http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java index 4887678..cd6f8a1 100644 --- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java +++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java @@ -19,25 +19,34 @@ package org.apache.sentry.provider.common; import java.util.List; import java.util.Set; +import javax.annotation.concurrent.ThreadSafe; + import org.apache.sentry.core.common.Action; +import org.apache.sentry.core.common.ActiveRoleSet; import org.apache.sentry.core.common.Authorizable; import org.apache.sentry.core.common.SentryConfigurationException; import org.apache.sentry.core.common.Subject; +/** + * Implementations of AuthorizationProvider must be threadsafe. + */ +@ThreadSafe public interface AuthorizationProvider { /*** * Returns validate subject privileges on given Authorizable object * * @param subject: UserID to validate privileges - * @param authorizableHierarchy : List of object accroding to namespace hierarchy. + * @param authorizableHierarchy : List of object according to namespace hierarchy. * eg. Server->Db->Table or Server->Function * The privileges will be validated from the higher to lower scope * @param actions : Privileges to validate + * @param roleSet : Roles which should be used when obtaining privileges * @return * True if the subject is authorized to perform requested action on the given object */ - public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy, Set<? extends Action> actions); + public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy, + Set<? extends Action> actions, ActiveRoleSet roleSet); /*** * Get the GroupMappingService used by the AuthorizationProvider @@ -59,7 +68,7 @@ public interface AuthorizationProvider { * @return * @throws SentryConfigurationException */ - public Set<String> listPermissionsForSubject(Subject subject) throws SentryConfigurationException; + public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException; /** * Returns the list privileges for the given group @@ -67,11 +76,11 @@ public interface AuthorizationProvider { * @return * @throws SentryConfigurationException */ - public Set<String> listPermissionsForGroup(String groupName) throws SentryConfigurationException; + public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException; /*** * Returns the list of missing privileges of the last access request * @return */ - public List<String> getLastFailedPermissions(); + public List<String> getLastFailedPrivileges(); }
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java index 226cc88..22371d1 100644 --- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java +++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java @@ -16,15 +16,20 @@ */ package org.apache.sentry.provider.common; -import java.util.List; +import java.util.Set; + +import javax.annotation.concurrent.ThreadSafe; /** * Interface so the Groups class is easier to unit test with. + * Implementations of this class are expected to be thread safe + * after construction. */ +@ThreadSafe public interface GroupMappingService { /** * @return non-null list of groups for user */ - public List<String> getGroups(String user); + public Set<String> getGroups(String user); } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java index 8f18926..ed32224 100644 --- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java +++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java @@ -22,6 +22,7 @@ import java.util.List; import java.util.Set; import org.apache.sentry.core.common.Action; +import org.apache.sentry.core.common.ActiveRoleSet; import org.apache.sentry.core.common.Authorizable; import org.apache.sentry.core.common.SentryConfigurationException; import org.apache.sentry.core.common.Subject; @@ -31,7 +32,7 @@ public class NoAuthorizationProvider implements AuthorizationProvider { @Override public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy, - Set<? extends Action> actions) { + Set<? extends Action> actions, ActiveRoleSet roleSet) { return false; } @@ -46,19 +47,19 @@ public class NoAuthorizationProvider implements AuthorizationProvider { } @Override - public Set<String> listPermissionsForSubject(Subject subject) + public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException { return new HashSet<String>(); } @Override - public Set<String> listPermissionsForGroup(String groupName) + public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException { return new HashSet<String>(); } @Override - public List<String> getLastFailedPermissions() { + public List<String> getLastFailedPrivileges() { return new ArrayList<String>(); } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java index e1bc6d2..e44cbc4 100644 --- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java +++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java @@ -16,8 +16,8 @@ */ package org.apache.sentry.provider.common; -import java.util.LinkedList; -import java.util.List; +import java.util.HashSet; +import java.util.Set; /** * GroupMappingService that always returns an empty list of groups @@ -27,7 +27,7 @@ public class NoGroupMappingService implements GroupMappingService { /** * @return empty list of groups for every user */ - public List<String> getGroups(String user) { - return new LinkedList<String>(); + public Set<String> getGroups(String user) { + return new HashSet<String>(); } } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java index 327a3a5..6d6da25 100644 --- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java +++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java @@ -16,31 +16,44 @@ */ package org.apache.sentry.provider.common; -import javax.annotation.Nullable; +import java.util.Set; -import java.util.List; +import javax.annotation.concurrent.ThreadSafe; +import org.apache.sentry.core.common.ActiveRoleSet; import org.apache.sentry.core.common.SentryConfigurationException; -import