accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From els...@apache.org
Subject [07/10] accumulo git commit: Merge branch '1.5' into 1.6
Date Thu, 20 Aug 2015 04:40:06 GMT
Merge branch '1.5' into 1.6

Conflicts:
	server/src/main/java/org/apache/accumulo/server/master/Master.java
	server/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
	server/src/main/java/org/apache/accumulo/server/security/SecurityOperation.java
	test/src/main/java/org/apache/accumulo/test/randomwalk/security/CreateTable.java
	test/src/main/java/org/apache/accumulo/test/randomwalk/security/TableOp.java


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/00c275b1
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/00c275b1
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/00c275b1

Branch: refs/heads/master
Commit: 00c275b1f655e91a8a79bb24aab0e57eaf75d096
Parents: 6425c37 dad7c7c
Author: Josh Elser <elserj@apache.org>
Authored: Wed Aug 19 23:13:23 2015 -0400
Committer: Josh Elser <elserj@apache.org>
Committed: Wed Aug 19 23:34:24 2015 -0400

----------------------------------------------------------------------
 .../security/AuditedSecurityOperation.java      | 213 +++++++++++++++++++
 1 file changed, 213 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/00c275b1/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
----------------------------------------------------------------------
diff --cc server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
index 50f258e,0000000..5aea5a2
mode 100644,000000..100644
--- a/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/security/AuditedSecurityOperation.java
@@@ -1,457 -1,0 +1,670 @@@
 +/*
 + * Licensed to the Apache Software Foundation (ASF) under one or more
 + * contributor license agreements.  See the NOTICE file distributed with
 + * this work for additional information regarding copyright ownership.
 + * The ASF licenses this file to You under the Apache License, Version 2.0
 + * (the "License"); you may not use this file except in compliance with
 + * the License.  You may obtain a copy of the License at
 + *
 + *     http://www.apache.org/licenses/LICENSE-2.0
 + *
 + * Unless required by applicable law or agreed to in writing, software
 + * distributed under the License is distributed on an "AS IS" BASIS,
 + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 + * See the License for the specific language governing permissions and
 + * limitations under the License.
 + */
 +package org.apache.accumulo.server.security;
 +
 +import java.nio.ByteBuffer;
 +import java.util.ArrayList;
 +import java.util.Collection;
 +import java.util.HashMap;
 +import java.util.List;
 +import java.util.Map;
 +import java.util.Map.Entry;
 +
 +import org.apache.accumulo.core.client.TableNotFoundException;
 +import org.apache.accumulo.core.client.impl.Tables;
 +import org.apache.accumulo.core.client.impl.Translator;
 +import org.apache.accumulo.core.client.impl.thrift.ThriftSecurityException;
 +import org.apache.accumulo.core.data.Column;
 +import org.apache.accumulo.core.data.KeyExtent;
 +import org.apache.accumulo.core.data.Range;
 +import org.apache.accumulo.core.data.thrift.IterInfo;
 +import org.apache.accumulo.core.data.thrift.TColumn;
 +import org.apache.accumulo.core.data.thrift.TKeyExtent;
 +import org.apache.accumulo.core.data.thrift.TRange;
 +import org.apache.accumulo.core.master.thrift.FateOperation;
 +import org.apache.accumulo.core.metadata.MetadataTable;
 +import org.apache.accumulo.core.security.Authorizations;
 +import org.apache.accumulo.core.security.Credentials;
 +import org.apache.accumulo.core.security.SystemPermission;
 +import org.apache.accumulo.core.security.TablePermission;
