You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sqoop.apache.org by ab...@apache.org on 2015/02/09 07:41:45 UTC
sqoop git commit: SQOOP-2079: Sqoop2: Remove useless functions for
RBAC
Repository: sqoop
Updated Branches:
refs/heads/sqoop2 1722d740b -> 4570b05f8
SQOOP-2079: Sqoop2: Remove useless functions for RBAC
(Richard Zhou via Abraham Elmahrek)
Project: http://git-wip-us.apache.org/repos/asf/sqoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/sqoop/commit/4570b05f
Tree: http://git-wip-us.apache.org/repos/asf/sqoop/tree/4570b05f
Diff: http://git-wip-us.apache.org/repos/asf/sqoop/diff/4570b05f
Branch: refs/heads/sqoop2
Commit: 4570b05f8ce90aa38e5be453eb5456dce7a58697
Parents: 1722d74
Author: Abraham Elmahrek <ab...@apache.org>
Authored: Sun Feb 8 22:41:17 2015 -0800
Committer: Abraham Elmahrek <ab...@apache.org>
Committed: Sun Feb 8 22:41:17 2015 -0800
----------------------------------------------------------------------
.../java/org/apache/sqoop/model/MPrincipal.java | 24 +--
.../java/org/apache/sqoop/model/MPrivilege.java | 46 +----
.../java/org/apache/sqoop/model/MResource.java | 24 +--
.../main/java/org/apache/sqoop/model/MRole.java | 22 +--
.../security/AuthorizationAccessController.java | 60 +------
.../sqoop/security/AuthorizationHandler.java | 64 +------
.../sqoop/security/AuthorizationValidator.java | 5 +-
.../Authorization/AuthorizationEngine.java | 2 +-
.../DefaultAuthorizationAccessController.java | 175 ++++---------------
.../DefaultAuthorizationHandler.java | 133 +++-----------
.../DefaultAuthorizationValidator.java | 3 +
11 files changed, 89 insertions(+), 469 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/model/MPrincipal.java b/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
index 061ffe5..471d63e 100644
--- a/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
+++ b/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
@@ -22,7 +22,6 @@ package org.apache.sqoop.model;
*/
public class MPrincipal {
- private final String id;
private final String name;
/**
* Currently, the type supports user, group and role.
@@ -32,44 +31,25 @@ public class MPrincipal {
/**
* Default constructor to build new MPrincipal model.
*
- * @param id Principal id
* @param name Principal name
* @param type Principal type
*/
- public MPrincipal(String id,
- String name,
+ public MPrincipal(String name,
String type) {
- this.id = id;
this.name = name;
this.type = type;
}
- /**
- * Constructor to build new MPrincipal model.
- *
- * @param name Principal name
- * @param type Principal type
- */
- public MPrincipal(String name,
- String type) {
- this(null, name, type);
- }
-
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Principal (");
- sb.append("Principal id: ").append(this.id);
- sb.append(", Principal name: ").append(this.name);
+ sb.append("Principal name: ").append(this.name);
sb.append(", Principal type: ").append(this.type);
sb.append(" )");
return sb.toString();
}
- public String getId() {
- return id;
- }
-
public String getName() {
return name;
}
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/model/MPrivilege.java b/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
index 7d656ec..25f7195 100644
--- a/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
+++ b/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
@@ -22,8 +22,6 @@ package org.apache.sqoop.model;
*/
public class MPrivilege {
- private final String id;
- private final String name;
private final MResource resource;
/**
* Currently, the action supports view, use, create, update, delete and enable_disable.
@@ -35,54 +33,22 @@ public class MPrivilege {
/**
* Default constructor to build new MPrivilege model.
*
- * @param id Privilege id
- * @param name Privilege name
* @param resource Privilege resource
* @param action Privilege action
* @param with_grant_option Privilege with_grant_option
*/
- public MPrivilege(String id,
- String name,
- MResource resource,
+ public MPrivilege(MResource resource,
String action,
boolean with_grant_option) {
- this.id = id;
- this.name = name;
this.resource = resource;
this.action = action;
this.with_grant_option = with_grant_option;
}
- /**
- * Constructor to build new MPrivilege model.
