SENTRY-1168 - Fix some "major" issues identified by Sonarqube
Colm O hEigeartaigh (Reviewed by: Anne Yu)
Project: http://git-wip-us.apache.org/repos/asf/sentry/repo
Commit: http://git-wip-us.apache.org/repos/asf/sentry/commit/36cb81a8
Tree: http://git-wip-us.apache.org/repos/asf/sentry/tree/36cb81a8
Diff: http://git-wip-us.apache.org/repos/asf/sentry/diff/36cb81a8
Branch: refs/heads/master
Commit: 36cb81a8e83b0d9e0e6a2e5e2b242bce6a41f880
Parents: eceaaf8
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon May 16 17:21:23 2016 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon May 16 17:21:23 2016 +0100
----------------------------------------------------------------------
.../apache/hadoop/hive/SentryHiveConstants.java | 6 +-
.../hive/ql/exec/SentryFilterDDLTask.java | 10 ++-
.../hive/SentryPolicyFileFormatFactory.java | 4 +
.../binding/hive/authz/HiveAuthzBinding.java | 5 +-
.../binding/hive/authz/SentryConfigTool.java | 22 +++---
.../hive/ql/exec/SentryGrantRevokeTask.java | 2 +-
.../SentryHiveAuthorizationTaskFactoryImpl.java | 8 +-
.../hive/authz/HiveAuthzPrivilegesMap.java | 4 +
.../metastore/AuthorizingObjectStore.java | 4 +-
.../metastore/MetastoreAuthzBinding.java | 4 +-
.../apache/sentry/sqoop/SentrySqoopError.java | 6 +-
.../binding/SqoopAuthBindingSingleton.java | 12 +--
.../main/java/org/apache/sentry/SentryMain.java | 5 ++
.../org/apache/sentry/SentryUserException.java | 2 +-
.../org/apache/sentry/SentryVersionInfo.java | 4 +
.../sentry/core/common/utils/PathUtils.java | 8 +-
.../core/common/utils/PolicyFileConstants.java | 4 +
.../sentry/core/model/db/AccessConstants.java | 6 +-
.../core/model/db/DBModelAuthorizables.java | 4 +
.../core/model/indexer/IndexerConstants.java | 5 +-
.../indexer/IndexerModelAuthorizables.java | 4 +
.../core/model/search/SearchConstants.java | 6 +-
.../model/search/SearchModelAuthorizables.java | 4 +
.../org/apache/sentry/core/model/sqoop/Job.java | 2 +-
.../apache/sentry/core/model/sqoop/Link.java | 2 +-
.../apache/sentry/core/model/sqoop/Server.java | 2 +-
.../core/model/sqoop/SqoopActionConstant.java | 6 +-
.../model/sqoop/SqoopModelAuthorizables.java | 5 ++
.../java/org/apache/sentry/hdfs/HMSPaths.java | 21 +++---
.../org/apache/sentry/hdfs/HMSPathsDumper.java | 14 ++--
.../org/apache/sentry/hdfs/PathsUpdate.java | 2 +-
.../apache/sentry/hdfs/PermissionsUpdate.java | 10 +--
.../hdfs/SentryHDFSServiceClientFactory.java | 5 ++
.../apache/sentry/hdfs/ServiceConstants.java | 12 +--
.../apache/sentry/hdfs/ThriftSerializer.java | 3 +
.../sentry/hdfs/UpdateableAuthzPaths.java | 3 +-
.../server/namenode/AuthorizationProvider.java | 2 +-
.../hdfs/SentryAuthorizationConstants.java | 6 +-
.../sentry/hdfs/SentryAuthorizationInfo.java | 31 ++++----
.../hdfs/SentryAuthorizationProvider.java | 44 ++++++-----
.../org/apache/sentry/hdfs/SentryUpdater.java | 2 +-
.../sentry/hdfs/UpdateableAuthzPermissions.java | 6 +-
.../sentry/hdfs/MetastoreCacheInitializer.java | 4 +-
.../org/apache/sentry/hdfs/MetastorePlugin.java | 22 +++---
.../sentry/hdfs/SentryHdfsMetricsUtil.java | 4 +
.../sentry/policy/common/PrivilegeUtils.java | 4 +
.../provider/common/AuthorizationComponent.java | 4 +
.../provider/common/ProviderBackendContext.java | 5 +-
.../service/persistent/DelegateSentryStore.java | 38 +++++-----
.../service/persistent/PrivilegeObject.java | 2 +-
.../thrift/NotificationHandlerInvoker.java | 2 +-
.../thrift/SentryGenericPolicyProcessor.java | 20 ++---
.../SentryGenericServiceClientFactory.java | 2 +-
.../log/appender/AuditLoggerTestAppender.java | 2 +-
.../db/log/entity/AuditMetadataLogEntity.java | 20 ++---
.../db/log/entity/DBAuditMetadataLogEntity.java | 18 ++---
.../db/log/entity/GMAuditMetadataLogEntity.java | 20 ++---
.../db/log/entity/JsonLogEntityFactory.java | 4 +-
.../provider/db/log/util/CommandUtil.java | 6 +-
.../sentry/provider/db/log/util/Constants.java | 7 +-
.../db/service/model/MSentryGMPrivilege.java | 8 +-
.../db/service/persistent/HAContext.java | 10 +--
.../db/service/persistent/SentryStore.java | 77 ++++++++++----------
.../persistent/SentryStoreSchemaInfo.java | 17 +++--
.../db/service/thrift/PolicyStoreConstants.java | 6 +-
.../db/service/thrift/SentryAuthFilter.java | 9 ++-
.../db/service/thrift/SentryMetrics.java | 10 +--
.../thrift/SentryPolicyStoreProcessor.java | 14 ++--
.../db/service/thrift/SentryWebServer.java | 4 +-
.../provider/db/service/thrift/ThriftUtil.java | 6 +-
.../provider/db/tools/SentrySchemaHelper.java | 26 +++----
.../provider/db/tools/SentrySchemaTool.java | 53 +++++++-------
.../db/tools/command/hive/CommandUtil.java | 6 +-
.../hive/RevokePrivilegeFromRoleCmd.java | 2 +-
.../service/thrift/JaasConfiguration.java | 2 +-
.../thrift/PoolClientInvocationHandler.java | 4 +-
.../sentry/service/thrift/SentryService.java | 18 ++---
.../thrift/SentryServiceClientFactory.java | 2 +-
.../service/thrift/SentryServiceFactory.java | 3 +-
.../service/thrift/SentryServiceUtil.java | 7 +-
.../sentry/service/thrift/ServiceConstants.java | 8 +-
.../apache/sentry/provider/file/PolicyFile.java | 8 +-
.../sentry/provider/file/PolicyFiles.java | 5 +-
.../SentryIndexAuthorizationSingleton.java | 27 +++----
.../solr/handler/admin/SecureAdminHandlers.java | 4 +-
.../QueryDocAuthorizationComponent.java | 16 ++--
.../component/SecureRealTimeGetComponent.java | 10 +--
.../metastore/SentryPolicyProviderForDb.java | 4 +-
88 files changed, 489 insertions(+), 378 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
index 5238414..38d1f46 100644
--- a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
+++ b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/SentryHiveConstants.java
@@ -21,11 +21,15 @@ import java.util.EnumSet;
import org.apache.hadoop.hive.ql.security.authorization.PrivilegeType;
-public class SentryHiveConstants {
+public final class SentryHiveConstants {
public static final EnumSet<PrivilegeType> ALLOWED_PRIVS = EnumSet.allOf(PrivilegeType.class);
public static final String PRIVILEGE_NOT_SUPPORTED = "Sentry does not support privilege: ";
public static final String PARTITION_PRIVS_NOT_SUPPORTED = "Sentry does not support partition level authorization";
public static final String GRANT_REVOKE_NOT_SUPPORTED_ON_OBJECT = "Sentry does not allow grant/revoke on: ";
public static final String GRANT_REVOKE_NOT_SUPPORTED_FOR_PRINCIPAL = "Sentry does not allow privileges to be granted/revoked to/from: ";
+
+ private SentryHiveConstants() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
index f3799ca..e257360 100644
--- a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
+++ b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/hadoop/hive/ql/exec/SentryFilterDDLTask.java
@@ -91,11 +91,13 @@ public class SentryFilterDDLTask extends DDLTask {
}
private void failed(Throwable e) {
- while (e.getCause() != null && e.getClass() == RuntimeException.class) {
- e = e.getCause();
+ // Get the cause of the exception if available
+ Throwable error = e;
+ while (error.getCause() != null && error.getClass() == RuntimeException.class) {
+ error = error.getCause();
}
- setException(e);
- LOG.error(stringifyException(e));
+ setException(error);
+ LOG.error(stringifyException(error));
}
/**
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatFactory.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatFactory.java b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatFactory.java
index d2c6072..7f279ed 100644
--- a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatFactory.java
+++ b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/SentryPolicyFileFormatFactory.java
@@ -41,4 +41,8 @@ public class SentryPolicyFileFormatFactory {
.newInstance();
return sentryPolicyFileFormatter;
}
+
+ private SentryPolicyFileFormatFactory() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
