github/sqoop
5
0
Fork 0
mirror of https://github.com/apache/sqoop.git synced 2025-05-17 09:20:43 +08:00
Code Issues Projects Releases Wiki Activity

SQOOP-2255: Sqoop2: Throw Exception when no permission to the resource

Browse Source 
(Richard Zhou via Abraham Elmahrek)
This commit is contained in:
Abraham Elmahrek 2015-03-25 21:51:54 -07:00
parent 06f6ceceb9
commit 615265db2d
6 changed files with 36 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java
View File

@ -212,6 +212,9 @@ public enum CommonRepositoryError implements ErrorCode {
COMMON_0056("Unable to update USER_ONLY editable config"), COMMON_0056("Unable to update USER_ONLY editable config"),
/** We can't restore specific connector**/
COMMON_0057("Unable to load specific connector"),
; ;
private final String message; private final String message;

4
core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java
View File

@ -35,6 +35,7 @@
import org.apache.sqoop.core.Reconfigurable; import org.apache.sqoop.core.Reconfigurable;
import org.apache.sqoop.core.SqoopConfiguration; import org.apache.sqoop.core.SqoopConfiguration;
import org.apache.sqoop.core.SqoopConfiguration.CoreConfigurationListener; import org.apache.sqoop.core.SqoopConfiguration.CoreConfigurationListener;
import org.apache.sqoop.error.code.CommonRepositoryError;
import org.apache.sqoop.error.code.ConnectorError; import org.apache.sqoop.error.code.ConnectorError;
import org.apache.sqoop.model.MConnector; import org.apache.sqoop.model.MConnector;
import org.apache.sqoop.repository.Repository; import org.apache.sqoop.repository.Repository;
@ -129,7 +130,8 @@ public ResourceBundle getResourceBundle(long connectorId, Locale locale) {
public MConnector getConnectorConfigurable(long connectorId) { public MConnector getConnectorConfigurable(long connectorId) {
ConnectorHandler handler = handlerMap.get(idToNameMap.get(connectorId)); ConnectorHandler handler = handlerMap.get(idToNameMap.get(connectorId));
if (handler == null) { if (handler == null) {
return null; throw new SqoopException(CommonRepositoryError.COMMON_0057, "Couldn't find"
+ " connector with id " + connectorId);
} }
return handler.getConnectorConfigurable(); return handler.getConnectorConfigurable();
} }

18
security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
View File

@ -26,9 +26,12 @@
import org.apache.log4j.Logger; import org.apache.log4j.Logger;
import org.apache.sqoop.common.SqoopException; import org.apache.sqoop.common.SqoopException;
import org.apache.sqoop.model.*; import org.apache.sqoop.model.*;
import org.apache.sqoop.repository.Repository;
import org.apache.sqoop.repository.RepositoryManager;
import org.apache.sqoop.security.AuthorizationHandler; import org.apache.sqoop.security.AuthorizationHandler;
import org.apache.sqoop.security.AuthorizationManager; import org.apache.sqoop.security.AuthorizationManager;
import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Collection; import java.util.Collection;
import java.util.List; import java.util.List;
@ -58,9 +61,20 @@ public boolean apply(T input) {
return Lists.newArrayList(collection); return Lists.newArrayList(collection);
} }
/**
* Connector related function
*/
public static void readConnector(String connectorId) throws SqoopException {
checkPrivilege(getPrivilege(MResource.TYPE.CONNECTOR, connectorId, MPrivilege.ACTION.READ));
}
/** /**
* Link related function * Link related function
*/ */
public static void readLink(String linkId) throws SqoopException {
checkPrivilege(getPrivilege(MResource.TYPE.LINK, linkId, MPrivilege.ACTION.READ));
}
public static void createLink(String connectorId) throws SqoopException { public static void createLink(String connectorId) throws SqoopException {
checkPrivilege(getPrivilege(MResource.TYPE.CONNECTOR, connectorId, MPrivilege.ACTION.READ)); checkPrivilege(getPrivilege(MResource.TYPE.CONNECTOR, connectorId, MPrivilege.ACTION.READ));
} }
@ -82,6 +96,10 @@ public static void enableDisableLink(String linkId) throws SqoopException {
/** /**
* Job related function * Job related function
*/ */
public static void readJob(String jobId) throws SqoopException {
checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.READ));
}
public static void createJob(String linkId1, String linkId2) throws SqoopException { public static void createJob(String linkId1, String linkId2) throws SqoopException {
MPrivilege privilege1 = getPrivilege(MResource.TYPE.LINK, linkId1, MPrivilege.ACTION.READ); MPrivilege privilege1 = getPrivilege(MResource.TYPE.LINK, linkId1, MPrivilege.ACTION.READ);
MPrivilege privilege2 = getPrivilege(MResource.TYPE.LINK, linkId2, MPrivilege.ACTION.READ); MPrivilege privilege2 = getPrivilege(MResource.TYPE.LINK, linkId2, MPrivilege.ACTION.READ);

