.roleName = null;
+ public void addToRequestorGroupNames(String elem) {
+ if (this.requestorGroupNames == null) {
+ this.requestorGroupNames = new HashSet<String>();
+ }
+ this.requestorGroupNames.add(elem);
}
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
+ public Set<String> getRequestorGroupNames() {
+ return this.requestorGroupNames;
}
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
+ public void setRequestorGroupNames(Set<String> requestorGroupNames) {
+ this.requestorGroupNames = requestorGroupNames;
}
- public int getRequestorGroupNameSize() {
- return (this.requestorGroupName == null) ? 0 : this.requestorGroupName.size();
+ public void unsetRequestorGroupNames() {
+ this.requestorGroupNames = null;
}
- public java.util.Iterator<String> getRequestorGroupNameIterator() {
- return (this.requestorGroupName == null) ? null : this.requestorGroupName.iterator();
+ /** Returns true if field requestorGroupNames is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequestorGroupNames() {
+ return this.requestorGroupNames != null;
}
- public void addToRequestorGroupName(String elem) {
- if (this.requestorGroupName == null) {
- this.requestorGroupName = new HashSet<String>();
+ public void setRequestorGroupNamesIsSet(boolean value) {
+ if (!value) {
+ this.requestorGroupNames = null;
}
- this.requestorGroupName.add(elem);
}
- public Set<String> getRequestorGroupName() {
- return this.requestorGroupName;
+ public String getRoleName() {
+ return this.roleName;
}
- public void setRequestorGroupName(Set<String> requestorGroupName) {
- this.requestorGroupName = requestorGroupName;
+ public void setRoleName(String roleName) {
+ this.roleName = roleName;
}
- public void unsetRequestorGroupName() {
- this.requestorGroupName = null;
+ public void unsetRoleName() {
+ this.roleName = null;
}
- /** Returns true if field requestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorGroupName() {
- return this.requestorGroupName != null;
+ /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleName() {
+ return this.roleName != null;
}
- public void setRequestorGroupNameIsSet(boolean value) {
+ public void setRoleNameIsSet(boolean value) {
if (!value) {
- this.requestorGroupName = null;
+ this.roleName = null;
}
}
@@ -369,19 +369,19 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
}
break;
- case ROLE_NAME:
+ case REQUESTOR_GROUP_NAMES:
if (value == null) {
- unsetRoleName();
+ unsetRequestorGroupNames();
} else {
- setRoleName((String)value);
+ setRequestorGroupNames((Set<String>)value);
}
break;
- case REQUESTOR_GROUP_NAME:
+ case ROLE_NAME:
if (value == null) {
- unsetRequestorGroupName();
+ unsetRoleName();
} else {
- setRequestorGroupName((Set<String>)value);
+ setRoleName((String)value);
}
break;
@@ -404,12 +404,12 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
case REQUESTOR_USER_NAME:
return getRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return getRequestorGroupNames();
+
case ROLE_NAME:
return getRoleName();
- case REQUESTOR_GROUP_NAME:
- return getRequestorGroupName();
-
case GROUPS:
return getGroups();
@@ -428,10 +428,10 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
return isSetProtocol_version();
case REQUESTOR_USER_NAME:
return isSetRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return isSetRequestorGroupNames();
case ROLE_NAME:
return isSetRoleName();
- case REQUESTOR_GROUP_NAME:
- return isSetRequestorGroupName();
case GROUPS:
return isSetGroups();
}
@@ -469,6 +469,15 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
return false;
}
+ boolean this_present_requestorGroupNames = true && this.isSetRequestorGroupNames();
+ boolean that_present_requestorGroupNames = true && that.isSetRequestorGroupNames();
+ if (this_present_requestorGroupNames || that_present_requestorGroupNames) {
+ if (!(this_present_requestorGroupNames && that_present_requestorGroupNames))
+ return false;
+ if (!this.requestorGroupNames.equals(that.requestorGroupNames))
+ return false;
+ }
+
boolean this_present_roleName = true && this.isSetRoleName();
boolean that_present_roleName = true && that.isSetRoleName();
if (this_present_roleName || that_present_roleName) {
@@ -478,15 +487,6 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
return false;
}
- boolean this_present_requestorGroupName = true && this.isSetRequestorGroupName();
- boolean that_present_requestorGroupName = true && that.isSetRequestorGroupName();
- if (this_present_requestorGroupName || that_present_requestorGroupName) {
- if (!(this_present_requestorGroupName && that_present_requestorGroupName))
- return false;
- if (!this.requestorGroupName.equals(that.requestorGroupName))
- return false;
- }
-
boolean this_present_groups = true && this.isSetGroups();
boolean that_present_groups = true && that.isSetGroups();
if (this_present_groups || that_present_groups) {
@@ -513,16 +513,16 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
if (present_requestorUserName)
builder.append(requestorUserName);
+ boolean present_requestorGroupNames = true && (isSetRequestorGroupNames());
+ builder.append(present_requestorGroupNames);
+ if (present_requestorGroupNames)
+ builder.append(requestorGroupNames);
+
boolean present_roleName = true && (isSetRoleName());
builder.append(present_roleName);
if (present_roleName)
builder.append(roleName);
- boolean present_requestorGroupName = true && (isSetRequestorGroupName());
- builder.append(present_requestorGroupName);
- if (present_requestorGroupName)
- builder.append(requestorGroupName);
-
boolean present_groups = true && (isSetGroups());
builder.append(present_groups);
if (present_groups)
@@ -559,22 +559,22 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
+ lastComparison = Boolean.valueOf(isSetRequestorGroupNames()).compareTo(typedOther.isSetRequestorGroupNames());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
+ if (isSetRequestorGroupNames()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupNames, typedOther.requestorGroupNames);
