github/sqoop
5
0
Fork 0
mirror of https://github.com/apache/sqoop.git synced 2025-05-19 02:10:54 +08:00
Code Issues Projects Releases Wiki Activity

SQOOP-2079: Sqoop2: Remove useless functions for RBAC

Browse Source 
(Richard Zhou via Abraham Elmahrek)
This commit is contained in:
Abraham Elmahrek 2015-02-08 22:41:17 -08:00
parent 1722d740ba
commit 4570b05f8c
11 changed files with 91 additions and 471 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
common/src/main/java/org/apache/sqoop/model/MPrincipal.java
View File

@ -22,7 +22,6 @@
*/
public class MPrincipal {
private final String id;
private final String name;
/**
* Currently, the type supports user, group and role.
@ -32,44 +31,25 @@ public class MPrincipal {
/**
* Default constructor to build new MPrincipal model.
*
* @param id Principal id
* @param name Principal name
* @param type Principal type
*/
public MPrincipal(String id,
String name,
String type) {
this.id = id;
this.name = name;
this.type = type;
}
/**
* Constructor to build new MPrincipal model.
*
* @param name Principal name
* @param type Principal type
*/
public MPrincipal(String name,
String type) {
this(null, name, type);
this.name = name;
this.type = type;
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Principal (");
sb.append("Principal id: ").append(this.id);
sb.append(", Principal name: ").append(this.name);
sb.append("Principal name: ").append(this.name);
sb.append(", Principal type: ").append(this.type);
sb.append(" )");
return sb.toString();
}
public String getId() {
return id;
}
public String getName() {
return name;
}

46
common/src/main/java/org/apache/sqoop/model/MPrivilege.java
View File

@ -22,8 +22,6 @@
*/
public class MPrivilege {
private final String id;
private final String name;
private final MResource resource;
/**
* Currently, the action supports view, use, create, update, delete and enable_disable.
@ -35,54 +33,22 @@ public class MPrivilege {
/**
* Default constructor to build new MPrivilege model.
*
* @param id Privilege id
* @param name Privilege name
* @param resource Privilege resource
* @param action Privilege action
* @param with_grant_option Privilege with_grant_option
*/
public MPrivilege(String id,
String name,
MResource resource,
public MPrivilege(MResource resource,
String action,
boolean with_grant_option) {
this.id = id;
this.name = name;
this.resource = resource;
this.action = action;
this.with_grant_option = with_grant_option;
}
/**
* Constructor to build new MPrivilege model.
*
* @param name Privilege name
* @param resource Privilege resource
* @param action Privilege action
*/
public MPrivilege(String name,
MResource resource,
String action) {
this(null, name, resource, action, false);
}
/**
* Constructor to build new MPrivilege model.
*
* @param resource Privilege resource
* @param action Privilege action
*/
public MPrivilege(MResource resource,
String action) {
this(null, resource, action);
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Privilege (");
sb.append("Privilege id: ").append(this.id);
sb.append(", Privilege name: ").append(this.name);
sb.append(", Privilege resource: ").append(this.getResource().toString());
sb.append("Privilege resource: ").append(this.getResource().toString());
sb.append(", Privilege action: ").append(this.action);
sb.append(", Privilege with_grant_option: ").append(this.with_grant_option);
sb.append(" )");
@ -90,14 +56,6 @@ public String toString() {
return sb.toString();
}
public String getId() {
return id;
}
public String getName() {
return name;
}
public MResource getResource() {
return resource;
}

26
common/src/main/java/org/apache/sqoop/model/MResource.java
View File

@ -22,7 +22,6 @@
*/
public class MResource {
private final String id;
private final String name;
/**
* Currently, the type supports connector, link, job and submission.
@ -32,44 +31,25 @@ public class MResource {
/**
* Default constructor to build new MResource model.
*
* @param id Resource id
* @param name Resource name
* @param type Resource type
*/
public MResource(String id,
String name,
String type) {
this.id = id;
this.name = name;
this.type = type;
}
/**
* Constructor to build new MResource model.
*
* @param name Resource name
* @param type Resource type
*/
public MResource(String name,
String type) {
this(null, name, type);
this.name = name;
this.type = type;
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Resource (");
sb.append("Resource id: ").append(this.id);
sb.append(", Resource name: ").append(this.name);
sb.append("Resource name: ").append(this.name);
sb.append(", Resource type: ").append(this.type);
sb.append(" )");
return sb.toString();
}
public String getId() {
return id;
}
public String getName() {
return name;
}