 +import org.apache.accumulo.core.security.thrift.TCredentials;
 +import org.apache.accumulo.core.util.ByteBufferUtil;
 +import org.apache.accumulo.server.client.HdfsZooInstance;
 +import org.apache.accumulo.server.security.handler.Authenticator;
 +import org.apache.accumulo.server.security.handler.Authorizor;
 +import org.apache.accumulo.server.security.handler.PermissionHandler;
 +import org.apache.accumulo.server.util.TServerUtils;
 +import org.apache.hadoop.io.Text;
 +import org.apache.log4j.Level;
 +import org.apache.log4j.Logger;
 +
 +/**
 + *
 + */
 +public class AuditedSecurityOperation extends SecurityOperation {
 +
 +  public static final String AUDITLOG = "Audit";
 +  public static final Logger audit = Logger.getLogger(AUDITLOG);
 +
 +  public AuditedSecurityOperation(Authorizor author, Authenticator authent, PermissionHandler
pm, String instanceId) {
 +    super(author, authent, pm, instanceId);
 +  }
 +
 +  public static synchronized SecurityOperation getInstance() {
 +    String instanceId = HdfsZooInstance.getInstance().getInstanceID();
 +    return getInstance(instanceId, false);
 +  }
 +
 +  public static synchronized SecurityOperation getInstance(String instanceId, boolean initialize)
{
 +    if (instance == null) {
 +      instance = new AuditedSecurityOperation(getAuthorizor(instanceId, initialize), getAuthenticator(instanceId,
initialize), getPermHandler(instanceId,
 +          initialize), instanceId);
 +    }
 +    return instance;
 +  }
 +
 +  private static String getTableName(String tableId) {
 +    try {
 +      return Tables.getTableName(HdfsZooInstance.getInstance(), tableId);
 +    } catch (TableNotFoundException e) {
 +      return "Unknown Table with ID " + tableId;
 +    }
 +  }
 +
 +  public static StringBuilder getAuthString(List<ByteBuffer> authorizations) {
 +    StringBuilder auths = new StringBuilder();
 +    for (ByteBuffer bb : authorizations) {
 +      auths.append(ByteBufferUtil.toString(bb)).append(",");
 +    }
 +    return auths;
 +  }
 +
 +  private static boolean shouldAudit(TCredentials credentials, String tableId) {
 +    return (audit.isInfoEnabled() || audit.isEnabledFor(Level.WARN)) && !tableId.equals(MetadataTable.ID)
&& shouldAudit(credentials);
 +  }
 +
 +  // Is INFO the right level to check? Do we even need that check?
 +  private static boolean shouldAudit(TCredentials credentials) {
 +    return !SystemCredentials.get().getToken().getClass().getName().equals(credentials.getTokenClassName());
 +  }
 +
 +  /*
 +   * Three auditing methods try to capture the 4 states we might have here. audit is in
response to a thrown exception, the operation failed (perhaps due to
 +   * insufficient privs, or some other reason) audit(credentials, template, args) is a successful
operation audit(credentials, permitted, template, args) is a
 +   * privileges check that is either permitted or denied. We don't know if the operation
went on to be successful or not at this point, we would have to go
 +   * digging through loads of other code to find it.
 +   */
 +  private void audit(TCredentials credentials, ThriftSecurityException ex, String template,
Object... args) {
 +    audit.warn("operation: failed; user: " + credentials.getPrincipal() + "; " + String.format(template,
args) + "; exception: " + ex.toString());
 +  }
 +
 +  private void audit(TCredentials credentials, String template, Object... args) {
 +    if (shouldAudit(credentials)) {
 +      audit.info("operation: success; user: " + credentials.getPrincipal() + ": " + String.format(template,
args));
 +    }
 +  }
 +
 +  private void audit(TCredentials credentials, boolean permitted, String template, Object...