if (lastComparison != 0) {
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRequestorGroupName()).compareTo(typedOther.isSetRequestorGroupName());
+ lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupName, typedOther.requestorGroupName);
+ if (isSetRoleName()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
if (lastComparison != 0) {
return lastComparison;
}
@@ -621,19 +621,19 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
}
first = false;
if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
+ sb.append("requestorGroupNames:");
+ if (this.requestorGroupNames == null) {
sb.append("null");
} else {
- sb.append(this.roleName);
+ sb.append(this.requestorGroupNames);
}
first = false;
if (!first) sb.append(", ");
- sb.append("requestorGroupName:");
- if (this.requestorGroupName == null) {
+ sb.append("roleName:");
+ if (this.roleName == null) {
sb.append("null");
} else {
- sb.append(this.requestorGroupName);
+ sb.append(this.roleName);
}
first = false;
if (!first) sb.append(", ");
@@ -658,12 +658,12 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
}
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
+ if (!isSetRequestorGroupNames()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupNames' is unset! Struct:" + toString());
}
- if (!isSetRequestorGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupName' is unset! Struct:" + toString());
+ if (!isSetRoleName()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
}
if (!isSetGroups()) {
@@ -725,28 +725,28 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // REQUESTOR_GROUP_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
- org.apache.thrift.protocol.TSet _set40 = iprot.readSetBegin();
- struct.requestorGroupName = new HashSet<String>(2*_set40.size);
- for (int _i41 = 0; _i41 < _set40.size; ++_i41)
+ org.apache.thrift.protocol.TSet _set32 = iprot.readSetBegin();
+ struct.requestorGroupNames = new HashSet<String>(2*_set32.size);
+ for (int _i33 = 0; _i33 < _set32.size; ++_i33)
{
- String _elem42; // required
- _elem42 = iprot.readString();
- struct.requestorGroupName.add(_elem42);
+ String _elem34; // required
+ _elem34 = iprot.readString();
+ struct.requestorGroupNames.add(_elem34);
}
iprot.readSetEnd();
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 4: // ROLE_NAME
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
} else {
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -754,14 +754,14 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
case 5: // GROUPS
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
- org.apache.thrift.protocol.TSet _set43 = iprot.readSetBegin();
- struct.groups = new HashSet<TSentryGroup>(2*_set43.size);
- for (int _i44 = 0; _i44 < _set43.size; ++_i44)
+ org.apache.thrift.protocol.TSet _set35 = iprot.readSetBegin();
+ struct.groups = new HashSet<TSentryGroup>(2*_set35.size);
+ for (int _i36 = 0; _i36 < _set35.size; ++_i36)
{
- TSentryGroup _elem45; // required
- _elem45 = new TSentryGroup();
- _elem45.read(iprot);
- struct.groups.add(_elem45);
+ TSentryGroup _elem37; // required
+ _elem37 = new TSentryGroup();
+ _elem37.read(iprot);
+ struct.groups.add(_elem37);
}
iprot.readSetEnd();
}
@@ -791,30 +791,30 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
oprot.writeString(struct.requestorUserName);
oprot.writeFieldEnd();
}
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.requestorGroupName != null) {
- oprot.writeFieldBegin(REQUESTOR_GROUP_NAME_FIELD_DESC);
+ if (struct.requestorGroupNames != null) {
+ oprot.writeFieldBegin(REQUESTOR_GROUP_NAMES_FIELD_DESC);
{
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupName.size()));
- for (String _iter46 : struct.requestorGroupName)
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupNames.size()));
+ for (String _iter38 : struct.requestorGroupNames)
{
- oprot.writeString(_iter46);
+ oprot.writeString(_iter38);
}
oprot.writeSetEnd();
}
oprot.writeFieldEnd();
}
+ if (struct.roleName != null) {
+ oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
+ oprot.writeString(struct.roleName);
+ oprot.writeFieldEnd();
+ }
if (struct.groups != null) {
oprot.writeFieldBegin(GROUPS_FIELD_DESC);
{
oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.groups.size()));
- for (TSentryGroup _iter47 : struct.groups)
+ for (TSentryGroup _iter39 : struct.groups)
{
- _iter47.write(oprot);
+ _iter39.write(oprot);
}
oprot.writeSetEnd();
}
@@ -839,19 +839,19 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
TTupleProtocol oprot = (TTupleProtocol) prot;
oprot.writeI32(struct.protocol_version);
oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
{
- oprot.writeI32(struct.requestorGroupName.size());
- for (String _iter48 : struct.requestorGroupName)
+ oprot.writeI32(struct.requestorGroupNames.size());
+ for (String _iter40 : struct.requestorGroupNames)
{
- oprot.writeString(_iter48);
+ oprot.writeString(_iter40);
}
}
+ oprot.writeString(struct.roleName);
{
oprot.writeI32(struct.groups.size());
- for (TSentryGroup _iter49 : struct.groups)
+ for (TSentryGroup _iter41 : struct.groups)
{
- _iter49.write(oprot);
+ _iter41.write(oprot);
}
}
}
@@ -863,28 +863,28 @@ public class TAlterSentryRoleAddGroupsRequest implements org.apache.thrift.TBase
struct.setProtocol_versionIsSet(true);
struct.requestorUserName = iprot.readString();
struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
{
- org.apache.thrift.protocol.TSet _set50 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.requestorGroupName = new HashSet<String>(2*_set50.size);
- for (int _i51 = 0; _i51 < _set50.size; ++_i51)
+ org.apache.thrift.protocol.TSet _set42 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.requestorGroupNames = new HashSet<String>(2*_set42.size);
+ for (int _i43 = 0; _i43 < _set42.size; ++_i43)
{
- String _elem52; // required
- _elem52 = iprot.readString();
- struct.requestorGroupName.add(_elem52);
+ String _elem44; // required
+ _elem44 = iprot.readString();
+ struct.requestorGroupNames.add(_elem44);
}