index 775a1f5..b2b3be8 100644
--- a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
+++ b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzBinding.java
@@ -357,11 +357,12 @@ public class HiveAuthzBinding {
found = false;
}
- for(AuthorizableType key: requiredOutputPrivileges.keySet()) {
+ for (Map.Entry<AuthorizableType, EnumSet<DBModelAction>> entry : requiredOutputPrivileges.entrySet()) {
+ AuthorizableType key = entry.getKey();
for (List<DBModelAuthorizable> outputHierarchy : outputHierarchyList) {
if (getAuthzType(outputHierarchy).equals(key)) {
found = true;
- if (!authProvider.hasAccess(subject, outputHierarchy, requiredOutputPrivileges.get(key), activeRoleSet)) {
+ if (!authProvider.hasAccess(subject, outputHierarchy, entry.getValue(), activeRoleSet)) {
throw new AuthorizationException("User " + subject.getName() +
" does not have privileges for " + hiveOp.name());
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
index 4ef86e6..694974e 100644
--- a/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
+++ b/sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/authz/SentryConfigTool.java
@@ -259,16 +259,15 @@ public class SentryConfigTool {
String serverName = new Server(getAuthzConf().get(
AuthzConfVars.AUTHZ_SERVER_NAME.getVar())).getName();
// get the configured sentry provider
- AuthorizationProvider sentryProvider = null;
try {
- sentryProvider = HiveAuthzBinding.getAuthProvider(getHiveConf(),
+ return HiveAuthzBinding.getAuthProvider(getHiveConf(),
authzConf, serverName);
} catch (SentryConfigurationException eC) {
printConfigErrors(eC);
+ throw eC;
} catch (Exception e) {
throw new IllegalStateException("Couldn't load sentry provider ", e);
}
- return sentryProvider;
}
// validate policy files
@@ -277,6 +276,7 @@ public class SentryConfigTool {
getSentryProvider().validateResource(true);
} catch (SentryConfigurationException e) {
printConfigErrors(e);
+ throw e;
}
System.out.println("No errors found in the policy file");
}
@@ -395,14 +395,15 @@ public class SentryConfigTool {
// read a config value using 'set' statement
private String readConfig(Statement stmt, String configKey)
throws SQLException {
- ResultSet res = stmt.executeQuery("set " + configKey);
- if (!res.next()) {
- return null;
+ try (ResultSet res = stmt.executeQuery("set " + configKey)) {
+ if (!res.next()) {
+ return null;
+ }
+ // parse key=value result format
+ String result = res.getString(1);
+ res.close();
+ return result.substring(result.indexOf("=") + 1);
}
- // parse key=value result format
- String result = res.getString(1);
- res.close();
- return result.substring(result.indexOf("=") + 1);
}
// print configuration/policy file errors and warnings
@@ -415,7 +416,6 @@ public class SentryConfigTool {
for (String warnMsg : configException.getConfigWarnings()) {
System.out.println("Warning: " + warnMsg);
}
- throw configException;
}
// extract the authorization errors from config property and print
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
index 217b7b3..dacf839 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/hadoop/hive/ql/exec/SentryGrantRevokeTask.java
@@ -360,7 +360,7 @@ public class SentryGrantRevokeTask extends Task<DDLWork> implements Serializable
try {
authorizableHeirarchy.add(new AccessURI(PathUtils.parseDFSURI(warehouseDir, uriPath)));
} catch(URISyntaxException e) {
- throw new HiveException(e.getMessage());
+ throw new HiveException(e.getMessage(), e);
}
} else {
dbName = privSubjectDesc.getObject();
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
index 0d1db89..25531af 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHiveAuthorizationTaskFactoryImpl.java
@@ -90,7 +90,7 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
public Task<? extends Serializable> createShowRoleGrantTask(ASTNode ast, Path resultFile,
HashSet<ReadEntity> inputs, HashSet<WriteEntity> outputs) throws SemanticException {
ASTNode child = (ASTNode) ast.getChild(0);
- PrincipalType principalType = PrincipalType.USER;
+ PrincipalType principalType = null;
switch (child.getType()) {
case HiveParser.TOK_USER:
principalType = PrincipalType.USER;
@@ -101,6 +101,8 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
case HiveParser.TOK_ROLE:
principalType = PrincipalType.ROLE;
break;
+ default:
+ principalType = PrincipalType.USER;
}
if (principalType != PrincipalType.GROUP && principalType != PrincipalType.USER) {
String msg = SentryHiveConstants.GRANT_REVOKE_NOT_SUPPORTED_FOR_PRINCIPAL + principalType;
@@ -186,7 +188,7 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
SentryHivePrivilegeObjectDesc privHiveObj = null;
ASTNode principal = (ASTNode) ast.getChild(0);
- PrincipalType type = PrincipalType.USER;
+ PrincipalType type = null;
switch (principal.getType()) {
case HiveParser.TOK_USER:
type = PrincipalType.USER;
@@ -197,6 +199,8 @@ public class SentryHiveAuthorizationTaskFactoryImpl implements HiveAuthorization
case HiveParser.TOK_ROLE:
type = PrincipalType.ROLE;
break;
+ default:
+ type = PrincipalType.USER;
}
if (type != PrincipalType.ROLE) {
String msg = SentryHiveConstants.GRANT_REVOKE_NOT_SUPPORTED_FOR_PRINCIPAL + type;
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
index 8e70492..fe6f18e 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/authz/HiveAuthzPrivilegesMap.java
@@ -301,4 +301,8 @@ public class HiveAuthzPrivilegesMap {
public static HiveAuthzPrivileges getHiveAuthzPrivileges(HiveOperation hiveStmtOp) {
return hiveAuthzStmtPrivMap.get(hiveStmtOp);
}
+
+ private HiveAuthzPrivilegesMap() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
index 9e08571..b2377d8 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/AuthorizingObjectStore.java
@@ -65,8 +65,8 @@ public class AuthorizingObjectStore extends ObjectStore {
private static HiveConf hiveConf;
private static HiveAuthzConf authzConf;
private static HiveAuthzBinding hiveAuthzBinding;
- private static String NO_ACCESS_MESSAGE_TABLE = "Table does not exist or insufficient privileges to access: ";
- private static String NO_ACCESS_MESSAGE_DATABASE = "Database does not exist or insufficient privileges to access: ";
+ private static final String NO_ACCESS_MESSAGE_TABLE = "Table does not exist or insufficient privileges to access: ";
+ private static final String NO_ACCESS_MESSAGE_DATABASE = "Database does not exist or insufficient privileges to access: ";
@Override
public List<String> getDatabases(String pattern) throws MetaException {
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
index d741c44..9805635 100644
--- a/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
+++ b/sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/metastore/MetastoreAuthzBinding.java
@@ -27,7 +27,6 @@ import org.apache.hadoop.hive.metastore.api.InvalidOperationException;
import org.apache.hadoop.hive.ql.metadata.AuthorizationException;
import org.apache.hadoop.hive.ql.plan.HiveOperation;
import org.apache.sentry.SentryUserException;
-import org.apache.sentry.binding.hive.authz.HiveAuthzBinding;
import org.apache.sentry.binding.hive.authz.HiveAuthzPrivilegesMap;
import org.apache.sentry.core.common.Subject;
import org.apache.sentry.core.model.db.DBModelAuthorizable;
@@ -56,8 +55,7 @@ public class MetastoreAuthzBinding extends MetastoreAuthzBindingBase {
"Metastore/Sentry cache is out of sync"));
}
try {
- HiveAuthzBinding hiveAuthzBinding = getHiveAuthzBinding();
- hiveAuthzBinding.authorize(hiveOp, HiveAuthzPrivilegesMap
+ getHiveAuthzBinding().authorize(hiveOp, HiveAuthzPrivilegesMap
.getHiveAuthzPrivileges(hiveOp), new Subject(getUserName()),
inputHierarchy, outputHierarchy);
} catch (AuthorizationException e1) {
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/SentrySqoopError.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/SentrySqoopError.java b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/SentrySqoopError.java