args) {
 +    if (shouldAudit(credentials)) {
 +      String prefix = permitted ? "permitted" : "denied";
 +      audit.info("operation: " + prefix + "; user: " + credentials.getPrincipal() + "; client:
" + TServerUtils.clientAddress.get() + "; "
 +          + String.format(template, args));
 +    }
 +  }
 +
 +  public static final String CAN_SCAN_AUDIT_TEMPLATE = "action: scan; targetTable: %s; authorizations:
%s; range: %s; columns: %s; iterators: %s; iteratorOptions: %s;";
 +  private static final int MAX_ELEMENTS_TO_LOG = 10;
 +
 +  private static List<String> truncate(Collection<?> list) {
 +    List<String> result = new ArrayList<String>();
 +    int i = 0;
 +    for (Object obj : list) {
 +      if (i++ > MAX_ELEMENTS_TO_LOG) {
 +        result.add(" and " + (list.size() - MAX_ELEMENTS_TO_LOG) + " more ");
 +        break;
 +      }
 +      result.add(obj.toString());
 +    }
 +    return result;
 +  }
 +
 +  @Override
 +  public boolean canScan(TCredentials credentials, String tableId, String namespaceId, TRange
range, List<TColumn> columns, List<IterInfo> ssiList,
 +      Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations)
throws ThriftSecurityException {
 +    if (shouldAudit(credentials, tableId)) {
 +      Range convertedRange = new Range(range);
 +      List<String> convertedColumns = truncate(Translator.translate(columns, new Translator.TColumnTranslator()));
 +      String tableName = getTableName(tableId);
 +
 +      try {
 +        boolean canScan = super.canScan(credentials, tableId, namespaceId);
 +        audit(credentials, canScan, CAN_SCAN_AUDIT_TEMPLATE, tableName, getAuthString(authorizations),
convertedRange, convertedColumns, ssiList, ssio);
 +
 +        return canScan;
 +      } catch (ThriftSecurityException ex) {
 +        audit(credentials, ex, CAN_SCAN_AUDIT_TEMPLATE, getAuthString(authorizations), tableId,
convertedRange, convertedColumns, ssiList, ssio);
 +        throw ex;
 +      }
 +    } else {
 +      return super.canScan(credentials, tableId, namespaceId);
 +    }
 +  }
 +
 +  public static final String CAN_SCAN_BATCH_AUDIT_TEMPLATE = "action: scan; targetTable:
%s; authorizations: %s; range: %s; columns: %s; iterators: %s; iteratorOptions: %s;";
 +
 +  @Override
 +  public boolean canScan(TCredentials credentials, String tableId, String namespaceId, Map<TKeyExtent,List<TRange>>
tbatch, List<TColumn> tcolumns,
 +      List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer>
authorizations) throws ThriftSecurityException {
 +    if (shouldAudit(credentials, tableId)) {
 +      @SuppressWarnings({"unchecked", "rawtypes"})
 +      Map<KeyExtent,List<Range>> convertedBatch = Translator.translate(tbatch,
new Translator.TKeyExtentTranslator(), new Translator.ListTranslator(
 +          new Translator.TRangeTranslator()));
 +      Map<KeyExtent,List<String>> truncated = new HashMap<KeyExtent,List<String>>();
 +      for (Entry<KeyExtent,List<Range>> entry : convertedBatch.entrySet()) {
 +        truncated.put(entry.getKey(), truncate(entry.getValue()));
 +      }
 +      List<Column> convertedColumns = Translator.translate(tcolumns, new Translator.TColumnTranslator());
 +      String tableName = getTableName(tableId);
 +
 +      try {
 +        boolean canScan = super.canScan(credentials, tableId, namespaceId);
 +        audit(credentials, canScan, CAN_SCAN_BATCH_AUDIT_TEMPLATE, tableName, getAuthString(authorizations),
truncated, convertedColumns, ssiList, ssio);
 +
 +        return canScan;
 +      } catch (ThriftSecurityException ex) {
 +        audit(credentials, ex, CAN_SCAN_BATCH_AUDIT_TEMPLATE, getAuthString(authorizations),
tableId, truncated, convertedColumns, ssiList, ssio);
 +        throw ex;
 +      }
 +    } else {
 +      return super.canScan(credentials, tableId, namespaceId);
 +    }
 +  }
 +