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
{
- org.apache.thrift.protocol.TSet _set53 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
- struct.groups = new HashSet<TSentryGroup>(2*_set53.size);
- for (int _i54 = 0; _i54 < _set53.size; ++_i54)
+ org.apache.thrift.protocol.TSet _set45 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
+ struct.groups = new HashSet<TSentryGroup>(2*_set45.size);
+ for (int _i46 = 0; _i46 < _set45.size; ++_i46)
{
- TSentryGroup _elem55; // required
- _elem55 = new TSentryGroup();
- _elem55.read(iprot);
- struct.groups.add(_elem55);
+ TSentryGroup _elem47; // required
+ _elem47 = new TSentryGroup();
+ _elem47.read(iprot);
+ struct.groups.add(_elem47);
}
}
struct.setGroupsIsSet(true);
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
index acfa5f5..b73d25c 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleDeleteGroupsRequest.java
@@ -36,7 +36,9 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupName", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAMES_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupNames", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
+ private static final org.apache.thrift.protocol.TField GROUPS_FIELD_DESC = new org.apache.thrift.protocol.TField("groups", org.apache.thrift.protocol.TType.SET, (short)5);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
static {
@@ -46,13 +48,17 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
private int protocol_version; // required
private String requestorUserName; // required
- private Set<String> requestorGroupName; // required
+ private Set<String> requestorGroupNames; // required
+ private String roleName; // required
+ private Set<TSentryGroup> groups; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
PROTOCOL_VERSION((short)1, "protocol_version"),
REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- REQUESTOR_GROUP_NAME((short)3, "requestorGroupName");
+ REQUESTOR_GROUP_NAMES((short)3, "requestorGroupNames"),
+ ROLE_NAME((short)4, "roleName"),
+ GROUPS((short)5, "groups");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -71,8 +77,12 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
return PROTOCOL_VERSION;
case 2: // REQUESTOR_USER_NAME
return REQUESTOR_USER_NAME;
- case 3: // REQUESTOR_GROUP_NAME
- return REQUESTOR_GROUP_NAME;
+ case 3: // REQUESTOR_GROUP_NAMES
+ return REQUESTOR_GROUP_NAMES;
+ case 4: // ROLE_NAME
+ return ROLE_NAME;
+ case 5: // GROUPS
+ return GROUPS;
default:
return null;
}
@@ -122,9 +132,14 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.REQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ tmpMap.put(_Fields.REQUESTOR_GROUP_NAMES, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupNames", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+ tmpMap.put(_Fields.GROUPS, new org.apache.thrift.meta_data.FieldMetaData("groups", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
+ new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryGroup.class))));
metaDataMap = Collections.unmodifiableMap(tmpMap);
org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TAlterSentryRoleDeleteGroupsRequest.class, metaDataMap);
}
@@ -137,13 +152,17 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
public TAlterSentryRoleDeleteGroupsRequest(
int protocol_version,
String requestorUserName,
- Set<String> requestorGroupName)
+ Set<String> requestorGroupNames,
+ String roleName,
+ Set<TSentryGroup> groups)
{
this();
this.protocol_version = protocol_version;
setProtocol_versionIsSet(true);
this.requestorUserName = requestorUserName;
- this.requestorGroupName = requestorGroupName;
+ this.requestorGroupNames = requestorGroupNames;
+ this.roleName = roleName;
+ this.groups = groups;
}
/**
@@ -155,12 +174,22 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
if (other.isSetRequestorUserName()) {
this.requestorUserName = other.requestorUserName;
}
- if (other.isSetRequestorGroupName()) {
- Set<String> __this__requestorGroupName = new HashSet<String>();
- for (String other_element : other.requestorGroupName) {
- __this__requestorGroupName.add(other_element);
+ if (other.isSetRequestorGroupNames()) {
+ Set<String> __this__requestorGroupNames = new HashSet<String>();
+ for (String other_element : other.requestorGroupNames) {
+ __this__requestorGroupNames.add(other_element);
+ }
+ this.requestorGroupNames = __this__requestorGroupNames;
+ }
+ if (other.isSetRoleName()) {
+ this.roleName = other.roleName;
+ }
+ if (other.isSetGroups()) {
+ Set<TSentryGroup> __this__groups = new HashSet<TSentryGroup>();
+ for (TSentryGroup other_element : other.groups) {
+ __this__groups.add(new TSentryGroup(other_element));
}
- this.requestorGroupName = __this__requestorGroupName;
+ this.groups = __this__groups;
}
}
@@ -173,7 +202,9 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
this.protocol_version = 1;
this.requestorUserName = null;
- this.requestorGroupName = null;
+ this.requestorGroupNames = null;
+ this.roleName = null;
+ this.groups = null;
}
public int getProtocol_version() {
@@ -221,41 +252,102 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
}
}
- public int getRequestorGroupNameSize() {
- return (this.requestorGroupName == null) ? 0 : this.requestorGroupName.size();
+ public int getRequestorGroupNamesSize() {
+ return (this.requestorGroupNames == null) ? 0 : this.requestorGroupNames.size();
+ }
+
+ public java.util.Iterator<String> getRequestorGroupNamesIterator() {
+ return (this.requestorGroupNames == null) ? null : this.requestorGroupNames.iterator();
+ }
+
+ public void addToRequestorGroupNames(String elem) {
+ if (this.requestorGroupNames == null) {
+ this.requestorGroupNames = new HashSet<String>();
+ }
+ this.requestorGroupNames.add(elem);
+ }
+
+ public Set<String> getRequestorGroupNames() {
+ return this.requestorGroupNames;
+ }
+
+ public void setRequestorGroupNames(Set<String> requestorGroupNames) {
+ this.requestorGroupNames = requestorGroupNames;
+ }
+
+ public void unsetRequestorGroupNames() {
