sentry git commit: SENTRY-1361: Refactor revokePrivilege of Sentry Client (Ke Jia via Dapeng Sun)
Repository: sentry Updated Branches: refs/heads/sentry-ha-redesign 62b002321 -> b850bbb0c SENTRY-1361: Refactor revokePrivilege of Sentry Client (Ke Jia via Dapeng Sun) Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/b850bbb0 Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/b850bbb0 Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/b850bbb0 Branch: refs/heads/sentry-ha-redesign Commit: b850bbb0c079922d34302b514bc2b0dc17a44482 Parents: 62b0023 Author: Alexander Kolbasov Authored: Fri Mar 10 17:53:02 2017 -0800 Committer: Alexander Kolbasov Committed: Fri Mar 10 17:53:02 2017 -0800 -- .../thrift/SentryPolicyServiceClient.java | 6 +++ .../SentryPolicyServiceClientDefaultImpl.java | 40 ++-- .../hive/RevokePrivilegeFromRoleCmd.java| 22 +-- 3 files changed, 36 insertions(+), 32 deletions(-) -- http://git-wip-us.apache.org/repos/asf/sentry/blob/b850bbb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java -- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java index 1e72b74..8949667 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java @@ -145,6 +145,12 @@ public interface SentryPolicyServiceClient { String db, String table, List columns, String action, Boolean grantOption) throws SentryUserException; + void revokePrivileges(String requestorUserName, String roleName, Set privileges) + throws SentryUserException; + + void revokePrivilege(String requestorUserName, String roleName, TSentryPrivilege privilege) + throws SentryUserException; + Set listPrivilegesForProvider(Set groups, Set users, ActiveRoleSet roleSet, Authorizable... authorizable) throws SentryUserException; http://git-wip-us.apache.org/repos/asf/sentry/blob/b850bbb0/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java -- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java index 2dc8af8..5bca574 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java @@ -613,6 +613,34 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService } } + public synchronized void revokePrivileges(String requestorUserName, String roleName, Set privileges) throws SentryUserException { +this.revokePrivilegesCore(requestorUserName, roleName, privileges); + } + + public synchronized void revokePrivilege(String requestorUserName, String roleName, TSentryPrivilege privilege) throws SentryUserException { +this.revokePrivilegeCore(requestorUserName, roleName, privilege); + + } + + private void revokePrivilegeCore(String requestorUserName, String roleName, TSentryPrivilege privilege) throws SentryUserException { +this.revokePrivilegesCore(requestorUserName, roleName, ImmutableSet.of(privilege)); + } + + private void revokePrivilegesCore(String requestorUserName, String roleName, Set privileges) throws SentryUserException { +TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest(); + request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); +request.setRequestorUserName(requestorUserName); +request.setRoleName(roleName); +request.setPrivileges(privileges); +try { + TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege( + request); + Status.throwIfNotOk(response.getStatus()); +} catch (TException e) { + throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); +} + } + public synchronized void revokeURIPrivilege(String requestorUserName, String roleName, String server,
[2/2] sentry git commit: SENTRY-1361: Refactor revokePrivilege of Sentry Client (Ke Jia via Dapeng Sun)
SENTRY-1361: Refactor revokePrivilege of Sentry Client (Ke Jia via Dapeng Sun) Project: http://git-wip-us.apache.org/repos/asf/sentry/repo Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/6fbff11f Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/6fbff11f Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/6fbff11f Branch: refs/heads/master Commit: 6fbff11fa45d8962fda706c8a823909f71ef1f2c Parents: 79659ad Author: Sun Dapeng Authored: Wed Jun 29 14:41:44 2016 +0800 Committer: Sun Dapeng Committed: Wed Jun 29 14:41:44 2016 +0800 -- .../thrift/SentryPolicyServiceClient.java | 6 +++ .../SentryPolicyServiceClientDefaultImpl.java | 40 ++-- .../hive/RevokePrivilegeFromRoleCmd.java| 22 +-- 3 files changed, 36 insertions(+), 32 deletions(-) -- http://git-wip-us.apache.org/repos/asf/sentry/blob/6fbff11f/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java -- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java index 8afa28b..c2b03e5 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java @@ -152,6 +152,12 @@ public interface SentryPolicyServiceClient { String db, String table, List columns, String action, Boolean grantOption) throws SentryUserException; + void revokePrivileges(String requestorUserName, String roleName, Set privileges) + throws SentryUserException; + + void revokePrivilege(String requestorUserName, String roleName, TSentryPrivilege privilege) + throws SentryUserException; + Set listPrivilegesForProvider(Set groups, Set users, ActiveRoleSet roleSet, Authorizable... authorizable) throws SentryUserException; http://git-wip-us.apache.org/repos/asf/sentry/blob/6fbff11f/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java -- diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java index 25d515b..9a28eae 100644 --- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java +++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClientDefaultImpl.java @@ -532,6 +532,34 @@ public class SentryPolicyServiceClientDefaultImpl implements SentryPolicyService return grantPrivilegesCore(requestorUserName, roleName, privileges); } + public synchronized void revokePrivileges(String requestorUserName, String roleName, Set privileges) throws SentryUserException { +this.revokePrivilegesCore(requestorUserName, roleName, privileges); + } + + public synchronized void revokePrivilege(String requestorUserName, String roleName, TSentryPrivilege privilege) throws SentryUserException { +this.revokePrivilegeCore(requestorUserName, roleName, privilege); + + } + + private void revokePrivilegeCore(String requestorUserName, String roleName, TSentryPrivilege privilege) throws SentryUserException { +this.revokePrivilegesCore(requestorUserName, roleName, ImmutableSet.of(privilege)); + } + + private void revokePrivilegesCore(String requestorUserName, String roleName, Set privileges) throws SentryUserException { +TAlterSentryRoleRevokePrivilegeRequest request = new TAlterSentryRoleRevokePrivilegeRequest(); + request.setProtocol_version(ThriftConstants.TSENTRY_SERVICE_VERSION_CURRENT); +request.setRequestorUserName(requestorUserName); +request.setRoleName(roleName); +request.setPrivileges(privileges); +try { + TAlterSentryRoleRevokePrivilegeResponse response = client.alter_sentry_role_revoke_privilege( + request); + Status.throwIfNotOk(response.getStatus()); +} catch (TException e) { + throw new SentryUserException(THRIFT_EXCEPTION_MESSAGE, e); +} + } + public synchronized void revokeURIPrivilege(String requestorUserName, String roleName, String server, String uri) throws SentryUserException { @@ -663,19