index b86c59f..41bd6fc 100644
--- a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/SentrySqoopError.java
+++ b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/SentrySqoopError.java
@@ -16,7 +16,7 @@
*/
package org.apache.sentry.sqoop;
-public class SentrySqoopError {
+public final class SentrySqoopError {
public static final String SHOW_GRANT_NOT_SUPPORTED_FOR_PRINCIPAL =
"Sentry does only support show roles on group, not supported on ";
public static final String AUTHORIZE_CHECK_NOT_SUPPORT_FOR_PRINCIPAL =
@@ -29,4 +29,8 @@ public class SentrySqoopError {
"Sentry does only support grant/revoke role to/from group, not supported on ";
public static final String NOT_IMPLEMENT_YET =
"Sentry does not implement yet ";
+
+ private SentrySqoopError() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBindingSingleton.java
----------------------------------------------------------------------
diff --git a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBindingSingleton.java b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBindingSingleton.java
index 39e001f..eae85ce 100644
--- a/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBindingSingleton.java
+++ b/sentry-binding/sentry-binding-sqoop/src/main/java/org/apache/sentry/sqoop/binding/SqoopAuthBindingSingleton.java
@@ -28,7 +28,7 @@ import org.slf4j.LoggerFactory;
import com.google.common.base.Strings;
-public class SqoopAuthBindingSingleton {
+public final class SqoopAuthBindingSingleton {
private static Logger log = LoggerFactory.getLogger(SqoopAuthBindingSingleton.class);
// Lazy init holder class idiom to avoid DTL
@@ -57,19 +57,19 @@ public class SqoopAuthBindingSingleton {
}
private SqoopAuthConf loadAuthzConf() {
- String sentry_site = SqoopConfiguration.getInstance().getContext()
+ String sentrySite = SqoopConfiguration.getInstance().getContext()
.getString(SqoopAuthConf.SENTRY_SQOOP_SITE_URL);
- if (Strings.isNullOrEmpty(sentry_site)) {
+ if (Strings.isNullOrEmpty(sentrySite)) {
throw new IllegalArgumentException("Configuration key " + SqoopAuthConf.SENTRY_SQOOP_SITE_URL
- + " value '" + sentry_site + "' is invalid.");
+ + " value '" + sentrySite + "' is invalid.");
}
SqoopAuthConf sqoopAuthConf = null;
try {
- sqoopAuthConf = new SqoopAuthConf(new URL(sentry_site));
+ sqoopAuthConf = new SqoopAuthConf(new URL(sentrySite));
} catch (MalformedURLException e) {
throw new IllegalArgumentException("Configuration key " + SqoopAuthConf.SENTRY_SQOOP_SITE_URL
- + " specifies a malformed URL '" + sentry_site + "'", e);
+ + " specifies a malformed URL '" + sentrySite + "'", e);
}
return sqoopAuthConf;
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
index 1ccf7de..d321531 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryMain.java
@@ -45,6 +45,11 @@ public class SentryMain {
.put("schema-tool",
"org.apache.sentry.provider.db.tools.SentrySchemaTool$CommandImpl")
.build();
+
+ private SentryMain() {
+ // Make constructor private to avoid instantiation
+ }
+
public static void main(String[] args)
throws Exception {
CommandLineParser parser = new GnuParser();
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryUserException.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryUserException.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryUserException.java
index 9a8f85d..3745f11 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryUserException.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryUserException.java
@@ -19,7 +19,7 @@ package org.apache.sentry;
public class SentryUserException extends Exception{
private static final long serialVersionUID = 2329620558380655835L;
- protected String reason;
+ private String reason;
public SentryUserException(String msg) {
super(msg);
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryVersionInfo.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryVersionInfo.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryVersionInfo.java
index 53fe3af..de77dc3 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryVersionInfo.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryVersionInfo.java
@@ -106,4 +106,8 @@ public class SentryVersionInfo {
System.out.println("Compiled by " + getUser() + " on " + getDate());
System.out.println("From source with checksum " + getSrcChecksum());
}
+
+ private SentryVersionInfo() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
index d024032..3b9336c 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PathUtils.java
@@ -34,10 +34,14 @@ import com.google.common.base.Strings;
public class PathUtils {
private static final Logger LOGGER = LoggerFactory.getLogger(PathUtils.class);
- private static String LOCAL_FILE_SCHEMA = "file";
- private static String AUTHORITY_PREFIX = "://";
+ private static final String LOCAL_FILE_SCHEMA = "file";
+ private static final String AUTHORITY_PREFIX = "://";
private static final Configuration CONF = new Configuration();
+ private PathUtils() {
+ // Make constructor private to avoid instantiation
+ }
+
@VisibleForTesting
public static Configuration getConfiguration() {
return CONF;
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFileConstants.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFileConstants.java b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFileConstants.java
index 1a5f60e..6b625ff 100644
--- a/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFileConstants.java
+++ b/sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/utils/PolicyFileConstants.java
@@ -29,4 +29,8 @@ public class PolicyFileConstants {
public static final String PRIVILEGE_URI_NAME = "uri";
public static final String PRIVILEGE_ACTION_NAME = "action";
public static final String PRIVILEGE_GRANT_OPTION_NAME = "grantoption";
+
+ private PolicyFileConstants() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/AccessConstants.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/AccessConstants.java b/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/AccessConstants.java
index 99cefb7..a8e8bb1 100644
--- a/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/AccessConstants.java
+++ b/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/AccessConstants.java
@@ -18,7 +18,7 @@ package org.apache.sentry.core.model.db;
import com.google.common.collect.ImmutableSet;
-public class AccessConstants {
+public final class AccessConstants {
/**
* Used as the "name" for a Server, Database, Table object which
@@ -41,4 +41,8 @@ public class AccessConstants {
SUPERUSER_ROLE = "SUPERUSER", PUBLIC_ROLE = "PUBLIC";
public static final ImmutableSet<String> RESERVED_ROLE_NAMES = ImmutableSet.of(ALL_ROLE,
DEFAULT_ROLE, NONE_ROLE, SUPERUSER_ROLE, PUBLIC_ROLE);
+
+ private AccessConstants() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizables.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizables.java b/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizables.java
index 3a05a3b..7bc94c9 100644
--- a/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizables.java
+++ b/sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizables.java
@@ -21,6 +21,10 @@ import org.apache.sentry.core.common.utils.KeyValue;
public class DBModelAuthorizables {
+ private DBModelAuthorizables() {
+ // Make constructor private to avoid instantiation
+ }
+
public static DBModelAuthorizable from(KeyValue keyValue) {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue();
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerConstants.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerConstants.java b/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerConstants.java
index 2182525..7a9ec3f 100644
--- a/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerConstants.java