+ this.requestorGroupNames = null;
}
- public java.util.Iterator<String> getRequestorGroupNameIterator() {
- return (this.requestorGroupName == null) ? null : this.requestorGroupName.iterator();
+ /** Returns true if field requestorGroupNames is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequestorGroupNames() {
+ return this.requestorGroupNames != null;
}
- public void addToRequestorGroupName(String elem) {
- if (this.requestorGroupName == null) {
- this.requestorGroupName = new HashSet<String>();
+ public void setRequestorGroupNamesIsSet(boolean value) {
+ if (!value) {
+ this.requestorGroupNames = null;
}
- this.requestorGroupName.add(elem);
}
- public Set<String> getRequestorGroupName() {
- return this.requestorGroupName;
+ public String getRoleName() {
+ return this.roleName;
}
- public void setRequestorGroupName(Set<String> requestorGroupName) {
- this.requestorGroupName = requestorGroupName;
+ public void setRoleName(String roleName) {
+ this.roleName = roleName;
}
- public void unsetRequestorGroupName() {
- this.requestorGroupName = null;
+ public void unsetRoleName() {
+ this.roleName = null;
}
- /** Returns true if field requestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorGroupName() {
- return this.requestorGroupName != null;
+ /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleName() {
+ return this.roleName != null;
}
- public void setRequestorGroupNameIsSet(boolean value) {
+ public void setRoleNameIsSet(boolean value) {
if (!value) {
- this.requestorGroupName = null;
+ this.roleName = null;
+ }
+ }
+
+ public int getGroupsSize() {
+ return (this.groups == null) ? 0 : this.groups.size();
+ }
+
+ public java.util.Iterator<TSentryGroup> getGroupsIterator() {
+ return (this.groups == null) ? null : this.groups.iterator();
+ }
+
+ public void addToGroups(TSentryGroup elem) {
+ if (this.groups == null) {
+ this.groups = new HashSet<TSentryGroup>();
+ }
+ this.groups.add(elem);
+ }
+
+ public Set<TSentryGroup> getGroups() {
+ return this.groups;
+ }
+
+ public void setGroups(Set<TSentryGroup> groups) {
+ this.groups = groups;
+ }
+
+ public void unsetGroups() {
+ this.groups = null;
+ }
+
+ /** Returns true if field groups is set (has been assigned a value) and false otherwise */
+ public boolean isSetGroups() {
+ return this.groups != null;
+ }
+
+ public void setGroupsIsSet(boolean value) {
+ if (!value) {
+ this.groups = null;
}
}
@@ -277,11 +369,27 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
}
break;
- case REQUESTOR_GROUP_NAME:
+ case REQUESTOR_GROUP_NAMES:
if (value == null) {
- unsetRequestorGroupName();
+ unsetRequestorGroupNames();
} else {
- setRequestorGroupName((Set<String>)value);
+ setRequestorGroupNames((Set<String>)value);
+ }
+ break;
+
+ case ROLE_NAME:
+ if (value == null) {
+ unsetRoleName();
+ } else {
+ setRoleName((String)value);
+ }
+ break;
+
+ case GROUPS:
+ if (value == null) {
+ unsetGroups();
+ } else {
+ setGroups((Set<TSentryGroup>)value);
}
break;
@@ -296,8 +404,14 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
case REQUESTOR_USER_NAME:
return getRequestorUserName();
- case REQUESTOR_GROUP_NAME:
- return getRequestorGroupName();
+ case REQUESTOR_GROUP_NAMES:
+ return getRequestorGroupNames();
+
+ case ROLE_NAME:
+ return getRoleName();
+
+ case GROUPS:
+ return getGroups();
}
throw new IllegalStateException();
@@ -314,8 +428,12 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
return isSetProtocol_version();
case REQUESTOR_USER_NAME:
return isSetRequestorUserName();
- case REQUESTOR_GROUP_NAME:
- return isSetRequestorGroupName();
+ case REQUESTOR_GROUP_NAMES:
+ return isSetRequestorGroupNames();
+ case ROLE_NAME:
+ return isSetRoleName();
+ case GROUPS:
+ return isSetGroups();
}
throw new IllegalStateException();
}
@@ -351,12 +469,30 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
return false;
}
- boolean this_present_requestorGroupName = true && this.isSetRequestorGroupName();
- boolean that_present_requestorGroupName = true && that.isSetRequestorGroupName();
- if (this_present_requestorGroupName || that_present_requestorGroupName) {
- if (!(this_present_requestorGroupName && that_present_requestorGroupName))
+ boolean this_present_requestorGroupNames = true && this.isSetRequestorGroupNames();
+ boolean that_present_requestorGroupNames = true && that.isSetRequestorGroupNames();
+ if (this_present_requestorGroupNames || that_present_requestorGroupNames) {
+ if (!(this_present_requestorGroupNames && that_present_requestorGroupNames))
+ return false;
+ if (!this.requestorGroupNames.equals(that.requestorGroupNames))
+ return false;
+ }
+
+ boolean this_present_roleName = true && this.isSetRoleName();
+ boolean that_present_roleName = true && that.isSetRoleName();
+ if (this_present_roleName || that_present_roleName) {
+ if (!(this_present_roleName && that_present_roleName))
return false;
- if (!this.requestorGroupName.equals(that.requestorGroupName))
+ if (!this.roleName.equals(that.roleName))
+ return false;
+ }
+
+ boolean this_present_groups = true && this.isSetGroups();
+ boolean that_present_groups = true && that.isSetGroups();
+ if (this_present_groups || that_present_groups) {
+ if (!(this_present_groups && that_present_groups))
+ return false;
+ if (!this.groups.equals(that.groups))
return false;
}
@@ -377,10 +513,20 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
if (present_requestorUserName)
builder.append(requestorUserName);
- boolean present_requestorGroupName = true && (isSetRequestorGroupName());
- builder.append(present_requestorGroupName);
- if (present_requestorGroupName)
- builder.append(requestorGroupName);
+ boolean present_requestorGroupNames = true && (isSetRequestorGroupNames());
+ builder.append(present_requestorGroupNames);
+ if (present_requestorGroupNames)
+ builder.append(requestorGroupNames);
+
+ boolean present_roleName = true && (isSetRoleName());
+ builder.append(present_roleName);
+ if (present_roleName)
+ builder.append(roleName);
+
