From commits-return-12932-archive-asf-public=cust-asf.ponee.io@sentry.apache.org Mon Jun 10 19:43:26 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [207.244.88.153]) by mx-eu-01.ponee.io (Postfix) with SMTP id 12618180649 for ; Mon, 10 Jun 2019 21:43:24 +0200 (CEST) Received: (qmail 7645 invoked by uid 500); 10 Jun 2019 19:43:24 -0000 Mailing-List: contact commits-help@sentry.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@sentry.apache.org Delivered-To: mailing list commits@sentry.apache.org Received: (qmail 7636 invoked by uid 99); 10 Jun 2019 19:43:24 -0000 Received: from ec2-52-202-80-70.compute-1.amazonaws.com (HELO gitbox.apache.org) (52.202.80.70) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 10 Jun 2019 19:43:24 +0000 Received: by gitbox.apache.org (ASF Mail Server at gitbox.apache.org, from userid 33) id 07CB087A97; Mon, 10 Jun 2019 19:43:19 +0000 (UTC) Date: Mon, 10 Jun 2019 19:43:18 +0000 To: "commits@sentry.apache.org" Subject: [sentry] branch master updated: SENTRY-2522: Add a new thrift API for getting all privileges a user has for a given set of authorizable (Hao Hao reviewed by Arjun Mishra) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Message-ID: <156019579894.4634.541735014961761870@gitbox.apache.org> From: hahao@apache.org X-Git-Host: gitbox.apache.org X-Git-Repo: sentry X-Git-Refname: refs/heads/master X-Git-Reftype: branch X-Git-Oldrev: 505b42e81a9d85c4ebe8db3f48ad7a6e824a5db5 X-Git-Newrev: 148ba6c225ac785844476213f3d70ccbf637e9ba X-Git-Rev: 148ba6c225ac785844476213f3d70ccbf637e9ba X-Git-NotificationType: ref_changed_plus_diff X-Git-Multimail-Version: 1.5.dev Auto-Submitted: auto-generated This is an automated email from the ASF dual-hosted git repository. hahao pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/sentry.git The following commit(s) were added to refs/heads/master by this push: new 148ba6c SENTRY-2522: Add a new thrift API for getting all privileges a user has for a given set of authorizable (Hao Hao reviewed by Arjun Mishra) 148ba6c is described below commit 148ba6c225ac785844476213f3d70ccbf637e9ba Author: Hao Hao AuthorDate: Thu Jun 6 23:33:36 2019 -0700 SENTRY-2522: Add a new thrift API for getting all privileges a user has for a given set of authorizable (Hao Hao reviewed by Arjun Mishra) Change-Id: Ie49d8ee57b840f21e3e8276914fcb6c950399aee --- .../api/service/thrift/SentryPolicyService.java | 858 +++++++++++++++++++++ .../TListSentryPrivilegesByAuthUserRequest.java | 746 ++++++++++++++++++ .../TListSentryPrivilegesByAuthUserResponse.java | 598 ++++++++++++++ .../main/resources/sentry_policy_service.thrift | 19 + .../sentry/api/service/thrift/SentryMetrics.java | 2 + .../service/thrift/SentryPolicyStoreProcessor.java | 94 +++ .../thrift/TestSentryPolicyStoreProcessor.java | 127 ++- 7 files changed, 2442 insertions(+), 2 deletions(-) diff --git a/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/SentryPolicyService.java b/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/SentryPolicyService.java index df18706..44e31dd 100644 --- a/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/SentryPolicyService.java +++ b/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/SentryPolicyService.java @@ -75,6 +75,8 @@ public class SentryPolicyService { public TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request) throws org.apache.thrift.TException; + public TListSentryPrivilegesByAuthUserResponse list_sentry_privileges_by_authorizable_and_user(TListSentryPrivilegesByAuthUserRequest request) throws org.apache.thrift.TException; + public TSentryConfigValueResponse get_sentry_config_value(TSentryConfigValueRequest request) throws org.apache.thrift.TException; public TSentryExportMappingDataResponse export_sentry_mapping_data(TSentryExportMappingDataRequest request) throws org.apache.thrift.TException; @@ -129,6 +131,8 @@ public class SentryPolicyService { public void list_sentry_privileges_by_authorizable(TListSentryPrivilegesByAuthRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; + public void list_sentry_privileges_by_authorizable_and_user(TListSentryPrivilegesByAuthUserRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; + public void get_sentry_config_value(TSentryConfigValueRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; public void export_sentry_mapping_data(TSentryExportMappingDataRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException; @@ -579,6 +583,29 @@ public class SentryPolicyService { throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_by_authorizable failed: unknown result"); } + public TListSentryPrivilegesByAuthUserResponse list_sentry_privileges_by_authorizable_and_user(TListSentryPrivilegesByAuthUserRequest request) throws org.apache.thrift.TException + { + send_list_sentry_privileges_by_authorizable_and_user(request); + return recv_list_sentry_privileges_by_authorizable_and_user(); + } + + public void send_list_sentry_privileges_by_authorizable_and_user(TListSentryPrivilegesByAuthUserRequest request) throws org.apache.thrift.TException + { + list_sentry_privileges_by_authorizable_and_user_args args = new list_sentry_privileges_by_authorizable_and_user_args(); + args.setRequest(request); + sendBase("list_sentry_privileges_by_authorizable_and_user", args); + } + + public TListSentryPrivilegesByAuthUserResponse recv_list_sentry_privileges_by_authorizable_and_user() throws org.apache.thrift.TException + { + list_sentry_privileges_by_authorizable_and_user_result result = new list_sentry_privileges_by_authorizable_and_user_result(); + receiveBase(result, "list_sentry_privileges_by_authorizable_and_user"); + if (result.isSetSuccess()) { + return result.success; + } + throw new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.MISSING_RESULT, "list_sentry_privileges_by_authorizable_and_user failed: unknown result"); + } + public TSentryConfigValueResponse get_sentry_config_value(TSentryConfigValueRequest request) throws org.apache.thrift.TException { send_get_sentry_config_value(request); @@ -1334,6 +1361,38 @@ public class SentryPolicyService { } } + public void list_sentry_privileges_by_authorizable_and_user(TListSentryPrivilegesByAuthUserRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException { + checkReady(); + list_sentry_privileges_by_authorizable_and_user_call method_call = new list_sentry_privileges_by_authorizable_and_user_call(request, resultHandler, this, ___protocolFactory, ___transport); + this.