22
common/src/main/java/org/apache/sqoop/model/MRole.java
View File

@ -22,44 +22,26 @@
*/
public class MRole {
private final String id;
private final String name;
/**
* Default constructor to build new MRole model.
*
* @param id Role id
* @param name Role name
*/
public MRole(String id,
String name) {
this.id = id;
this.name = name;
}
/**
* Constructor to build new MRole model.
*
* @param name Role name
*/
public MRole(String name) {
this(null, name);
this.name = name;
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder("Role (");
sb.append("Role id: ").append(this.id);
sb.append(", Role name: ").append(this.name);
sb.append("Role name: ").append(this.name);
sb.append(" )");
return sb.toString();
}
public String getId() {
return id;
}
public String getName() {
return name;
}

60
core/src/main/java/org/apache/sqoop/security/AuthorizationAccessController.java
View File

@ -25,7 +25,7 @@
import java.util.List;
/***
/**
* AuthorizationAccessController is responsible for managing access rule and principal.
*/
public abstract class AuthorizationAccessController {
@ -33,43 +33,19 @@ public abstract class AuthorizationAccessController {
/**
* Role related function
*/
public abstract void createRole(MRole role) throws SqoopException;
public abstract void dropRole(MRole role) throws SqoopException;
public abstract List<MRole> getAllRoles() throws SqoopException;
public abstract MRole getRole(String name) throws SqoopException;
public abstract List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException;
public abstract List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException;
public abstract void createRole(String name) throws SqoopException;
public abstract void updateRole(String old_name, String new_name) throws SqoopException;
public abstract void removeRole(String name) throws SqoopException;
/**
* Principal related function
*/
public abstract List<MPrincipal> getAllPrincipals() throws SqoopException;
public abstract List<MPrincipal> getPrincipalsByName(String name) throws SqoopException;
public abstract List<MPrincipal> getPrincipalsByType(String type) throws SqoopException;
public abstract MPrincipal getPrincipal(String name, String type) throws SqoopException;
public abstract List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException;
public abstract void createPrincipal(String name, String type) throws SqoopException;
public abstract void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException;
public abstract void removePrincipalsByName(String name) throws SqoopException;
public abstract void removePrincipalsByType(String type) throws SqoopException;
public abstract void removePrincipal(MPrincipal principal) throws SqoopException;
public abstract void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
public abstract void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
@ -77,38 +53,14 @@ public abstract class AuthorizationAccessController {
/**
* Resource related function
*/
public abstract List<MResource> getAllResources() throws SqoopException;
public abstract List<MResource> getResourcesByType(String type) throws SqoopException;
public abstract MResource getResource(String name, String type) throws SqoopException;
public abstract void createResource(String name, String type) throws SqoopException;
public abstract void updateResource(MResource old_resource, MResource new_resource) throws SqoopException;
public abstract void removeResourcesByType(String type) throws SqoopException;
public abstract void removeResource(MResource resource) throws SqoopException;
/**
* Privilege related function
*/
public abstract List<MPrivilege> getAllPrivileges() throws SqoopException;
public abstract MPrivilege getPrivilegeByName(String name) throws SqoopException;
public abstract List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException;
public abstract List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException;
public abstract void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException;
public abstract void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException;
public abstract void removePrivilege(String name) throws SqoopException;
public abstract void removePrivilegesByResource(MResource resource) throws SqoopException;
public abstract List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException;
public abstract void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException;

64
core/src/main/java/org/apache/sqoop/security/AuthorizationHandler.java
View File

