accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ctubb...@apache.org
Subject [3/4] ACCUMULO-391 Use more accurate "InputTableConfig" term
Date Thu, 24 Oct 2013 23:04:40 GMT
http://git-wip-us.apache.org/repos/asf/accumulo/blob/61353d1e/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
b/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
index 670a764..19d107b 100644
--- a/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
+++ b/server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
@@ -44,7 +44,6 @@ import org.apache.accumulo.core.security.TablePermission;
 import org.apache.accumulo.core.security.thrift.TCredentials;
 import org.apache.accumulo.server.client.HdfsZooInstance;
 import org.apache.accumulo.server.conf.ServerConfiguration;
-import org.apache.accumulo.server.master.Master;
 import org.apache.accumulo.server.security.handler.Authenticator;
 import org.apache.accumulo.server.security.handler.Authorizor;
 import org.apache.accumulo.server.security.handler.PermissionHandler;
@@ -60,21 +59,21 @@ import org.apache.log4j.Logger;
  */
 public class SecurityOperation {
   private static final Logger log = Logger.getLogger(SecurityOperationsImpl.class);
-  
+
   protected Authorizor authorizor;
   protected Authenticator authenticator;
   protected PermissionHandler permHandle;
   private static String rootUserName = null;
   private final ZooCache zooCache;
   private final String ZKUserPath;
-  
+
   protected static SecurityOperation instance;
-  
+
   public static synchronized SecurityOperation getInstance() {
     String instanceId = HdfsZooInstance.getInstance().getInstanceID();
     return getInstance(instanceId, false);
   }
-  
+
   public static synchronized SecurityOperation getInstance(String instanceId, boolean initialize)
{
     if (instance == null) {
       instance = new SecurityOperation(getAuthorizor(instanceId, initialize), getAuthenticator(instanceId,
initialize), getPermHandler(instanceId, initialize),
@@ -82,48 +81,51 @@ public class SecurityOperation {
     }
     return instance;
   }
-  
+
   protected static Authorizor getAuthorizor(String instanceId, boolean initialize) {
-    Authorizor toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(),
Property.INSTANCE_SECURITY_AUTHORIZOR, Authorizor.class, ZKAuthorizor.getInstance());
+    Authorizor toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(),
Property.INSTANCE_SECURITY_AUTHORIZOR,
+        Authorizor.class, ZKAuthorizor.getInstance());
     toRet.initialize(instanceId, initialize);
     return toRet;
   }
-  
+
   protected static Authenticator getAuthenticator(String instanceId, boolean initialize)
{
-    Authenticator toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(),
Property.INSTANCE_SECURITY_AUTHENTICATOR, Authenticator.class, ZKAuthenticator.getInstance());
+    Authenticator toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(),
Property.INSTANCE_SECURITY_AUTHENTICATOR,
+        Authenticator.class, ZKAuthenticator.getInstance());
     toRet.initialize(instanceId, initialize);
     return toRet;
   }
-  
+
   protected static PermissionHandler getPermHandler(String instanceId, boolean initialize)
{
-    PermissionHandler toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(),
Property.INSTANCE_SECURITY_PERMISSION_HANDLER, PermissionHandler.class, ZKPermHandler.getInstance());
+    PermissionHandler toRet = Property.createInstanceFromPropertyName(ServerConfiguration.getSiteConfiguration(),
+        Property.INSTANCE_SECURITY_PERMISSION_HANDLER, PermissionHandler.class, ZKPermHandler.getInstance());
     toRet.initialize(instanceId, initialize);
     return toRet;
   }
-  
+
   protected SecurityOperation(String instanceId) {
     ZKUserPath = Constants.ZROOT + "/" + instanceId + "/users";
     zooCache = new ZooCache();
   }
-  
+
   public SecurityOperation(Authorizor author, Authenticator authent, PermissionHandler pm,
String instanceId) {
     this(instanceId);
     authorizor = author;
     authenticator = authent;
     permHandle = pm;
-    
+
     if (!authorizor.validSecurityHandlers(authenticator, pm) || !authenticator.validSecurityHandlers(authorizor,
pm)
         || !permHandle.validSecurityHandlers(authent, author))
       throw new RuntimeException(authorizor + ", " + authenticator + ", and " + pm
           + " do not play nice with eachother. Please choose authentication and authorization
mechanisms that are compatible with one another.");
   }
-  
+
   public void initializeSecurity(TCredentials credentials, String rootPrincipal, byte[] token)
throws AccumuloSecurityException, ThriftSecurityException {
     authenticate(credentials);