___currentMethod = method_call; + ___manager.call(method_call); + } + + public static class list_sentry_privileges_by_authorizable_and_user_call extends org.apache.thrift.async.TAsyncMethodCall { + private TListSentryPrivilegesByAuthUserRequest request; + public list_sentry_privileges_by_authorizable_and_user_call(TListSentryPrivilegesByAuthUserRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler, org.apache.thrift.async.TAsyncClient client, org.apache.thrift.protocol.TProtocolFactory protocolFactory, org.apache.thrift.transport.TNonblockingTransport transport) throws org.apache.thrift.TException { + super(client, protocolFactory, transport, resultHandler, false); + this.request = request; + } + + public void write_args(org.apache.thrift.protocol.TProtocol prot) throws org.apache.thrift.TException { + prot.writeMessageBegin(new org.apache.thrift.protocol.TMessage("list_sentry_privileges_by_authorizable_and_user", org.apache.thrift.protocol.TMessageType.CALL, 0)); + list_sentry_privileges_by_authorizable_and_user_args args = new list_sentry_privileges_by_authorizable_and_user_args(); + args.setRequest(request); + args.write(prot); + prot.writeMessageEnd(); + } + + public TListSentryPrivilegesByAuthUserResponse getResult() throws org.apache.thrift.TException { + if (getState() != org.apache.thrift.async.TAsyncMethodCall.State.RESPONSE_READ) { + throw new IllegalStateException("Method call not finished!"); + } + org.apache.thrift.transport.TMemoryInputTransport memoryTransport = new org.apache.thrift.transport.TMemoryInputTransport(getFrameBuffer().array()); + org.apache.thrift.protocol.TProtocol prot = client.getProtocolFactory().getProtocol(memoryTransport); + return (new Client(prot)).recv_list_sentry_privileges_by_authorizable_and_user(); + } + } + public void get_sentry_config_value(TSentryConfigValueRequest request, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws org.apache.thrift.TException { checkReady(); get_sentry_config_value_call method_call = new get_sentry_config_value_call(request, resultHandler, this, ___protocolFactory, ___transport); @@ -1589,6 +1648,7 @@ public class SentryPolicyService { processMap.put("drop_sentry_privilege", new drop_sentry_privilege()); processMap.put("rename_sentry_privilege", new rename_sentry_privilege()); processMap.put("list_sentry_privileges_by_authorizable", new list_sentry_privileges_by_authorizable()); + processMap.put("list_sentry_privileges_by_authorizable_and_user", new list_sentry_privileges_by_authorizable_and_user()); processMap.put("get_sentry_config_value", new get_sentry_config_value()); processMap.put("export_sentry_mapping_data", new export_sentry_mapping_data()); processMap.put("import_sentry_mapping_data", new import_sentry_mapping_data()); @@ -1959,6 +2019,26 @@ public class SentryPolicyService { } } + public static class list_sentry_privileges_by_authorizable_and_user extends org.apache.thrift.ProcessFunction { + public list_sentry_privileges_by_authorizable_and_user() { + super("list_sentry_privileges_by_authorizable_and_user"); + } + + public list_sentry_privileges_by_authorizable_and_user_args getEmptyArgsInstance() { + return new list_sentry_privileges_by_authorizable_and_user_args(); + } + + protected boolean isOneway() { + return false; + } + + public list_sentry_privileges_by_authorizable_and_user_result getResult(I iface, list_sentry_privileges_by_authorizable_and_user_args args) throws org.apache.thrift.TException { + list_sentry_privileges_by_authorizable_and_user_result result = new list_sentry_privileges_by_authorizable_and_user_result(); + result.success = iface.list_sentry_privileges_by_authorizable_and_user(args.request); + return result; + } + } + public static class get_sentry_config_value extends org.apache.thrift.ProcessFunction { public get_sentry_config_value() { super("get_sentry_config_value"); @@ -2130,6 +2210,7 @@ public class SentryPolicyService { processMap.put("drop_sentry_privilege", new drop_sentry_privilege()); processMap.put("rename_sentry_privilege", new rename_sentry_privilege()); processMap.put("list_sentry_privileges_by_authorizable", new list_sentry_privileges_by_authorizable()); + processMap.put("list_sentry_privileges_by_authorizable_and_user", new list_sentry_privileges_by_authorizable_and_user()); processMap.put("get_sentry_config_value", new get_sentry_config_value()); processMap.put("export_sentry_mapping_data", new export_sentry_mapping_data()); processMap.put("import_sentry_mapping_data", new import_sentry_mapping_data()); @@ -3058,6 +3139,57 @@ public class SentryPolicyService { } } + public static class list_sentry_privileges_by_authorizable_and_user extends org.apache.thrift.AsyncProcessFunction { + public list_sentry_privileges_by_authorizable_and_user() { + super("list_sentry_privileges_by_authorizable_and_user"); + } + + public list_sentry_privileges_by_authorizable_and_user_args getEmptyArgsInstance() { + return new list_sentry_privileges_by_authorizable_and_user_args(); + } + + public AsyncMethodCallback getResultHandler(final AsyncFrameBuffer fb, final int seqid) { + final org.apache.thrift.AsyncProcessFunction fcall = this; + return new AsyncMethodCallback() { + public void onComplete(TListSentryPrivilegesByAuthUserResponse o) { + list_sentry_privileges_by_authorizable_and_user_result result = new list_sentry_privileges_by_authorizable_and_user_result(); + result.success = o; + try { + fcall.sendResponse(fb,result, org.apache.thrift.protocol.TMessageType.REPLY,seqid); + return; + } catch (Exception e) { + LOGGER.error("Exception writing to internal frame buffer", e); + } + fb.close(); + } + public void onError(Exception e) { + byte msgType = org.apache.thrift.protocol.TMessageType.REPLY; + org.apache.thrift.TBase msg; + list_sentry_privileges_by_authorizable_and_user_result result = new list_sentry_privileges_by_authorizable_and_user_result(); + { + msgType = org.apache.thrift.protocol.TMessageType.EXCEPTION; + msg = (org.apache.thrift.TBase)new org.apache.thrift.TApplicationException(org.apache.thrift.TApplicationException.INTERNAL_ERROR, e.getMessage()); + } + try { + fcall.sendResponse(fb,msg,msgType,seqid); + return; + } catch (Exception ex) { + LOGGER.error("Exception writing to internal frame buffer", ex); + } + fb.close(); + } + }; + } + + protected boolean isOneway() { + return false; + } + + public void start(I iface, list_sentry_privileges_by_authorizable_and_user_args args, org.apache.thrift.async.AsyncMethodCallback resultHandler) throws TException { + iface.list_sentry_privileges_by_authorizable_and_user(args.request,resultHandler); + } + } + public static class get_sentry_config_value extends org.apache.thrift.AsyncProcessFunction { public get_sentry_config_value() { super("get_sentry_config_value"); @@ -16485,6 +16617,732 @@ public class SentryPolicyService { } + public static class list_sentry_privileges_by_authorizable_and_user_args implements