- *
- * @param name Privilege name
- * @param resource Privilege resource
- * @param action Privilege action
- */
- public MPrivilege(String name,
- MResource resource,
- String action) {
- this(null, name, resource, action, false);
- }
-
- /**
- * Constructor to build new MPrivilege model.
- *
- * @param resource Privilege resource
- * @param action Privilege action
- */
- public MPrivilege(MResource resource,
- String action) {
- this(null, resource, action);
- }
-
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Privilege (");
- sb.append("Privilege id: ").append(this.id);
- sb.append(", Privilege name: ").append(this.name);
- sb.append(", Privilege resource: ").append(this.getResource().toString());
+ sb.append("Privilege resource: ").append(this.getResource().toString());
sb.append(", Privilege action: ").append(this.action);
sb.append(", Privilege with_grant_option: ").append(this.with_grant_option);
sb.append(" )");
@@ -90,14 +56,6 @@ public class MPrivilege {
return sb.toString();
}
- public String getId() {
- return id;
- }
-
- public String getName() {
- return name;
- }
-
public MResource getResource() {
return resource;
}
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/common/src/main/java/org/apache/sqoop/model/MResource.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/model/MResource.java b/common/src/main/java/org/apache/sqoop/model/MResource.java
index 8e519e5..b21ce19 100644
--- a/common/src/main/java/org/apache/sqoop/model/MResource.java
+++ b/common/src/main/java/org/apache/sqoop/model/MResource.java
@@ -22,7 +22,6 @@ package org.apache.sqoop.model;
*/
public class MResource {
- private final String id;
private final String name;
/**
* Currently, the type supports connector, link, job and submission.
@@ -32,44 +31,25 @@ public class MResource {
/**
* Default constructor to build new MResource model.
*
- * @param id Resource id
* @param name Resource name
* @param type Resource type
*/
- public MResource(String id,
- String name,
+ public MResource(String name,
String type) {
- this.id = id;
this.name = name;
this.type = type;
}
- /**
- * Constructor to build new MResource model.
- *
- * @param name Resource name
- * @param type Resource type
- */
- public MResource(String name,
- String type) {
- this(null, name, type);
- }
-
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Resource (");
- sb.append("Resource id: ").append(this.id);
- sb.append(", Resource name: ").append(this.name);
+ sb.append("Resource name: ").append(this.name);
sb.append(", Resource type: ").append(this.type);
sb.append(" )");
return sb.toString();
}
- public String getId() {
- return id;
- }
-
public String getName() {
return name;
}
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/common/src/main/java/org/apache/sqoop/model/MRole.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/model/MRole.java b/common/src/main/java/org/apache/sqoop/model/MRole.java
index 359fa09..f9719c7 100644
--- a/common/src/main/java/org/apache/sqoop/model/MRole.java
+++ b/common/src/main/java/org/apache/sqoop/model/MRole.java
@@ -22,44 +22,26 @@ package org.apache.sqoop.model;
*/
public class MRole {
- private final String id;
private final String name;
/**
* Default constructor to build new MRole model.
*
- * @param id Role id
- * @param name Role name
- */
- public MRole(String id,
- String name) {
- this.id = id;
- this.name = name;
- }
-
- /**
- * Constructor to build new MRole model.
- *
* @param name Role name
*/
public MRole(String name) {
- this(null, name);
+ this.name = name;
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Role (");
- sb.append("Role id: ").append(this.id);
- sb.append(", Role name: ").append(this.name);
+ sb.append("Role name: ").append(this.name);
sb.append(" )");
return sb.toString();
}
- public String getId() {
- return id;
- }
-
public String getName() {
return name;
}
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/core/src/main/java/org/apache/sqoop/security/AuthorizationAccessController.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/sqoop/security/AuthorizationAccessController.java b/core/src/main/java/org/apache/sqoop/security/AuthorizationAccessController.java
index 54fa556..8dbe704 100644
--- a/core/src/main/java/org/apache/sqoop/security/AuthorizationAccessController.java
+++ b/core/src/main/java/org/apache/sqoop/security/AuthorizationAccessController.java
@@ -25,7 +25,7 @@ import org.apache.sqoop.model.MRole;
import java.util.List;
-/***
+/**
* AuthorizationAccessController is responsible for managing access rule and principal.