-    
+
     if (!isSystemUser(credentials))
       throw new AccumuloSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     authenticator.initializeSecurity(credentials, rootPrincipal, token);
     authorizor.initializeSecurity(credentials, rootPrincipal);
     permHandle.initializeSecurity(credentials, rootPrincipal);
@@ -134,21 +136,21 @@ public class SecurityOperation {
       throw new RuntimeException(e);
     }
   }
-  
+
   public synchronized String getRootUsername() {
     if (rootUserName == null)
       rootUserName = new String(zooCache.get(ZKUserPath));
     return rootUserName;
   }
-  
+
   public boolean isSystemUser(TCredentials credentials) {
     return SystemCredentials.get().getToken().getClass().getName().equals(credentials.getTokenClassName());
   }
-  
+
   private void authenticate(TCredentials credentials) throws ThriftSecurityException {
     if (!credentials.getInstanceId().equals(HdfsZooInstance.getInstance().getInstanceID()))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.INVALID_INSTANCEID);
-    
+
     if (isSystemUser(credentials)) {
       authenticateSystemUser(credentials);
     } else {
@@ -163,19 +165,19 @@ public class SecurityOperation {
       }
     }
   }
-  
+
   private void authenticateSystemUser(TCredentials credentials) throws ThriftSecurityException
{
     if (SystemCredentials.get().getToken().equals(credentials.getToken()))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.BAD_CREDENTIALS);
   }
-  
+
   public boolean canAskAboutUser(TCredentials credentials, String user) throws ThriftSecurityException
{
     // Authentication done in canPerformSystemActions
     if (!(canPerformSystemActions(credentials) || credentials.getPrincipal().equals(user)))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
     return true;
   }
-  
+
   public boolean authenticateUser(TCredentials credentials, TCredentials toAuth) throws ThriftSecurityException
{
     canAskAboutUser(credentials, toAuth.getPrincipal());
     // User is already authenticated from canAskAboutUser
@@ -188,7 +190,7 @@ public class SecurityOperation {
       throw e.asThriftException();
     }
   }
-  
+
   private AuthenticationToken reassembleToken(TCredentials toAuth) throws AccumuloSecurityException
{
     String tokenClass = toAuth.getTokenClassName();
     if (authenticator.validTokenClass(tokenClass)) {
@@ -196,22 +198,22 @@ public class SecurityOperation {
     }
     throw new AccumuloSecurityException(toAuth.getPrincipal(), SecurityErrorCode.INVALID_TOKEN);
   }
-  
+
   public Authorizations getUserAuthorizations(TCredentials credentials, String user) throws
ThriftSecurityException {
     authenticate(credentials);
-    
+
     targetUserExists(user);
-    
+
     if (!credentials.getPrincipal().equals(user) && !hasSystemPermission(credentials,
SystemPermission.SYSTEM, false))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     try {
       return authorizor.getCachedUserAuthorizations(user);
     } catch (AccumuloSecurityException e) {
       throw e.asThriftException();
     }
   }
-  
+
   public Authorizations getUserAuthorizations(TCredentials credentials) throws ThriftSecurityException
{
     // system user doesn't need record-level authorizations for the tables it reads
     if (isSystemUser(credentials)) {
@@ -220,7 +222,7 @@ public class SecurityOperation {
     }
     return getUserAuthorizations(credentials, credentials.getPrincipal());
   }
-  
+
   /**
    * Checks if a user has a system permission
    * 
@@ -231,7 +233,7 @@ public class SecurityOperation {
       return true;
     return _hasSystemPermission(credentials.getPrincipal(), permission, useCached);
   }
-  
+
   /**
    * Checks if a user has a system permission<br/>
    * This cannot check if a system user has permission.
@@ -241,9 +243,9 @@ public class SecurityOperation {
   private boolean _hasSystemPermission(String user, SystemPermission permission, boolean
useCached) throws ThriftSecurityException {
     if (user.equals(getRootUsername()))
       return true;
-    
+
     targetUserExists(user);
-    
+
     try {
       if (useCached)
         return permHandle.hasCachedSystemPermission(user, permission);
@@ -252,7 +254,7 @@ public class SecurityOperation {
       throw e.asThriftException();
     }
   }
-  
+
   /**
    * Checks if a user has a table permission
    * 
@@ -263,7 +265,7 @@ public class SecurityOperation {
       return true;
     return _hasTablePermission(credentials.getPrincipal(), table, permission, useCached);
   }
-  
+
   /**
    * Checks if a user has a table permission<br/>
    * This cannot check if a system user has permission.