org.apache.thrift.TBase, java.io.Serializable, Cloneable, Comparable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("list_sentry_privileges_by_authorizable_and_user_args"); + + private static final org.apache.thrift.protocol.TField REQUEST_FIELD_DESC = new org.apache.thrift.protocol.TField("request", org.apache.thrift.protocol.TType.STRUCT, (short)1); + + private static final Map, SchemeFactory> schemes = new HashMap, SchemeFactory>(); + static { + schemes.put(StandardScheme.class, new list_sentry_privileges_by_authorizable_and_user_argsStandardSchemeFactory()); + schemes.put(TupleScheme.class, new list_sentry_privileges_by_authorizable_and_user_argsTupleSchemeFactory()); + } + + private TListSentryPrivilegesByAuthUserRequest request; // required + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + public enum _Fields implements org.apache.thrift.TFieldIdEnum { + REQUEST((short)1, "request"); + + private static final Map byName = new HashMap(); + + static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { + byName.put(field.getFieldName(), field); + } + } + + /** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ + public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { + case 1: // REQUEST + return REQUEST; + default: + return null; + } + } + + /** + * Find the _Fields constant that matches fieldId, throwing an exception + * if it is not found. + */ + public static _Fields findByThriftIdOrThrow(int fieldId) { + _Fields fields = findByThriftId(fieldId); + if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!"); + return fields; + } + + /** + * Find the _Fields constant that matches name, or null if its not found. + */ + public static _Fields findByName(String name) { + return byName.get(name); + } + + private final short _thriftId; + private final String _fieldName; + + _Fields(short thriftId, String fieldName) { + _thriftId = thriftId; + _fieldName = fieldName; + } + + public short getThriftFieldId() { + return _thriftId; + } + + public String getFieldName() { + return _fieldName; + } + } + + // isset id assignments + public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; + static { + Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); + tmpMap.put(_Fields.REQUEST, new org.apache.thrift.meta_data.FieldMetaData("request", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TListSentryPrivilegesByAuthUserRequest.class))); + metaDataMap = Collections.unmodifiableMap(tmpMap); + org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(list_sentry_privileges_by_authorizable_and_user_args.class, metaDataMap); + } + + public list_sentry_privileges_by_authorizable_and_user_args() { + } + + public list_sentry_privileges_by_authorizable_and_user_args( + TListSentryPrivilegesByAuthUserRequest request) + { + this(); + this.request = request; + } + + /** + * Performs a deep copy on other. + */ + public list_sentry_privileges_by_authorizable_and_user_args(list_sentry_privileges_by_authorizable_and_user_args other) { + if (other.isSetRequest()) { + this.request = new TListSentryPrivilegesByAuthUserRequest(other.request); + } + } + + public list_sentry_privileges_by_authorizable_and_user_args deepCopy() { + return new list_sentry_privileges_by_authorizable_and_user_args(this); + } + + @Override + public void clear() { + this.request = null; + } + + public TListSentryPrivilegesByAuthUserRequest getRequest() { + return this.request; + } + + public void setRequest(TListSentryPrivilegesByAuthUserRequest request) { + this.request = request; + } + + public void unsetRequest() { + this.request = null; + } + + /** Returns true if field request is set (has been assigned a value) and false otherwise */ + public boolean isSetRequest() { + return this.request != null; + } + + public void setRequestIsSet(boolean value) { + if (!value) { + this.request = null; + } + } + + public void setFieldValue(_Fields field, Object value) { + switch (field) { + case REQUEST: + if (value == null) { + unsetRequest(); + } else { + setRequest((TListSentryPrivilegesByAuthUserRequest)value); + } + break; + + } + } + + public Object getFieldValue(_Fields field) { + switch (field) { + case REQUEST: + return getRequest(); + + } + throw new IllegalStateException(); + } + + /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ + public boolean isSet(_Fields field) { + if (field == null) { + throw new IllegalArgumentException(); + } + + switch (field) { + case REQUEST: + return isSetRequest(); + } + throw new IllegalStateException(); + } + + @Override + public boolean equals(Object that) { + if (that == null) + return false; + if (that instanceof list_sentry_privileges_by_authorizable_and_user_args) + return this.equals((list_sentry_privileges_by_authorizable_and_user_args)that); + return false; + } + + public boolean equals(list_sentry_privileges_by_authorizable_and_user_args that) { + if (that == null) + return false; + + boolean this_present_request = true && this.isSetRequest(); + boolean that_present_request = true && that.isSetRequest(); + if (this_present_request || that_present_request) { + if (!(this_present_request && that_present_request)) + return false; + if (!this.request.equals(that.request)) + return false; + } + + return true; + } + + @Override + public int hashCode() { + List list = new ArrayList(); + + boolean present_request = true && (isSetRequest()); + list.add(present_request); + if (present_request) + list.add(request); + + return list.hashCode(); + } + + @Override + public int compareTo(list_sentry_privileges_by_authorizable_and_user_args other) { + if (!getClass().equals(other.getClass())) { + return getClass().getName().compareTo(other.getClass().getName()); + } + + int lastComparison = 0; + + lastComparison = Boolean.valueOf(isSetRequest()).compareTo(other.isSetRequest()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetRequest()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.request, other.request); + if (lastComparison != 0) { + return lastComparison; + } + } + return 0; + } + + public _Fields fieldForId(int fieldId) { + return _Fields.findByThriftId(fieldId); + } + + public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException { + schemes.get(iprot.getScheme()).getScheme().read(iprot, this); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { + schemes.get(oprot.getScheme()).getScheme().write(oprot, this); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("list_sentry_privileges_by_authorizable_and_user_args("); + boolean first = true; + + sb.append("request:"); + if (this.request == null) { + sb.append("null"); + } else { + sb.append(this.request); + } + first = false; + sb.append(")"); + return sb.toString(); + } + + public void validate() throws