*/
public abstract class AuthorizationAccessController {
@@ -33,43 +33,19 @@ public abstract class AuthorizationAccessController {
/**
* Role related function
*/
- public abstract List<MRole> getAllRoles() throws SqoopException;
-
- public abstract MRole getRole(String name) throws SqoopException;
-
- public abstract List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException;
-
- public abstract List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException;
+ public abstract void createRole(MRole role) throws SqoopException;
- public abstract void createRole(String name) throws SqoopException;
+ public abstract void dropRole(MRole role) throws SqoopException;
- public abstract void updateRole(String old_name, String new_name) throws SqoopException;
+ public abstract List<MRole> getAllRoles() throws SqoopException;
- public abstract void removeRole(String name) throws SqoopException;
+ public abstract List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException;
/**
* Principal related function
*/
- public abstract List<MPrincipal> getAllPrincipals() throws SqoopException;
-
- public abstract List<MPrincipal> getPrincipalsByName(String name) throws SqoopException;
-
- public abstract List<MPrincipal> getPrincipalsByType(String type) throws SqoopException;
-
- public abstract MPrincipal getPrincipal(String name, String type) throws SqoopException;
-
public abstract List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException;
- public abstract void createPrincipal(String name, String type) throws SqoopException;
-
- public abstract void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException;
-
- public abstract void removePrincipalsByName(String name) throws SqoopException;
-
- public abstract void removePrincipalsByType(String type) throws SqoopException;
-
- public abstract void removePrincipal(MPrincipal principal) throws SqoopException;
-
public abstract void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
public abstract void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
@@ -77,38 +53,14 @@ public abstract class AuthorizationAccessController {
/**
* Resource related function
*/
- public abstract List<MResource> getAllResources() throws SqoopException;
-
- public abstract List<MResource> getResourcesByType(String type) throws SqoopException;
-
- public abstract MResource getResource(String name, String type) throws SqoopException;
-
- public abstract void createResource(String name, String type) throws SqoopException;
-
public abstract void updateResource(MResource old_resource, MResource new_resource) throws SqoopException;
- public abstract void removeResourcesByType(String type) throws SqoopException;
-
public abstract void removeResource(MResource resource) throws SqoopException;
/**
* Privilege related function
*/
- public abstract List<MPrivilege> getAllPrivileges() throws SqoopException;
-
- public abstract MPrivilege getPrivilegeByName(String name) throws SqoopException;
-
- public abstract List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException;
-
- public abstract List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException;
-
- public abstract void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException;
-
- public abstract void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException;
-
- public abstract void removePrivilege(String name) throws SqoopException;
-
- public abstract void removePrivilegesByResource(MResource resource) throws SqoopException;
+ public abstract List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException;
public abstract void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException;
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/core/src/main/java/org/apache/sqoop/security/AuthorizationHandler.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/sqoop/security/AuthorizationHandler.java b/core/src/main/java/org/apache/sqoop/security/AuthorizationHandler.java
index 5f3231b..7d60a01 100644
--- a/core/src/main/java/org/apache/sqoop/security/AuthorizationHandler.java
+++ b/core/src/main/java/org/apache/sqoop/security/AuthorizationHandler.java
@@ -17,7 +17,6 @@
*/
package org.apache.sqoop.security;
-import org.apache.log4j.Logger;
import org.apache.sqoop.common.SqoopException;
import org.apache.sqoop.model.MPrincipal;
import org.apache.sqoop.model.MPrivilege;
@@ -26,7 +25,7 @@ import org.apache.sqoop.model.MRole;
import java.util.List;
-/***
+/**
* AuthorizationHandler is responsible for controlling role based access.