@@ -272,10 +274,10 @@ public class SecurityOperation {
    */
   protected boolean _hasTablePermission(String user, String table, TablePermission permission,
boolean useCached) throws ThriftSecurityException {
     targetUserExists(user);
-    
+
     if ((table.equals(MetadataTable.ID) || table.equals(RootTable.ID)) && permission.equals(TablePermission.READ))
       return true;
-    
+
     try {
       if (useCached)
         return permHandle.hasCachedTablePermission(user, table, permission);
@@ -286,7 +288,7 @@ public class SecurityOperation {
       throw new ThriftSecurityException(user, SecurityErrorCode.TABLE_DOESNT_EXIST);
     }
   }
-  
+
   // some people just aren't allowed to ask about other users; here are those who can ask
   private boolean canAskAboutOtherUsers(TCredentials credentials, String user) throws ThriftSecurityException
{
     authenticate(credentials);
@@ -294,7 +296,7 @@ public class SecurityOperation {
         || hasSystemPermission(credentials, SystemPermission.CREATE_USER, false) || hasSystemPermission(credentials,
SystemPermission.ALTER_USER, false)
         || hasSystemPermission(credentials, SystemPermission.DROP_USER, false);
   }
-  
+
   private void targetUserExists(String user) throws ThriftSecurityException {
     if (user.equals(getRootUsername()))
       return;
@@ -305,40 +307,40 @@ public class SecurityOperation {
       throw e.asThriftException();
     }
   }
-  
+
   public boolean canScan(TCredentials credentials, String table) throws ThriftSecurityException
{
     authenticate(credentials);
     return hasTablePermission(credentials, table, TablePermission.READ, true);
   }
-  
+
   public boolean canScan(TCredentials credentials, String table, TRange range, List<TColumn>
columns, List<IterInfo> ssiList,
       Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations)
throws ThriftSecurityException {
     return canScan(credentials, table);
   }
-  
+
   public boolean canScan(TCredentials credentials, String table, Map<TKeyExtent,List<TRange>>
tbatch, List<TColumn> tcolumns, List<IterInfo> ssiList,
       Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations)
throws ThriftSecurityException {
     return canScan(credentials, table);
   }
-  
+
   public boolean canWrite(TCredentials credentials, String table) throws ThriftSecurityException
{
     authenticate(credentials);
     return hasTablePermission(credentials, table, TablePermission.WRITE, true);
   }
-  
+
   public boolean canConditionallyUpdate(TCredentials credentials, String tableID, List<ByteBuffer>
authorizations) throws ThriftSecurityException {
-    
+
     authenticate(credentials);
-    
+
     return hasTablePermission(credentials, tableID, TablePermission.WRITE, true) &&
hasTablePermission(credentials, tableID, TablePermission.READ, true);
   }
-  
+
   public boolean canSplitTablet(TCredentials credentials, String table) throws ThriftSecurityException
{
     authenticate(credentials);
     return hasSystemPermission(credentials, SystemPermission.ALTER_TABLE, false) || hasSystemPermission(credentials,
SystemPermission.SYSTEM, false)
         || hasTablePermission(credentials, table, TablePermission.ALTER_TABLE, false);
   }
-  
+
   /**
    * This is the check to perform any system action. This includes tserver's loading of a
tablet, shutting the system down, or altering system properties.
