sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From br...@apache.org
Subject [2/4] SENTRY-109 - Create basic sentry store infrastructure (Shreepadma via Brock)
Date Wed, 19 Feb 2014 14:48:01 GMT
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
new file mode 100644
index 0000000..cb7cf0b
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleRequest.java
@@ -0,0 +1,601 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ *  @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TDropSentryRoleRequest implements org.apache.thrift.TBase<TDropSentryRoleRequest, TDropSentryRoleRequest._Fields>, java.io.Serializable, Cloneable {
+  private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropSentryRoleRequest");
+
+  private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1);
+  private static final org.apache.thrift.protocol.TField USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("userName", org.apache.thrift.protocol.TType.STRING, (short)2);
+  private static final org.apache.thrift.protocol.TField ROLE_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("roleName", org.apache.thrift.protocol.TType.STRING, (short)3);
+
+  private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+  static {
+    schemes.put(StandardScheme.class, new TDropSentryRoleRequestStandardSchemeFactory());
+    schemes.put(TupleScheme.class, new TDropSentryRoleRequestTupleSchemeFactory());
+  }
+
+  private int protocol_version; // required
+  private String userName; // optional
+  private String roleName; // optional
+
+  /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+  public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+    PROTOCOL_VERSION((short)1, "protocol_version"),
+    USER_NAME((short)2, "userName"),
+    ROLE_NAME((short)3, "roleName");
+
+    private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+    static {
+      for (_Fields field : EnumSet.allOf(_Fields.class)) {
+        byName.put(field.getFieldName(), field);
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, or null if its not found.
+     */
+    public static _Fields findByThriftId(int fieldId) {
+      switch(fieldId) {
+        case 1: // PROTOCOL_VERSION
+          return PROTOCOL_VERSION;
+        case 2: // USER_NAME
+          return USER_NAME;
+        case 3: // ROLE_NAME
+          return ROLE_NAME;
+        default:
+          return null;
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, throwing an exception
+     * if it is not found.
+     */
+    public static _Fields findByThriftIdOrThrow(int fieldId) {
+      _Fields fields = findByThriftId(fieldId);
+      if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+      return fields;
+    }
+
+    /**
+     * Find the _Fields constant that matches name, or null if its not found.
+     */
+    public static _Fields findByName(String name) {
+      return byName.get(name);
+    }
+
+    private final short _thriftId;
+    private final String _fieldName;
+
+    _Fields(short thriftId, String fieldName) {
+      _thriftId = thriftId;
+      _fieldName = fieldName;
+    }
+
+    public short getThriftFieldId() {
+      return _thriftId;
+    }
+
+    public String getFieldName() {
+      return _fieldName;
+    }
+  }
+
+  // isset id assignments
+  private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
+  private byte __isset_bitfield = 0;
+  private _Fields optionals[] = {_Fields.USER_NAME,_Fields.ROLE_NAME};
+  public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+  static {
+    Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+    tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
+    tmpMap.put(_Fields.USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("userName", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+    tmpMap.put(_Fields.ROLE_NAME, new org.apache.thrift.meta_data.FieldMetaData("roleName", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
+        new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
+    metaDataMap = Collections.unmodifiableMap(tmpMap);
+    org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropSentryRoleRequest.class, metaDataMap);
+  }
+
+  public TDropSentryRoleRequest() {
+    this.protocol_version = 1;
+
+  }
+
+  public TDropSentryRoleRequest(
+    int protocol_version)
+  {
+    this();
+    this.protocol_version = protocol_version;
+    setProtocol_versionIsSet(true);
+  }
+
+  /**
+   * Performs a deep copy on <i>other</i>.
+   */
+  public TDropSentryRoleRequest(TDropSentryRoleRequest other) {
+    __isset_bitfield = other.__isset_bitfield;
+    this.protocol_version = other.protocol_version;
+    if (other.isSetUserName()) {
+      this.userName = other.userName;
+    }
+    if (other.isSetRoleName()) {
+      this.roleName = other.roleName;
+    }
+  }
+
+  public TDropSentryRoleRequest deepCopy() {
+    return new TDropSentryRoleRequest(this);
+  }
+
+  @Override
+  public void clear() {
+    this.protocol_version = 1;
+
+    this.userName = null;
+    this.roleName = null;
+  }
+
+  public int getProtocol_version() {
+    return this.protocol_version;
+  }
+
+  public void setProtocol_version(int protocol_version) {
+    this.protocol_version = protocol_version;
+    setProtocol_versionIsSet(true);
+  }
+
+  public void unsetProtocol_version() {
+    __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
+  }
+
+  /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */
+  public boolean isSetProtocol_version() {
+    return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID);
+  }
+
+  public void setProtocol_versionIsSet(boolean value) {
+    __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value);
+  }
+
+  public String getUserName() {
+    return this.userName;
+  }
+
+  public void setUserName(String userName) {
+    this.userName = userName;
+  }
+
+  public void unsetUserName() {
+    this.userName = null;
+  }
+
+  /** Returns true if field userName is set (has been assigned a value) and false otherwise */
+  public boolean isSetUserName() {
+    return this.userName != null;
+  }
+
+  public void setUserNameIsSet(boolean value) {
+    if (!value) {
+      this.userName = null;
+    }
+  }
+
+  public String getRoleName() {
+    return this.roleName;
+  }
+
+  public void setRoleName(String roleName) {
+    this.roleName = roleName;
+  }
+
+  public void unsetRoleName() {
+    this.roleName = null;
+  }
+
+  /** Returns true if field roleName is set (has been assigned a value) and false otherwise */
+  public boolean isSetRoleName() {
+    return this.roleName != null;
+  }
+
+  public void setRoleNameIsSet(boolean value) {
+    if (!value) {
+      this.roleName = null;
+    }
+  }
+
+  public void setFieldValue(_Fields field, Object value) {
+    switch (field) {
+    case PROTOCOL_VERSION:
+      if (value == null) {
+        unsetProtocol_version();
+      } else {
+        setProtocol_version((Integer)value);
+      }
+      break;
+
+    case USER_NAME:
+      if (value == null) {
+        unsetUserName();
+      } else {
+        setUserName((String)value);
+      }
+      break;
+
+    case ROLE_NAME:
+      if (value == null) {
+        unsetRoleName();
+      } else {
+        setRoleName((String)value);
+      }
+      break;
+
+    }
+  }
+
+  public Object getFieldValue(_Fields field) {
+    switch (field) {
+    case PROTOCOL_VERSION:
+      return Integer.valueOf(getProtocol_version());
+
+    case USER_NAME:
+      return getUserName();
+
+    case ROLE_NAME:
+      return getRoleName();
+
+    }
+    throw new IllegalStateException();
+  }
+
+  /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+  public boolean isSet(_Fields field) {
+    if (field == null) {
+      throw new IllegalArgumentException();
+    }
+
+    switch (field) {
+    case PROTOCOL_VERSION:
+      return isSetProtocol_version();
+    case USER_NAME:
+      return isSetUserName();
+    case ROLE_NAME:
+      return isSetRoleName();
+    }
+    throw new IllegalStateException();
+  }
+
+  @Override
+  public boolean equals(Object that) {
+    if (that == null)
+      return false;
+    if (that instanceof TDropSentryRoleRequest)
+      return this.equals((TDropSentryRoleRequest)that);
+    return false;
+  }
+
+  public boolean equals(TDropSentryRoleRequest that) {
+    if (that == null)
+      return false;
+
+    boolean this_present_protocol_version = true;
+    boolean that_present_protocol_version = true;
+    if (this_present_protocol_version || that_present_protocol_version) {
+      if (!(this_present_protocol_version && that_present_protocol_version))
+        return false;
+      if (this.protocol_version != that.protocol_version)
+        return false;
+    }
+
+    boolean this_present_userName = true && this.isSetUserName();
+    boolean that_present_userName = true && that.isSetUserName();
+    if (this_present_userName || that_present_userName) {
+      if (!(this_present_userName && that_present_userName))
+        return false;
+      if (!this.userName.equals(that.userName))
+        return false;
+    }
+
+    boolean this_present_roleName = true && this.isSetRoleName();
+    boolean that_present_roleName = true && that.isSetRoleName();
+    if (this_present_roleName || that_present_roleName) {
+      if (!(this_present_roleName && that_present_roleName))
+        return false;
+      if (!this.roleName.equals(that.roleName))
+        return false;
+    }
+
+    return true;
+  }
+
+  @Override
+  public int hashCode() {
+    HashCodeBuilder builder = new HashCodeBuilder();
+
+    boolean present_protocol_version = true;
+    builder.append(present_protocol_version);
+    if (present_protocol_version)
+      builder.append(protocol_version);
+
+    boolean present_userName = true && (isSetUserName());
+    builder.append(present_userName);
+    if (present_userName)
+      builder.append(userName);
+
+    boolean present_roleName = true && (isSetRoleName());
+    builder.append(present_roleName);
+    if (present_roleName)
+      builder.append(roleName);
+
+    return builder.toHashCode();
+  }
+
+  public int compareTo(TDropSentryRoleRequest other) {
+    if (!getClass().equals(other.getClass())) {
+      return getClass().getName().compareTo(other.getClass().getName());
+    }
+
+    int lastComparison = 0;
+    TDropSentryRoleRequest typedOther = (TDropSentryRoleRequest)other;
+
+    lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(typedOther.isSetProtocol_version());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetProtocol_version()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, typedOther.protocol_version);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetUserName()).compareTo(typedOther.isSetUserName());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetUserName()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.userName, typedOther.userName);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    lastComparison = Boolean.valueOf(isSetRoleName()).compareTo(typedOther.isSetRoleName());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetRoleName()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.roleName, typedOther.roleName);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    return 0;
+  }
+
+  public _Fields fieldForId(int fieldId) {
+    return _Fields.findByThriftId(fieldId);
+  }
+
+  public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+    schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+  }
+
+  public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+    schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder sb = new StringBuilder("TDropSentryRoleRequest(");
+    boolean first = true;
+
+    sb.append("protocol_version:");
+    sb.append(this.protocol_version);
+    first = false;
+    if (isSetUserName()) {
+      if (!first) sb.append(", ");
+      sb.append("userName:");
+      if (this.userName == null) {
+        sb.append("null");
+      } else {
+        sb.append(this.userName);
+      }
+      first = false;
+    }
+    if (isSetRoleName()) {
+      if (!first) sb.append(", ");
+      sb.append("roleName:");
+      if (this.roleName == null) {
+        sb.append("null");
+      } else {
+        sb.append(this.roleName);
+      }
+      first = false;
+    }
+    sb.append(")");
+    return sb.toString();
+  }
+
+  public void validate() throws org.apache.thrift.TException {
+    // check for required fields
+    if (!isSetProtocol_version()) {
+      throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
+    }
+
+    // check for sub-struct validity
+  }
+
+  private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+    try {
+      write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+    try {
+      // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor.
+      __isset_bitfield = 0;
+      read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private static class TDropSentryRoleRequestStandardSchemeFactory implements SchemeFactory {
+    public TDropSentryRoleRequestStandardScheme getScheme() {
+      return new TDropSentryRoleRequestStandardScheme();
+    }
+  }
+
+  private static class TDropSentryRoleRequestStandardScheme extends StandardScheme<TDropSentryRoleRequest> {
+
+    public void read(org.apache.thrift.protocol.TProtocol iprot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
+      org.apache.thrift.protocol.TField schemeField;
+      iprot.readStructBegin();
+      while (true)
+      {
+        schemeField = iprot.readFieldBegin();
+        if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { 
+          break;
+        }
+        switch (schemeField.id) {
+          case 1: // PROTOCOL_VERSION
+            if (schemeField.type == org.apache.thrift.protocol.TType.I32) {
+              struct.protocol_version = iprot.readI32();
+              struct.setProtocol_versionIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 2: // USER_NAME
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.userName = iprot.readString();
+              struct.setUserNameIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          case 3: // ROLE_NAME
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRING) {
+              struct.roleName = iprot.readString();
+              struct.setRoleNameIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          default:
+            org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+        }
+        iprot.readFieldEnd();
+      }
+      iprot.readStructEnd();
+      struct.validate();
+    }
+
+    public void write(org.apache.thrift.protocol.TProtocol oprot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
+      struct.validate();
+
+      oprot.writeStructBegin(STRUCT_DESC);
+      oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC);
+      oprot.writeI32(struct.protocol_version);
+      oprot.writeFieldEnd();
+      if (struct.userName != null) {
+        if (struct.isSetUserName()) {
+          oprot.writeFieldBegin(USER_NAME_FIELD_DESC);
+          oprot.writeString(struct.userName);
+          oprot.writeFieldEnd();
+        }
+      }
+      if (struct.roleName != null) {
+        if (struct.isSetRoleName()) {
+          oprot.writeFieldBegin(ROLE_NAME_FIELD_DESC);
+          oprot.writeString(struct.roleName);
+          oprot.writeFieldEnd();
+        }
+      }
+      oprot.writeFieldStop();
+      oprot.writeStructEnd();
+    }
+
+  }
+
+  private static class TDropSentryRoleRequestTupleSchemeFactory implements SchemeFactory {
+    public TDropSentryRoleRequestTupleScheme getScheme() {
+      return new TDropSentryRoleRequestTupleScheme();
+    }
+  }
+
+  private static class TDropSentryRoleRequestTupleScheme extends TupleScheme<TDropSentryRoleRequest> {
+
+    @Override
+    public void write(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
+      TTupleProtocol oprot = (TTupleProtocol) prot;
+      oprot.writeI32(struct.protocol_version);
+      BitSet optionals = new BitSet();
+      if (struct.isSetUserName()) {
+        optionals.set(0);
+      }
+      if (struct.isSetRoleName()) {
+        optionals.set(1);
+      }
+      oprot.writeBitSet(optionals, 2);
+      if (struct.isSetUserName()) {
+        oprot.writeString(struct.userName);
+      }
+      if (struct.isSetRoleName()) {
+        oprot.writeString(struct.roleName);
+      }
+    }
+
+    @Override
+    public void read(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleRequest struct) throws org.apache.thrift.TException {
+      TTupleProtocol iprot = (TTupleProtocol) prot;
+      struct.protocol_version = iprot.readI32();
+      struct.setProtocol_versionIsSet(true);
+      BitSet incoming = iprot.readBitSet(2);
+      if (incoming.get(0)) {
+        struct.userName = iprot.readString();
+        struct.setUserNameIsSet(true);
+      }
+      if (incoming.get(1)) {
+        struct.roleName = iprot.readString();
+        struct.setRoleNameIsSet(true);
+      }
+    }
+  }
+
+}
+