*/
public abstract class AuthorizationHandler {
@@ -36,43 +35,19 @@ public abstract class AuthorizationHandler {
/**
* Role related function
*/
- public abstract List<MRole> getAllRoles() throws SqoopException;
-
- public abstract MRole getRole(String name) throws SqoopException;
-
- public abstract List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException;
-
- public abstract List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException;
+ public abstract void createRole(MRole role) throws SqoopException;
- public abstract void createRole(String name) throws SqoopException;
+ public abstract void dropRole(MRole role) throws SqoopException;
- public abstract void updateRole(String old_name, String new_name) throws SqoopException;
+ public abstract List<MRole> getAllRoles() throws SqoopException;
- public abstract void removeRole(String name) throws SqoopException;
+ public abstract List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException;
/**
* Principal related function
*/
- public abstract List<MPrincipal> getAllPrincipals() throws SqoopException;
-
- public abstract List<MPrincipal> getPrincipalsByName(String name) throws SqoopException;
-
- public abstract List<MPrincipal> getPrincipalsByType(String type) throws SqoopException;
-
- public abstract MPrincipal getPrincipal(String name, String type) throws SqoopException;
-
public abstract List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException;
- public abstract void createPrincipal(String name, String type) throws SqoopException;
-
- public abstract void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException;
-
- public abstract void removePrincipalsByName(String name) throws SqoopException;
-
- public abstract void removePrincipalsByType(String type) throws SqoopException;
-
- public abstract void removePrincipal(MPrincipal principal) throws SqoopException;
-
public abstract void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
public abstract void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
@@ -80,42 +55,21 @@ public abstract class AuthorizationHandler {
/**
* Resource related function
*/
- public abstract List<MResource> getAllResources() throws SqoopException;
-
- public abstract List<MResource> getResourcesByType(String type) throws SqoopException;
-
- public abstract MResource getResource(String name, String type) throws SqoopException;
-
- public abstract void createResource(String name, String type) throws SqoopException;
-
public abstract void updateResource(MResource old_resource, MResource new_resource) throws SqoopException;
- public abstract void removeResourcesByType(String type) throws SqoopException;
-
public abstract void removeResource(MResource resource) throws SqoopException;
/**
* Privilege related function
*/
- public abstract List<MPrivilege> getAllPrivileges() throws SqoopException;
-
- public abstract MPrivilege getPrivilegeByName(String name) throws SqoopException;
-
- public abstract List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException;
-
- public abstract List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException;
-
- public abstract void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException;
-
- public abstract void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException;
-
- public abstract void removePrivilege(String name) throws SqoopException;
-
- public abstract void removePrivilegesByResource(MResource resource) throws SqoopException;
+ public abstract List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException;
public abstract void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException;
public abstract void revokePrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException;
+ /**
+ * Validator related function
+ */
public abstract void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException;
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/core/src/main/java/org/apache/sqoop/security/AuthorizationValidator.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/sqoop/security/AuthorizationValidator.java b/core/src/main/java/org/apache/sqoop/security/AuthorizationValidator.java
index c6482fb..9c032a9 100644
--- a/core/src/main/java/org/apache/sqoop/security/AuthorizationValidator.java
+++ b/core/src/main/java/org/apache/sqoop/security/AuthorizationValidator.java
@@ -23,11 +23,14 @@ import org.apache.sqoop.model.MPrivilege;
import java.util.List;
-/***
+/**
* AuthorizationHandler is responsible for checking access.