+ boolean present_groups = true && (isSetGroups());
+ builder.append(present_groups);
+ if (present_groups)
+ builder.append(groups);
return builder.toHashCode();
}
@@ -413,12 +559,32 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRequestorGroupName()).compareTo(typedOther.isSetRequestorGroupName());
+ lastComparison = Boolean.valueOf(isSetRequestorGroupNames()).compareTo(typedOther.isSetRequestorGroupNames());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetRequestorGroupNames()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupNames, typedOther.requestorGroupNames);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupName, typedOther.requestorGroupName);
+ if (isSetRoleName()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ }
+ lastComparison = Boolean.valueOf(isSetGroups()).compareTo(typedOther.isSetGroups());
+ if (lastComparison != 0) {
+ return lastComparison;
+ }
+ if (isSetGroups()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.groups, typedOther.groups);
if (lastComparison != 0) {
return lastComparison;
}
@@ -455,11 +621,27 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
}
first = false;
if (!first) sb.append(", ");
- sb.append("requestorGroupName:");
- if (this.requestorGroupName == null) {
+ sb.append("requestorGroupNames:");
+ if (this.requestorGroupNames == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.requestorGroupNames);
+ }
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("roleName:");
+ if (this.roleName == null) {
+ sb.append("null");
+ } else {
+ sb.append(this.roleName);
+ }
+ first = false;
+ if (!first) sb.append(", ");
+ sb.append("groups:");
+ if (this.groups == null) {
sb.append("null");
} else {
- sb.append(this.requestorGroupName);
+ sb.append(this.groups);
}
first = false;
sb.append(")");
@@ -476,8 +658,16 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
}
- if (!isSetRequestorGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupName' is unset! Struct:" + toString());
+ if (!isSetRequestorGroupNames()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupNames' is unset! Struct:" + toString());
+ }
+
+ if (!isSetRoleName()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
+ }
+
+ if (!isSetGroups()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'groups' is unset! Struct:" + toString());
}
// check for sub-struct validity
@@ -535,20 +725,47 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // REQUESTOR_GROUP_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
- org.apache.thrift.protocol.TSet _set56 = iprot.readSetBegin();
- struct.requestorGroupName = new HashSet<String>(2*_set56.size);
- for (int _i57 = 0; _i57 < _set56.size; ++_i57)
+ org.apache.thrift.protocol.TSet _set48 = iprot.readSetBegin();
+ struct.requestorGroupNames = new HashSet<String>(2*_set48.size);
+ for (int _i49 = 0; _i49 < _set48.size; ++_i49)
{
- String _elem58; // required
- _elem58 = iprot.readString();
- struct.requestorGroupName.add(_elem58);
+ String _elem50; // required
+ _elem50 = iprot.readString();
+ struct.requestorGroupNames.add(_elem50);
}
iprot.readSetEnd();
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 4: // ROLE_NAME
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 5: // GROUPS
+ if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
+ {
+ org.apache.thrift.protocol.TSet _set51 = iprot.readSetBegin();
+ struct.groups = new HashSet<TSentryGroup>(2*_set51.size);
+ for (int _i52 = 0; _i52 < _set51.size; ++_i52)
+ {
+ TSentryGroup _elem53; // required
+ _elem53 = new TSentryGroup();
+ _elem53.read(iprot);
+ struct.groups.add(_elem53);
+ }
+ iprot.readSetEnd();
+ }
+ struct.setGroupsIsSet(true);
} else {
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -574,13 +791,30 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
oprot.writeString(struct.requestorUserName);
oprot.writeFieldEnd();
}
- if (struct.requestorGroupName != null) {
- oprot.writeFieldBegin(REQUESTOR_GROUP_NAME_FIELD_DESC);
+ if (struct.requestorGroupNames != null) {
+ oprot.writeFieldBegin(REQUESTOR_GROUP_NAMES_FIELD_DESC);
{
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupName.size()));
- for (String _iter59 : struct.requestorGroupName)
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupNames.size()));
+ for (String _iter54 : struct.requestorGroupNames)
{
- oprot.writeString(_iter59);
+ oprot.writeString(_iter54);
+ }
+ oprot.writeSetEnd();
+ }
+ oprot.writeFieldEnd();
+ }
+ if (struct.roleName != null) {
+ oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
+ oprot.writeString(struct.roleName);
+ oprot.writeFieldEnd();
+ }
+ if (struct.groups != null) {
+ oprot.writeFieldBegin(GROUPS_FIELD_DESC);
+ {
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.groups.size()));
+ for (TSentryGroup _iter55 : struct.groups)
+ {
+ _iter55.write(oprot);
}
oprot.writeSetEnd();
}
@@ -606,10 +840,18 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
oprot.writeI32(struct.protocol_version);
oprot.writeString(struct.requestorUserName);
{
- oprot.writeI32(struct.requestorGroupName.size());
- for (String _iter60 : struct.requestorGroupName)
+ oprot.writeI32(struct.requestorGroupNames.size());
+ for (String _iter56 : struct.requestorGroupNames)
+ {
+ oprot.writeString(_iter56);
+ }
+ }
+ oprot.writeString(struct.roleName);
+ {
+ oprot.writeI32(struct.groups.size());
+ for (TSentryGroup _iter57 : struct.groups)
{
- oprot.writeString(_iter60);
+ _iter57.write(oprot);
}
}
}
@@ -622,16 +864,30 @@ public class TAlterSentryRoleDeleteGroupsRequest implements org.apache.thrift.TB
struct.requestorUserName = iprot.readString();
struct.setRequestorUserNameIsSet(true);
{
- org.apache.thrift.protocol.TSet _set61 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.requestorGroupName = new HashSet<String>(2*_set61.size);
+ org.apache.thrift.protocol.TSet _set58 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
+ struct.requestorGroupNames = new HashSet<String>(2*_set58.size);
+ for (int _i59 = 0; _i59 < _set58.size; ++_i59)
+ {