    */
@@ -346,95 +348,95 @@ public class SecurityOperation {
     authenticate(credentials);
     return hasSystemPermission(credentials, SystemPermission.SYSTEM, false);
   }
-  
+
   public boolean canFlush(TCredentials c, String tableId) throws ThriftSecurityException
{
     authenticate(c);
     return hasTablePermission(c, tableId, TablePermission.WRITE, false) || hasTablePermission(c,
tableId, TablePermission.ALTER_TABLE, false);
   }
-  
+
   public boolean canAlterTable(TCredentials c, String tableId) throws ThriftSecurityException
{
     authenticate(c);
     return hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false) || hasSystemPermission(c,
SystemPermission.ALTER_TABLE, false);
   }
-  
+
   public boolean canCreateTable(TCredentials c, String tableName) throws ThriftSecurityException
{
     return canCreateTable(c);
   }
-  
+
   public boolean canCreateTable(TCredentials c) throws ThriftSecurityException {
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.CREATE_TABLE, false);
   }
-  
+
   public boolean canRenameTable(TCredentials c, String tableId, String oldTableName, String
newTableName) throws ThriftSecurityException {
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c,
tableId, TablePermission.ALTER_TABLE, false);
   }
-  
+
   public boolean canCloneTable(TCredentials c, String tableId, String tableName) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.CREATE_TABLE, false) && hasTablePermission(c,
tableId, TablePermission.READ, false);
   }
-  
+
   public boolean canDeleteTable(TCredentials c, String tableId) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.DROP_TABLE, false) || hasTablePermission(c,
tableId, TablePermission.DROP_TABLE, false);
   }
-  
+
   public boolean canOnlineOfflineTable(TCredentials c, String tableId, TableOperation op)
throws ThriftSecurityException {
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.SYSTEM, false) || hasSystemPermission(c,
SystemPermission.ALTER_TABLE, false)
         || hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false);
   }
-  
+
   public boolean canMerge(TCredentials c, String tableId) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.SYSTEM, false) || hasSystemPermission(c,
SystemPermission.ALTER_TABLE, false)
         || hasTablePermission(c, tableId, TablePermission.ALTER_TABLE, false);
   }
-  
+
   public boolean canDeleteRange(TCredentials c, String tableId, String tableName, Text startRow,
Text endRow) throws ThriftSecurityException {
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.SYSTEM, false) || hasTablePermission(c,
tableId, TablePermission.WRITE, false);
   }
-  
+
   public boolean canBulkImport(TCredentials c, String tableId, String tableName, String dir,
String failDir) throws ThriftSecurityException {
     return canBulkImport(c, tableId);
   }
-  
+
   public boolean canBulkImport(TCredentials c, String tableId) throws ThriftSecurityException
{
     authenticate(c);
     return hasTablePermission(c, tableId, TablePermission.BULK_IMPORT, false);
   }
-  
+
   public boolean canCompact(TCredentials c, String tableId) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c,
tableId, TablePermission.ALTER_TABLE, false)
         || hasTablePermission(c, tableId, TablePermission.WRITE, false);
   }
-  
+
   public boolean canChangeAuthorizations(TCredentials c, String user) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.ALTER_USER, false);
   }
-  
+
   public boolean canChangePassword(TCredentials c, String user) throws ThriftSecurityException
{
     authenticate(c);
     return c.getPrincipal().equals(user) || hasSystemPermission(c, SystemPermission.ALTER_USER,
false);
   }
-  
+
   public boolean canCreateUser(TCredentials c, String user) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.CREATE_USER, false);
   }
-  
+
   public boolean canDropUser(TCredentials c, String user) throws ThriftSecurityException
{
     authenticate(c);
     if (user.equals(getRootUsername()))
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
     return hasSystemPermission(c, SystemPermission.DROP_USER, false);
   }
-  
+
   public boolean canGrantSystem(TCredentials c, String user, SystemPermission sysPerm) throws
ThriftSecurityException {
     authenticate(c);
     // can't grant GRANT
@@ -442,36 +444,36 @@ public class SecurityOperation {
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID);
     return hasSystemPermission(c, SystemPermission.GRANT, false);
   }
-  
+
   public boolean canGrantTable(TCredentials c, String user, String table) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c,
table, TablePermission.GRANT, false);
   }
-  
+
   public boolean canRevokeSystem(TCredentials c, String user, SystemPermission sysPerm) throws
ThriftSecurityException {
     authenticate(c);
     // can't modify root user
     if (user.equals(getRootUsername()))
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     // can't revoke GRANT
     if (sysPerm.equals(SystemPermission.GRANT))
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.GRANT_INVALID);
-    
+
     return hasSystemPermission(c, SystemPermission.GRANT, false);
   }
-  
+
   public boolean canRevokeTable(TCredentials c, String user, String table) throws ThriftSecurityException
{
     authenticate(c);
     return hasSystemPermission(c, SystemPermission.ALTER_TABLE, false) || hasTablePermission(c,
table, TablePermission.GRANT, false);
   }
-  
+
   public void changeAuthorizations(TCredentials credentials, String user, Authorizations
authorizations) throws ThriftSecurityException {
     if (!canChangeAuthorizations(credentials, user))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     targetUserExists(user);
-    
+
     try {