org.apache.thrift.TException { + // check for required fields + // check for sub-struct validity + if (request != null) { + request.validate(); + } + } + + private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { + try { + write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException { + try { + read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private static class list_sentry_privileges_by_authorizable_and_user_argsStandardSchemeFactory implements SchemeFactory { + public list_sentry_privileges_by_authorizable_and_user_argsStandardScheme getScheme() { + return new list_sentry_privileges_by_authorizable_and_user_argsStandardScheme(); + } + } + + private static class list_sentry_privileges_by_authorizable_and_user_argsStandardScheme extends StandardScheme { + + public void read(org.apache.thrift.protocol.TProtocol iprot, list_sentry_privileges_by_authorizable_and_user_args struct) throws org.apache.thrift.TException { + org.apache.thrift.protocol.TField schemeField; + iprot.readStructBegin(); + while (true) + { + schemeField = iprot.readFieldBegin(); + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + break; + } + switch (schemeField.id) { + case 1: // REQUEST + if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) { + struct.request = new TListSentryPrivilegesByAuthUserRequest(); + struct.request.read(iprot); + struct.setRequestIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + default: + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + iprot.readFieldEnd(); + } + iprot.readStructEnd(); + struct.validate(); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot, list_sentry_privileges_by_authorizable_and_user_args struct) throws org.apache.thrift.TException { + struct.validate(); + + oprot.writeStructBegin(STRUCT_DESC); + if (struct.request != null) { + oprot.writeFieldBegin(REQUEST_FIELD_DESC); + struct.request.write(oprot); + oprot.writeFieldEnd(); + } + oprot.writeFieldStop(); + oprot.writeStructEnd(); + } + + } + + private static class list_sentry_privileges_by_authorizable_and_user_argsTupleSchemeFactory implements SchemeFactory { + public list_sentry_privileges_by_authorizable_and_user_argsTupleScheme getScheme() { + return new list_sentry_privileges_by_authorizable_and_user_argsTupleScheme(); + } + } + + private static class list_sentry_privileges_by_authorizable_and_user_argsTupleScheme extends TupleScheme { + + @Override + public void write(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_and_user_args struct) throws org.apache.thrift.TException { + TTupleProtocol oprot = (TTupleProtocol) prot; + BitSet optionals = new BitSet(); + if (struct.isSetRequest()) { + optionals.set(0); + } + oprot.writeBitSet(optionals, 1); + if (struct.isSetRequest()) { + struct.request.write(oprot); + } + } + + @Override + public void read(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_and_user_args struct) throws org.apache.thrift.TException { + TTupleProtocol iprot = (TTupleProtocol) prot; + BitSet incoming = iprot.readBitSet(1); + if (incoming.get(0)) { + struct.request = new TListSentryPrivilegesByAuthUserRequest(); + struct.request.read(iprot); + struct.setRequestIsSet(true); + } + } + } + + } + + public static class list_sentry_privileges_by_authorizable_and_user_result implements org.apache.thrift.TBase, java.io.Serializable, Cloneable, Comparable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("list_sentry_privileges_by_authorizable_and_user_result"); + + private static final org.apache.thrift.protocol.TField SUCCESS_FIELD_DESC = new org.apache.thrift.protocol.TField("success", org.apache.thrift.protocol.TType.STRUCT, (short)0); + + private static final Map, SchemeFactory> schemes = new HashMap, SchemeFactory>(); + static { + schemes.put(StandardScheme.class, new list_sentry_privileges_by_authorizable_and_user_resultStandardSchemeFactory()); + schemes.put(TupleScheme.class, new list_sentry_privileges_by_authorizable_and_user_resultTupleSchemeFactory()); + } + + private TListSentryPrivilegesByAuthUserResponse success; // required + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + public enum _Fields implements org.apache.thrift.TFieldIdEnum { + SUCCESS((short)0, "success"); + + private static final Map byName = new HashMap(); + + static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { + byName.put(field.getFieldName(), field); + } + } + + /** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ + public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { + case 0: // SUCCESS + return SUCCESS; + default: + return null; + } + } + + /** + * Find the _Fields constant that matches fieldId, throwing an exception + * if it is not found. + */ + public static _Fields findByThriftIdOrThrow(int fieldId) { + _Fields fields = findByThriftId(fieldId); + if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!"); + return fields; + } + + /** + * Find the _Fields constant that matches name, or null if its not found. + */ + public static _Fields findByName(String name) { + return byName.get(name); + } + + private final short _thriftId; + private final String _fieldName; + + _Fields(short thriftId, String fieldName) { + _thriftId = thriftId; + _fieldName = fieldName; + } + + public short getThriftFieldId() { + return _thriftId; + } + + public String getFieldName() { + return _fieldName; + } + } + + // isset id assignments + public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; + static { + Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); + tmpMap.put(_Fields.SUCCESS, new org.apache.thrift.meta_data.FieldMetaData("success", org.apache.thrift.TFieldRequirementType.DEFAULT, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TListSentryPrivilegesByAuthUserResponse.class))); + metaDataMap = Collections.unmodifiableMap(tmpMap); + org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(list_sentry_privileges_by_authorizable_and_user_result.class, metaDataMap); + } + + public list_sentry_privileges_by_authorizable_and_user_result() { + } + + public list_sentry_privileges_by_authorizable_and_user_result( + TListSentryPrivilegesByAuthUserResponse success) + { + this(); + this.success = success; + } + + /** + * Performs a deep copy on other. + */ + public list_sentry_privileges_by_authorizable_and_user_result(list_sentry_privileges_by_authorizable_and_user_result other) { + if (other.isSetSuccess()) { + this.success = new TListSentryPrivilegesByAuthUserResponse(other.success); + } + } + + public list_sentry_privileges_by_authorizable_and_user_result deepCopy() { + return new list_sentry_privileges_by_authorizable_and_user_result(this); + } + + @Override + public void clear() { + this.success = null; + } + + public TListSentryPrivilegesByAuthUserResponse