*/
public abstract class AuthorizationValidator {
+ /**
+ * Validator related function
+ */
public abstract void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException;
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
----------------------------------------------------------------------
diff --git a/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java b/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
index 24bd6f1..bb1ce3b 100644
--- a/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
+++ b/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
@@ -172,7 +172,7 @@ public class AuthorizationEngine {
// Do a transfer. "all" means global instances in Restful API, whilst empty
// string means global instances in role based access controller.
resourceId = (resourceId == null || resourceId.equals("all")) ? StringUtils.EMPTY : resourceId;
- return new MPrivilege(new MResource(resourceId, resourceType.name()), privilegeActionType.name());
+ return new MPrivilege(new MResource(resourceId, resourceType.name()), privilegeActionType.name(), false);
}
private static void checkPrivilege(MPrivilege... privileges) {
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationAccessController.java
----------------------------------------------------------------------
diff --git a/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationAccessController.java b/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationAccessController.java
index 02f8f3b..e84c7be 100644
--- a/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationAccessController.java
+++ b/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationAccessController.java
@@ -25,7 +25,6 @@ import org.apache.sqoop.model.MResource;
import org.apache.sqoop.model.MRole;
import org.apache.sqoop.security.AuthorizationAccessController;
-import java.security.Principal;
import java.util.List;
public class DefaultAuthorizationAccessController extends AuthorizationAccessController {
@@ -35,101 +34,42 @@ public class DefaultAuthorizationAccessController extends AuthorizationAccessCon
/**
* Role related function
*/
- public List<MRole> getAllRoles() throws SqoopException {
- LOG.debug("Get all roles in default authorization access controller: return null");
- return null;
+ @Override
+ public void createRole(MRole role) throws SqoopException {
+ LOG.debug("Create role in default authorization access controller: empty function");
+ LOG.debug("role: " + role.toString());
}
- public MRole getRole(String name) throws SqoopException {
- LOG.debug("Get role in default authorization access controller: return null");
- LOG.debug("name: " + name);
+ @Override
+ public void dropRole(MRole role) throws SqoopException {
+ LOG.debug("Remove role in default authorization access controller: empty function");
+ LOG.debug("role: " + role.toString());
+ }
+
+ @Override
+ public List<MRole> getAllRoles() throws SqoopException {
+ LOG.debug("Get all roles in default authorization access controller: return null");
return null;
}
+ @Override
public List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException {
LOG.debug("Get roles by principal in default authorization access controller: return null");
LOG.debug("principal: " + principal.toString());
return null;
}
- public List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException {
- LOG.debug("Get roles by privilege in default authorization access controller: return null");
- LOG.debug("privilege: " + privilege.toString());
- return null;
- }
-
- public void createRole(String name) throws SqoopException {
- LOG.debug("Create role in default authorization access controller: empty function");
- LOG.debug("name: " + name);
- }
-
- public void updateRole(String old_name, String new_name) throws SqoopException {
- LOG.debug("Update role in default authorization access controller: empty function");
- LOG.debug("old name: " + old_name + ", new name: " + new_name);
- }
-
- public void removeRole(String name) throws SqoopException {
- LOG.debug("Remove role in default authorization access controller: empty function");
- LOG.debug("name: " + name);
- }
-
/**
* Principal related function
*/
- public List<MPrincipal> getAllPrincipals() throws SqoopException {
- LOG.debug("Get all principals in default authorization access controller: return null");
- return null;
- }
-
- public List<MPrincipal> getPrincipalsByName(String name) throws SqoopException {
- LOG.debug("Get principals by name in default authorization access controller: return null");
- LOG.debug("name: " + name);
- return null;
- }
-
- public List<MPrincipal> getPrincipalsByType(String type) throws SqoopException {
- LOG.debug("Get principals by type in default authorization access controller: return null");
- LOG.debug("type: " + type);
- return null;
- }
-
- public MPrincipal getPrincipal(String name, String type) throws SqoopException {
- LOG.debug("Get principal in default authorization access controller: return null");
- LOG.debug("name: " + name + ", type: " + type);
- return null;
- }
-
+ @Override