+ String _elem60; // required
+ _elem60 = iprot.readString();
+ struct.requestorGroupNames.add(_elem60);
+ }
+ }
+ struct.setRequestorGroupNamesIsSet(true);
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
+ {
+ org.apache.thrift.protocol.TSet _set61 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32());
+ struct.groups = new HashSet<TSentryGroup>(2*_set61.size);
for (int _i62 = 0; _i62 < _set61.size; ++_i62)
{
- String _elem63; // required
- _elem63 = iprot.readString();
- struct.requestorGroupName.add(_elem63);
+ TSentryGroup _elem63; // required
+ _elem63 = new TSentryGroup();
+ _elem63.read(iprot);
+ struct.groups.add(_elem63);
}
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setGroupsIsSet(true);
}
}
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/90cdbefd/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
index 71e950c..550b72d 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TAlterSentryRoleGrantPrivilegeRequest.java
@@ -36,8 +36,8 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2);
- private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
- private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupName", org.apache.thrift.protocol.TType.SET, (short)4);
+ private static final org.apache.thrift.protocol.TField REQUESTOR_GROUP_NAMES_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorGroupNames", org.apache.thrift.protocol.TType.SET, (short)3);
+ private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)4);
private static final org.apache.thrift.protocol.TField PRIVILEGE_FIELD_DESC = new org.apache.thrift.protocol.TField("privilege", org.apache.thrift.protocol.TType.STRUCT, (short)5);
private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
@@ -48,16 +48,16 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
private int protocol_version; // required
private String requestorUserName; // required
+ private Set<String> requestorGroupNames; // required
private String roleName; // required
- private Set<String> requestorGroupName; // required
private TSentryPrivilege privilege; // required
/** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
public enum _Fields implements org.apache.thrift.TFieldIdEnum {
PROTOCOL_VERSION((short)1, "protocol_version"),
REQUESTOR_USER_NAME((short)2, "requestorUserName"),
- ROLE_NAME((short)3, "roleName"),
- REQUESTOR_GROUP_NAME((short)4, "requestorGroupName"),
+ REQUESTOR_GROUP_NAMES((short)3, "requestorGroupNames"),
+ ROLE_NAME((short)4, "roleName"),
PRIVILEGE((short)5, "privilege");
private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
@@ -77,10 +77,10 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
return PROTOCOL_VERSION;
case 2: // REQUESTOR_USER_NAME
return REQUESTOR_USER_NAME;
- case 3: // ROLE_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
+ return REQUESTOR_GROUP_NAMES;
+ case 4: // ROLE_NAME
return ROLE_NAME;
- case 4: // REQUESTOR_GROUP_NAME
- return REQUESTOR_GROUP_NAME;
case 5: // PRIVILEGE
return PRIVILEGE;
default:
@@ -132,11 +132,11 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
- new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
- tmpMap.put(_Fields.REQUESTOR_GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ tmpMap.put(_Fields.REQUESTOR_GROUP_NAMES, new org.apache.thrift.meta_data.FieldMetaData("requestorGroupNames", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET,
new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))));
+ tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.REQUIRED,
+ new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
tmpMap.put(_Fields.PRIVILEGE, new org.apache.thrift.meta_data.FieldMetaData("privilege", org.apache.thrift.TFieldRequirementType.REQUIRED,
new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class)));
metaDataMap = Collections.unmodifiableMap(tmpMap);
@@ -151,16 +151,16 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
public TAlterSentryRoleGrantPrivilegeRequest(
int protocol_version,
String requestorUserName,
+ Set<String> requestorGroupNames,
String roleName,
- Set<String> requestorGroupName,
TSentryPrivilege privilege)
{
this();
this.protocol_version = protocol_version;
setProtocol_versionIsSet(true);
this.requestorUserName = requestorUserName;
+ this.requestorGroupNames = requestorGroupNames;
this.roleName = roleName;
- this.requestorGroupName = requestorGroupName;
this.privilege = privilege;
}
@@ -173,16 +173,16 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
if (other.isSetRequestorUserName()) {
this.requestorUserName = other.requestorUserName;
}
+ if (other.isSetRequestorGroupNames()) {
+ Set<String> __this__requestorGroupNames = new HashSet<String>();
+ for (String other_element : other.requestorGroupNames) {
+ __this__requestorGroupNames.add(other_element);
+ }
+ this.requestorGroupNames = __this__requestorGroupNames;
+ }
if (other.isSetRoleName()) {
this.roleName = other.roleName;
}
- if (other.isSetRequestorGroupName()) {
- Set<String> __this__requestorGroupName = new HashSet<String>();
- for (String other_element : other.requestorGroupName) {
- __this__requestorGroupName.add(other_element);
- }
- this.requestorGroupName = __this__requestorGroupName;
- }
if (other.isSetPrivilege()) {
this.privilege = new TSentryPrivilege(other.privilege);
}
@@ -197,8 +197,8 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
this.protocol_version = 1;
this.requestorUserName = null;
+ this.requestorGroupNames = null;
this.roleName = null;
- this.requestorGroupName = null;
this.privilege = null;
}
@@ -247,64 +247,64 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
}
}
- public String getRoleName() {
- return this.roleName;
+ public int getRequestorGroupNamesSize() {
+ return (this.requestorGroupNames == null) ? 0 : this.requestorGroupNames.size();
}
- public void setRoleName(String roleName) {
- this.roleName = roleName;
+ public java.util.Iterator<String> getRequestorGroupNamesIterator() {
+ return (this.requestorGroupNames == null) ? null : this.requestorGroupNames.iterator();