getSuccess() { + return this.success; + } + + public void setSuccess(TListSentryPrivilegesByAuthUserResponse success) { + this.success = success; + } + + public void unsetSuccess() { + this.success = null; + } + + /** Returns true if field success is set (has been assigned a value) and false otherwise */ + public boolean isSetSuccess() { + return this.success != null; + } + + public void setSuccessIsSet(boolean value) { + if (!value) { + this.success = null; + } + } + + public void setFieldValue(_Fields field, Object value) { + switch (field) { + case SUCCESS: + if (value == null) { + unsetSuccess(); + } else { + setSuccess((TListSentryPrivilegesByAuthUserResponse)value); + } + break; + + } + } + + public Object getFieldValue(_Fields field) { + switch (field) { + case SUCCESS: + return getSuccess(); + + } + throw new IllegalStateException(); + } + + /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ + public boolean isSet(_Fields field) { + if (field == null) { + throw new IllegalArgumentException(); + } + + switch (field) { + case SUCCESS: + return isSetSuccess(); + } + throw new IllegalStateException(); + } + + @Override + public boolean equals(Object that) { + if (that == null) + return false; + if (that instanceof list_sentry_privileges_by_authorizable_and_user_result) + return this.equals((list_sentry_privileges_by_authorizable_and_user_result)that); + return false; + } + + public boolean equals(list_sentry_privileges_by_authorizable_and_user_result that) { + if (that == null) + return false; + + boolean this_present_success = true && this.isSetSuccess(); + boolean that_present_success = true && that.isSetSuccess(); + if (this_present_success || that_present_success) { + if (!(this_present_success && that_present_success)) + return false; + if (!this.success.equals(that.success)) + return false; + } + + return true; + } + + @Override + public int hashCode() { + List list = new ArrayList(); + + boolean present_success = true && (isSetSuccess()); + list.add(present_success); + if (present_success) + list.add(success); + + return list.hashCode(); + } + + @Override + public int compareTo(list_sentry_privileges_by_authorizable_and_user_result other) { + if (!getClass().equals(other.getClass())) { + return getClass().getName().compareTo(other.getClass().getName()); + } + + int lastComparison = 0; + + lastComparison = Boolean.valueOf(isSetSuccess()).compareTo(other.isSetSuccess()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetSuccess()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.success, other.success); + if (lastComparison != 0) { + return lastComparison; + } + } + return 0; + } + + public _Fields fieldForId(int fieldId) { + return _Fields.findByThriftId(fieldId); + } + + public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException { + schemes.get(iprot.getScheme()).getScheme().read(iprot, this); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { + schemes.get(oprot.getScheme()).getScheme().write(oprot, this); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("list_sentry_privileges_by_authorizable_and_user_result("); + boolean first = true; + + sb.append("success:"); + if (this.success == null) { + sb.append("null"); + } else { + sb.append(this.success); + } + first = false; + sb.append(")"); + return sb.toString(); + } + + public void validate() throws org.apache.thrift.TException { + // check for required fields + // check for sub-struct validity + if (success != null) { + success.validate(); + } + } + + private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { + try { + write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException { + try { + read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private static class list_sentry_privileges_by_authorizable_and_user_resultStandardSchemeFactory implements SchemeFactory { + public list_sentry_privileges_by_authorizable_and_user_resultStandardScheme getScheme() { + return new list_sentry_privileges_by_authorizable_and_user_resultStandardScheme(); + } + } + + private static class list_sentry_privileges_by_authorizable_and_user_resultStandardScheme extends StandardScheme { + + public void read(org.apache.thrift.protocol.TProtocol iprot, list_sentry_privileges_by_authorizable_and_user_result struct) throws org.apache.thrift.TException { + org.apache.thrift.protocol.TField schemeField; + iprot.readStructBegin(); + while (true) + { + schemeField = iprot.readFieldBegin(); + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + break; + } + switch (schemeField.id) { + case 0: // SUCCESS + if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) { + struct.success = new TListSentryPrivilegesByAuthUserResponse(); + struct.success.read(iprot); + struct.setSuccessIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + default: + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + iprot.readFieldEnd(); + } + iprot.readStructEnd(); + struct.validate(); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot, list_sentry_privileges_by_authorizable_and_user_result struct) throws org.apache.thrift.TException { + struct.validate(); + + oprot.writeStructBegin(STRUCT_DESC); + if (struct.success != null) { + oprot.writeFieldBegin(SUCCESS_FIELD_DESC); + struct.success.write(oprot); + oprot.writeFieldEnd(); + } + oprot.writeFieldStop(); + oprot.writeStructEnd(); + } + + } + + private static class list_sentry_privileges_by_authorizable_and_user_resultTupleSchemeFactory implements SchemeFactory { + public list_sentry_privileges_by_authorizable_and_user_resultTupleScheme getScheme() { + return new list_sentry_privileges_by_authorizable_and_user_resultTupleScheme(); + } + } + + private static class list_sentry_privileges_by_authorizable_and_user_resultTupleScheme extends TupleScheme { + + @Override + public void write(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_and_user_result struct) throws org.apache.thrift.TException { + TTupleProtocol oprot = (TTupleProtocol) prot; + BitSet optionals = new BitSet(); + if (struct.isSetSuccess()) { + optionals.set(0); + } + oprot.writeBitSet(optionals, 1); + if (struct.isSetSuccess()) { + struct.success.write(oprot); + } + } + + @Override + public void read(org.apache.thrift.protocol.TProtocol prot, list_sentry_privileges_by_authorizable_and_user_result struct) throws org.apache.thrift.TException { + TTupleProtocol iprot = (TTupleProtocol) prot; + BitSet incoming = iprot.readBitSet(1); + if (incoming.get(0)) { + struct.success = new TListSentryPrivilegesByAuthUserResponse(); + struct.success.read(iprot); + struct.setSuccessIsSet(true); + } + } + } + + } + public static class get_sentry_config_value_args implements