@ -17,7 +17,6 @@
*/
package org.apache.sqoop.security;
import org.apache.log4j.Logger;
import org.apache.sqoop.common.SqoopException;
import org.apache.sqoop.model.MPrincipal;
import org.apache.sqoop.model.MPrivilege;
@ -26,7 +25,7 @@
import java.util.List;
/***
/**
* AuthorizationHandler is responsible for controlling role based access.
*/
public abstract class AuthorizationHandler {
@ -36,43 +35,19 @@ public abstract class AuthorizationHandler {
/**
* Role related function
*/
public abstract void createRole(MRole role) throws SqoopException;
public abstract void dropRole(MRole role) throws SqoopException;
public abstract List<MRole> getAllRoles() throws SqoopException;
public abstract MRole getRole(String name) throws SqoopException;
public abstract List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException;
public abstract List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException;
public abstract void createRole(String name) throws SqoopException;
public abstract void updateRole(String old_name, String new_name) throws SqoopException;
public abstract void removeRole(String name) throws SqoopException;
/**
* Principal related function
*/
public abstract List<MPrincipal> getAllPrincipals() throws SqoopException;
public abstract List<MPrincipal> getPrincipalsByName(String name) throws SqoopException;
public abstract List<MPrincipal> getPrincipalsByType(String type) throws SqoopException;
public abstract MPrincipal getPrincipal(String name, String type) throws SqoopException;
public abstract List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException;
public abstract void createPrincipal(String name, String type) throws SqoopException;
public abstract void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException;
public abstract void removePrincipalsByName(String name) throws SqoopException;
public abstract void removePrincipalsByType(String type) throws SqoopException;
public abstract void removePrincipal(MPrincipal principal) throws SqoopException;
public abstract void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
public abstract void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException;
@ -80,42 +55,21 @@ public abstract class AuthorizationHandler {
/**
* Resource related function
*/
public abstract List<MResource> getAllResources() throws SqoopException;
public abstract List<MResource> getResourcesByType(String type) throws SqoopException;
public abstract MResource getResource(String name, String type) throws SqoopException;
public abstract void createResource(String name, String type) throws SqoopException;
public abstract void updateResource(MResource old_resource, MResource new_resource) throws SqoopException;
public abstract void removeResourcesByType(String type) throws SqoopException;
public abstract void removeResource(MResource resource) throws SqoopException;
/**
* Privilege related function
*/
public abstract List<MPrivilege> getAllPrivileges() throws SqoopException;
public abstract MPrivilege getPrivilegeByName(String name) throws SqoopException;
public abstract List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException;
public abstract List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException;
public abstract void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException;
public abstract void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException;
public abstract void removePrivilege(String name) throws SqoopException;
public abstract void removePrivilegesByResource(MResource resource) throws SqoopException;
public abstract List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException;
public abstract void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException;
public abstract void revokePrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException;
/**
* Validator related function
*/
public abstract void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException;
}

5
core/src/main/java/org/apache/sqoop/security/AuthorizationValidator.java
View File

@ -23,11 +23,14 @@
import java.util.List;
/***
/**
* AuthorizationHandler is responsible for checking access.
*/
public abstract class AuthorizationValidator {
/**
* Validator related function
*/
public abstract void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException;
}

2
security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
View File

@ -172,7 +172,7 @@ private static MPrivilege getPrivilege(ResourceType resourceType,
// Do a transfer. "all" means global instances in Restful API, whilst empty
// string means global instances in role based access controller.
resourceId = (resourceId == null || resourceId.equals("all")) ? StringUtils.EMPTY : resourceId;
return new MPrivilege(new MResource(resourceId, resourceType.name()), privilegeActionType.name());
return new MPrivilege(new MResource(resourceId, resourceType.name()), privilegeActionType.name(), false);
}
private static void checkPrivilege(MPrivilege... privileges) {

171
security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationAccessController.java
View File