public List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException {
LOG.debug("Get principals by role in default authorization access controller: return null");
LOG.debug("role: " + role.toString());
return null;
}
- public void createPrincipal(String name, String type) throws SqoopException {
- LOG.debug("Create principal in default authorization access controller: empty function");
- LOG.debug("name: " + name + ", type: " + type);
- }
-
- public void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException {
- LOG.debug("Update principal in default authorization access controller: empty function");
- LOG.debug("old principal: " + old_principal + ", new principal: " + new_principal);
- }
-
- public void removePrincipalsByName(String name) throws SqoopException {
- LOG.debug("Remove principals by name in default authorization access controller: empty function");
- LOG.debug("name: " + name);
- }
-
- public void removePrincipalsByType(String type) throws SqoopException {
- LOG.debug("Remove principals by type in default authorization access controller: empty function");
- LOG.debug("type: " + type);
- }
-
- public void removePrincipal(MPrincipal principal) throws SqoopException {
- LOG.debug("Remove principal in default authorization access controller: empty function");
- LOG.debug("principal: " + principal.toString());
- }
-
+ @Override
public void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
LOG.debug("Grant role in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
@@ -140,6 +80,7 @@ public class DefaultAuthorizationAccessController extends AuthorizationAccessCon
}
}
+ @Override
public void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
LOG.debug("Revoke role in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
@@ -153,38 +94,13 @@ public class DefaultAuthorizationAccessController extends AuthorizationAccessCon
/**
* Resource related function
*/
- public List<MResource> getAllResources() throws SqoopException {
- LOG.debug("Get all resources in default authorization access controller: return null");
- return null;
- }
-
- public List<MResource> getResourcesByType(String type) throws SqoopException {
- LOG.debug("Get resources by type in default authorization access controller: return null");
- LOG.debug("type: " + type);
- return null;
- }
-
- public MResource getResource(String name, String type) throws SqoopException {
- LOG.debug("Get resource in default authorization access controller: return null");
- LOG.debug("name: " + name + ", type: " + type);
- return null;
- }
-
- public void createResource(String name, String type) throws SqoopException {
- LOG.debug("Create resource in default authorization access controller: empty function");
- LOG.debug("name: " + name + ", type: " + type);
- }
-
+ @Override
public void updateResource(MResource old_resource, MResource new_resource) throws SqoopException {
LOG.debug("Update resource in default authorization access controller: empty function");
LOG.debug("old_resource: " + old_resource + ", new_resource: " + new_resource);
}
- public void removeResourcesByType(String type) throws SqoopException {
- LOG.debug("Remove resource by type in default authorization access controller: empty function");
- LOG.debug("type: " + type);
- }
-
+ @Override
public void removeResource(MResource resource) throws SqoopException {
LOG.debug("Remove resource in default authorization access controller: empty function");
LOG.debug("resource: " + resource.toString());
@@ -193,49 +109,17 @@ public class DefaultAuthorizationAccessController extends AuthorizationAccessCon
/**
* Privilege related function
*/
- public List<MPrivilege> getAllPrivileges() throws SqoopException {
- LOG.debug("Get all privileges in default authorization access controller: return null");
- return null;
- }
-
- public MPrivilege getPrivilegeByName(String name) throws SqoopException {
- LOG.debug("Get privileges by name in default authorization access controller: return null");
- LOG.debug("name: " + name);
- return null;
- }
-
- public List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException {
- LOG.debug("Get privileges by resource in default authorization access controller: return null");
- LOG.debug("resource: " + resource.toString());
- return null;
- }
-
- public List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException {
+ @Override
+ public List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException {
LOG.debug("Get privileges by role in default authorization access controller: return null");
- LOG.debug("role: " + role.toString());
+ LOG.debug("principal: " + principal.toString());
+ if (resource != null) { //Get all privileges on principal
+ LOG.debug("resource: " + resource.toString());
+ }
return null;
}
- public void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException {
- LOG.debug("Create privilege in default authorization access controller: empty function");
- LOG.debug("name: " + name + ", resource: " + resource.toString() + ", action: " + action + ", with grant option: " + with_grant_option);
- }
-