org.apache.thrift.TBase, java.io.Serializable, Cloneable, Comparable { private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("get_sentry_config_value_args"); diff --git a/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TListSentryPrivilegesByAuthUserRequest.java b/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TListSentryPrivilegesByAuthUserRequest.java new file mode 100644 index 0000000..62c0210 --- /dev/null +++ b/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TListSentryPrivilegesByAuthUserRequest.java @@ -0,0 +1,746 @@ +/** + * Autogenerated by Thrift Compiler (0.9.3) + * + * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING + * @generated + */ +package org.apache.sentry.api.service.thrift; + +import org.apache.thrift.scheme.IScheme; +import org.apache.thrift.scheme.SchemeFactory; +import org.apache.thrift.scheme.StandardScheme; + +import org.apache.thrift.scheme.TupleScheme; +import org.apache.thrift.protocol.TTupleProtocol; +import org.apache.thrift.protocol.TProtocolException; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.TException; +import org.apache.thrift.async.AsyncMethodCallback; +import org.apache.thrift.server.AbstractNonblockingServer.*; +import java.util.List; +import java.util.ArrayList; +import java.util.Map; +import java.util.HashMap; +import java.util.EnumMap; +import java.util.Set; +import java.util.HashSet; +import java.util.EnumSet; +import java.util.Collections; +import java.util.BitSet; +import java.nio.ByteBuffer; +import java.util.Arrays; +import javax.annotation.Generated; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"}) +@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)") +public class TListSentryPrivilegesByAuthUserRequest implements org.apache.thrift.TBase, java.io.Serializable, Cloneable, Comparable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthUserRequest"); + + private static final org.apache.thrift.protocol.TField PROTOCOL_VERSION_FIELD_DESC = new org.apache.thrift.protocol.TField("protocol_version", org.apache.thrift.protocol.TType.I32, (short)1); + private static final org.apache.thrift.protocol.TField REQUESTOR_USER_NAME_FIELD_DESC = new org.apache.thrift.protocol.TField("requestorUserName", org.apache.thrift.protocol.TType.STRING, (short)2); + private static final org.apache.thrift.protocol.TField AUTHORIZABLE_SET_FIELD_DESC = new org.apache.thrift.protocol.TField("authorizableSet", org.apache.thrift.protocol.TType.SET, (short)3); + private static final org.apache.thrift.protocol.TField USER_FIELD_DESC = new org.apache.thrift.protocol.TField("user", org.apache.thrift.protocol.TType.STRING, (short)4); + + private static final Map, SchemeFactory> schemes = new HashMap, SchemeFactory>(); + static { + schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthUserRequestStandardSchemeFactory()); + schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthUserRequestTupleSchemeFactory()); + } + + private int protocol_version; // required + private String requestorUserName; // required + private Set authorizableSet; // required + private String user; // required + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + public enum _Fields implements org.apache.thrift.TFieldIdEnum { + PROTOCOL_VERSION((short)1, "protocol_version"), + REQUESTOR_USER_NAME((short)2, "requestorUserName"), + AUTHORIZABLE_SET((short)3, "authorizableSet"), + USER((short)4, "user"); + + private static final Map byName = new HashMap(); + + static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { + byName.put(field.getFieldName(), field); + } + } + + /** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ + public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { + case 1: // PROTOCOL_VERSION + return PROTOCOL_VERSION; + case 2: // REQUESTOR_USER_NAME + return REQUESTOR_USER_NAME; + case 3: // AUTHORIZABLE_SET + return AUTHORIZABLE_SET; + case 4: // USER + return USER; + default: + return null; + } + } + + /** + * Find the _Fields constant that matches fieldId, throwing an exception + * if it is not found. + */ + public static _Fields findByThriftIdOrThrow(int fieldId) { + _Fields fields = findByThriftId(fieldId); + if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!"); + return fields; + } + + /** + * Find the _Fields constant that matches name, or null if its not found. + */ + public static _Fields findByName(String name) { + return byName.get(name); + } + + private final short _thriftId; + private final String _fieldName; + + _Fields(short thriftId, String fieldName) { + _thriftId = thriftId; + _fieldName = fieldName; + } + + public short getThriftFieldId() { + return _thriftId; + } + + public String getFieldName() { + return _fieldName; + } + } + + // isset id assignments + private static final int __PROTOCOL_VERSION_ISSET_ID = 0; + private byte __isset_bitfield = 0; + public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; + static { + Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); + tmpMap.put(_Fields.PROTOCOL_VERSION, new org.apache.thrift.meta_data.FieldMetaData("protocol_version", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.I32))); + tmpMap.put(_Fields.REQUESTOR_USER_NAME, new org.apache.thrift.meta_data.FieldMetaData("requestorUserName", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + tmpMap.put(_Fields.AUTHORIZABLE_SET, new org.apache.thrift.meta_data.FieldMetaData("authorizableSet", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class)))); + tmpMap.put(_Fields.USER, new org.apache.thrift.meta_data.FieldMetaData("user", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.FieldValueMetaData(org.apache.thrift.protocol.TType.STRING))); + metaDataMap = Collections.unmodifiableMap(tmpMap); + org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthUserRequest.class, metaDataMap); + } + + public TListSentryPrivilegesByAuthUserRequest() { + this.protocol_version = 2; + + } + + public TListSentryPrivilegesByAuthUserRequest( + int protocol_version, + String requestorUserName, + Set authorizableSet, + String user) + { + this(); + this.protocol_version = protocol_version; + setProtocol_versionIsSet(true); + this.requestorUserName = requestorUserName; + this.authorizableSet = authorizableSet; + this.user = user; + } + + /** + * Performs a deep copy on other. + */ + public TListSentryPrivilegesByAuthUserRequest(TListSentryPrivilegesByAuthUserRequest other) { + __isset_bitfield = other.