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java
new file mode 100644
index 0000000..efcf96d
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TDropSentryRoleResponse.java
@@ -0,0 +1,390 @@
+/**
+ * Autogenerated by Thrift Compiler (0.9.0)
+ *
+ * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
+ *  @generated
+ */
+package org.apache.sentry.provider.db.service.thrift;
+
+import org.apache.commons.lang.builder.HashCodeBuilder;
+import org.apache.thrift.scheme.IScheme;
+import org.apache.thrift.scheme.SchemeFactory;
+import org.apache.thrift.scheme.StandardScheme;
+
+import org.apache.thrift.scheme.TupleScheme;
+import org.apache.thrift.protocol.TTupleProtocol;
+import org.apache.thrift.protocol.TProtocolException;
+import org.apache.thrift.EncodingUtils;
+import org.apache.thrift.TException;
+import java.util.List;
+import java.util.ArrayList;
+import java.util.Map;
+import java.util.HashMap;
+import java.util.EnumMap;
+import java.util.Set;
+import java.util.HashSet;
+import java.util.EnumSet;
+import java.util.Collections;
+import java.util.BitSet;
+import java.nio.ByteBuffer;
+import java.util.Arrays;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TDropSentryRoleResponse implements org.apache.thrift.TBase<TDropSentryRoleResponse, TDropSentryRoleResponse._Fields>, java.io.Serializable, Cloneable {
+  private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TDropSentryRoleResponse");
+
+  private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1);
+
+  private static final Map<Class<? extends IScheme>, SchemeFactory> schemes = new HashMap<Class<? extends IScheme>, SchemeFactory>();
+  static {
+    schemes.put(StandardScheme.class, new TDropSentryRoleResponseStandardSchemeFactory());
+    schemes.put(TupleScheme.class, new TDropSentryRoleResponseTupleSchemeFactory());
+  }
+
+  private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required
+
+  /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */
+  public enum _Fields implements org.apache.thrift.TFieldIdEnum {
+    STATUS((short)1, "status");
+
+    private static final Map<String, _Fields> byName = new HashMap<String, _Fields>();
+
+    static {
+      for (_Fields field : EnumSet.allOf(_Fields.class)) {
+        byName.put(field.getFieldName(), field);
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, or null if its not found.
+     */
+    public static _Fields findByThriftId(int fieldId) {
+      switch(fieldId) {
+        case 1: // STATUS
+          return STATUS;
+        default:
+          return null;
+      }
+    }
+
+    /**
+     * Find the _Fields constant that matches fieldId, throwing an exception
+     * if it is not found.
+     */
+    public static _Fields findByThriftIdOrThrow(int fieldId) {
+      _Fields fields = findByThriftId(fieldId);
+      if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!");
+      return fields;
+    }
+
+    /**
+     * Find the _Fields constant that matches name, or null if its not found.
+     */
+    public static _Fields findByName(String name) {
+      return byName.get(name);
+    }
+
+    private final short _thriftId;
+    private final String _fieldName;
+
+    _Fields(short thriftId, String fieldName) {
+      _thriftId = thriftId;
+      _fieldName = fieldName;
+    }
+
+    public short getThriftFieldId() {
+      return _thriftId;
+    }
+
+    public String getFieldName() {
+      return _fieldName;
+    }
+  }
+
+  // isset id assignments
+  public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
+  static {
+    Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
+    tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED, 
+        new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class)));
+    metaDataMap = Collections.unmodifiableMap(tmpMap);
+    org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TDropSentryRoleResponse.class, metaDataMap);
+  }
+
+  public TDropSentryRoleResponse() {
+  }
+
+  public TDropSentryRoleResponse(
+    org.apache.sentry.service.thrift.TSentryResponseStatus status)
+  {
+    this();
+    this.status = status;
+  }
+
+  /**
+   * Performs a deep copy on <i>other</i>.
+   */
+  public TDropSentryRoleResponse(TDropSentryRoleResponse other) {
+    if (other.isSetStatus()) {
+      this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status);
+    }
+  }
+
+  public TDropSentryRoleResponse deepCopy() {
+    return new TDropSentryRoleResponse(this);
+  }
+
+  @Override
+  public void clear() {
+    this.status = null;
+  }
+
+  public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() {
+    return this.status;
+  }
+
+  public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) {
+    this.status = status;
+  }
+
+  public void unsetStatus() {
+    this.status = null;
+  }
+
+  /** Returns true if field status is set (has been assigned a value) and false otherwise */
+  public boolean isSetStatus() {
+    return this.status != null;
+  }
+
+  public void setStatusIsSet(boolean value) {
+    if (!value) {
+      this.status = null;
+    }
+  }
+
+  public void setFieldValue(_Fields field, Object value) {
+    switch (field) {
+    case STATUS:
+      if (value == null) {
+        unsetStatus();
+      } else {
+        setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value);
+      }
+      break;
+
+    }
+  }
+
+  public Object getFieldValue(_Fields field) {
+    switch (field) {
+    case STATUS:
+      return getStatus();
+
+    }
+    throw new IllegalStateException();
+  }
+
+  /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */
+  public boolean isSet(_Fields field) {
+    if (field == null) {
+      throw new IllegalArgumentException();
+    }
+
+    switch (field) {
+    case STATUS:
+      return isSetStatus();
+    }
+    throw new IllegalStateException();
+  }
+
+  @Override
+  public boolean equals(Object that) {
+    if (that == null)
+      return false;
+    if (that instanceof TDropSentryRoleResponse)
+      return this.equals((TDropSentryRoleResponse)that);
+    return false;
+  }
+
+  public boolean equals(TDropSentryRoleResponse that) {
+    if (that == null)
+      return false;
+
+    boolean this_present_status = true && this.isSetStatus();
+    boolean that_present_status = true && that.isSetStatus();
+    if (this_present_status || that_present_status) {
+      if (!(this_present_status && that_present_status))
+        return false;
+      if (!this.status.equals(that.status))
+        return false;
+    }
+
+    return true;
+  }
+
+  @Override
+  public int hashCode() {
+    HashCodeBuilder builder = new HashCodeBuilder();
+
+    boolean present_status = true && (isSetStatus());
+    builder.append(present_status);
+    if (present_status)
+      builder.append(status);
+
+    return builder.toHashCode();
+  }
+
+  public int compareTo(TDropSentryRoleResponse other) {
+    if (!getClass().equals(other.getClass())) {
+      return getClass().getName().compareTo(other.getClass().getName());
+    }
+
+    int lastComparison = 0;
+    TDropSentryRoleResponse typedOther = (TDropSentryRoleResponse)other;
+
+    lastComparison = Boolean.valueOf(isSetStatus()).compareTo(typedOther.isSetStatus());
+    if (lastComparison != 0) {
+      return lastComparison;
+    }
+    if (isSetStatus()) {
+      lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, typedOther.status);
+      if (lastComparison != 0) {
+        return lastComparison;
+      }
+    }
+    return 0;
+  }
+
+  public _Fields fieldForId(int fieldId) {
+    return _Fields.findByThriftId(fieldId);
+  }
+
+  public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException {
+    schemes.get(iprot.getScheme()).getScheme().read(iprot, this);
+  }
+
+  public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException {
+    schemes.get(oprot.getScheme()).getScheme().write(oprot, this);
+  }
+
+  @Override
+  public String toString() {
+    StringBuilder sb = new StringBuilder("TDropSentryRoleResponse(");
+    boolean first = true;
+
+    sb.append("status:");
+    if (this.status == null) {
+      sb.append("null");
+    } else {
+      sb.append(this.status);
+    }
+    first = false;
+    sb.append(")");
+    return sb.toString();
+  }
+
+  public void validate() throws org.apache.thrift.TException {
+    // check for required fields
+    if (!isSetStatus()) {
+      throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString());
+    }
+
+    // check for sub-struct validity
+    if (status != null) {
+      status.validate();
+    }
+  }
+
+  private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException {
+    try {
+      write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException {
+    try {
+      read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in)));
+    } catch (org.apache.thrift.TException te) {
+      throw new java.io.IOException(te);
+    }
+  }
+
+  private static class TDropSentryRoleResponseStandardSchemeFactory implements SchemeFactory {
+    public TDropSentryRoleResponseStandardScheme getScheme() {
+      return new TDropSentryRoleResponseStandardScheme();
+    }
+  }
+
+  private static class TDropSentryRoleResponseStandardScheme extends StandardScheme<TDropSentryRoleResponse> {
+
+    public void read(org.apache.thrift.protocol.TProtocol iprot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
+      org.apache.thrift.protocol.TField schemeField;
+      iprot.readStructBegin();
+      while (true)
+      {
+        schemeField = iprot.readFieldBegin();
+        if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { 
+          break;
+        }
+        switch (schemeField.id) {
+          case 1: // STATUS
+            if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) {
+              struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
+              struct.status.read(iprot);
+              struct.setStatusIsSet(true);
+            } else { 
+              org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+            }
+            break;
+          default:
+            org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type);
+        }
+        iprot.readFieldEnd();
+      }
+      iprot.readStructEnd();
+      struct.validate();
+    }
+
+    public void write(org.apache.thrift.protocol.TProtocol oprot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
+      struct.validate();
+
+      oprot.writeStructBegin(STRUCT_DESC);
+      if (struct.status != null) {
+        oprot.writeFieldBegin(STATUS_FIELD_DESC);
+        struct.status.write(oprot);
+        oprot.writeFieldEnd();
+      }
+      oprot.writeFieldStop();
+      oprot.writeStructEnd();
+    }
+
+  }
+
+  private static class TDropSentryRoleResponseTupleSchemeFactory implements SchemeFactory {
+    public TDropSentryRoleResponseTupleScheme getScheme() {
+      return new TDropSentryRoleResponseTupleScheme();
+    }
+  }
+
+  private static class TDropSentryRoleResponseTupleScheme extends TupleScheme<TDropSentryRoleResponse> {
+
+    @Override
+    public void write(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
+      TTupleProtocol oprot = (TTupleProtocol) prot;
+      struct.status.write(oprot);
+    }
+
+    @Override
+    public void read(org.apache.thrift.protocol.TProtocol prot, TDropSentryRoleResponse struct) throws org.apache.thrift.TException {
+      TTupleProtocol iprot = (TTupleProtocol) prot;
+      struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus();
+      struct.status.read(iprot);
+      struct.setStatusIsSet(true);
+    }
+  }
+
+}
+