- public void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException {
- LOG.debug("Update privilege in default authorization access controller: empty function");
- LOG.debug("old_privilege: " + old_privilege + ", new_privilege: " + new_privilege);
- }
-
- public void removePrivilege(String name) throws SqoopException {
- LOG.debug("Remove privilege in default authorization access controller: empty function");
- LOG.debug("name: " + name);
- }
-
- public void removePrivilegesByResource(MResource resource) throws SqoopException {
- LOG.debug("Remove privileges by resource in default authorization access controller: empty function");
- LOG.debug("resource: " + resource.toString());
- }
-
+ @Override
public void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
LOG.debug("Grant privileges in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
@@ -246,13 +130,16 @@ public class DefaultAuthorizationAccessController extends AuthorizationAccessCon
}
}
+ @Override
public void revokePrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
LOG.debug("Revoke privileges in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
LOG.debug("principal: " + principal.toString());
}
- for (MPrivilege privilege : privileges) {
- LOG.debug("privilege: " + privilege.toString());
+ if (privileges != null) { //Revoke all privileges on principal
+ for (MPrivilege privilege : privileges) {
+ LOG.debug("privilege: " + privilege.toString());
+ }
}
}
}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationHandler.java
----------------------------------------------------------------------
diff --git a/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationHandler.java b/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationHandler.java
index 8e63b86..c60b8a5 100644
--- a/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationHandler.java
+++ b/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationHandler.java
@@ -73,6 +73,7 @@ public class DefaultAuthorizationHandler extends AuthorizationHandler {
this.authenticationProvider = authenticationProvider;
}
+ @Override
public void doInitialize(AuthenticationProvider provider) throws ClassNotFoundException, IllegalAccessException, InstantiationException {
MapContext mapContext = SqoopConfiguration.getInstance().getContext();
String accessController = mapContext.getString(
@@ -91,81 +92,40 @@ public class DefaultAuthorizationHandler extends AuthorizationHandler {
/**
* Role related function
*/
- public List<MRole> getAllRoles() throws SqoopException {
- return this.authorizationAccessController.getAllRoles();
- }
-
- public MRole getRole(String name) throws SqoopException {
- return this.authorizationAccessController.getRole(name);
- }
-
- public List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException {
- return this.authorizationAccessController.getRolesByPrincipal(principal);
+ @Override
+ public void createRole(MRole role) throws SqoopException {
+ this.authorizationAccessController.createRole(role);
}
- public List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException {
- return this.authorizationAccessController.getRolesByPrivilege(privilege);
+ @Override
+ public void dropRole(MRole role) throws SqoopException {
+ this.authorizationAccessController.dropRole(role);
}
- public void createRole(String name) throws SqoopException {
- this.authorizationAccessController.createRole(name);
- }
-
- public void updateRole(String old_name, String new_name) throws SqoopException {
- this.authorizationAccessController.updateRole(old_name, new_name);
+ @Override
+ public List<MRole> getAllRoles() throws SqoopException {
+ return this.authorizationAccessController.getAllRoles();
}
- public void removeRole(String name) throws SqoopException {
- this.authorizationAccessController.removeRole(name);
+ @Override
+ public List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException {
+ return this.authorizationAccessController.getRolesByPrincipal(principal);
}
/**
* Principal related function
*/
- public List<MPrincipal> getAllPrincipals() throws SqoopException {
- return this.authorizationAccessController.getAllPrincipals();
- }
-
- public List<MPrincipal> getPrincipalsByName(String name) throws SqoopException {
- return this.authorizationAccessController.getPrincipalsByName(name);
- }
-
- public List<MPrincipal> getPrincipalsByType(String type) throws SqoopException {
- return this.authorizationAccessController.getPrincipalsByType(type);
- }
-
- public MPrincipal getPrincipal(String name, String type) throws SqoopException {
- return this.authorizationAccessController.getPrincipal(name, type);
- }
-
+ @Override
public List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException {
return this.authorizationAccessController.getPrincipalsByRole(role);
}
- public void createPrincipal(String name, String type) throws SqoopException {
- this.authorizationAccessController.createPrincipal(name, type);
- }
-
- public void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException {
- this.authorizationAccessController.updatePrincipal(old_principal, new_principal);
- }
-
- public void removePrincipalsByName(String name) throws SqoopException {
- this.authorizationAccessController.removePrincipalsByName(name);
- }
-
- public void removePrincipalsByType(String type) throws SqoopException {
- this.authorizationAccessController.removePrincipalsByType(type);
- }
-
- public void removePrincipal(MPrincipal principal) throws SqoopException {
- this.authorizationAccessController.removePrincipal(principal);
- }
-
+ @Override
public void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
this.authorizationAccessController.grantRole(principals, roles);
}
+ @Override
public void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
this.authorizationAccessController.revokeRole(principals, roles);
}
@@ -173,30 +133,12 @@ public class DefaultAuthorizationHandler extends AuthorizationHandler {
/**
* Resource related function
*/
- public List<MResource> getAllResources() throws SqoopException {
- return this.authorizationAccessController.getAllResources();
- }
-
- public List<MResource> getResourcesByType(String type) throws SqoopException {
- return this.authorizationAccessController.getResourcesByType(type);
- }
-
- public MResource getResource(String name, String type) throws SqoopException {
- return this.authorizationAccessController.getResource(name, type);
- }
-
- public void createResource(String name, String type) throws SqoopException {
- this.authorizationAccessController.createResource(name, type);
- }
-
+ @Override
public void updateResource(MResource old_resource, MResource new_resource) throws SqoopException {
this.authorizationAccessController.updateResource(old_resource, new_resource);
}
- public void removeResourcesByType(String type) throws SqoopException {
- this.authorizationAccessController.removeResourcesByType(type);
- }
-
+ @Override
public void removeResource(MResource resource) throws SqoopException {
this.authorizationAccessController.removeResource(resource);
}
@@ -204,46 +146,25 @@ public class DefaultAuthorizationHandler extends AuthorizationHandler {
/**
* Privilege related function
*/
- public List<MPrivilege> getAllPrivileges() throws SqoopException {
- return this.authorizationAccessController.getAllPrivileges();
- }
-
- public MPrivilege getPrivilegeByName(String name) throws SqoopException {
- return this.authorizationAccessController.getPrivilegeByName(name);
- }
-
- public List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException {
- return this.authorizationAccessController.getPrivilegesByResource(resource);
- }
-
- public List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException {
- return this.authorizationAccessController.getPrivilegesByRole(role);
- }
-
- public void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException {
- this.authorizationAccessController.createPrivilege(name, resource, action, with_grant_option);
- }
-
- public void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException {
- this.authorizationAccessController.updatePrivilege(old_privilege, new_privilege);
- }
-
- public void removePrivilege(String name) throws SqoopException {
- this.authorizationAccessController.removePrivilege(name);
- }
-
- public void removePrivilegesByResource(MResource resource) throws SqoopException {
- this.authorizationAccessController.removePrivilegesByResource(resource);
+ @Override
+ public List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException {
+ return this.authorizationAccessController.getPrivilegesByPrincipal(principal, resource);
}
+ @Override
public void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
this.authorizationAccessController.grantPrivileges(principals, privileges);
}
+ @Override
public void revokePrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
this.authorizationAccessController.revokePrivileges(principals, privileges);
}
+ /**
+ * Validator related function
+ */
+ @Override
public void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException {
this.authorizationValidator.checkPrivileges(principal, privileges);
}
http://git-wip-us.apache.org/repos/asf/sqoop/blob/4570b05f/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationValidator.java
----------------------------------------------------------------------
diff --git a/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationValidator.java b/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationValidator.java
index bbde281..aa8fe8d 100644
--- a/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationValidator.java
+++ b/security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationValidator.java
@@ -29,6 +29,9 @@ public class DefaultAuthorizationValidator extends AuthorizationValidator {
private static final Logger LOG = Logger.getLogger(DefaultAuthorizationValidator.class);
+ /**
+ * Validator related function
+ */
public void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException {
LOG.debug("Check privilege in default authorization validator: always valid");
LOG.debug("principal: " + principal.toString());