+++ b/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerConstants.java
@@ -16,10 +16,13 @@
*/
package org.apache.sentry.core.model.indexer;
-public class IndexerConstants {
+public final class IndexerConstants {
public static final String ALL = "*";
public static final String READ = "read";
public static final String WRITE = "write";
+ private IndexerConstants() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizables.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizables.java b/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizables.java
index d15e911..414df68 100644
--- a/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizables.java
+++ b/sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizables.java
@@ -21,6 +21,10 @@ import org.apache.sentry.core.common.utils.KeyValue;
public class IndexerModelAuthorizables {
+ private IndexerModelAuthorizables() {
+ // Make constructor private to avoid instantiation
+ }
+
public static IndexerModelAuthorizable from(KeyValue keyValue) {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue().toLowerCase();
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchConstants.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchConstants.java b/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchConstants.java
index 9f76bda..a2b17fc 100644
--- a/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchConstants.java
+++ b/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchConstants.java
@@ -16,7 +16,7 @@
*/
package org.apache.sentry.core.model.search;
-public class SearchConstants {
+public final class SearchConstants {
public static final String ALL = "*";
public static final String QUERY = "query";
@@ -28,4 +28,8 @@ public class SearchConstants {
*/
public static final String SENTRY_SEARCH_SERVICE_KEY = "sentry.search.service";
public static final String SENTRY_SEARCH_SERVICE_DEFAULT = "service1";
+
+ private SearchConstants() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizables.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizables.java b/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizables.java
index c3292c7..2b190e5 100644
--- a/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizables.java
+++ b/sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizables.java
@@ -21,6 +21,10 @@ import org.apache.sentry.core.common.utils.KeyValue;
public class SearchModelAuthorizables {
+ private SearchModelAuthorizables() {
+ // Make constructor private to avoid instantiation
+ }
+
public static SearchModelAuthorizable from(KeyValue keyValue) {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue().toLowerCase();
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Job.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Job.java b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Job.java
index e7f43ef..8f6bb20 100644
--- a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Job.java
+++ b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Job.java
@@ -22,7 +22,7 @@ public class Job implements SqoopAuthorizable {
/**
* Represents all jobs
*/
- public static Job ALL = new Job(SqoopAuthorizable.ALL);
+ public static final Job ALL = new Job(SqoopAuthorizable.ALL);
private String name;
public Job(String name) {
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Link.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Link.java b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Link.java
index 53194ea..acd2980 100644
--- a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Link.java
+++ b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Link.java
@@ -22,7 +22,7 @@ public class Link implements SqoopAuthorizable {
/**
* Represents all links
*/
- public static Link ALL = new Link(SqoopAuthorizable.ALL);
+ public static final Link ALL = new Link(SqoopAuthorizable.ALL);
private String name;
public Link(String name) {
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Server.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Server.java b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Server.java
index 8d86a38..19dd139 100644
--- a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Server.java
+++ b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/Server.java
@@ -22,7 +22,7 @@ public class Server implements SqoopAuthorizable {
/**
* Represents all servers
*/
- public static Server ALL = new Server(SqoopAuthorizable.ALL);
+ public static final Server ALL = new Server(SqoopAuthorizable.ALL);
private String name;
public Server(String name) {
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionConstant.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionConstant.java b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionConstant.java
index 2b867fa..38f24cf 100644
--- a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionConstant.java
+++ b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionConstant.java
@@ -16,10 +16,14 @@
*/
package org.apache.sentry.core.model.sqoop;
-public class SqoopActionConstant {
+public final class SqoopActionConstant {
public static final String ALL = "*";
public static final String ALL_NAME = "ALL";
public static final String READ = "read";
public static final String WRITE = "write";
public static final String NAME = "action";
+
+ private SqoopActionConstant() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopModelAuthorizables.java
----------------------------------------------------------------------
diff --git a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopModelAuthorizables.java b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopModelAuthorizables.java
index 11ce7ec..3bb9a19 100644
--- a/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopModelAuthorizables.java
+++ b/sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopModelAuthorizables.java
@@ -20,6 +20,11 @@ import org.apache.sentry.core.model.sqoop.SqoopAuthorizable.AuthorizableType;
import org.apache.sentry.core.common.utils.KeyValue;
public class SqoopModelAuthorizables {
+
+ private SqoopModelAuthorizables() {
+ // Make constructor private to avoid instantiation
+ }
+
public static SqoopAuthorizable from(KeyValue keyValue) {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue().toLowerCase();
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
index 80a25aa..6d2ab23 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPaths.java
@@ -36,27 +36,27 @@ import org.slf4j.LoggerFactory;
*/
public class HMSPaths implements AuthzPaths {
- private static Logger LOG = LoggerFactory.getLogger(HMSPaths.class);
+ private static final Logger LOG = LoggerFactory.getLogger(HMSPaths.class);
@VisibleForTesting
static List<String> getPathElements(String path) {
- path = path.trim();
- if (path.charAt(0) != Path.SEPARATOR_CHAR) {
- throw new IllegalArgumentException("It must be an absolute path: " +
- path);
+ String trimmedPath = path.trim();
+ if (trimmedPath.charAt(0) != Path.SEPARATOR_CHAR) {
+ throw new IllegalArgumentException("It must be an absolute path: " +
+ trimmedPath);
}
List<String> list = new ArrayList<String>(32);
int idx = 0;
- int found = path.indexOf(Path.SEPARATOR_CHAR, idx);
+ int found = trimmedPath.indexOf(Path.SEPARATOR_CHAR, idx);
while (found > -1) {
if (found > idx) {
- list.add(path.substring(idx, found));
+ list.add(trimmedPath.substring(idx, found));
}
idx = found + 1;
- found = path.indexOf(Path.SEPARATOR_CHAR, idx);
+ found = trimmedPath.indexOf(Path.SEPARATOR_CHAR, idx);
}
- if (idx < path.length()) {
- list.add(path.substring(idx));
+ if (idx < trimmedPath.length()) {
+ list.add(trimmedPath.substring(idx));
}
return list;
}
@@ -197,7 +197,6 @@ public class HMSPaths implements AuthzPaths {
// Creates the entry based on the path elements (if not found) until reaches its
// direct parent.