       authorizor.changeAuthorizations(user, authorizations);
       log.info("Changed authorizations for user " + user + " at the request of user " + credentials.getPrincipal());
@@ -479,7 +481,7 @@ public class SecurityOperation {
       throw ase.asThriftException();
     }
   }
-  
+
   public void changePassword(TCredentials credentials, Credentials toChange) throws ThriftSecurityException
{
     if (!canChangePassword(credentials, toChange.getPrincipal()))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
@@ -491,7 +493,7 @@ public class SecurityOperation {
       throw e.asThriftException();
     }
   }
-  
+
   public void createUser(TCredentials credentials, Credentials newUser, Authorizations authorizations)
throws ThriftSecurityException {
     if (!canCreateUser(credentials, newUser.getPrincipal()))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
@@ -507,7 +509,7 @@ public class SecurityOperation {
       throw ase.asThriftException();
     }
   }
-  
+
   public void dropUser(TCredentials credentials, String user) throws ThriftSecurityException
{
     if (!canDropUser(credentials, user))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
@@ -520,13 +522,13 @@ public class SecurityOperation {
       throw e.asThriftException();
     }
   }
-  
+
   public void grantSystemPermission(TCredentials credentials, String user, SystemPermission
permissionById) throws ThriftSecurityException {
     if (!canGrantSystem(credentials, user, permissionById))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     targetUserExists(user);
-    
+
     try {
       permHandle.grantSystemPermission(user, permissionById);
       log.info("Granted system permission " + permissionById + " for user " + user + " at
the request of user " + credentials.getPrincipal());
@@ -534,13 +536,13 @@ public class SecurityOperation {
       throw e.asThriftException();
     }
   }
-  
+
   public void grantTablePermission(TCredentials c, String user, String tableId, TablePermission
permission) throws ThriftSecurityException {
     if (!canGrantTable(c, user, tableId))
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     targetUserExists(user);
-    
+
     try {
       permHandle.grantTablePermission(user, tableId, permission);
       log.info("Granted table permission " + permission + " for user " + user + " on the
table " + tableId + " at the request of user " + c.getPrincipal());
@@ -550,51 +552,51 @@ public class SecurityOperation {
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST);
     }
   }
-  
+
   public void revokeSystemPermission(TCredentials credentials, String user, SystemPermission
permission) throws ThriftSecurityException {
     if (!canRevokeSystem(credentials, user, permission))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     targetUserExists(user);
-    
+
     try {
       permHandle.revokeSystemPermission(user, permission);
       log.info("Revoked system permission " + permission + " for user " + user + " at the
request of user " + credentials.getPrincipal());
-      
+
     } catch (AccumuloSecurityException e) {
       throw e.asThriftException();
     }
   }
-  
+
   public void revokeTablePermission(TCredentials c, String user, String tableId, TablePermission
permission) throws ThriftSecurityException {
     if (!canRevokeTable(c, user, tableId))
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
-    
+
     targetUserExists(user);
-    
+
     try {
       permHandle.revokeTablePermission(user, tableId, permission);
       log.info("Revoked table permission " + permission + " for user " + user + " on the
table " + tableId + " at the request of user " + c.getPrincipal());
-      
+
     } catch (AccumuloSecurityException e) {
       throw e.asThriftException();
     } catch (TableNotFoundException e) {
       throw new ThriftSecurityException(c.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST);
     }
   }
-  
+
   public boolean hasSystemPermission(TCredentials credentials, String user, SystemPermission
permissionById) throws ThriftSecurityException {
     if (!canAskAboutOtherUsers(credentials, user))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
     return _hasSystemPermission(user, permissionById, false);
   }
-  
+
   public boolean hasTablePermission(TCredentials credentials, String user, String tableId,
TablePermission permissionById) throws ThriftSecurityException {
     if (!canAskAboutOtherUsers(credentials, user))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
     return _hasTablePermission(user, tableId, permissionById, false);
   }
-  
+
   public Set<String> listUsers(TCredentials credentials) throws ThriftSecurityException
{
     authenticate(credentials);
     try {
@@ -603,7 +605,7 @@ public class SecurityOperation {
       throw e.asThriftException();
     }
   }
-  
+
   public void deleteTable(TCredentials credentials, String tableId) throws ThriftSecurityException
{
     if (!canDeleteTable(credentials, tableId))
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
@@ -616,12 +618,12 @@ public class SecurityOperation {
       throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.TABLE_DOESNT_EXIST);
     }
   }
-  
+
   public boolean canExport(TCredentials credentials, String tableId, String tableName, String
exportDir) throws ThriftSecurityException {
     authenticate(credentials);
     return hasTablePermission(credentials, tableId, TablePermission.READ, false);
   }
-  
+
   public boolean canImport(TCredentials credentials, String tableName, String importDir)
throws ThriftSecurityException {
     authenticate(credentials);
     return hasSystemPermission(credentials, SystemPermission.CREATE_TABLE, false);


Mime
View raw message