 +  public static final String CHANGE_AUTHORIZATIONS_AUDIT_TEMPLATE = "action: changeAuthorizations;
targetUser: %s; authorizations: %s";
 +
 +  @Override
 +  public void changeAuthorizations(TCredentials credentials, String user, Authorizations
authorizations) throws ThriftSecurityException {
 +    try {
 +      super.changeAuthorizations(credentials, user, authorizations);
 +      audit(credentials, CHANGE_AUTHORIZATIONS_AUDIT_TEMPLATE, user, authorizations);
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, CHANGE_AUTHORIZATIONS_AUDIT_TEMPLATE, user, authorizations);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CHANGE_PASSWORD_AUDIT_TEMPLATE = "action: changePassword; targetUser:
%s;";
 +
 +  @Override
 +  public void changePassword(TCredentials credentials, Credentials newInfo) throws ThriftSecurityException
{
 +    try {
 +      super.changePassword(credentials, newInfo);
 +      audit(credentials, CHANGE_PASSWORD_AUDIT_TEMPLATE, newInfo.getPrincipal());
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, CHANGE_PASSWORD_AUDIT_TEMPLATE, newInfo.getPrincipal());
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CREATE_USER_AUDIT_TEMPLATE = "action: createUser; targetUser:
%s; Authorizations: %s;";
 +
 +  @Override
 +  public void createUser(TCredentials credentials, Credentials newUser, Authorizations authorizations)
throws ThriftSecurityException {
 +    try {
 +      super.createUser(credentials, newUser, authorizations);
 +      audit(credentials, CREATE_USER_AUDIT_TEMPLATE, newUser.getPrincipal(), authorizations);
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, CREATE_USER_AUDIT_TEMPLATE, newUser.getPrincipal(), authorizations);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CAN_CREATE_TABLE_AUDIT_TEMPLATE = "action: createTable; targetTable:
%s;";
 +
 +  @Override
 +  public boolean canCreateTable(TCredentials c, String tableName, String namespaceId) throws
ThriftSecurityException {
 +    try {
 +      boolean result = super.canCreateTable(c, tableName, namespaceId);
 +      audit(c, result, CAN_CREATE_TABLE_AUDIT_TEMPLATE, tableName);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(c, ex, CAN_CREATE_TABLE_AUDIT_TEMPLATE, tableName);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CAN_DELETE_TABLE_AUDIT_TEMPLATE = "action: deleteTable; targetTable:
%s;";
 +
 +  @Override
 +  public boolean canDeleteTable(TCredentials c, String tableId, String namespaceId) throws
ThriftSecurityException {
 +    String tableName = getTableName(tableId);
 +    try {
 +      boolean result = super.canDeleteTable(c, tableId, namespaceId);
 +      audit(c, result, CAN_DELETE_TABLE_AUDIT_TEMPLATE, tableName, tableId);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(c, ex, CAN_DELETE_TABLE_AUDIT_TEMPLATE, tableName, tableId);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CAN_RENAME_TABLE_AUDIT_TEMPLATE = "action: renameTable; targetTable:
%s; newTableName: %s;";
 +
 +  @Override
 +  public boolean canRenameTable(TCredentials c, String tableId, String oldTableName, String
newTableName, String namespaceId) throws ThriftSecurityException {
 +    try {
 +      boolean result = super.canRenameTable(c, tableId, oldTableName, newTableName, namespaceId);
 +      audit(c, result, CAN_RENAME_TABLE_AUDIT_TEMPLATE, oldTableName, newTableName);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(c, ex, CAN_RENAME_TABLE_AUDIT_TEMPLATE, oldTableName, newTableName);
 +      throw ex;
 +    }
 +  }
 +
++  public static final String CAN_SPLIT_TABLE_AUDIT_TEMPLATE = "action: splitTable; targetTable:
%s; targetNamespace: %s;";
++
++  @Override
++  public boolean canSplitTablet(TCredentials credentials, String table, String namespaceId)
throws ThriftSecurityException {
++    try {
++      boolean result = super.canSplitTablet(credentials, table, namespaceId);