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
index 527d06d..c63a673 100644
--- a/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
+++ b/sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TListSentryRolesRequest.java
@@ -46,7 +46,7 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
   }
 
   private int protocol_version; // required
-  private String userName; // required
+  private String userName; // optional
   private String groupName; // optional
   private String roleName; // optional
 
@@ -120,13 +120,13 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
   // isset id assignments
   private static final int __PROTOCOL_VERSION_ISSET_ID = 0;
   private byte __isset_bitfield = 0;
-  private _Fields optionals[] = {_Fields.GROUP_NAME,_Fields.ROLE_NAME};
+  private _Fields optionals[] = {_Fields.USER_NAME,_Fields.GROUP_NAME,_Fields.ROLE_NAME};
   public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap;
   static {
     Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class);
     tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED, 
         new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32)));
-    tmpMap.put(_Fields.USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("userName", org.apache.thrift.TFieldRequirementType.REQUIRED, 
+    tmpMap.put(_Fields.USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("userName", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
         new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
     tmpMap.put(_Fields.GROUP_NAME, new org.apache.thrift.meta_data.FieldMetaData("groupName", org.apache.thrift.TFieldRequirementType.OPTIONAL, 
         new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING)));
@@ -142,13 +142,11 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
   }
 
   public TListSentryRolesRequest(
-    int protocol_version,
-    String userName)
+    int protocol_version)
   {
     this();
     this.protocol_version = protocol_version;
     setProtocol_versionIsSet(true);
-    this.userName = userName;
   }
 