for (int i = 0; i < pathElements.size() - 1; i++) {
-
String pathElement = pathElements.get(i);
Entry child = entryParent.getChildren().get(pathElement);
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
index 3203ecd..e759ff1 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/HMSPathsDumper.java
@@ -33,8 +33,8 @@ public class HMSPathsDumper implements AuthzPathsDumper<HMSPaths> {
private final HMSPaths hmsPaths;
static class Tuple {
- final TPathEntry entry;
- final int id;
+ private final TPathEntry entry;
+ private final int id;
Tuple(TPathEntry entry, int id) {
this.entry = entry;
this.id = id;
@@ -79,16 +79,16 @@ public class HMSPathsDumper implements AuthzPathsDumper<HMSPaths> {
@Override
public HMSPaths initializeFromDump(TPathsDump pathDump) {
- HMSPaths hmsPaths = new HMSPaths(this.hmsPaths.getPrefixes());
+ HMSPaths newHmsPaths = new HMSPaths(this.hmsPaths.getPrefixes());
TPathEntry tRootEntry = pathDump.getNodeMap().get(pathDump.getRootId());
- Entry rootEntry = hmsPaths.getRootEntry();
+ Entry rootEntry = newHmsPaths.getRootEntry();
Map<String, Set<Entry>> authzObjToPath = new HashMap<String, Set<Entry>>();
cloneToEntry(tRootEntry, rootEntry, pathDump.getNodeMap(), authzObjToPath,
rootEntry.getType() == EntryType.PREFIX);
- hmsPaths.setRootEntry(rootEntry);
- hmsPaths.setAuthzObjToPathMapping(authzObjToPath);
+ newHmsPaths.setRootEntry(rootEntry);
+ newHmsPaths.setAuthzObjToPathMapping(authzObjToPath);
- return hmsPaths;
+ return newHmsPaths;
}
private void cloneToEntry(TPathEntry tParent, Entry parent,
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PathsUpdate.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PathsUpdate.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PathsUpdate.java
index a091f71..5985756 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PathsUpdate.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PathsUpdate.java
@@ -46,7 +46,7 @@ public class PathsUpdate implements Updateable.Update {
private static final Logger LOGGER = LoggerFactory.getLogger(PathsUpdate.class);
- public static String ALL_PATHS = "__ALL_PATHS__";
+ public static final String ALL_PATHS = "__ALL_PATHS__";
private static final Configuration CONF = new Configuration();
private final TPathsUpdate tPathsUpdate;
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PermissionsUpdate.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PermissionsUpdate.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PermissionsUpdate.java
index c791ab3..9834923 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PermissionsUpdate.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/PermissionsUpdate.java
@@ -28,11 +28,11 @@ import org.apache.sentry.hdfs.service.thrift.TRoleChanges;
public class PermissionsUpdate implements Updateable.Update {
- public static String RENAME_PRIVS = "__RENAME_PRIV__";
- public static String ALL_AUTHZ_OBJ = "__ALL_AUTHZ_OBJ__";
- public static String ALL_PRIVS = "__ALL_PRIVS__";
- public static String ALL_ROLES = "__ALL_ROLES__";
- public static String ALL_GROUPS = "__ALL_GROUPS__";
+ public static final String RENAME_PRIVS = "__RENAME_PRIV__";
+ public static final String ALL_AUTHZ_OBJ = "__ALL_AUTHZ_OBJ__";
+ public static final String ALL_PRIVS = "__ALL_PRIVS__";
+ public static final String ALL_ROLES = "__ALL_ROLES__";
+ public static final String ALL_GROUPS = "__ALL_GROUPS__";
private final TPermissionsUpdate tPermUpdate;
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClientFactory.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClientFactory.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClientFactory.java
index 58aa10d..6c9c8bb 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClientFactory.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClientFactory.java
@@ -27,6 +27,11 @@ import org.apache.sentry.service.thrift.ServiceConstants.ServerConfig;
* Client factory to create normal client or proxy with HA invocation handler
*/
public class SentryHDFSServiceClientFactory {
+
+ private SentryHDFSServiceClientFactory() {
+ // Make constructor private to avoid instantiation
+ }
+
public static SentryHDFSServiceClient create(Configuration conf)
throws Exception {
boolean haEnabled = conf.getBoolean(ServerConfig.SENTRY_HA_ENABLED, false);
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ServiceConstants.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ServiceConstants.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ServiceConstants.java
index 1fdf418..2c0ae82 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ServiceConstants.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ServiceConstants.java
@@ -62,10 +62,10 @@ public class ServiceConstants {
public static final String SENTRY_HDFS_SYNC_METASTORE_CACHE_ASYNC_INIT_ENABLE = "sentry.hdfs.sync.metastore.cache.async-init.enable";
public static final boolean SENTRY_HDFS_SYNC_METASTORE_CACHE_ASYNC_INIT_ENABLE_DEFAULT = false;
- public static String SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_PART_PER_RPC = "sentry.hdfs.sync.metastore.cache.max-partitions-per-rpc";
- public static int SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_PART_PER_RPC_DEFAULT = 100;
- public static String SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_TABLES_PER_RPC = "sentry.hdfs.sync.metastore.cache.max-tables-per-rpc";
- public static int SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_TABLES_PER_RPC_DEFAULT = 100;
+ public static final String SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_PART_PER_RPC = "sentry.hdfs.sync.metastore.cache.max-partitions-per-rpc";
+ public static final int SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_PART_PER_RPC_DEFAULT = 100;
+ public static final String SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_TABLES_PER_RPC = "sentry.hdfs.sync.metastore.cache.max-tables-per-rpc";
+ public static final int SENTRY_HDFS_SYNC_METASTORE_CACHE_MAX_TABLES_PER_RPC_DEFAULT = 100;
}
public static class ClientConfig {
@@ -88,8 +88,8 @@ public class ServiceConstants {
public static final boolean USE_COMPACT_TRANSPORT_DEFAULT = false;
// max message size for thrift messages
- public static String SENTRY_HDFS_THRIFT_MAX_MESSAGE_SIZE = "sentry.hdfs.thrift.max.message.size";
- public static long SENTRY_HDFS_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024;
+ public static final String SENTRY_HDFS_THRIFT_MAX_MESSAGE_SIZE = "sentry.hdfs.thrift.max.message.size";
+ public static final long SENTRY_HDFS_THRIFT_MAX_MESSAGE_SIZE_DEFAULT = 100 * 1024 * 1024;
}
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ThriftSerializer.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ThriftSerializer.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ThriftSerializer.java
index 782367a..b66f70b 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ThriftSerializer.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/ThriftSerializer.java
@@ -57,4 +57,7 @@ public class ThriftSerializer {
return baseObject;
}
+ private ThriftSerializer() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
index 5ff7294..4264a21 100644
--- a/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
+++ b/sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPaths.java
@@ -30,11 +30,10 @@ import org.slf4j.LoggerFactory;
public class UpdateableAuthzPaths implements AuthzPaths, Updateable<PathsUpdate> {
private static final int MAX_UPDATES_PER_LOCK_USE = 99;
private static final String UPDATABLE_TYPE_NAME = "path_update";
+ private static final Logger LOG = LoggerFactory.getLogger(UpdateableAuthzPaths.class);
private volatile HMSPaths paths;
private final AtomicLong seqNum = new AtomicLong(0);
- private static Logger LOG = LoggerFactory.getLogger(UpdateableAuthzPaths.class);
-
public UpdateableAuthzPaths(String[] pathPrefixes) {
this.paths = new HMSPaths(pathPrefixes);
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
index 114dbb0..383d64d 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/hadoop/hdfs/server/namenode/AuthorizationProvider.java
@@ -186,7 +186,7 @@ public abstract class AuthorizationProvider {
* done as part of a client operation, <code>FALSE</code> otherwise.