9
server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
View File

@ -17,8 +17,8 @@
*/ */
package org.apache.sqoop.handler; package org.apache.sqoop.handler;
import java.util.Arrays;
import java.util.HashMap; import java.util.HashMap;
import java.util.LinkedList;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
import java.util.Map; import java.util.Map;
@ -80,19 +80,18 @@ public JsonBean handleEvent(RequestContext ctx) {
// NOTE: connectorId is a fallback for older sqoop clients if any, since we want to primarily use unique conenctorNames // NOTE: connectorId is a fallback for older sqoop clients if any, since we want to primarily use unique conenctorNames
long cId = HandlerUtils.getConnectorIdFromIdentifier(cIdentifier); long cId = HandlerUtils.getConnectorIdFromIdentifier(cIdentifier);
connectors = new LinkedList<MConnector>();
configParamBundles = new HashMap<Long, ResourceBundle>(); configParamBundles = new HashMap<Long, ResourceBundle>();
connectors.add(ConnectorManager.getInstance().getConnectorConfigurable(cId)); MConnector connector = ConnectorManager.getInstance().getConnectorConfigurable(cId);
configParamBundles.put(cId, ConnectorManager.getInstance().getResourceBundle(cId, locale)); configParamBundles.put(cId, ConnectorManager.getInstance().getResourceBundle(cId, locale));
AuditLoggerManager.getInstance().logAuditEvent(ctx.getUserName(), AuditLoggerManager.getInstance().logAuditEvent(ctx.getUserName(),
ctx.getRequest().getRemoteAddr(), "get", "connector", String.valueOf(cIdentifier)); ctx.getRequest().getRemoteAddr(), "get", "connector", String.valueOf(cIdentifier));
// Authorization check // Authorization check
connectors = AuthorizationEngine.filterResource(MResource.TYPE.CONNECTOR, connectors); AuthorizationEngine.readConnector(String.valueOf(connector.getPersistenceId()));
return new ConnectorBean(connectors, configParamBundles); return new ConnectorBean(Arrays.asList(connector), configParamBundles);
} }
} }
} }

10
server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
View File

@ -18,7 +18,7 @@
package org.apache.sqoop.handler; package org.apache.sqoop.handler;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
@ -306,14 +306,12 @@ private JsonBean getJobs(RequestContext ctx) {
ctx.getRequest().getRemoteAddr(), "get", "job", connectorIdentifier); ctx.getRequest().getRemoteAddr(), "get", "job", connectorIdentifier);
long jobId = HandlerUtils.getJobIdFromIdentifier(connectorIdentifier, repository); long jobId = HandlerUtils.getJobIdFromIdentifier(connectorIdentifier, repository);
List<MJob> jobList = new ArrayList<MJob>(); MJob job = repository.findJob(jobId);
// a list of single element
jobList.add(repository.findJob(jobId));
// Authorization check // Authorization check
jobList = AuthorizationEngine.filterResource(MResource.TYPE.JOB, jobList); AuthorizationEngine.readJob(String.valueOf(job.getPersistenceId()));
jobBean = createJobBean(jobList, locale); jobBean = createJobBean(Arrays.asList(job), locale);
} }
return jobBean; return jobBean;
} }

10
server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
View File

@ -18,7 +18,7 @@
package org.apache.sqoop.handler; package org.apache.sqoop.handler;
import java.io.IOException; import java.io.IOException;
import java.util.ArrayList; import java.util.Arrays;
import java.util.List; import java.util.List;
import java.util.Locale; import java.util.Locale;
@ -234,14 +234,12 @@ private JsonBean getLinks(RequestContext ctx) {
ctx.getRequest().getRemoteAddr(), "get", "link", identifier); ctx.getRequest().getRemoteAddr(), "get", "link", identifier);
long linkId = HandlerUtils.getLinkIdFromIdentifier(identifier, repository); long linkId = HandlerUtils.getLinkIdFromIdentifier(identifier, repository);
List<MLink> linkList = new ArrayList<MLink>(); MLink link = repository.findLink(linkId);
// a list of single element
linkList.add(repository.findLink(linkId));
// Authorization check // Authorization check
linkList = AuthorizationEngine.filterResource(MResource.TYPE.LINK, linkList); AuthorizationEngine.readLink(String.valueOf(link.getPersistenceId()));
linkBean = createLinkBean(linkList, locale); linkBean = createLinkBean(Arrays.asList(link), locale);
} }
return linkBean; return linkBean;
} }