   /**
@@ -496,14 +494,16 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
     sb.append("protocol_version:");
     sb.append(this.protocol_version);
     first = false;
-    if (!first) sb.append(", ");
-    sb.append("userName:");
-    if (this.userName == null) {
-      sb.append("null");
-    } else {
-      sb.append(this.userName);
+    if (isSetUserName()) {
+      if (!first) sb.append(", ");
+      sb.append("userName:");
+      if (this.userName == null) {
+        sb.append("null");
+      } else {
+        sb.append(this.userName);
+      }
+      first = false;
     }
-    first = false;
     if (isSetGroupName()) {
       if (!first) sb.append(", ");
       sb.append("groupName:");
@@ -534,10 +534,6 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
       throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString());
     }
 
-    if (!isSetUserName()) {
-      throw new org.apache.thrift.protocol.TProtocolException("Required field 'userName' is unset! Struct:" + toString());
-    }
-
     // check for sub-struct validity
   }
 
@@ -626,9 +622,11 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
       oprot.writeI32(struct.protocol_version);
       oprot.writeFieldEnd();
       if (struct.userName != null) {
-        oprot.writeFieldBegin(USER_NAME_FIELD_DESC);
-        oprot.writeString(struct.userName);
-        oprot.writeFieldEnd();
+        if (struct.isSetUserName()) {
+          oprot.writeFieldBegin(USER_NAME_FIELD_DESC);
+          oprot.writeString(struct.userName);
+          oprot.writeFieldEnd();
+        }
       }
       if (struct.groupName != null) {
         if (struct.isSetGroupName()) {
@@ -662,15 +660,20 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
     public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryRolesRequest struct) throws org.apache.thrift.TException {
       TTupleProtocol oprot = (TTupleProtocol) prot;
       oprot.writeI32(struct.protocol_version);
-      oprot.writeString(struct.userName);
       BitSet optionals = new BitSet();
-      if (struct.isSetGroupName()) {
+      if (struct.isSetUserName()) {
         optionals.set(0);
       }
-      if (struct.isSetRoleName()) {
+      if (struct.isSetGroupName()) {
         optionals.set(1);
       }
-      oprot.writeBitSet(optionals, 2);
+      if (struct.isSetRoleName()) {
+        optionals.set(2);
+      }
+      oprot.writeBitSet(optionals, 3);
+      if (struct.isSetUserName()) {
+        oprot.writeString(struct.userName);
+      }
       if (struct.isSetGroupName()) {
         oprot.writeString(struct.groupName);
       }
@@ -684,14 +687,16 @@ public class TListSentryRolesRequest implements org.apache.thrift.TBase<TListSen
       TTupleProtocol iprot = (TTupleProtocol) prot;
       struct.protocol_version = iprot.readI32();
       struct.setProtocol_versionIsSet(true);
-      struct.userName = iprot.readString();
-      struct.setUserNameIsSet(true);
-      BitSet incoming = iprot.readBitSet(2);
+      BitSet incoming = iprot.readBitSet(3);
       if (incoming.get(0)) {
+        struct.userName = iprot.readString();
+        struct.setUserNameIsSet(true);
+      }
+      if (incoming.get(1)) {
         struct.groupName = iprot.readString();
         struct.setGroupNameIsSet(true);
       }
-      if (incoming.get(1)) {
+      if (incoming.get(2)) {
         struct.roleName = iprot.readString();
         struct.setRoleNameIsSet(true);
       }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
index a246ba4..15982a3 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryGroup.java
@@ -20,20 +20,19 @@ package org.apache.sentry.provider.db.service.model;
 
 import java.util.Set;
 
-public class MSentryGroup {
+import javax.jdo.annotations.PersistenceCapable;
 
-  private String groupName;
+@PersistenceCapable
+public class MSentryGroup {
 
+  String groupName;
   // set of roles granted to this group
-  private Set<MSentryRole> roles;
-
-  private long createTime;
-
-  private String grantorPrincipal;
-
+  Set<MSentryRole> roles;
+  long createTime;
+  String grantorPrincipal;
 
   MSentryGroup(String groupName, long createTime, String grantorPrincipal,
-      Set<MSentryRole> roles) {
+               Set<MSentryRole> roles) {
     this.setGroupName(groupName);
     this.createTime = createTime;
     this.grantorPrincipal = grantorPrincipal;

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
index 40d2dea..549a9db 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryPrivilege.java
@@ -19,36 +19,33 @@
 package org.apache.sentry.provider.db.service.model;
 
 import java.util.HashSet;
-import java.util.Set;
-
-public class MSentryPrivilege {
-
-  private String privilegeScope;
-
-  private String privilegeName;
-
-  private String serverName;
-
-  private String dbName;
 
-  private String tableName;
+import java.util.Set;
 
-  private String URI;
+import javax.jdo.annotations.PersistenceCapable;
 
-  private String action;
+@PersistenceCapable
+public class MSentryPrivilege {
 
+  String privilegeScope;
+  String privilegeName;
+  String serverName;
+  String dbName;
+  String tableName;
+  String URI;
+  String action;
   // roles this privilege is a part of
   Set<MSentryRole> roles;
+  long createTime;
+  String grantorPrincipal;
 
-  private long createTime;
-
-  private String grantorPrincipal;
-
-  public MSentryPrivilege() {this.roles = new HashSet<MSentryRole>();}
+  public MSentryPrivilege() {
+    this.roles = new HashSet<MSentryRole>();
+  }
 
   public MSentryPrivilege(String privilegeName, String privilegeScope,
-      String serverName, String dbName, String tableName, String URI,
-      String action) {
+                          String serverName, String dbName, String tableName, String URI,
+                          String action) {
     this.privilegeName = privilegeName;
     this.privilegeScope = privilegeScope;
     this.serverName = serverName;

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
index de1f956..28416e0 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/MSentryRole.java
@@ -21,24 +21,25 @@ package org.apache.sentry.provider.db.service.model;
 import java.util.HashSet;
 import java.util.Set;
 
-public class MSentryRole {
+import javax.jdo.annotations.PersistenceCapable;
 
-  private String roleName;
+@PersistenceCapable
+public class MSentryRole {
 
+  String roleName;
   // set of privileges granted to this role
   Set<MSentryPrivilege> privileges;
-
   // set of groups this role belongs to
   Set<MSentryGroup> groups;
+  long createTime;
+  String grantorPrincipal;
 
-  private long createTime;
-
-  private String grantorPrincipal;
-
-  public MSentryRole() {privileges = new HashSet<MSentryPrivilege>();}
+  public MSentryRole() {
+    privileges = new HashSet<MSentryPrivilege>();
+  }
 
   MSentryRole(String roleName, long createTime, String grantorPrincipal,
-      Set<MSentryPrivilege> privileges, Set<MSentryGroup> groups) {
+              Set<MSentryPrivilege> privileges, Set<MSentryGroup> groups) {
     this.roleName = roleName;
     this.createTime = createTime;
     this.grantorPrincipal = grantorPrincipal;

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
index 9715df1..03f7549 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/model/package.jdo
@@ -26,7 +26,7 @@
 
 -->
 <jdo>  
-  <package name="org.apache.sentry.provider.db.service.persistent.model">  
+  <package name="org.apache.sentry.provider.db.service.model">  
     <class name="MSentryGroup" identity-type="datastore" table="SENTRY_GROUPS" detachable="true">  
       <datastore-identity>
         <column name="GROUP_ID"/>
@@ -43,7 +43,7 @@
       </field>
       
       <field name="roles" mapped-by="groups">
-         <collection element-type="org.apache.sentry.provider.db.service.persistent.model.MSentryRole"/>
+         <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/>
       </field>
         
     </class>
@@ -63,7 +63,7 @@
         <column name="GRANTOR_PRINCIPAL" length="4000" jdbc-type="VARCHAR"/>
       </field>
       <field name = "privileges" table="ROLES_PRIVILEGES" >
-        <collection element-type="org.apache.sentry.provider.db.service.persistent.model.MSentryPrivilege"/>
+        <collection element-type="org.apache.sentry.provider.db.service.model.MSentryPrivilege"/>
             <join>
                 <column name="ROLE_ID"/>
             </join>
@@ -73,7 +73,7 @@
       </field>  
       
       <field name = "groups" table="ROLES_GROUPS" >
-        <collection element-type="org.apache.sentry.provider.db.service.persistent.model.MSentryGroup"/>
+        <collection element-type="org.apache.sentry.provider.db.service.model.MSentryGroup"/>
             <join>
                 <column name="ROLE_ID"/>
             </join>
@@ -116,7 +116,7 @@
         <column name="GRANTOR_PRINCIPAL" length="4000" jdbc-type="VARCHAR"/>
       </field>
       <field name="roles" mapped-by="privileges">
-         <collection element-type="org.apache.sentry.provider.db.service.persistent.model.MSentryRole"/>
+         <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/>
       </field>  
     </class>
 