*/
protected final boolean isClientOp() {
- return CLIENT_OP_TL.get() == Boolean.TRUE;
+ return Boolean.TRUE.equals(CLIENT_OP_TL.get());
}
/**
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
index ea1514c..8836801 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationConstants.java
@@ -17,7 +17,7 @@
*/
package org.apache.sentry.hdfs;
-public class SentryAuthorizationConstants {
+public final class SentryAuthorizationConstants {
public static final String CONFIG_FILE = "hdfs-sentry.xml";
@@ -52,4 +52,8 @@ public class SentryAuthorizationConstants {
public static final String INCLUDE_HDFS_AUTHZ_AS_ACL_KEY = CONFIG_PREFIX +
"include-hdfs-authz-as-acl";
public static final boolean INCLUDE_HDFS_AUTHZ_AS_ACL_DEFAULT = false;
+
+ private SentryAuthorizationConstants() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
index c2416c1..90ba721 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationInfo.java
@@ -37,7 +37,7 @@ import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Preconditions;
public class SentryAuthorizationInfo implements Runnable {
- private static Logger LOG =
+ private static final Logger LOG =
LoggerFactory.getLogger(SentryAuthorizationInfo.class);
private SentryUpdater updater;
@@ -65,10 +65,10 @@ public class SentryAuthorizationInfo implements Runnable {
}
public SentryAuthorizationInfo(Configuration conf) throws Exception {
- String[] pathPrefixes = conf.getTrimmedStrings(
+ String[] newPathPrefixes = conf.getTrimmedStrings(
SentryAuthorizationConstants.HDFS_PATH_PREFIXES_KEY,
SentryAuthorizationConstants.HDFS_PATH_PREFIXES_DEFAULT);
- if (pathPrefixes.length == 0) {
+ if (newPathPrefixes.length == 0) {
LOG.warn("There are not HDFS path prefixes configured in [{}], "
+ "Sentry authorization won't be enforced on any HDFS location",
SentryAuthorizationConstants.HDFS_PATH_PREFIXES_KEY);
@@ -84,13 +84,13 @@ public class SentryAuthorizationInfo implements Runnable {
SentryAuthorizationConstants.CACHE_REFRESH_RETRY_WAIT_DEFAULT);
LOG.debug("Sentry authorization will enforced in the following HDFS " +
- "locations: [{}]", StringUtils.arrayToString(pathPrefixes));
- setPrefixPaths(pathPrefixes);
+ "locations: [{}]", StringUtils.arrayToString(newPathPrefixes));
+ setPrefixPaths(newPathPrefixes);
LOG.debug("Refresh interval [{}]ms, retry wait [{}], stale threshold " +
"[{}]ms", new Object[]
{refreshIntervalMillisec, retryWaitMillisec, staleThresholdMillisec});
- authzPaths = new UpdateableAuthzPaths(pathPrefixes);
+ authzPaths = new UpdateableAuthzPaths(newPathPrefixes);
authzPermissions = new UpdateableAuthzPermissions();
waitUntil = System.currentTimeMillis();
lastStaleReport = 0;
@@ -157,26 +157,27 @@ public class SentryAuthorizationInfo implements Runnable {
V updateable) {
// In a list of Updates, if there is a full Update, it will be the first
// one in the List.. all the remaining will be partial updates
- if (updates.size() > 0) {
+ V newUpdateable = updateable;
+ if (!updates.isEmpty()) {
if (updates.get(0).hasFullImage()) {
LOG.debug("Process Update : FULL IMAGE "
- + "[" + updateable.getClass() + "]"
+ + "[" + newUpdateable.getClass() + "]"
+ "[" + updates.get(0).getSeqNum() + "]");
- updateable = (V)updateable.updateFull(updates.remove(0));
+ newUpdateable = (V)newUpdateable.updateFull(updates.remove(0));
}
// Any more elements ?
if (!updates.isEmpty()) {
LOG.debug("Process Update : More updates.. "
- + "[" + updateable.getClass() + "]"
- + "[" + updateable.getLastUpdatedSeqNum() + "]"
+ + "[" + newUpdateable.getClass() + "]"
+ + "[" + newUpdateable.getLastUpdatedSeqNum() + "]"
+ "[" + updates.size() + "]");
- updateable.updatePartial(updates, lock);
+ newUpdateable.updatePartial(updates, lock);
}
LOG.debug("Process Update : Finished updates.. "
- + "[" + updateable.getClass() + "]"
- + "[" + updateable.getLastUpdatedSeqNum() + "]");
+ + "[" + newUpdateable.getClass() + "]"
+ + "[" + newUpdateable.getLastUpdatedSeqNum() + "]");
}
- return updateable;
+ return newUpdateable;
}
public void run() {
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
index c701723..f639f5f 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryAuthorizationProvider.java
@@ -54,8 +54,10 @@ public class SentryAuthorizationProvider
}
}
- private static Logger LOG =
+ private static final Logger LOG =
LoggerFactory.getLogger(SentryAuthorizationProvider.class);
+ private static final String WARN_VISIBILITY =
+ " The result won't be visible when the path is managed by Sentry";
private boolean started;
private Configuration conf;
@@ -66,9 +68,6 @@ public class SentryAuthorizationProvider
private boolean originalAuthzAsAcl;
private SentryAuthorizationInfo authzInfo;
- private static String WARN_VISIBILITY =
- " The result won't be visible when the path is managed by Sentry";
-
public SentryAuthorizationProvider() {
this(null);
}
@@ -103,17 +102,17 @@ public class SentryAuthorizationProvider
defaultAuthzProvider.start();
// Configuration is read from hdfs-sentry.xml and NN configuration, in
// that order of precedence.