@ -25,7 +25,6 @@
import org.apache.sqoop.model.MRole;
import org.apache.sqoop.security.AuthorizationAccessController;
import java.security.Principal;
import java.util.List;
public class DefaultAuthorizationAccessController extends AuthorizationAccessController {
@ -35,101 +34,42 @@ public class DefaultAuthorizationAccessController extends AuthorizationAccessCon
/**
* Role related function
*/
@Override
public void createRole(MRole role) throws SqoopException {
LOG.debug("Create role in default authorization access controller: empty function");
LOG.debug("role: " + role.toString());
}
@Override
public void dropRole(MRole role) throws SqoopException {
LOG.debug("Remove role in default authorization access controller: empty function");
LOG.debug("role: " + role.toString());
}
@Override
public List<MRole> getAllRoles() throws SqoopException {
LOG.debug("Get all roles in default authorization access controller: return null");
return null;
}
public MRole getRole(String name) throws SqoopException {
LOG.debug("Get role in default authorization access controller: return null");
LOG.debug("name: " + name);
return null;
}
@Override
public List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException {
LOG.debug("Get roles by principal in default authorization access controller: return null");
LOG.debug("principal: " + principal.toString());
return null;
}
public List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException {
LOG.debug("Get roles by privilege in default authorization access controller: return null");
LOG.debug("privilege: " + privilege.toString());
return null;
}
public void createRole(String name) throws SqoopException {
LOG.debug("Create role in default authorization access controller: empty function");
LOG.debug("name: " + name);
}
public void updateRole(String old_name, String new_name) throws SqoopException {
LOG.debug("Update role in default authorization access controller: empty function");
LOG.debug("old name: " + old_name + ", new name: " + new_name);
}
public void removeRole(String name) throws SqoopException {
LOG.debug("Remove role in default authorization access controller: empty function");
LOG.debug("name: " + name);
}
/**
* Principal related function
*/
public List<MPrincipal> getAllPrincipals() throws SqoopException {
LOG.debug("Get all principals in default authorization access controller: return null");
return null;
}
public List<MPrincipal> getPrincipalsByName(String name) throws SqoopException {
LOG.debug("Get principals by name in default authorization access controller: return null");
LOG.debug("name: " + name);
return null;
}
public List<MPrincipal> getPrincipalsByType(String type) throws SqoopException {
LOG.debug("Get principals by type in default authorization access controller: return null");
LOG.debug("type: " + type);
return null;
}
public MPrincipal getPrincipal(String name, String type) throws SqoopException {
LOG.debug("Get principal in default authorization access controller: return null");
LOG.debug("name: " + name + ", type: " + type);
return null;
}
@Override
public List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException {
LOG.debug("Get principals by role in default authorization access controller: return null");
LOG.debug("role: " + role.toString());
return null;
}
public void createPrincipal(String name, String type) throws SqoopException {
LOG.debug("Create principal in default authorization access controller: empty function");
LOG.debug("name: " + name + ", type: " + type);
}
public void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException {
LOG.debug("Update principal in default authorization access controller: empty function");
LOG.debug("old principal: " + old_principal + ", new principal: " + new_principal);
}
public void removePrincipalsByName(String name) throws SqoopException {
LOG.debug("Remove principals by name in default authorization access controller: empty function");
LOG.debug("name: " + name);
}
public void removePrincipalsByType(String type) throws SqoopException {
LOG.debug("Remove principals by type in default authorization access controller: empty function");
LOG.debug("type: " + type);
}
public void removePrincipal(MPrincipal principal) throws SqoopException {
LOG.debug("Remove principal in default authorization access controller: empty function");
LOG.debug("principal: " + principal.toString());
}
@Override
public void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
LOG.debug("Grant role in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
@ -140,6 +80,7 @@ public void grantRole(List<MPrincipal> principals, List<MRole> roles) throws Sqo
}
}
@Override