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
index 39921d8..a0325da 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/persistent/SentryStore.java
@@ -34,177 +34,43 @@ import javax.jdo.datastore.DataStoreCache;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-import org.apache.hadoop.hive.metastore.ObjectStore;
 import org.apache.sentry.provider.db.service.model.MSentryPrivilege;
 import org.apache.sentry.provider.db.service.model.MSentryRole;
 import org.apache.sentry.provider.db.service.thrift.TSentryPrivilege;
 import org.apache.sentry.provider.db.service.thrift.TSentryRole;
 
 public class SentryStore {
-
-  private static Properties prop = null;
+  private static Properties prop;
   private static PersistenceManagerFactory pmf = null;
-
-  private static Lock pmfPropLock = new ReentrantLock();
   private static final Log LOG = LogFactory.getLog(SentryStore.class.getName());
-
-  private boolean isInitialized = false;
-  private PersistenceManager pm = null;
-  private int openTrasactionCalls = 0;
-  private Transaction currentTransaction = null;
-  private TXN_STATUS transactionStatus = TXN_STATUS.NO_STATE;
-  @SuppressWarnings("unused")
+  private boolean isReady;
   private final AtomicBoolean isSchemaVerified = new AtomicBoolean(false);
 
   private static enum TXN_STATUS {
     NO_STATE, OPEN, COMMITED, ROLLBACK
   }
 
-
   public SentryStore () {
-
-  }
-
-  //FIXME: Cleanup this mess i.e., creating a new PM and PMF.
-  @SuppressWarnings("nls")
-  public void setConf() {
-
-    pmfPropLock.lock();
-    try {
-      isInitialized = false;
-      Properties propsFromConf = getDataSourceProps();
-      assert(!isActiveTransaction());
-      shutdown();
-      // Always want to re-create pm as we don't know if it were created by the
-      // most recent instance of the pmf
-      pm = null;
-      openTrasactionCalls = 0;
-      currentTransaction = null;
-      transactionStatus = TXN_STATUS.NO_STATE;
-
-      initialize(propsFromConf);
-
-      if (!isInitialized) {
-        throw new RuntimeException(
-            "Unable to create persistence manager. Check dss.log for details");
-      } else {
-        LOG.info("Initialized ObjectStore");
-      }
-    } finally {
-      pmfPropLock.unlock();
-    }
+    prop = getDataSourceProperties();
+    pmf = getPMF(prop);
+    isReady = true;
   }
 
-  private ClassLoader classLoader;
-  {
-    classLoader = Thread.currentThread().getContextClassLoader();
-    if (classLoader == null) {
-      classLoader = ObjectStore.class.getClassLoader();
-    }
+  public synchronized void stop() {
+    pmf.close();
+    isReady = false;
   }
 
-  @SuppressWarnings("nls")
-  private void initialize(Properties dsProps) {
-    LOG.info("ObjectStore, initialize called");
-    prop = dsProps;
-    pm = getPersistenceManager();
-    isInitialized = (pm != null);
-  }
-
-  public PersistenceManager getPersistenceManager() {
-    return getPMF().getPersistenceManager();
-  }
-
-  private static synchronized PersistenceManagerFactory getPMF() {
-    if (pmf == null) {
-      pmf = JDOHelper.getPersistenceManagerFactory(prop);
-      DataStoreCache dsc = pmf.getDataStoreCache();
-      if (dsc == null) {
-        LOG.warn("PersistenceManagerFactory returned null DataStoreCache object. Unable to initialize object pin types defined by hive.metastore.cache.pinobjtypes");
-      }
-    }
-    return pmf;
-  }
-
-  public void shutdown() {
-    if (pm != null) {
-      pm.close();
-    }
-  }
-
-  //FIXME: Cleanup this logic
-  public boolean openTransaction() {
-    openTrasactionCalls++;
-    if (openTrasactionCalls == 1) {
-      currentTransaction = pm.currentTransaction();
-      currentTransaction.begin();
-      transactionStatus = TXN_STATUS.OPEN;
-    } else {
-      // something is wrong since openTransactionCalls is greater than 1 but
-      // currentTransaction is not active
-      assert ((currentTransaction != null) && (currentTransaction.isActive()));
-    }
-    return currentTransaction.isActive();
-  }
-
-  @SuppressWarnings("nls")
-  public boolean commitTransaction() {
-    if (TXN_STATUS.ROLLBACK == transactionStatus) {
-      return false;
-    }
-    if (openTrasactionCalls <= 0) {
-      throw new RuntimeException("commitTransaction was called but openTransactionCalls = "
-          + openTrasactionCalls + ". This probably indicates that there are unbalanced " +
-          "calls to openTransaction/commitTransaction");
-    }
-    if (!currentTransaction.isActive()) {
-      throw new RuntimeException(
-          "Commit is called, but transaction is not active. Either there are"
-              + " mismatching open and close calls or rollback was called in the same trasaction");
-    }
-    openTrasactionCalls--;
-    if ((openTrasactionCalls == 0) && currentTransaction.isActive()) {
-      transactionStatus = TXN_STATUS.COMMITED;
-      currentTransaction.commit();
-    }
-    return true;
-  }
-
-  public boolean isActiveTransaction() {
-    if (currentTransaction == null) {
-      return false;
-    }
-    return currentTransaction.isActive();
-  }
-
-  public void rollbackTransaction() {
-    if (openTrasactionCalls < 1) {
-      return;
-    }
-    openTrasactionCalls = 0;
-    if (currentTransaction.isActive()
-        && transactionStatus != TXN_STATUS.ROLLBACK) {
-      transactionStatus = TXN_STATUS.ROLLBACK;
-      // could already be rolled back
-      currentTransaction.rollback();
-      // remove all detached objects from the cache, since the transaction is
-      // being rolled back they are no longer relevant, and this prevents them
-      // from reattaching in future transactions
-      pm.evictAll();
-    }
-  }
-
-  private static Properties getDataSourceProps() {
+  private Properties getDataSourceProperties() {
     Properties prop = new Properties();
-    // FIXME: Read from configuration, don't hard-code everything
-    prop.setProperty("datanucleus.connectionPoolingType", "BONECP");
+    // FIXME: Read from configuration, override the default
+    //prop.setProperty("datanucleus.connectionPoolingType", "BONECP");
     prop.setProperty("datanucleus.validateTables", "false");
     prop.setProperty("datanucleus.validateColumns", "false");
     prop.setProperty("datanucleus.validateConstraints", "false");
     prop.setProperty("datanucleus.storeManagerType", "rdbms");
     prop.setProperty("datanucleus.autoCreateSchema", "true");
     prop.setProperty("datanucleus.fixedDatastore", "false");
-    prop.setProperty("hive.metastore.schema.verification", "false");
     prop.setProperty("datanucleus.autoStartMechanismMode", "checked");
     prop.setProperty("datanucleus.transactionIsolation", "read-committed");
     prop.setProperty("datanucleus.cache.level2", "false");
@@ -212,68 +78,109 @@ public class SentryStore {
     prop.setProperty("datanucleus.identifierFactory", "datanucleus1");
     prop.setProperty("datanucleus.rdbms.useLegacyNativeValueStrategy", "true");
     prop.setProperty("datanucleus.plugin.pluginRegistryBundleCheck", "LOG");
-
     prop.setProperty("javax.jdo.option.ConnectionDriverName",
-        "org.apache.derby.jdbc.EmbeddedDriver");
+                     "org.apache.derby.jdbc.EmbeddedDriver");
     prop.setProperty("javax.jdo.PersistenceManagerFactoryClass",
-        "org.datanucleus.api.jdo.JDOPersistenceManagerFactory");
+                     "org.datanucleus.api.jdo.JDOPersistenceManagerFactory");
     prop.setProperty("javax.jdo.option.DetachAllOnCommit", "true");
-    prop.setProperty("javax.jdo.option.NonTransactionalRead", "true");
-    prop.setProperty("javax.jdo.option.ConnectionUserName", "APP");
-
-    prop.setProperty("javax.jdo.option.ConnectionPassword", "mine");
+    prop.setProperty("javax.jdo.option.NonTransactionalRead", "false");
+    prop.setProperty("javax.jdo.option.NonTransactionalWrite", "false");
+    prop.setProperty("javax.jdo.option.ConnectionUserName", "Sentry");
+    prop.setProperty("javax.jdo.option.ConnectionPassword", "Sentry");
     prop.setProperty("javax.jdo.option.Multithreaded", "true");
     prop.setProperty("javax.jdo.option.ConnectionURL",
-        "jdbc:derby:;databaseName=sentry_policy_db;create=true");
+                     "jdbc:derby:;databaseName=sentry_policy_db;create=true");
     return prop;
   }
 