- Configuration conf = new Configuration(this.conf);
- conf.addResource(SentryAuthorizationConstants.CONFIG_FILE);
- user = conf.get(SentryAuthorizationConstants.HDFS_USER_KEY,
+ Configuration newConf = new Configuration(this.conf);
+ newConf.addResource(SentryAuthorizationConstants.CONFIG_FILE);
+ user = newConf.get(SentryAuthorizationConstants.HDFS_USER_KEY,
SentryAuthorizationConstants.HDFS_USER_DEFAULT);
- group = conf.get(SentryAuthorizationConstants.HDFS_GROUP_KEY,
+ group = newConf.get(SentryAuthorizationConstants.HDFS_GROUP_KEY,
SentryAuthorizationConstants.HDFS_GROUP_DEFAULT);
permission = FsPermission.createImmutable(
- (short) conf.getLong(SentryAuthorizationConstants.HDFS_PERMISSION_KEY,
+ (short) newConf.getLong(SentryAuthorizationConstants.HDFS_PERMISSION_KEY,
SentryAuthorizationConstants.HDFS_PERMISSION_DEFAULT)
);
- originalAuthzAsAcl = conf.getBoolean(
+ originalAuthzAsAcl = newConf.getBoolean(
SentryAuthorizationConstants.INCLUDE_HDFS_AUTHZ_AS_ACL_KEY,
SentryAuthorizationConstants.INCLUDE_HDFS_AUTHZ_AS_ACL_DEFAULT);
@@ -123,7 +122,7 @@ public class SentryAuthorizationProvider
{user, group, permission, originalAuthzAsAcl});
if (authzInfo == null) {
- authzInfo = new SentryAuthorizationInfo(conf);
+ authzInfo = new SentryAuthorizationInfo(newConf);
}
authzInfo.start();
} catch (Exception ex) {
@@ -256,12 +255,12 @@ public class SentryAuthorizationProvider
@Override
public FsPermission getFsPermission(
INodeAuthorizationInfo node, int snapshotId) {
- FsPermission permission;
+ FsPermission returnPerm;
String[] pathElements = getPathElements(node);
if (!isSentryManaged(pathElements)) {
- permission = defaultAuthzProvider.getFsPermission(node, snapshotId);
+ returnPerm = defaultAuthzProvider.getFsPermission(node, snapshotId);
} else {
- FsPermission returnPerm = this.permission;
+ returnPerm = this.permission;
// Handle case when prefix directory is itself associated with an
// authorizable object (default db directory in hive)
// An executable permission needs to be set on the the prefix directory
@@ -273,9 +272,8 @@ public class SentryAuthorizationProvider
break;
}
}
- permission = returnPerm;
}
- return permission;
+ return returnPerm;
}
private List<AclEntry> createAclEntries(String user, String group,
@@ -325,10 +323,10 @@ public class SentryAuthorizationProvider
hasAuthzObj = true;
aclMap = new HashMap<String, AclEntry>();
if (originalAuthzAsAcl) {
- String user = defaultAuthzProvider.getUser(node, snapshotId);
- String group = getDefaultProviderGroup(node, snapshotId);
+ String newUser = defaultAuthzProvider.getUser(node, snapshotId);
+ String newGroup = getDefaultProviderGroup(node, snapshotId);
FsPermission perm = defaultAuthzProvider.getFsPermission(node, snapshotId);
- addToACLMap(aclMap, createAclEntries(user, group, perm));
+ addToACLMap(aclMap, createAclEntries(newUser, newGroup, perm));
} else {
addToACLMap(aclMap,
createAclEntries(this.user, this.group, this.permission));
@@ -376,13 +374,13 @@ public class SentryAuthorizationProvider
private String getDefaultProviderGroup(INodeAuthorizationInfo node,
int snapshotId) {
- String group = defaultAuthzProvider.getGroup(node, snapshotId);
+ String newGroup = defaultAuthzProvider.getGroup(node, snapshotId);
INodeAuthorizationInfo pNode = node.getParent();
- while (group == null && pNode != null) {
- group = defaultAuthzProvider.getGroup(pNode, snapshotId);
+ while (newGroup == null && pNode != null) {
+ newGroup = defaultAuthzProvider.getGroup(pNode, snapshotId);
pNode = pNode.getParent();
}
- return group;
+ return newGroup;
}
/*
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
index 88be3f5..0b85f0a 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/SentryUpdater.java
@@ -27,7 +27,7 @@ public class SentryUpdater {
private final Configuration conf;
private final SentryAuthorizationInfo authzInfo;
- private static Logger LOG = LoggerFactory.getLogger(SentryUpdater.class);
+ private static final Logger LOG = LoggerFactory.getLogger(SentryUpdater.class);
public SentryUpdater(Configuration conf, SentryAuthorizationInfo authzInfo) throws Exception {
this.conf = conf;
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
index 33581b7..2472928 100644
--- a/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
+++ b/sentry-hdfs/sentry-hdfs-namenode-plugin/src/main/java/org/apache/sentry/hdfs/UpdateableAuthzPermissions.java
@@ -35,14 +35,14 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class UpdateableAuthzPermissions implements AuthzPermissions, Updateable<PermissionsUpdate> {
+ public static final Map<String, FsAction> ACTION_MAPPING = new HashMap<String, FsAction>();
+
private static final int MAX_UPDATES_PER_LOCK_USE = 99;
private static final String UPDATABLE_TYPE_NAME = "perm_authz_update";
+ private static final Logger LOG = LoggerFactory.getLogger(UpdateableAuthzPermissions.class);
private volatile SentryPermissions perms = new SentryPermissions();
private final AtomicLong seqNum = new AtomicLong(0);
- private static Logger LOG = LoggerFactory.getLogger(UpdateableAuthzPermissions.class);
-
- public static Map<String, FsAction> ACTION_MAPPING = new HashMap<String, FsAction>();
static {
ACTION_MAPPING.put("ALL", FsAction.ALL);
ACTION_MAPPING.put("*", FsAction.ALL);
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
index 7a19594..807e4e0 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastoreCacheInitializer.java
@@ -64,7 +64,7 @@ class MetastoreCacheInitializer implements Closeable {
/**
* Class represents retry strategy for BaseTask.
*/
- private class RetryStrategy {
+ private final class RetryStrategy {
private int retryStrategyMaxRetries = 0;
private int retryStrategyWaitDurationMillis;
private int retries;
@@ -327,7 +327,7 @@ class MetastoreCacheInitializer implements Closeable {
// Fail the HMS startup if tasks are not all successful and
// fail on partial updates flag is set in the config.
- if (callResult.getSuccessStatus() == false && failOnRetry) {
+ if (!callResult.getSuccessStatus() && failOnRetry) {
throw new RuntimeException(callResult.getFailure());
}
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
index 570cf23..f37596d 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/MetastorePlugin.java
@@ -181,15 +181,15 @@ public class MetastorePlugin extends SentryMetastoreListenerPlugin {
sentryClient = null;
LOGGER.error("Could not connect to Sentry HDFS Service !!", e);
}
- ScheduledExecutorService threadPool = Executors.newScheduledThreadPool(1);
- threadPool.scheduleWithFixedDelay(new SyncTask(),
+ ScheduledExecutorService newThreadPool = Executors.newScheduledThreadPool(1);
+ newThreadPool.scheduleWithFixedDelay(new SyncTask(),
this.conf.getLong(ServerConfig
.SENTRY_HDFS_INIT_UPDATE_RETRY_DELAY_MS,
ServerConfig.SENTRY_HDFS_INIT_UPDATE_RETRY_DELAY_DEFAULT),
this.conf.getLong(ServerConfig.SENTRY_HDFS_SYNC_CHECKER_PERIOD_MS,
ServerConfig.SENTRY_HDFS_SYNC_CHECKER_PERIOD_DEFAULT),
TimeUnit.MILLISECONDS);
- this.threadPool = threadPool;
+ this.threadPool = newThreadPool;
}
@Override
@@ -247,26 +247,22 @@ public class MetastorePlugin extends SentryMetastoreListenerPlugin {
@Override
public void renameAuthzObject(String oldName, String oldPath, String newName,
String newPath) {
- if (oldName != null) {
- oldName = oldName.toLowerCase();
- }
- if (newName != null) {
- newName = newName.toLowerCase();
- }
+ String oldNameLC = oldName != null ? oldName.toLowerCase() : null;
+ String newNameLC = newName != null ? newName.toLowerCase() : null;
PathsUpdate update = createHMSUpdate();
LOGGER.debug("#### HMS Path Update ["
+ "OP : renameAuthzObject, "
- + "oldName : " + oldName + ","
+ + "oldName : " + oldNameLC + ","
+ "oldPath : " + oldPath + ","
- + "newName : " + newName + ","
+ + "newName : " + newNameLC + ","
+ "newPath : " + newPath + "]");
List<String> newPathTree = PathsUpdate.parsePath(newPath);
if( newPathTree != null ) {
- update.newPathChange(newName).addToAddPaths(newPathTree);
+ update.newPathChange(newNameLC).addToAddPaths(newPathTree);
}
List<String> oldPathTree = PathsUpdate.parsePath(oldPath);
if( oldPathTree != null ) {
- update.newPathChange(oldName).addToDelPaths(oldPathTree);