++      audit(credentials, result, CAN_SPLIT_TABLE_AUDIT_TEMPLATE, table, namespaceId);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(credentials, ex, "split tablet on table %s denied", table);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_PERFORM_SYSTEM_ACTION_AUDIT_TEMPLATE = "action: performSystemAction;
principal: %s;";
++
++  @Override
++  public boolean canPerformSystemActions(TCredentials credentials) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canPerformSystemActions(credentials);
++      audit(credentials, result, CAN_PERFORM_SYSTEM_ACTION_AUDIT_TEMPLATE, credentials.getPrincipal());
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(credentials, ex, "system action denied");
++      throw ex;
++    }
++  }
++
++  public static final String CAN_FLUSH_TABLE_AUDIT_TEMPLATE = "action: flushTable; targetTable:
%s; targetNamespace: %s;";
++
++  @Override
++  public boolean canFlush(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canFlush(c, tableId, namespaceId);
++      audit(c, result, CAN_FLUSH_TABLE_AUDIT_TEMPLATE, tableId, namespaceId);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "flush on tableId %s denied", tableId);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_ALTER_TABLE_AUDIT_TEMPLATE = "action: alterTable; targetTable:
%s; targetNamespace: %s;";
++
++  @Override
++  public boolean canAlterTable(TCredentials c, String tableId, String namespaceId) throws
ThriftSecurityException {
++    try {
++      boolean result = super.canAlterTable(c, tableId, namespaceId);
++      audit(c, result, CAN_ALTER_TABLE_AUDIT_TEMPLATE, tableId, namespaceId);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "alter table on tableId %s denied", tableId);
++      throw ex;
++    }
++  }
++
 +  public static final String CAN_CLONE_TABLE_AUDIT_TEMPLATE = "action: cloneTable; targetTable:
%s; newTableName: %s";
 +
 +  @Override
 +  public boolean canCloneTable(TCredentials c, String tableId, String tableName, String
destinationNamespaceId, String sourceNamespaceId)
 +      throws ThriftSecurityException {
 +    String oldTableName = getTableName(tableId);
 +    try {
 +      boolean result = super.canCloneTable(c, tableId, tableName, destinationNamespaceId,
sourceNamespaceId);
 +      audit(c, result, CAN_CLONE_TABLE_AUDIT_TEMPLATE, oldTableName, tableName);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(c, ex, CAN_CLONE_TABLE_AUDIT_TEMPLATE, oldTableName, tableName);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CAN_DELETE_RANGE_AUDIT_TEMPLATE = "action: deleteData; targetTable:
%s; startRange: %s; endRange: %s;";
 +
 +  @Override
 +  public boolean canDeleteRange(TCredentials c, String tableId, String tableName, Text startRow,
Text endRow, String namespaceId)
 +      throws ThriftSecurityException {
 +    try {
 +      boolean result = super.canDeleteRange(c, tableId, tableName, startRow, endRow, namespaceId);
 +      audit(c, result, CAN_DELETE_RANGE_AUDIT_TEMPLATE, tableName, startRow.toString(),
endRow.toString());
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(c, ex, CAN_DELETE_RANGE_AUDIT_TEMPLATE, tableName, startRow.toString(), endRow.toString());
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CAN_BULK_IMPORT_AUDIT_TEMPLATE = "action: bulkImport; targetTable:
%s; dataDir: %s; failDir: %s;";
 +
 +  @Override
 +  public boolean canBulkImport(TCredentials c, String tableId, String tableName, String
dir, String failDir, String namespaceId) throws ThriftSecurityException {
 +    try {
 +      boolean result = super.canBulkImport(c, tableId, namespaceId);
 +      audit(c, result, CAN_BULK_IMPORT_AUDIT_TEMPLATE, tableName, dir, failDir);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(c, ex, CAN_BULK_IMPORT_AUDIT_TEMPLATE, tableName, dir, failDir);
 +      throw ex;
 +    }
 +  }
 +
++  public static final String CAN_COMPACT_TABLE_AUDIT_TEMPLATE = "action: compactTable; targetTable:
%s; targetNamespace: %s;";
++
++  @Override
++  public boolean canCompact(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canCompact(c, tableId, namespaceId);
++      audit(c, result, CAN_COMPACT_TABLE_AUDIT_TEMPLATE, tableId, namespaceId);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "compact on tableId %s denied", tableId);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_CHANGE_AUTHORIZATIONS_AUDIT_TEMPLATE = "action: changeAuthorizations;
targetUser: %s;";
++
++  @Override
++  public boolean canChangeAuthorizations(TCredentials c, String user) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canChangeAuthorizations(c, user);
++      audit(c, result, CAN_CHANGE_AUTHORIZATIONS_AUDIT_TEMPLATE, user);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "change authorizations on user %s denied", user);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_CHANGE_PASSWORD_AUDIT_TEMPLATE = "action: changePassword;
targetUser: %s;";
++
++  @Override
++  public boolean canChangePassword(TCredentials c, String user) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canChangePassword(c, user);
++      audit(c, result, CAN_CHANGE_PASSWORD_AUDIT_TEMPLATE, user);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "change password on user %s denied", user);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_CREATE_USER_AUDIT_TEMPLATE = "action: createUser; targetUser:
%s;";
++
++  @Override
++  public boolean canCreateUser(TCredentials c, String user) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canCreateUser(c, user);
++      audit(c, result, CAN_CREATE_USER_AUDIT_TEMPLATE, user);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "create user on user %s denied", user);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_DROP_USER_AUDIT_TEMPLATE = "action: dropUser; targetUser:
%s;";
++
++  @Override
++  public boolean canDropUser(TCredentials c, String user) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canDropUser(c, user);
++      audit(c, result, CAN_DROP_USER_AUDIT_TEMPLATE, user);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "drop user on user %s denied", user);
++
++      throw ex;
++    }
++  }
++
++  public static final String CAN_GRANT_SYSTEM_AUDIT_TEMPLATE = "action: grantSystem; targetUser:
%s; targetPermission: %s;";
++
++  @Override
++  public boolean canGrantSystem(TCredentials c, String user, SystemPermission sysPerm) throws
ThriftSecurityException {
++    try {
++      boolean result = super.canGrantSystem(c, user, sysPerm);
++      audit(c, result, CAN_GRANT_SYSTEM_AUDIT_TEMPLATE, user, sysPerm);
++      return result;
++
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "grant system permission %s for user %s denied", sysPerm, user);
++
++      throw ex;
++    }
++  }
++
++  public static final String CAN_GRANT_TABLE_AUDIT_TEMPLATE = "action: grantTable; targetUser:
%s; targetTable: %s; targetNamespace: %s;";
++
++  @Override
++  public boolean canGrantTable(TCredentials c, String user, String table, String namespaceId)
throws ThriftSecurityException {
++    try {
++      boolean result = super.canGrantTable(c, user, table, namespaceId);
++      audit(c, result, CAN_GRANT_TABLE_AUDIT_TEMPLATE, user, table, namespaceId);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "grant table on table %s for user %s denied", table, user);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_REVOKE_SYSTEM_AUDIT_TEMPLATE = "action: revokeSystem; targetUser:
%s;, targetPermission: %s;";
++
++  @Override
++  public boolean canRevokeSystem(TCredentials c, String user, SystemPermission sysPerm)
throws ThriftSecurityException {
++    try {
++      boolean result = super.canRevokeSystem(c, user, sysPerm);
++      audit(c, result, CAN_REVOKE_SYSTEM_AUDIT_TEMPLATE, user, sysPerm);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "revoke system permission %s for user %s denied", sysPerm, user);