+  private synchronized PersistenceManagerFactory getPMF(Properties prop) {
+    if (pmf == null) {
+      pmf = JDOHelper.getPersistenceManagerFactory(prop);
+      DataStoreCache dsc = pmf.getDataStoreCache();
+      if (dsc == null) {
+        LOG.warn("PersistenceManagerFactory returned null DataStoreCache object. Unable to initialize object pin types defined by hive.metastore.cache.pinobjtypes");
+      }
+    }
+    return pmf;
+  }
+
+  /* PersistenceManager object and Transaction object have a one to one
+   * correspondence. Each PersistenceManager object is associated with a
+   * transaction object and vice versa. Hence we create a persistence manager
+   * instance when we create a new transaction. We create a new transaction
+   * for every store API since we want that unit of work to behave as a
+   * transaction.
+   *
+   * Note that there's only one instance of PersistenceManagerFactory object
+   * for the service.
+   */
+  private synchronized PersistenceManager openTransaction() {
+    PersistenceManager pm = pmf.getPersistenceManager();
+    Transaction currentTransaction = pm.currentTransaction();
+    currentTransaction.begin();
+    return pm;
+  }
+
+  private boolean commitTransaction(PersistenceManager pm) {
+    Transaction currentTransaction = pm.currentTransaction();
+    if (currentTransaction.isActive()) {
+      currentTransaction.commit();
+      pm.close();
+      return true;
+    } else {
+      pm.close();
+      return false;
+    }
+  }
+
+  private boolean rollbackTransaction(PersistenceManager pm) {
+    Transaction currentTransaction = pm.currentTransaction();
+    if (currentTransaction.isActive()) {
+      currentTransaction.rollback();
+      pm.close();
+      return true;
+    } else {
+      pm.close();
+      return false;
+    }
+  }
 
   private MSentryRole convertToMSentryRole(TSentryRole role) {
     MSentryRole mRole = new MSentryRole();
     mRole.setCreateTime(role.getCreateTime());
     mRole.setRoleName(role.getRoleName());
     mRole.setGrantorPrincipal(role.getGrantorPrincipal());
-
     return mRole;
-
-  }
-
-
-  private void writeSentryRole(MSentryRole role) {
-
-    // TODO: verify if the role exists, if it does throw an exception
-    pm.makePersistent(role);
-
   }
 
-
   public boolean createSentryRole(TSentryRole role) {
-
-    // TODO: add some logging
-
-    boolean committed = false;
-
+    boolean commit = false;
+    PersistenceManager pm = null;
     try {
-      openTransaction();
+      pm = openTransaction();
       MSentryRole mRole = convertToMSentryRole(role);
-      writeSentryRole(mRole);
-      committed = commitTransaction();
+      pm.makePersistent(mRole);
+      commit = commitTransaction(pm);
     } finally {
-      if (!committed) {
-        rollbackTransaction();
+      if (!commit) {
+        commit = rollbackTransaction(pm);
       }
     }
-
-    return committed;
+    return commit;
   }
 
-  private MSentryRole getMSentryRole (String roleName) {
-
-    boolean committed = false;
+  public TSentryRole getSentryRoleByName(String roleName) {
+    TSentryRole role;
+    MSentryRole mSentryRole = getMSentryRoleByName(roleName);
+    role = convertToSentryRole(mSentryRole);
+    return role;
+  }
 
+  private MSentryRole getMSentryRoleByName (String roleName) {
+    boolean commit = false;
+    PersistenceManager pm = null;
     try {
-      openTransaction();
+      pm = openTransaction();
       Query query = pm.newQuery(MSentryRole.class);
       query.setFilter("roleName == t");
       query
@@ -282,52 +189,30 @@ public class SentryStore {
 
       MSentryRole mSentryRole = (MSentryRole) query.execute(roleName.trim());
       pm.retrieve(mSentryRole);
-      committed = commitTransaction();
+      commit = commitTransaction(pm);
       return mSentryRole;
     } finally {
-      if (!committed) {
-        rollbackTransaction();
+      if (!commit) {
+        rollbackTransaction(pm);
         return null;
       }
     }
   }
 
-  private MSentryPrivilege convertToMSentryPrivilege(TSentryPrivilege privilege) {
-    MSentryPrivilege mSentryPrivilege = new MSentryPrivilege();
-    mSentryPrivilege.setServerName(privilege.getServerName());
-    mSentryPrivilege.setDbName(privilege.getDbName());
-    mSentryPrivilege.setTableName(privilege.getTableName());
-    mSentryPrivilege.setPrivilegeScope(privilege.getPrivilegeScope());
-    mSentryPrivilege.setAction(privilege.getAction());
-    mSentryPrivilege.setCreateTime(privilege.getCreateTime());
-    mSentryPrivilege.setGrantorPrincipal(privilege.getGrantorPrincipal());
-    mSentryPrivilege.setURI(privilege.getURI());
-    mSentryPrivilege.setPrivilegeName(privilege.getPrivilegeName());
-    //MSentryRole mSentryRole = convertToMSentryRole(role);
-    return mSentryPrivilege;
-
-  }
-
-  public boolean alterSentryRole(String roleName, TSentryPrivilege privilege) {
-
-    boolean committed = false;
+  private TSentryRole convertToSentryRole(MSentryRole mSentryRole) {
+    TSentryRole role = new TSentryRole();
+    role.setCreateTime(mSentryRole.getCreateTime());
+    role.setRoleName(mSentryRole.getRoleName());
+    role.setGrantorPrincipal(mSentryRole.getGrantorPrincipal());
 
-    try {
-      openTransaction();
-      MSentryRole mSentryRole = getMSentryRole(roleName);
-      MSentryPrivilege mSentryPrivilege = convertToMSentryPrivilege(privilege);
-      mSentryRole.appendPrivilege(mSentryPrivilege);
-      mSentryPrivilege.appendRole(mSentryRole);
-      pm.makePersistent(mSentryPrivilege);
-      //pm.makePersistent(mSentryRole);
-      committed = commitTransaction();
-    } finally {
-      if (!committed) {
-        rollbackTransaction();
-      }
+    Set<TSentryPrivilege> sentryPrivileges = new HashSet<TSentryPrivilege>();
+    for(MSentryPrivilege mSentryPrivilege:mSentryRole.getPrivileges()) {
+      TSentryPrivilege privilege = convertToSentryPrivilege(mSentryPrivilege);
+      sentryPrivileges.add(privilege);
     }
 
-    return committed;
+    role.setPrivileges(sentryPrivileges);
+    return role;
   }
 
   private TSentryPrivilege convertToSentryPrivilege(MSentryPrivilege mSentryPrivilege) {
@@ -345,37 +230,29 @@ public class SentryStore {
     return privilege;
   }
 
-  private TSentryRole convertToSentryRole(MSentryRole mSentryRole) {
-    TSentryRole role = new TSentryRole();
-    role.setCreateTime(mSentryRole.getCreateTime());
-    role.setRoleName(mSentryRole.getRoleName());
-    role.setGrantorPrincipal(mSentryRole.getGrantorPrincipal());
-
-    Set<TSentryPrivilege> sentryPrivileges = new HashSet<TSentryPrivilege>();
-    for(MSentryPrivilege mSentryPrivilege:mSentryRole.getPrivileges()) {
-      TSentryPrivilege privilege = convertToSentryPrivilege(mSentryPrivilege);
-      sentryPrivileges.add(privilege);
-    }
-
-    role.setPrivileges(sentryPrivileges);
-    return role;
-  }
-
-  public TSentryRole getSentryRole(String roleName) {
-    TSentryRole role;
-    MSentryRole mSentryRole = getMSentryRole(roleName);
-    role = convertToSentryRole(mSentryRole);
-    return role;
+  @SuppressWarnings("unused")
+  private MSentryPrivilege convertToMSentryPrivilege(TSentryPrivilege privilege) {
+    MSentryPrivilege mSentryPrivilege = new MSentryPrivilege();
+    mSentryPrivilege.setServerName(privilege.getServerName());
+    mSentryPrivilege.setDbName(privilege.getDbName());
+    mSentryPrivilege.setTableName(privilege.getTableName());
+    mSentryPrivilege.setPrivilegeScope(privilege.getPrivilegeScope());
+    mSentryPrivilege.setAction(privilege.getAction());
+    mSentryPrivilege.setCreateTime(privilege.getCreateTime());
+    mSentryPrivilege.setGrantorPrincipal(privilege.getGrantorPrincipal());
+    mSentryPrivilege.setURI(privilege.getURI());
+    mSentryPrivilege.setPrivilegeName(privilege.getPrivilegeName());
+    //MSentryRole mSentryRole = convertToMSentryRole(role);
+    return mSentryPrivilege;
 