__isset_bitfield; + this.protocol_version = other.protocol_version; + if (other.isSetRequestorUserName()) { + this.requestorUserName = other.requestorUserName; + } + if (other.isSetAuthorizableSet()) { + Set __this__authorizableSet = new HashSet(other.authorizableSet.size()); + for (TSentryAuthorizable other_element : other.authorizableSet) { + __this__authorizableSet.add(new TSentryAuthorizable(other_element)); + } + this.authorizableSet = __this__authorizableSet; + } + if (other.isSetUser()) { + this.user = other.user; + } + } + + public TListSentryPrivilegesByAuthUserRequest deepCopy() { + return new TListSentryPrivilegesByAuthUserRequest(this); + } + + @Override + public void clear() { + this.protocol_version = 2; + + this.requestorUserName = null; + this.authorizableSet = null; + this.user = null; + } + + public int getProtocol_version() { + return this.protocol_version; + } + + public void setProtocol_version(int protocol_version) { + this.protocol_version = protocol_version; + setProtocol_versionIsSet(true); + } + + public void unsetProtocol_version() { + __isset_bitfield = EncodingUtils.clearBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID); + } + + /** Returns true if field protocol_version is set (has been assigned a value) and false otherwise */ + public boolean isSetProtocol_version() { + return EncodingUtils.testBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID); + } + + public void setProtocol_versionIsSet(boolean value) { + __isset_bitfield = EncodingUtils.setBit(__isset_bitfield, __PROTOCOL_VERSION_ISSET_ID, value); + } + + public String getRequestorUserName() { + return this.requestorUserName; + } + + public void setRequestorUserName(String requestorUserName) { + this.requestorUserName = requestorUserName; + } + + public void unsetRequestorUserName() { + this.requestorUserName = null; + } + + /** Returns true if field requestorUserName is set (has been assigned a value) and false otherwise */ + public boolean isSetRequestorUserName() { + return this.requestorUserName != null; + } + + public void setRequestorUserNameIsSet(boolean value) { + if (!value) { + this.requestorUserName = null; + } + } + + public int getAuthorizableSetSize() { + return (this.authorizableSet == null) ? 0 : this.authorizableSet.size(); + } + + public java.util.Iterator getAuthorizableSetIterator() { + return (this.authorizableSet == null) ? null : this.authorizableSet.iterator(); + } + + public void addToAuthorizableSet(TSentryAuthorizable elem) { + if (this.authorizableSet == null) { + this.authorizableSet = new HashSet(); + } + this.authorizableSet.add(elem); + } + + public Set getAuthorizableSet() { + return this.authorizableSet; + } + + public void setAuthorizableSet(Set authorizableSet) { + this.authorizableSet = authorizableSet; + } + + public void unsetAuthorizableSet() { + this.authorizableSet = null; + } + + /** Returns true if field authorizableSet is set (has been assigned a value) and false otherwise */ + public boolean isSetAuthorizableSet() { + return this.authorizableSet != null; + } + + public void setAuthorizableSetIsSet(boolean value) { + if (!value) { + this.authorizableSet = null; + } + } + + public String getUser() { + return this.user; + } + + public void setUser(String user) { + this.user = user; + } + + public void unsetUser() { + this.user = null; + } + + /** Returns true if field user is set (has been assigned a value) and false otherwise */ + public boolean isSetUser() { + return this.user != null; + } + + public void setUserIsSet(boolean value) { + if (!value) { + this.user = null; + } + } + + public void setFieldValue(_Fields field, Object value) { + switch (field) { + case PROTOCOL_VERSION: + if (value == null) { + unsetProtocol_version(); + } else { + setProtocol_version((Integer)value); + } + break; + + case REQUESTOR_USER_NAME: + if (value == null) { + unsetRequestorUserName(); + } else { + setRequestorUserName((String)value); + } + break; + + case AUTHORIZABLE_SET: + if (value == null) { + unsetAuthorizableSet(); + } else { + setAuthorizableSet((Set)value); + } + break; + + case USER: + if (value == null) { + unsetUser(); + } else { + setUser((String)value); + } + break; + + } + } + + public Object getFieldValue(_Fields field) { + switch (field) { + case PROTOCOL_VERSION: + return getProtocol_version(); + + case REQUESTOR_USER_NAME: + return getRequestorUserName(); + + case AUTHORIZABLE_SET: + return getAuthorizableSet(); + + case USER: + return getUser(); + + } + throw new IllegalStateException(); + } + + /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ + public boolean isSet(_Fields field) { + if (field == null) { + throw new IllegalArgumentException(); + } + + switch (field) { + case PROTOCOL_VERSION: + return isSetProtocol_version(); + case REQUESTOR_USER_NAME: + return isSetRequestorUserName(); + case AUTHORIZABLE_SET: + return isSetAuthorizableSet(); + case USER: + return isSetUser(); + } + throw new IllegalStateException(); + } + + @Override + public boolean equals(Object that) { + if (that == null) + return false; + if (that instanceof TListSentryPrivilegesByAuthUserRequest) + return this.equals((TListSentryPrivilegesByAuthUserRequest)that); + return false; + } + + public boolean equals(TListSentryPrivilegesByAuthUserRequest that) { + if (that == null) + return false; + + boolean this_present_protocol_version = true; + boolean that_present_protocol_version = true; + if (this_present_protocol_version || that_present_protocol_version) { + if (!(this_present_protocol_version && that_present_protocol_version)) + return false; + if (this.protocol_version != that.protocol_version) + return false; + } + + boolean this_present_requestorUserName = true && this.isSetRequestorUserName(); + boolean that_present_requestorUserName = true && that.isSetRequestorUserName(); + if (this_present_requestorUserName || that_present_requestorUserName) { + if (!(this_present_requestorUserName && that_present_requestorUserName)) + return false; + if (!this.requestorUserName.equals(that.requestorUserName)) + return false; + } + + boolean this_present_authorizableSet = true && this.isSetAuthorizableSet(); + boolean that_present_authorizableSet = true && that.isSetAuthorizableSet(); + if (this_present_authorizableSet || that_present_authorizableSet) { + if (!(this_present_authorizableSet && that_present_authorizableSet)) + return false; + if (!this.authorizableSet.equals(that.authorizableSet)) + return false; + } + + boolean this_present_user = true && this.isSetUser(); + boolean that_present_user = true && that.isSetUser(); + if (this_present_user || that_present_user) { + if (!