++      throw ex;
++    }
++  }
++
++  public static final String CAN_REVOKE_TABLE_AUDIT_TEMPLATE = "action: revokeTable; targetUser:
%s; targetTable %s; targetNamespace: %s;";
++
++  @Override
++  public boolean canRevokeTable(TCredentials c, String user, String table, String namespaceId)
throws ThriftSecurityException {
++    try {
++      boolean result = super.canRevokeTable(c, user, table, namespaceId);
++      audit(c, result, CAN_REVOKE_TABLE_AUDIT_TEMPLATE, user, table, namespaceId);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "revoke table on table %s for user %s denied", table, user);
++      throw ex;
++    }
++  }
++
 +  public static final String CAN_IMPORT_AUDIT_TEMPLATE = "action: import; targetTable: %s;
dataDir: %s;";
 +
 +  @Override
 +  public boolean canImport(TCredentials credentials, String tableName, String importDir,
String namespaceId) throws ThriftSecurityException {
 +
 +    try {
 +      boolean result = super.canImport(credentials, tableName, importDir, namespaceId);
 +      audit(credentials, result, CAN_IMPORT_AUDIT_TEMPLATE, tableName, importDir);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, CAN_IMPORT_AUDIT_TEMPLATE, tableName, importDir);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String CAN_EXPORT_AUDIT_TEMPLATE = "action: export; targetTable: %s;
dataDir: %s;";
 +
 +  @Override
 +  public boolean canExport(TCredentials credentials, String tableId, String tableName, String
exportDir, String namespaceId) throws ThriftSecurityException {
 +
 +    try {
 +      boolean result = super.canExport(credentials, tableId, tableName, exportDir, namespaceId);
 +      audit(credentials, result, CAN_EXPORT_AUDIT_TEMPLATE, tableName, exportDir);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, CAN_EXPORT_AUDIT_TEMPLATE, tableName, exportDir);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String DROP_USER_AUDIT_TEMPLATE = "action: dropUser; targetUser: %s;";
 +
 +  @Override
 +  public void dropUser(TCredentials credentials, String user) throws ThriftSecurityException
{
 +    try {
 +      super.dropUser(credentials, user);
 +      audit(credentials, DROP_USER_AUDIT_TEMPLATE, user);
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, DROP_USER_AUDIT_TEMPLATE, user);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String GRANT_SYSTEM_PERMISSION_AUDIT_TEMPLATE = "action: grantSystemPermission;
permission: %s; targetUser: %s;";
 +
 +  @Override
 +  public void grantSystemPermission(TCredentials credentials, String user, SystemPermission
permission) throws ThriftSecurityException {
 +    try {
 +      super.grantSystemPermission(credentials, user, permission);
 +      audit(credentials, GRANT_SYSTEM_PERMISSION_AUDIT_TEMPLATE, permission, user);
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, GRANT_SYSTEM_PERMISSION_AUDIT_TEMPLATE, permission, user);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String GRANT_TABLE_PERMISSION_AUDIT_TEMPLATE = "action: grantTablePermission;
permission: %s; targetTable: %s; targetUser: %s;";
 +
 +  @Override
 +  public void grantTablePermission(TCredentials credentials, String user, String tableId,
TablePermission permission, String namespaceId)
 +      throws ThriftSecurityException {
 +    String tableName = getTableName(tableId);
 +    try {
 +      super.grantTablePermission(credentials, user, tableId, permission, namespaceId);
 +      audit(credentials, GRANT_TABLE_PERMISSION_AUDIT_TEMPLATE, permission, tableName, user);
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, GRANT_TABLE_PERMISSION_AUDIT_TEMPLATE, permission, tableName,
user);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String REVOKE_SYSTEM_PERMISSION_AUDIT_TEMPLATE = "action: revokeSystemPermission;
permission: %s; targetUser: %s;";
 +
 +  @Override