   }
 
   public boolean dropSentryRole(String roleName) {
-
-    boolean committed = false;
+    boolean commit = false;
+    PersistenceManager pm = null;
     try {
+      pm = openTransaction();
       MSentryRole mSentryRole;
-
-      openTransaction();
       Query query = pm.newQuery(MSentryRole.class);
       query.setFilter("roleName == t");
       query
@@ -389,14 +266,12 @@ public class SentryStore {
         mSentryRole.removePrivileges();
         pm.deletePersistent(mSentryRole);
       }
-      committed = commitTransaction();
+      commit = commitTransaction(pm);
     } finally {
-      if (!committed) {
-        rollbackTransaction();
+      if (!commit) {
+        commit = rollbackTransaction(pm);
       }
     }
-
-    return committed;
-
+    return commit;
   }
-}
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
index 63f987c..2efff2a 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyServiceClient.java
@@ -17,6 +17,7 @@
  */
 
 package org.apache.sentry.provider.db.service.thrift;
+
 import java.net.InetSocketAddress;
 
 import org.apache.hadoop.conf.Configuration;
@@ -45,42 +46,52 @@ public class SentryPolicyServiceClient {
   private SentryPolicyService.Client client;
   private TTransport transport;
   private int connectionTimeout;
-  private static final Logger LOGGER = LoggerFactory.getLogger(SentryPolicyServiceClient.class);
+  private static final Logger LOGGER = LoggerFactory
+      .getLogger(SentryPolicyServiceClient.class);
 
   public SentryPolicyServiceClient(Configuration conf) throws Exception {
     this.conf = conf;
-    this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(conf.
-        get(ClientConfig.SERVER_RPC_ADDRESS),
-        "Config key " + ClientConfig.SERVER_RPC_ADDRESS + " is required"),
-        conf.getInt(ClientConfig.SERVER_RPC_PORT, ClientConfig.SERVER_RPC_PORT_DEFAULT));
+    this.serverAddress = NetUtils.createSocketAddr(Preconditions.checkNotNull(
+        conf.get(ClientConfig.SERVER_RPC_ADDRESS), "Config key "
+            + ClientConfig.SERVER_RPC_ADDRESS + " is required"), conf.getInt(
+        ClientConfig.SERVER_RPC_PORT, ClientConfig.SERVER_RPC_PORT_DEFAULT));
     this.connectionTimeout = conf.getInt(ClientConfig.SERVER_RPC_CONN_TIMEOUT,
         ClientConfig.SERVER_RPC_CONN_TIMEOUT_DEFAULT);
-    String serverPrincipal = Preconditions.checkNotNull(conf.get(ServerConfig.PRINCIPAL),
-        ServerConfig.PRINCIPAL + " is required");
+    String serverPrincipal = Preconditions.checkNotNull(
+        conf.get(ServerConfig.PRINCIPAL), ServerConfig.PRINCIPAL
+            + " is required");
     serverPrincipalParts = SaslRpcServer.splitKerberosName(serverPrincipal);
     Preconditions.checkArgument(serverPrincipalParts.length == 3,
         "Kerberos principal should have 3 parts: " + serverPrincipal);
-    transport = new TSocket(serverAddress.getHostString(), serverAddress.getPort(),
-        connectionTimeout);
+    transport = new TSocket(serverAddress.getHostString(),
+        serverAddress.getPort(), connectionTimeout);
     TTransport saslTransport = new TSaslClientTransport(
-        AuthMethod.KERBEROS.getMechanismName(),
-        null,
-        serverPrincipalParts[0], serverPrincipalParts[1],
-        ClientConfig.SASL_PROPERTIES,
-        null,
-        transport);
+        AuthMethod.KERBEROS.getMechanismName(), null, serverPrincipalParts[0],
+        serverPrincipalParts[1], ClientConfig.SASL_PROPERTIES, null, transport);
     saslTransport.open();
     LOGGER.info("Successfully opened transport");
-    TMultiplexedProtocol protocol = new TMultiplexedProtocol(new TBinaryProtocol(saslTransport),
+    TMultiplexedProtocol protocol = new TMultiplexedProtocol(
+        new TBinaryProtocol(saslTransport),
         SentryPolicyStoreProcessor.SENTRY_POLICY_SERVICE_NAME);
     client = new SentryPolicyService.Client(protocol);
     LOGGER.info("Successfully created client");
   }
 
-  public TCreateSentryRoleResponse createRole(TCreateSentryRoleRequest req) throws TException {
+  public TCreateSentryRoleResponse createRole(TCreateSentryRoleRequest req)
+      throws TException {
     return client.create_sentry_role(req);
   }
 
+  public TListSentryRolesResponse listRoleByName(TListSentryRolesRequest req)
+      throws TException {
+    return client.list_sentry_roles_by_role_name(req);
+  }
+
+  public TDropSentryRoleResponse dropRole(TDropSentryRoleRequest req)
+      throws TException {
+    return client.drop_sentry_role(req);
+  }
+
   public void close() {
     if (transport != null) {
       transport.close();

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
index 2671ffc..a923424 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryPolicyStoreProcessor.java
@@ -18,51 +18,112 @@
 
 package org.apache.sentry.provider.db.service.thrift;
 
+import java.util.HashSet;
+import java.util.Set;
+
 import org.apache.hadoop.conf.Configuration;
-import org.apache.hadoop.hive.conf.HiveConf;
+import org.apache.sentry.provider.db.service.persistent.SentryStore;
 import org.apache.sentry.service.thrift.Status;
 import org.apache.sentry.service.thrift.TSentryResponseStatus;
 import org.apache.thrift.TException;
 
 @SuppressWarnings("unused")
 public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface {
-  public static final String SENTRY_POLICY_SERVICE_NAME = "SentryPolicyService";
+  public static final String SENTRY_POLICY_SERVICE_NAME = "SentryService";
 
   private final String name;
   private final Configuration conf;
+  private SentryStore sentryStore;
+  private boolean isReady;
 
   public SentryPolicyStoreProcessor(String name, Configuration conf) {
     super();
     this.name = name;
     this.conf = conf;
+    sentryStore = new SentryStore();
+    this.isReady = true;
+  }
+
+  public void stop() {
+    if (isReady) {
+      sentryStore.stop();
+    }
+  }
+
+  private TSentryResponseStatus getStatus(boolean status) {
+    return Status.OK();
   }
+
   @Override
   public TCreateSentryRoleResponse create_sentry_role(
-      TCreateSentryRoleRequest request) throws TException {
+    TCreateSentryRoleRequest request) throws TException {
     TCreateSentryRoleResponse resp = new TCreateSentryRoleResponse();
-    TSentryResponseStatus status = Status.OK();
-    resp.setStatus(status);
+    TSentryResponseStatus status;
+    boolean ret = false;
+
+    try {
+      ret = sentryStore.createSentryRole(request.getRole());
+      resp.setStatus(Status.OK());
+    } catch (Throwable t) {
+
+    }
     return resp;
   }
   @Override
   public TCreateSentryPrivilegeResponse create_sentry_privilege(
-      TCreateSentryPrivilegeRequest request) throws TException {
+    TCreateSentryPrivilegeRequest request) throws TException {
     return null;
   }
+
+  public TDropSentryRoleResponse drop_sentry_role(
+    TDropSentryRoleRequest req)  throws TException {
+    TDropSentryRoleResponse resp = new TDropSentryRoleResponse();
+    TSentryResponseStatus status;
+    boolean ret = false;
+
+    try {
+      ret = sentryStore.dropSentryRole(req.getRoleName());
+      resp.setStatus(Status.OK());
+    } catch (Throwable t) {
+
+    }
+    return resp;
+  }
+
   @Override
   public TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(
-      TAlterSentryRoleAddGroupsRequest request) throws TException {
+    TAlterSentryRoleAddGroupsRequest request) throws TException {
     return null;
   }
   @Override
   public TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(
-      TAlterSentryRoleDeleteGroupsRequest request) throws TException {
+    TAlterSentryRoleDeleteGroupsRequest request) throws TException {
     return null;
   }
+
   @Override
-  public TListSentryRolesResponse list_sentry_roles(
-      TListSentryRolesRequest request) throws TException {
+  public TListSentryRolesResponse list_sentry_roles_by_group(
+    TListSentryRolesRequest request) throws TException {
     return null;
   }
 
-}
+  @Override
+  public TListSentryRolesResponse list_sentry_roles_by_role_name(
+    TListSentryRolesRequest request) throws TException {
+    TListSentryRolesResponse resp = new TListSentryRolesResponse();
+    TSentryResponseStatus status;
+    TSentryRole role = null;
+    Set<TSentryRole> roleSet = new HashSet<TSentryRole>();
+    try {
+      role = sentryStore.getSentryRoleByName(request.getRoleName());
+      roleSet.add(role);
+      resp.setRoles(roleSet);
+      resp.setStatus(Status.OK());
+    } catch (Throwable t) {
+      resp.setRoles(roleSet);
+      resp.setStatus(Status.NoSuchObject("Role :" + request.getRoleName() +
+                                         "  couldn't be retrieved.", t));
+    }
+    return resp;
+  }
+}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java
index 568e747..29fde59 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryService.java
@@ -55,12 +55,13 @@ import com.google.common.collect.Sets;
 
 public class SentryService implements Runnable {
 
-  private static final Logger LOGGER = LoggerFactory.getLogger(SentryService.class);
+  private static final Logger LOGGER = LoggerFactory
+      .getLogger(SentryService.class);
 
   private static enum Status {
-    NOT_STARTED(),
-    STARTED();
+    NOT_STARTED(), STARTED();
   }
+
   private final Configuration conf;
   private final InetSocketAddress address;
   private final int maxThreads;
@@ -75,12 +76,14 @@ public class SentryService implements Runnable {
 