public void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
LOG.debug("Revoke role in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
@ -153,38 +94,13 @@ public void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws Sq
/**
* Resource related function
*/
public List<MResource> getAllResources() throws SqoopException {
LOG.debug("Get all resources in default authorization access controller: return null");
return null;
}
public List<MResource> getResourcesByType(String type) throws SqoopException {
LOG.debug("Get resources by type in default authorization access controller: return null");
LOG.debug("type: " + type);
return null;
}
public MResource getResource(String name, String type) throws SqoopException {
LOG.debug("Get resource in default authorization access controller: return null");
LOG.debug("name: " + name + ", type: " + type);
return null;
}
public void createResource(String name, String type) throws SqoopException {
LOG.debug("Create resource in default authorization access controller: empty function");
LOG.debug("name: " + name + ", type: " + type);
}
@Override
public void updateResource(MResource old_resource, MResource new_resource) throws SqoopException {
LOG.debug("Update resource in default authorization access controller: empty function");
LOG.debug("old_resource: " + old_resource + ", new_resource: " + new_resource);
}
public void removeResourcesByType(String type) throws SqoopException {
LOG.debug("Remove resource by type in default authorization access controller: empty function");
LOG.debug("type: " + type);
}
@Override
public void removeResource(MResource resource) throws SqoopException {
LOG.debug("Remove resource in default authorization access controller: empty function");
LOG.debug("resource: " + resource.toString());
@ -193,49 +109,17 @@ public void removeResource(MResource resource) throws SqoopException {
/**
* Privilege related function
*/
public List<MPrivilege> getAllPrivileges() throws SqoopException {
LOG.debug("Get all privileges in default authorization access controller: return null");
return null;
}
public MPrivilege getPrivilegeByName(String name) throws SqoopException {
LOG.debug("Get privileges by name in default authorization access controller: return null");
LOG.debug("name: " + name);
return null;
}
public List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException {
LOG.debug("Get privileges by resource in default authorization access controller: return null");
LOG.debug("resource: " + resource.toString());
return null;
}
public List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException {
@Override
public List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException {
LOG.debug("Get privileges by role in default authorization access controller: return null");
LOG.debug("role: " + role.toString());
LOG.debug("principal: " + principal.toString());
if (resource != null) { //Get all privileges on principal
LOG.debug("resource: " + resource.toString());
}
return null;
}
public void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException {
LOG.debug("Create privilege in default authorization access controller: empty function");
LOG.debug("name: " + name + ", resource: " + resource.toString() + ", action: " + action + ", with grant option: " + with_grant_option);
}
public void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException {
LOG.debug("Update privilege in default authorization access controller: empty function");
LOG.debug("old_privilege: " + old_privilege + ", new_privilege: " + new_privilege);
}
public void removePrivilege(String name) throws SqoopException {
LOG.debug("Remove privilege in default authorization access controller: empty function");
LOG.debug("name: " + name);
}
public void removePrivilegesByResource(MResource resource) throws SqoopException {
LOG.debug("Remove privileges by resource in default authorization access controller: empty function");
LOG.debug("resource: " + resource.toString());
}
@Override
public void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
LOG.debug("Grant privileges in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
@ -246,13 +130,16 @@ public void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privil
}
}
@Override
public void revokePrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
LOG.debug("Revoke privileges in default authorization access controller: empty function");
for (MPrincipal principal : principals) {
LOG.debug("principal: " + principal.toString());
}
if (privileges != null) { //Revoke all privileges on principal
for (MPrivilege privilege : privileges) {
LOG.debug("privilege: " + privilege.toString());
}
}
}
}