}
- public void unsetRoleName() {
- this.roleName = null;
+ public void addToRequestorGroupNames(String elem) {
+ if (this.requestorGroupNames == null) {
+ this.requestorGroupNames = new HashSet<String>();
+ }
+ this.requestorGroupNames.add(elem);
}
- /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
- public boolean isSetRoleName() {
- return this.roleName != null;
+ public Set<String> getRequestorGroupNames() {
+ return this.requestorGroupNames;
}
- public void setRoleNameIsSet(boolean value) {
- if (!value) {
- this.roleName = null;
- }
+ public void setRequestorGroupNames(Set<String> requestorGroupNames) {
+ this.requestorGroupNames = requestorGroupNames;
}
- public int getRequestorGroupNameSize() {
- return (this.requestorGroupName == null) ? 0 : this.requestorGroupName.size();
+ public void unsetRequestorGroupNames() {
+ this.requestorGroupNames = null;
}
- public java.util.Iterator<String> getRequestorGroupNameIterator() {
- return (this.requestorGroupName == null) ? null : this.requestorGroupName.iterator();
+ /** Returns true if field requestorGroupNames is set (has been assigned a value) and false otherwise */
+ public boolean isSetRequestorGroupNames() {
+ return this.requestorGroupNames != null;
}
- public void addToRequestorGroupName(String elem) {
- if (this.requestorGroupName == null) {
- this.requestorGroupName = new HashSet<String>();
+ public void setRequestorGroupNamesIsSet(boolean value) {
+ if (!value) {
+ this.requestorGroupNames = null;
}
- this.requestorGroupName.add(elem);
}
- public Set<String> getRequestorGroupName() {
- return this.requestorGroupName;
+ public String getRoleName() {
+ return this.roleName;
}
- public void setRequestorGroupName(Set<String> requestorGroupName) {
- this.requestorGroupName = requestorGroupName;
+ public void setRoleName(String roleName) {
+ this.roleName = roleName;
}
- public void unsetRequestorGroupName() {
- this.requestorGroupName = null;
+ public void unsetRoleName() {
+ this.roleName = null;
}
- /** Returns true if field requestorGroupName is set (has been assigned a value) and false otherwise */
- public boolean isSetRequestorGroupName() {
- return this.requestorGroupName != null;
+ /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
+ public boolean isSetRoleName() {
+ return this.roleName != null;
}
- public void setRequestorGroupNameIsSet(boolean value) {
+ public void setRoleNameIsSet(boolean value) {
if (!value) {
- this.requestorGroupName = null;
+ this.roleName = null;
}
}
@@ -349,19 +349,19 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
}
break;
- case ROLE_NAME:
+ case REQUESTOR_GROUP_NAMES:
if (value == null) {
- unsetRoleName();
+ unsetRequestorGroupNames();
} else {
- setRoleName((String)value);
+ setRequestorGroupNames((Set<String>)value);
}
break;
- case REQUESTOR_GROUP_NAME:
+ case ROLE_NAME:
if (value == null) {
- unsetRequestorGroupName();
+ unsetRoleName();
} else {
- setRequestorGroupName((Set<String>)value);
+ setRoleName((String)value);
}
break;
@@ -384,12 +384,12 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
case REQUESTOR_USER_NAME:
return getRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return getRequestorGroupNames();
+
case ROLE_NAME:
return getRoleName();
- case REQUESTOR_GROUP_NAME:
- return getRequestorGroupName();
-
case PRIVILEGE:
return getPrivilege();
@@ -408,10 +408,10 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
return isSetProtocol_version();
case REQUESTOR_USER_NAME:
return isSetRequestorUserName();
+ case REQUESTOR_GROUP_NAMES:
+ return isSetRequestorGroupNames();
case ROLE_NAME:
return isSetRoleName();
- case REQUESTOR_GROUP_NAME:
- return isSetRequestorGroupName();
case PRIVILEGE:
return isSetPrivilege();
}
@@ -449,6 +449,15 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
return false;
}
+ boolean this_present_requestorGroupNames = true && this.isSetRequestorGroupNames();
+ boolean that_present_requestorGroupNames = true && that.isSetRequestorGroupNames();
+ if (this_present_requestorGroupNames || that_present_requestorGroupNames) {
+ if (!(this_present_requestorGroupNames && that_present_requestorGroupNames))
+ return false;
+ if (!this.requestorGroupNames.equals(that.requestorGroupNames))
+ return false;
+ }
+
boolean this_present_roleName = true && this.isSetRoleName();
boolean that_present_roleName = true && that.isSetRoleName();
if (this_present_roleName || that_present_roleName) {
@@ -458,15 +467,6 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
return false;
}
- boolean this_present_requestorGroupName = true && this.isSetRequestorGroupName();
- boolean that_present_requestorGroupName = true && that.isSetRequestorGroupName();
- if (this_present_requestorGroupName || that_present_requestorGroupName) {
- if (!(this_present_requestorGroupName && that_present_requestorGroupName))
- return false;
- if (!this.requestorGroupName.equals(that.requestorGroupName))
- return false;
- }
-
boolean this_present_privilege = true && this.isSetPrivilege();
boolean that_present_privilege = true && that.isSetPrivilege();
if (this_present_privilege || that_present_privilege) {
@@ -493,16 +493,16 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
if (present_requestorUserName)
builder.append(requestorUserName);
+ boolean present_requestorGroupNames = true && (isSetRequestorGroupNames());
+ builder.append(present_requestorGroupNames);
+ if (present_requestorGroupNames)
+ builder.append(requestorGroupNames);
+
boolean present_roleName = true && (isSetRoleName());
builder.append(present_roleName);
if (present_roleName)
builder.append(roleName);
- boolean present_requestorGroupName = true && (isSetRequestorGroupName());
- builder.append(present_requestorGroupName);
- if (present_requestorGroupName)
- builder.append(requestorGroupName);
-
boolean present_privilege = true && (isSetPrivilege());
builder.append(present_privilege);
if (present_privilege)
@@ -539,22 +539,22 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