   public SentryService(Configuration conf) {
     this.conf = conf;
-    int port = conf.getInt(ServerConfig.RPC_PORT, ServerConfig.RPC_PORT_DEFAULT);
+    int port = conf
+        .getInt(ServerConfig.RPC_PORT, ServerConfig.RPC_PORT_DEFAULT);
     if (port == 0) {
       port = findFreePort();
     }
-    this.address = NetUtils.createSocketAddr(conf.get(ServerConfig.RPC_ADDRESS,
-        ServerConfig.RPC_ADDRESS_DEFAULT), port);
+    this.address = NetUtils.createSocketAddr(
+        conf.get(ServerConfig.RPC_ADDRESS, ServerConfig.RPC_ADDRESS_DEFAULT),
+        port);
     LOGGER.info("Configured on address " + address);
     maxThreads = conf.getInt(ServerConfig.RPC_MAX_THREADS,
         ServerConfig.RPC_MAX_THREADS_DEFAULT);
@@ -98,9 +101,11 @@ public class SentryService implements Runnable {
         "Keytab " + keytab + " does not exist or is not readable.");
     serviceExecutor = Executors.newSingleThreadExecutor(new ThreadFactory() {
       private int count = 0;
+
       @Override
       public Thread newThread(Runnable r) {
-        return new Thread(r, SentryService.class.getSimpleName() + "-" + (count++));
+        return new Thread(r, SentryService.class.getSimpleName() + "-"
+            + (count++));
       }
     });
     status = Status.NOT_STARTED;
@@ -110,9 +115,9 @@ public class SentryService implements Runnable {
   public void run() {
     LoginContext loginContext = null;
     try {
-      Subject subject = new Subject(false, Sets.newHashSet(
-                                      new KerberosPrincipal(principal)), new HashSet<Object>(),
-                                    new HashSet<Object>());
+      Subject subject = new Subject(false,
+          Sets.newHashSet(new KerberosPrincipal(principal)),
+          new HashSet<Object>(), new HashSet<Object>());
       loginContext = new LoginContext("", subject, null,
           KerberosConfiguration.createClientConfig(principal, new File(keytab)));
       loginContext.login();
@@ -120,50 +125,51 @@ public class SentryService implements Runnable {
       Subject.doAs(subject, new PrivilegedExceptionAction<Void>() {
         @Override
         public Void run() throws Exception {
-          Iterable<String> processorFactories = ConfUtilties.CLASS_SPLITTER.split(conf.
-              get(ServerConfig.PROCESSOR_FACTORIES, ServerConfig.PROCESSOR_FACTORIES_DEFAULT)
-              .trim());
+          Iterable<String> processorFactories = ConfUtilties.CLASS_SPLITTER
+              .split(conf.get(ServerConfig.PROCESSOR_FACTORIES,
+                  ServerConfig.PROCESSOR_FACTORIES_DEFAULT).trim());
           TMultiplexedProcessor processor = new TMultiplexedProcessor();
           boolean registeredProcessor = false;
           for (String processorFactory : processorFactories) {
             Class<?> clazz = conf.getClassByName(processorFactory);
             if (!ProcessorFactory.class.isAssignableFrom(clazz)) {
-              throw new IllegalArgumentException("Processor Factory " + processorFactory +
-                  " is not a " + ProcessorFactory.class.getName());
+              throw new IllegalArgumentException("Processor Factory "
+                  + processorFactory + " is not a "
+                  + ProcessorFactory.class.getName());
             }
             try {
-              Constructor<?> constructor = clazz.getConstructor(Configuration.class);
-              ProcessorFactory factory = (ProcessorFactory)constructor.newInstance(conf);
-              registeredProcessor = registeredProcessor || factory.register(processor);
+              Constructor<?> constructor = clazz
+                  .getConstructor(Configuration.class);
+              ProcessorFactory factory = (ProcessorFactory) constructor
+                  .newInstance(conf);
+              registeredProcessor = registeredProcessor
+                  || factory.register(processor);
             } catch (Exception e) {
-              throw new IllegalStateException("Could not create " + processorFactory, e);
+              throw new IllegalStateException("Could not create "
+                  + processorFactory, e);
             }
           }
           if (!registeredProcessor) {
-            throw new IllegalStateException("Failed to register any processors from " +
-                processorFactories);
+            throw new IllegalStateException(
+                "Failed to register any processors from " + processorFactories);
           }
           TServerTransport serverTransport = new TServerSocket(address);
           TSaslServerTransport.Factory saslTransportFactory = new TSaslServerTransport.Factory();
-          saslTransportFactory.addServerDefinition(
-            AuthMethod.KERBEROS.getMechanismName(),
-            principalParts[0],
-            principalParts[1],
-            ServerConfig.SASL_PROPERTIES,
-            new GSSCallback(conf));
-          TThreadPoolServer.Args args = new TThreadPoolServer.Args(serverTransport)
-          .processor(processor)
-          .transportFactory(saslTransportFactory)
-          .protocolFactory(new TBinaryProtocol.Factory())
-          .minWorkerThreads(minThreads)
-          .maxWorkerThreads(maxThreads);
+          saslTransportFactory.addServerDefinition(AuthMethod.KERBEROS
+              .getMechanismName(), principalParts[0], principalParts[1],
+              ServerConfig.SASL_PROPERTIES, new GSSCallback(conf));
+          TThreadPoolServer.Args args = new TThreadPoolServer.Args(
+              serverTransport).processor(processor)
+              .transportFactory(saslTransportFactory)
+              .protocolFactory(new TBinaryProtocol.Factory())
+              .minWorkerThreads(minThreads).maxWorkerThreads(maxThreads);
           thriftServer = new TThreadPoolServer(args);
           LOGGER.info("Serving on " + address);
           thriftServer.serve();
           return null;
         }
       });
-    } catch(Throwable t) {
+    } catch (Throwable t) {
       LOGGER.error("Error starting server", t);
     } finally {
       status = Status.NOT_STARTED;
@@ -182,7 +188,8 @@ public class SentryService implements Runnable {
   }
 
   public synchronized boolean isRunning() {
-    return status == Status.STARTED && thriftServer != null && thriftServer.isServing();
+    return status == Status.STARTED && thriftServer != null
+        && thriftServer.isServing();
   }
 
   public synchronized void start() {
@@ -199,6 +206,7 @@ public class SentryService implements Runnable {
       return;
     }
     LOGGER.info("Attempting to stop...");
+
     if (thriftServer.isServing()) {
       thriftServer.stop();
     }
@@ -226,11 +234,14 @@ public class SentryService implements Runnable {
   public static void main(String[] args) throws Exception {
     // XXX if more more than one argument is handled here, use an options parser
     File configFile = null;
-    if (args.length != 2 || !args[0].equalsIgnoreCase(Constants.ServerArgs.CONFIG_FILE)) {
-      throw new IllegalArgumentException("Usage: " + Constants.ServerArgs.CONFIG_FILE +
-          " path/to/sentry-service.xml");
-    } else if(!((configFile = new File(args[1])).isFile() && configFile.canRead())) {
-      throw new IllegalArgumentException("Cannot read configuration file " + configFile);
+    if (args.length != 2
+        || !args[0].equalsIgnoreCase(Constants.ServerArgs.CONFIG_FILE)) {
+      throw new IllegalArgumentException("Usage: "
+          + Constants.ServerArgs.CONFIG_FILE + " path/to/sentry-service.xml");
+    } else if (!((configFile = new File(args[1])).isFile() && configFile
+        .canRead())) {
+      throw new IllegalArgumentException("Cannot read configuration file "
+          + configFile);
     }
     Configuration conf = new Configuration(false);
     conf.addResource(configFile.toURL());

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/c40040e4/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
index 5029fff..40f8a5f 100644
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
+++ b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
@@ -99,19 +99,30 @@ struct TAlterSentryRoleDeleteGroupsResponse {
 
 struct TListSentryRolesRequest {
 1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string userName,
+2: optional string userName,
 3: optional string groupName,
 4: optional string roleName
 }
+
 struct TListSentryRolesResponse {
 1: required sentry_common_service.TSentryResponseStatus status
 2: required set<TSentryRole> roles
 }
 
+struct TDropSentryRoleRequest {
+1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
+2: optional string userName,
+3: optional string roleName
+}
+
+struct TDropSentryRoleResponse {
+1: required sentry_common_service.TSentryResponseStatus status
+}
+
 service SentryPolicyService
 {
   TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
-  //TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
+  TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
 
   TCreateSentryPrivilegeResponse create_sentry_privilege(1:TCreateSentryPrivilegeRequest request)
   //TDropSentryPrivilegeResponse drop_sentry_privilege(1:TDropSentryPrivilegeRequest request)
@@ -119,5 +130,6 @@ service SentryPolicyService
   TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(1:TAlterSentryRoleAddGroupsRequest request)
   TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(1:TAlterSentryRoleDeleteGroupsRequest request)
 
-  TListSentryRolesResponse list_sentry_roles(1:TListSentryRolesRequest request)
-}
+  TListSentryRolesResponse list_sentry_roles_by_group(1:TListSentryRolesRequest request)
+  TListSentryRolesResponse list_sentry_roles_by_role_name(1:TListSentryRolesRequest request) 
+}
\ No newline at end of file


Mime
View raw message