org.apache.sentry.policy.common.RoleValidator; import com.google.common.collect.ImmutableSet; /** - * Interface for getting roles from a specific provider backend. + * Interface for getting roles from a specific provider backend. Implementations + * are expected to be thread safe after initialize() has + * been called. */ +@ThreadSafe public interface ProviderBackend { + /** - * Process roles from the backend. Checks the validity of each role - * by running it through each validator passed via validators. + * Set the privilege validators to be used on the backend. This is required + * because the Backend must be created before the policy engine and only the + * policy engine knows the validators. Ideally we could change but since + * both the policy engine and backend are exposed via configuration properties + * that would be backwards incompatible. + * @param validators */ - public void process(List<? extends RoleValidator> validators); + public void initialize(ProviderBackendContext context); /** - * Get the roles from the backend. Requires that process(...) is invoked at - * least once prior. + * Get the privileges from the backend. */ - public Roles getRoles(); + public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet roleSet); - public void validatePolicy(List<? extends RoleValidator> validators, boolean strictValidation) - throws SentryConfigurationException; + /** + * If strictValidation is true then an error is thrown for warnings + * as well as errors. + * + * @param strictValidation + * @throws SentryConfigurationException + */ + public void validatePolicy(boolean strictValidation) throws SentryConfigurationException; } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java new file mode 100644 index 0000000..f45d23d --- /dev/null +++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java @@ -0,0 +1,50 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.sentry.provider.common; + +import org.apache.sentry.policy.common.PrivilegeValidator; + +import com.google.common.collect.ImmutableList; + +public class ProviderBackendContext { + + private boolean allowPerDatabase; + private ImmutableList<PrivilegeValidator> validators; + + public ProviderBackendContext() { + validators = ImmutableList.of(); + } + + public boolean isAllowPerDatabase() { + return allowPerDatabase; + } + + public void setAllowPerDatabase(boolean allowPerDatabase) { + this.allowPerDatabase = allowPerDatabase; + } + + public ImmutableList<PrivilegeValidator> getValidators() { + return validators; + } + + public void setValidators(ImmutableList<PrivilegeValidator> validators) { + if (validators == null) { + validators = ImmutableList.of(); + } + this.validators = validators; + } +} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java deleted file mode 100644 index a8f36a3..0000000 --- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.sentry.provider.common; - -import javax.annotation.Nullable; - -import com.google.common.collect.ImmutableMap; -import com.google.common.collect.ImmutableSet; -import com.google.common.collect.ImmutableSetMultimap; - -/** - * Class providing storage of roles - */ -public class Roles { - private final ImmutableSetMultimap<String, String> globalRoles; - private final ImmutableMap<String, ImmutableSetMultimap<String, String>> perDatabaseRoles; - - public Roles() { - this(ImmutableSetMultimap.<String, String>of(), - ImmutableMap.<String, ImmutableSetMultimap<String, String>>of()); - } - - public Roles(ImmutableSetMultimap<String, String> globalRoles, - ImmutableMap<String, ImmutableSetMultimap<String, String>> perDatabaseRoles) { - this.globalRoles = globalRoles; - this.perDatabaseRoles = perDatabaseRoles; - } - - public ImmutableSetMultimap<String, String> getGlobalRoles() { - return globalRoles; - } - - public ImmutableMap<String, ImmutableSetMultimap<String, String>> getPerDatabaseRoles() { - return perDatabaseRoles; - } -} http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java index 806b42e..1e885f4 100644 --- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java +++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java @@ -17,14 +17,13 @@ package org.apache.sentry.provider.common; import java.util.Collection; -import java.util.List; +import java.util.Set; -import org.apache.sentry.provider.common.GroupMappingService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import com.google.common.collect.Lists; import com.google.common.collect.Multimap; +import com.google.common.collect.Sets; public class MockGroupMappingServiceProvider implements GroupMappingService { private static final Logger LOGGER = LoggerFactory @@ -36,10 +35,10 @@ public class MockGroupMappingServiceProvider implements GroupMappingService { } @Override - public List<String> getGroups(String user) { + public Set<String> getGroups(String user) { Collection<String> groups = userToGroupMap.get(user); LOGGER.info("Mapping " + user + " to " + groups); - return Lists.newArrayList(groups); + return Sets.newHashSet(groups); } } http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java index 3f48f49..fe01b06 100644 --- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java +++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java @@ -16,11 +16,11 @@ */ package org.apache.sentry.provider.common; -import org.junit.Test; - import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; +import org.junit.Test; + /** * Tests around the NoAuthorizationProvider */ @@ -29,7 +29,7 @@ public class TestNoAuthorizationProvider { @Test public void testNoAuthorizationProvider() { NoAuthorizationProvider nap = new NoAuthorizationProvider(); - assertFalse(nap.hasAccess(null, null, null)); + assertFalse(nap.hasAccess(null, null, null, null)); GroupMappingService gms = nap.getGroupMapping(); assertEquals(gms.getGroups(null).size(), 0); http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-db/.gitignore ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/.gitignore b/sentry-provider/sentry-provider-db/.gitignore new file mode 100644 index 0000000..55b8677 --- /dev/null +++ b/sentry-provider/sentry-provider-db/.gitignore @@ -0,0 +1 @@ +sentry_policy_db http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-db/pom.xml ---------------------------------------------------------------------- diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml new file mode 100644 index 0000000..aa511c8 --- /dev/null +++ b/sentry-provider/sentry-provider-db/pom.xml @@ -0,0 +1,243 @@ +<?xml version="1.0"?