+ lastComparison = Boolean.valueOf(isSetRequestorGroupNames()).compareTo(typedOther.isSetRequestorGroupNames());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRoleName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
+ if (isSetRequestorGroupNames()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupNames, typedOther.requestorGroupNames);
if (lastComparison != 0) {
return lastComparison;
}
}
- lastComparison = Boolean.valueOf(isSetRequestorGroupName()).compareTo(typedOther.isSetRequestorGroupName());
+ lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
if (lastComparison != 0) {
return lastComparison;
}
- if (isSetRequestorGroupName()) {
- lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorGroupName, typedOther.requestorGroupName);
+ if (isSetRoleName()) {
+ lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
if (lastComparison != 0) {
return lastComparison;
}
@@ -601,19 +601,19 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
}
first = false;
if (!first) sb.append(", ");
- sb.append("roleName:");
- if (this.roleName == null) {
+ sb.append("requestorGroupNames:");
+ if (this.requestorGroupNames == null) {
sb.append("null");
} else {
- sb.append(this.roleName);
+ sb.append(this.requestorGroupNames);
}
first = false;
if (!first) sb.append(", ");
- sb.append("requestorGroupName:");
- if (this.requestorGroupName == null) {
+ sb.append("roleName:");
+ if (this.roleName == null) {
sb.append("null");
} else {
- sb.append(this.requestorGroupName);
+ sb.append(this.roleName);
}
first = false;
if (!first) sb.append(", ");
@@ -638,12 +638,12 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString());
}
- if (!isSetRoleName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
+ if (!isSetRequestorGroupNames()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupNames' is unset! Struct:" + toString());
}
- if (!isSetRequestorGroupName()) {
- throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorGroupName' is unset! Struct:" + toString());
+ if (!isSetRoleName()) {
+ throw new org.apache.thrift.protocol.TProtocolException("Required field 'roleName' is unset! Struct:" + toString());
}
if (!isSetPrivilege()) {
@@ -708,28 +708,28 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
break;
- case 3: // ROLE_NAME
- if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
- } else {
- org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
- }
- break;
- case 4: // REQUESTOR_GROUP_NAME
+ case 3: // REQUESTOR_GROUP_NAMES
if (schemeField.type == org.apache.thrift.protocol.TType.SET) {
{
org.apache.thrift.protocol.TSet _set64 = iprot.readSetBegin();
- struct.requestorGroupName = new HashSet<String>(2*_set64.size);
+ struct.requestorGroupNames = new HashSet<String>(2*_set64.size);
for (int _i65 = 0; _i65 < _set64.size; ++_i65)
{
String _elem66; // required
_elem66 = iprot.readString();
- struct.requestorGroupName.add(_elem66);
+ struct.requestorGroupNames.add(_elem66);
}
iprot.readSetEnd();
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ } else {
+ org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+ }
+ break;
+ case 4: // ROLE_NAME
+ if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
} else {
org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
}
@@ -764,16 +764,11 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
oprot.writeString(struct.requestorUserName);
oprot.writeFieldEnd();
}
- if (struct.roleName != null) {
- oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
- oprot.writeString(struct.roleName);
- oprot.writeFieldEnd();
- }
- if (struct.requestorGroupName != null) {
- oprot.writeFieldBegin(REQUESTOR_GROUP_NAME_FIELD_DESC);
+ if (struct.requestorGroupNames != null) {
+ oprot.writeFieldBegin(REQUESTOR_GROUP_NAMES_FIELD_DESC);
{
- oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupName.size()));
- for (String _iter67 : struct.requestorGroupName)
+ oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, struct.requestorGroupNames.size()));
+ for (String _iter67 : struct.requestorGroupNames)
{
oprot.writeString(_iter67);
}
@@ -781,6 +776,11 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
}
oprot.writeFieldEnd();
}
+ if (struct.roleName != null) {
+ oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
+ oprot.writeString(struct.roleName);
+ oprot.writeFieldEnd();
+ }
if (struct.privilege != null) {
oprot.writeFieldBegin(PRIVILEGE_FIELD_DESC);
struct.privilege.write(oprot);
@@ -805,14 +805,14 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
TTupleProtocol oprot = (TTupleProtocol) prot;
oprot.writeI32(struct.protocol_version);
oprot.writeString(struct.requestorUserName);
- oprot.writeString(struct.roleName);
{
- oprot.writeI32(struct.requestorGroupName.size());
- for (String _iter68 : struct.requestorGroupName)
+ oprot.writeI32(struct.requestorGroupNames.size());
+ for (String _iter68 : struct.requestorGroupNames)
{
oprot.writeString(_iter68);
}
}
+ oprot.writeString(struct.roleName);
struct.privilege.write(oprot);
}
@@ -823,19 +823,19 @@ public class TAlterSentryRoleGrantPrivilegeRequest implements org.apache.thrift.
struct.setProtocol_versionIsSet(true);
struct.requestorUserName = iprot.readString();
struct.setRequestorUserNameIsSet(true);
- struct.roleName = iprot.readString();
- struct.setRoleNameIsSet(true);
{
org.apache.thrift.protocol.TSet _set69 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRING, iprot.readI32());
- struct.requestorGroupName = new HashSet<String>(2*_set69.size);
+ struct.requestorGroupNames = new HashSet<String>(2*_set69.size);
for (int _i70 = 0; _i70 < _set69.size; ++_i70)
{
String _elem71; // required
_elem71 = iprot.readString();
- struct.requestorGroupName.add(_elem71);
+ struct.requestorGroupNames.add(_elem71);
}
}
- struct.setRequestorGroupNameIsSet(true);
+ struct.setRequestorGroupNamesIsSet(true);
+ struct.roleName = iprot.readString();
+ struct.setRoleNameIsSet(true);
struct.privilege = new TSentryPrivilege();
struct.privilege.read(iprot);
struct.setPrivilegeIsSet(true);