+ update.newPathChange(oldNameLC).addToDelPaths(oldPathTree);
}
notifySentryAndApplyLocal(update);
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
----------------------------------------------------------------------
diff --git a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
index b67c94a..5bf2f6e 100644
--- a/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
+++ b/sentry-hdfs/sentry-hdfs-service/src/main/java/org/apache/sentry/hdfs/SentryHdfsMetricsUtil.java
@@ -98,4 +98,8 @@ public class SentryHdfsMetricsUtil {
// The number of failed handleCacheUpdate
public static final Counter getFailedCacheSyncToZK = sentryMetrics.getCounter(
MetricRegistry.name(PluginCacheSyncUtil.class, "cache-sync-to-zk", "failed-num"));
+
+ private SentryHdfsMetricsUtil() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeUtils.java
----------------------------------------------------------------------
diff --git a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeUtils.java b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeUtils.java
index 7387ad0..6628a2f 100644
--- a/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeUtils.java
+++ b/sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeUtils.java
@@ -24,4 +24,8 @@ public class PrivilegeUtils {
public static Set<String> toPrivilegeStrings(String s) {
return PermissionUtils.toPermissionStrings(s);
}
+
+ private PrivilegeUtils() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java
index c74641a..5dc2b55 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java
@@ -23,4 +23,8 @@ public class AuthorizationComponent{
public static final String Search = "solr";
public static final String SQOOP = "sqoop";
public static final String KAFKA = "kafka";
+
+ private AuthorizationComponent() {
+ // Make constructor private to avoid instantiation
+ }
}
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
index 4cf629b..a4d36bf 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
@@ -44,9 +44,10 @@ public class ProviderBackendContext {
public void setValidators(ImmutableList<PrivilegeValidator> validators) {
if (validators == null) {
- validators = ImmutableList.of();
+ this.validators = ImmutableList.of();
+ } else {
+ this.validators = validators;
}
- this.validators = validators;
}
public Object getBindingHandle() {
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
index 23f6a2d..e1737c2 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/DelegateSentryStore.java
@@ -113,16 +113,16 @@ public class DelegateSentryStore implements SentryStoreLayer {
throws SentryNoSuchObjectException {
boolean rollbackTransaction = true;
PersistenceManager pm = null;
- role = toTrimmedLower(role);
+ String trimmedRole = toTrimmedLower(role);
try {
pm = openTransaction();
Query query = pm.newQuery(MSentryRole.class);
query.setFilter("this.roleName == t");
query.declareParameters("java.lang.String t");
query.setUnique(true);
- MSentryRole sentryRole = (MSentryRole) query.execute(role);
+ MSentryRole sentryRole = (MSentryRole) query.execute(trimmedRole);
if (sentryRole == null) {
- throw new SentryNoSuchObjectException("Role: " + role + " doesn't exist");
+ throw new SentryNoSuchObjectException("Role: " + trimmedRole + " doesn't exist");
} else {
pm.retrieve(sentryRole);
sentryRole.removeGMPrivileges();
@@ -161,14 +161,14 @@ public class DelegateSentryStore implements SentryStoreLayer {
public CommitContext alterRoleGrantPrivilege(String component, String role,
PrivilegeObject privilege, String grantorPrincipal)
throws SentryUserException {
- role = toTrimmedLower(role);
+ String trimmedRole = toTrimmedLower(role);
PersistenceManager pm = null;
boolean rollbackTransaction = true;
try{
pm = openTransaction();
- MSentryRole mRole = getRole(role, pm);
+ MSentryRole mRole = getRole(trimmedRole, pm);
if (mRole == null) {
- throw new SentryNoSuchObjectException("Role: " + role + " doesn't exist");
+ throw new SentryNoSuchObjectException("Role: " + trimmedRole + " doesn't exist");
}
/**
* check with grant option
@@ -192,14 +192,14 @@ public class DelegateSentryStore implements SentryStoreLayer {
public CommitContext alterRoleRevokePrivilege(String component,
String role, PrivilegeObject privilege, String grantorPrincipal)
throws SentryUserException {
- role = toTrimmedLower(role);
+ String trimmedRole = toTrimmedLower(role);
PersistenceManager pm = null;
boolean rollbackTransaction = true;
try{
pm = openTransaction();
- MSentryRole mRole = getRole(role, pm);
+ MSentryRole mRole = getRole(trimmedRole, pm);
if (mRole == null) {
- throw new SentryNoSuchObjectException("Role: " + role + " doesn't exist");
+ throw new SentryNoSuchObjectException("Role: " + trimmedRole + " doesn't exist");
}
/**
* check with grant option
@@ -323,9 +323,9 @@ public class DelegateSentryStore implements SentryStoreLayer {
@Override
public Set<String> getGroupsByRoles(String component, Set<String> roles)
throws SentryUserException {
- roles = toTrimmedLower(roles);
+ Set<String> trimmedRoles = toTrimmedLower(roles);
Set<String> groupNames = Sets.newHashSet();
- if (roles.size() == 0) {
+ if (trimmedRoles.size() == 0) {
return groupNames;
}
@@ -337,7 +337,7 @@ public class DelegateSentryStore implements SentryStoreLayer {
StringBuilder filters = new StringBuilder();
query.declareVariables("org.apache.sentry.provider.db.service.model.MSentryRole role");
List<String> rolesFiler = new LinkedList<String>();
- for (String role : roles) {
+ for (String role : trimmedRoles) {
rolesFiler.add("role.roleName == \"" + role + "\" ");
}
filters.append("roles.contains(role) " + "&& (" + Joiner.on(" || ").join(rolesFiler) + ")");
@@ -393,33 +393,33 @@ public class DelegateSentryStore implements SentryStoreLayer {
Preconditions.checkNotNull(component);
Preconditions.checkNotNull(service);
- component = toTrimmedLower(component);
- service = toTrimmedLower(service);
+ String trimmedComponent = toTrimmedLower(component);
+ String trimmedService = toTrimmedLower(service);
Set<PrivilegeObject> privileges = Sets.newHashSet();
PersistenceManager pm = null;
try {
pm = openTransaction();
//CaseInsensitive roleNames
- roles = toTrimmedLower(roles);
+ Set<String> trimmedRoles = toTrimmedLower(roles);
if (groups != null) {
- roles.addAll(delegate.getRoleNamesForGroups(groups));
+ trimmedRoles.addAll(delegate.getRoleNamesForGroups(groups));
}
- if (roles.size() == 0) {
+ if (trimmedRoles.size() == 0) {
return privileges;
}
Set<MSentryRole> mRoles = Sets.newHashSet();
- for (String role : roles) {
+ for (String role : trimmedRoles) {
MSentryRole mRole = getRole(role, pm);
if (mRole != null) {
mRoles.add(mRole);
}
}
//get the privileges
- privileges.addAll(privilegeOperator.getPrivilegesByProvider(component, service, mRoles, authorizables, pm));
+ privileges.addAll(privilegeOperator.getPrivilegesByProvider(trimmedComponent, trimmedService, mRoles, authorizables, pm));
} finally {
if (pm != null) {
commitTransaction(pm);
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
index 05958fc..feab1e9 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/persistent/PrivilegeObject.java
@@ -25,7 +25,7 @@ import org.apache.sentry.core.common.Authorizable;
import com.google.common.base.Preconditions;
import com.google.common.collect.Lists;
-public class PrivilegeObject {
+public final class PrivilegeObject {
private final String component;
private final String service;
private final String action;
http://git-wip-us.apache.org/repos/asf/sentry/blob/36cb81a8/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
index 11b5456..1d9c246 100644
--- a/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
+++ b/sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/NotificationHandlerInvoker.java
@@ -32,7 +32,7 @@ import com.google.common.collect.Lists;
*/
public class NotificationHandlerInvoker implements NotificationHandler {
private static final Logger LOGGER = LoggerFactory.getLogger(NotificationHandlerInvoker.class);
- List<? extends NotificationHandler> handlers = Lists.newArrayList();
+ private List<? extends NotificationHandler> handlers = Lists.newArrayList();
public NotificationHandlerInvoker(List<? extends NotificationHandler> handlers) {
this.handlers = handlers;
|