> +<!-- +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the "License"); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +--> +<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"; xmlns="http://maven.apache.org/POM/4.0.0"; + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache.sentry</groupId> + <artifactId>sentry-provider</artifactId> + <version>1.3.0-incubating-SNAPSHOT</version> + </parent> + + <artifactId>sentry-provider-db</artifactId> + <name>Sentry Provider DB</name> + + <dependencies> + <dependency> + <groupId>commons-cli</groupId> + <artifactId>commons-cli</artifactId> + </dependency> + <dependency> + <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-common</artifactId> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.apache.derby</groupId> + <artifactId>derby</artifactId> + </dependency> + <dependency> + <groupId>log4j</groupId> + <artifactId>log4j</artifactId> + </dependency> + <dependency> + <groupId>org.apache.shiro</groupId> + <artifactId>shiro-core</artifactId> + </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-api</artifactId> + </dependency> + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + </dependency> + <dependency> + <groupId>org.apache.sentry</groupId> + <artifactId>sentry-core-common</artifactId> + </dependency> + <dependency> + <groupId>org.apache.sentry</groupId> + <artifactId>sentry-provider-common</artifactId> + </dependency> + <dependency> + <groupId>org.apache.hive</groupId> + <artifactId>hive-metastore</artifactId> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.hive</groupId> + <artifactId>hive-shims</artifactId> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.thrift</groupId> + <artifactId>libfb303</artifactId> + </dependency> + <dependency> + <groupId>org.apache.thrift</groupId> + <artifactId>libthrift</artifactId> + </dependency> + <dependency> + <groupId>ant-contrib</groupId> + <artifactId>ant-contrib</artifactId> + </dependency> + <dependency> + <groupId>org.apache.hadoop</groupId> + <artifactId>hadoop-minikdc</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </dependency> + <dependency> + <groupId>javax.jdo</groupId> + <artifactId>jdo-api</artifactId> + </dependency> + <dependency> + <groupId>org.datanucleus</groupId> + <artifactId>datanucleus-core</artifactId> + </dependency> + <dependency> + <groupId>org.datanucleus</groupId> + <artifactId>datanucleus-api-jdo</artifactId> + </dependency> + <dependency> + <groupId>org.datanucleus</groupId> + <artifactId>datanucleus-rdbms</artifactId> + </dependency> + <dependency> + <groupId>org.mockito</groupId> + <artifactId>mockito-all</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + + <build> + <sourceDirectory>${basedir}/src/main/java</sourceDirectory> + <testSourceDirectory>${basedir}/src/test/java</testSourceDirectory> + <resources> + <resource> + <directory>${basedir}/src/main/java/org/apache/sentry/provider/db/service/model</directory> + <includes> + <include>package.jdo</include> + </includes> + </resource> + </resources> + <plugins> + <plugin> + <groupId>org.codehaus.mojo</groupId> + <artifactId>build-helper-maven-plugin</artifactId> + <executions> + <execution> + <id>add-source</id> + <phase>generate-sources</phase> + <goals> + <goal>add-source</goal> + </goals> + <configuration> + <sources> + <source>src/gen/thrift/gen-javabean</source> + </sources> + </configuration> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.datanucleus</groupId> + <artifactId>datanucleus-maven-plugin</artifactId> + <configuration> + <api>JDO</api> + <metadataIncludes>**/*.jdo</metadataIncludes> + <verbose>true</verbose> + </configuration> + <executions> + <execution> + <phase>process-classes</phase> + <goals> + <goal>enhance</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + <profiles> + <profile> + <id>thriftif</id> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-antrun-plugin</artifactId> + <executions> + <execution> + <id>generate-thrift-sources</id> + <phase>generate-sources</phase> + <configuration> + <target> + <taskdef name="for" classname="net.sf.antcontrib.logic.ForTask" + classpathref="maven.plugin.classpath" /> + <property name="thrift.args" value="-I ${thrift.home} --gen java:beans,hashcode"/> + <property name="thrift.gen.dir" value="${basedir}/src/gen/thrift"/> + <delete dir="${thrift.gen.dir}"/> + <mkdir dir="${thrift.gen.dir}"/> + <for param="thrift.file"> + <path> + <fileset dir="${basedir}/src/main/resources/" includes="**/*.thrift" /> + </path> + <sequential> + <echo message="Generating Thrift code for @{thrift.file}"/> + <exec executable="${thrift.home}/bin/thrift" failonerror="true" dir="."> + <arg line="${thrift.args} -I ${basedir}/src/main/resources/ -o ${thrift.gen.dir} @{thrift.file} " /> + </exec> + </sequential> + </for> + </target> + </configuration> + <goals> + <goal>run</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-enforcer-plugin</artifactId> + <executions> + <execution> + <id>enforce-property</id> + <goals> + <goal>enforce</goal> + </goals> + <configuration> + <rules> + <requireProperty> + <property>thrift.home</property> + </requireProperty> + </rules> + <fail>true</fail> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> + </profile> + </profiles> + +</project>