 +  public void revokeSystemPermission(TCredentials credentials, String user, SystemPermission
permission) throws ThriftSecurityException {
 +
 +    try {
 +      super.revokeSystemPermission(credentials, user, permission);
 +      audit(credentials, REVOKE_SYSTEM_PERMISSION_AUDIT_TEMPLATE, permission, user);
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, REVOKE_SYSTEM_PERMISSION_AUDIT_TEMPLATE, permission, user);
 +      throw ex;
 +    }
 +  }
 +
 +  public static final String REVOKE_TABLE_PERMISSION_AUDIT_TEMPLATE = "action: revokeTablePermission;
permission: %s; targetTable: %s; targetUser: %s;";
 +
 +  @Override
 +  public void revokeTablePermission(TCredentials credentials, String user, String tableId,
TablePermission permission, String namespaceId)
 +      throws ThriftSecurityException {
 +    String tableName = getTableName(tableId);
 +    try {
 +      super.revokeTablePermission(credentials, user, tableId, permission, namespaceId);
 +      audit(credentials, REVOKE_TABLE_PERMISSION_AUDIT_TEMPLATE, permission, tableName,
user);
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, REVOKE_TABLE_PERMISSION_AUDIT_TEMPLATE, permission, tableName,
user);
 +      throw ex;
 +    }
 +  }
 +
++  public static final String HAS_SYSTEM_PERMISSION_AUDIT_TEMPLATE = "action: hasSystemPermission;
permission: %s; targetUser: %s;";
++
++  @Override
++  public boolean hasSystemPermission(TCredentials credentials, String user, SystemPermission
permission) throws ThriftSecurityException {
++    try {
++      boolean result = super.hasSystemPermission(credentials, user, permission);
++      audit(credentials, result, HAS_SYSTEM_PERMISSION_AUDIT_TEMPLATE, permission, user);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(credentials, ex, "checking permission %s on %s denied", permission, user);
++      throw ex;
++    }
++  }
++
 +  public static final String CAN_ONLINE_OFFLINE_TABLE_AUDIT_TEMPLATE = "action: %s; targetTable:
%s;";
 +
 +  @Override
 +  public boolean canOnlineOfflineTable(TCredentials credentials, String tableId, FateOperation
op, String namespaceId) throws ThriftSecurityException {
 +    String tableName = getTableName(tableId);
 +    String operation = null;
 +    if (op == FateOperation.TABLE_ONLINE)
 +      operation = "onlineTable";
 +    if (op == FateOperation.TABLE_OFFLINE)
 +      operation = "offlineTable";
 +    try {
 +      boolean result = super.canOnlineOfflineTable(credentials, tableId, op, namespaceId);
 +      audit(credentials, result, CAN_ONLINE_OFFLINE_TABLE_AUDIT_TEMPLATE, operation, tableName,
tableId);
 +      return result;
 +    } catch (ThriftSecurityException ex) {
 +      audit(credentials, ex, CAN_ONLINE_OFFLINE_TABLE_AUDIT_TEMPLATE, operation, tableName,
tableId);
 +      throw ex;
 +    }
 +  }
 +
++  public static final String CAN_MERGE_TABLE_AUDIT_TEMPLATE = "action: mergeTable; targetTable:
%s; targetNamespace: %s;";
++
++  @Override
++  public boolean canMerge(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
{
++    try {
++      boolean result = super.canMerge(c, tableId, namespaceId);
++      audit(c, result, CAN_MERGE_TABLE_AUDIT_TEMPLATE, tableId, namespaceId);
++      return result;
++    } catch (ThriftSecurityException ex) {
++      audit(c, ex, "merge table on tableId %s denied", tableId);
++      throw ex;
++    }
++  }
++
 +  // The audit log is already logging the principal, so we don't have anything else to audit
 +  public static final String AUTHENICATE_AUDIT_TEMPLATE = "";
 +
 +  @Override
 +  protected void authenticate(TCredentials credentials) throws ThriftSecurityException {
 +    try {
 +      super.authenticate(credentials);
 +      audit(credentials, true, AUTHENICATE_AUDIT_TEMPLATE);
 +    } catch (ThriftSecurityException e) {
 +      audit(credentials, false, AUTHENICATE_AUDIT_TEMPLATE);
 +      throw e;
 +    }
 +  }
 +}


Mime
View raw message