133
security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationHandler.java
View File

@ -73,6 +73,7 @@ public void setAuthenticationProvider(AuthenticationProvider authenticationProvi
this.authenticationProvider = authenticationProvider;
}
@Override
public void doInitialize(AuthenticationProvider provider) throws ClassNotFoundException, IllegalAccessException, InstantiationException {
MapContext mapContext = SqoopConfiguration.getInstance().getContext();
String accessController = mapContext.getString(
@ -91,81 +92,40 @@ public void doInitialize(AuthenticationProvider provider) throws ClassNotFoundEx
/**
* Role related function
*/
@Override
public void createRole(MRole role) throws SqoopException {
this.authorizationAccessController.createRole(role);
}
@Override
public void dropRole(MRole role) throws SqoopException {
this.authorizationAccessController.dropRole(role);
}
@Override
public List<MRole> getAllRoles() throws SqoopException {
return this.authorizationAccessController.getAllRoles();
}
public MRole getRole(String name) throws SqoopException {
return this.authorizationAccessController.getRole(name);
}
@Override
public List<MRole> getRolesByPrincipal(MPrincipal principal) throws SqoopException {
return this.authorizationAccessController.getRolesByPrincipal(principal);
}
public List<MRole> getRolesByPrivilege(MPrivilege privilege) throws SqoopException {
return this.authorizationAccessController.getRolesByPrivilege(privilege);
}
public void createRole(String name) throws SqoopException {
this.authorizationAccessController.createRole(name);
}
public void updateRole(String old_name, String new_name) throws SqoopException {
this.authorizationAccessController.updateRole(old_name, new_name);
}
public void removeRole(String name) throws SqoopException {
this.authorizationAccessController.removeRole(name);
}
/**
* Principal related function
*/
public List<MPrincipal> getAllPrincipals() throws SqoopException {
return this.authorizationAccessController.getAllPrincipals();
}
public List<MPrincipal> getPrincipalsByName(String name) throws SqoopException {
return this.authorizationAccessController.getPrincipalsByName(name);
}
public List<MPrincipal> getPrincipalsByType(String type) throws SqoopException {
return this.authorizationAccessController.getPrincipalsByType(type);
}
public MPrincipal getPrincipal(String name, String type) throws SqoopException {
return this.authorizationAccessController.getPrincipal(name, type);
}
@Override
public List<MPrincipal> getPrincipalsByRole(MRole role) throws SqoopException {
return this.authorizationAccessController.getPrincipalsByRole(role);
}
public void createPrincipal(String name, String type) throws SqoopException {
this.authorizationAccessController.createPrincipal(name, type);
}
public void updatePrincipal(MPrincipal old_principal, MPrincipal new_principal) throws SqoopException {
this.authorizationAccessController.updatePrincipal(old_principal, new_principal);
}
public void removePrincipalsByName(String name) throws SqoopException {
this.authorizationAccessController.removePrincipalsByName(name);
}
public void removePrincipalsByType(String type) throws SqoopException {
this.authorizationAccessController.removePrincipalsByType(type);
}
public void removePrincipal(MPrincipal principal) throws SqoopException {
this.authorizationAccessController.removePrincipal(principal);
}
@Override
public void grantRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
this.authorizationAccessController.grantRole(principals, roles);
}
@Override
public void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws SqoopException {
this.authorizationAccessController.revokeRole(principals, roles);
}
@ -173,30 +133,12 @@ public void revokeRole(List<MPrincipal> principals, List<MRole> roles) throws Sq
/**
* Resource related function
*/
public List<MResource> getAllResources() throws SqoopException {
return this.authorizationAccessController.getAllResources();
}
public List<MResource> getResourcesByType(String type) throws SqoopException {
return this.authorizationAccessController.getResourcesByType(type);
}
public MResource getResource(String name, String type) throws SqoopException {
return this.authorizationAccessController.getResource(name, type);
}
public void createResource(String name, String type) throws SqoopException {
this.authorizationAccessController.createResource(name, type);
}
@Override
public void updateResource(MResource old_resource, MResource new_resource) throws SqoopException {
this.authorizationAccessController.updateResource(old_resource, new_resource);
}
public void removeResourcesByType(String type) throws SqoopException {
this.authorizationAccessController.removeResourcesByType(type);
}
@Override
public void removeResource(MResource resource) throws SqoopException {
this.authorizationAccessController.removeResource(resource);
}
@ -204,46 +146,25 @@ public void removeResource(MResource resource) throws SqoopException {
/**
* Privilege related function
*/
public List<MPrivilege> getAllPrivileges() throws SqoopException {
return this.authorizationAccessController.getAllPrivileges();
}
public MPrivilege getPrivilegeByName(String name) throws SqoopException {
return this.authorizationAccessController.getPrivilegeByName(name);
}
public List<MPrivilege> getPrivilegesByResource(MResource resource) throws SqoopException {
return this.authorizationAccessController.getPrivilegesByResource(resource);
}
public List<MPrivilege> getPrivilegesByRole(MRole role) throws SqoopException {
return this.authorizationAccessController.getPrivilegesByRole(role);
}
public void createPrivilege(String name, MResource resource, String action, boolean with_grant_option) throws SqoopException {
this.authorizationAccessController.createPrivilege(name, resource, action, with_grant_option);
}
public void updatePrivilege(MPrivilege old_privilege, MPrivilege new_privilege) throws SqoopException {
this.authorizationAccessController.updatePrivilege(old_privilege, new_privilege);
}
public void removePrivilege(String name) throws SqoopException {
this.authorizationAccessController.removePrivilege(name);
}
public void removePrivilegesByResource(MResource resource) throws SqoopException {
this.authorizationAccessController.removePrivilegesByResource(resource);
@Override
public List<MPrivilege> getPrivilegesByPrincipal(MPrincipal principal, MResource resource) throws SqoopException {
return this.authorizationAccessController.getPrivilegesByPrincipal(principal, resource);
}
@Override
public void grantPrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
this.authorizationAccessController.grantPrivileges(principals, privileges);
}
@Override
public void revokePrivileges(List<MPrincipal> principals, List<MPrivilege> privileges) throws SqoopException {
this.authorizationAccessController.revokePrivileges(principals, privileges);
}
/**
* Validator related function
*/
@Override
public void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException {
this.authorizationValidator.checkPrivileges(principal, privileges);
}

3
security/src/main/java/org/apache/sqoop/security/Authorization/DefaultAuthorizationValidator.java
View File

@ -29,6 +29,9 @@ public class DefaultAuthorizationValidator extends AuthorizationValidator {
private static final Logger LOG = Logger.getLogger(DefaultAuthorizationValidator.class);
/**
* Validator related function
*/
public void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException {
LOG.debug("Check privilege in default authorization validator: always valid");
LOG.debug("principal: " + principal.toString());