(this_present_user && that_present_user)) + return false; + if (!this.user.equals(that.user)) + return false; + } + + return true; + } + + @Override + public int hashCode() { + List list = new ArrayList(); + + boolean present_protocol_version = true; + list.add(present_protocol_version); + if (present_protocol_version) + list.add(protocol_version); + + boolean present_requestorUserName = true && (isSetRequestorUserName()); + list.add(present_requestorUserName); + if (present_requestorUserName) + list.add(requestorUserName); + + boolean present_authorizableSet = true && (isSetAuthorizableSet()); + list.add(present_authorizableSet); + if (present_authorizableSet) + list.add(authorizableSet); + + boolean present_user = true && (isSetUser()); + list.add(present_user); + if (present_user) + list.add(user); + + return list.hashCode(); + } + + @Override + public int compareTo(TListSentryPrivilegesByAuthUserRequest other) { + if (!getClass().equals(other.getClass())) { + return getClass().getName().compareTo(other.getClass().getName()); + } + + int lastComparison = 0; + + lastComparison = Boolean.valueOf(isSetProtocol_version()).compareTo(other.isSetProtocol_version()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetProtocol_version()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.protocol_version, other.protocol_version); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetRequestorUserName()).compareTo(other.isSetRequestorUserName()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetRequestorUserName()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.requestorUserName, other.requestorUserName); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetAuthorizableSet()).compareTo(other.isSetAuthorizableSet()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetAuthorizableSet()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.authorizableSet, other.authorizableSet); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetUser()).compareTo(other.isSetUser()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetUser()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.user, other.user); + if (lastComparison != 0) { + return lastComparison; + } + } + return 0; + } + + public _Fields fieldForId(int fieldId) { + return _Fields.findByThriftId(fieldId); + } + + public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException { + schemes.get(iprot.getScheme()).getScheme().read(iprot, this); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { + schemes.get(oprot.getScheme()).getScheme().write(oprot, this); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthUserRequest("); + boolean first = true; + + sb.append("protocol_version:"); + sb.append(this.protocol_version); + first = false; + if (!first) sb.append(", "); + sb.append("requestorUserName:"); + if (this.requestorUserName == null) { + sb.append("null"); + } else { + sb.append(this.requestorUserName); + } + first = false; + if (!first) sb.append(", "); + sb.append("authorizableSet:"); + if (this.authorizableSet == null) { + sb.append("null"); + } else { + sb.append(this.authorizableSet); + } + first = false; + if (!first) sb.append(", "); + sb.append("user:"); + if (this.user == null) { + sb.append("null"); + } else { + sb.append(this.user); + } + first = false; + sb.append(")"); + return sb.toString(); + } + + public void validate() throws org.apache.thrift.TException { + // check for required fields + if (!isSetProtocol_version()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'protocol_version' is unset! Struct:" + toString()); + } + + if (!isSetRequestorUserName()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'requestorUserName' is unset! Struct:" + toString()); + } + + if (!isSetAuthorizableSet()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'authorizableSet' is unset! Struct:" + toString()); + } + + if (!isSetUser()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'user' is unset! Struct:" + toString()); + } + + // check for sub-struct validity + } + + private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { + try { + write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException { + try { + // it doesn't seem like you should have to do this, but java serialization is wacky, and doesn't call the default constructor. + __isset_bitfield = 0; + read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private static class TListSentryPrivilegesByAuthUserRequestStandardSchemeFactory implements SchemeFactory { + public TListSentryPrivilegesByAuthUserRequestStandardScheme getScheme() { + return new TListSentryPrivilegesByAuthUserRequestStandardScheme(); + } + } + + private static class TListSentryPrivilegesByAuthUserRequestStandardScheme extends StandardScheme { + + public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthUserRequest struct) throws org.apache.thrift.TException { + org.apache.thrift.protocol.TField schemeField; + iprot.readStructBegin(); + while (true) + { + schemeField = iprot.readFieldBegin(); + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + break; + } + switch (schemeField.id) { + case 1: // PROTOCOL_VERSION + if (schemeField.type == org.apache.thrift.protocol.TType.I32) { + struct.protocol_version = iprot.readI32(); + struct.setProtocol_versionIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 2: // REQUESTOR_USER_NAME + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.requestorUserName = iprot.readString(); + struct.setRequestorUserNameIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 3: // AUTHORIZABLE_SET + if (schemeField.type == org.apache.thrift.protocol.TType.SET) { + { + org.apache.thrift.protocol.TSet _set174 = iprot.readSetBegin(); + struct.authorizableSet = new HashSet(2*_set174.size); + TSentryAuthorizable _elem175; + for (int _i176 = 0; _i176 < _set174.size; ++_i176) + { + _elem175 = new TSentryAuthorizable(); + _elem175.read(iprot); + struct.authorizableSet.add(_elem175); + } + iprot.readSetEnd(); + } + struct.setAuthorizableSetIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 4: // USER + if (schemeField.type == org.apache.thrift.protocol.TType.STRING) { + struct.user = iprot.readString(); + struct.setUserIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + default: + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + iprot.readFieldEnd(); + } + iprot.readStructEnd(); + struct.validate(); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthUserRequest struct) throws org.apache.thrift.TException { + struct.validate(); + + oprot.writeStructBegin(STRUCT_DESC); + oprot.writeFieldBegin(PROTOCOL_VERSION_FIELD_DESC); + oprot.writeI32(struct.protocol_version); + oprot.writeFieldEnd(); + if (struct.requestorUserName != null) { + oprot.writeFieldBegin(REQUESTOR_USER_NAME_FIELD_DESC); + oprot.writeString(struct.requestorUserName); + oprot.writeFieldEnd(); + } + if (struct.authorizableSet != null) { + oprot.writeFieldBegin(AUTHORIZABLE_SET_FIELD_DESC); + { + oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, struct.authorizableSet.size())); + for (TSentryAuthorizable _iter177 : struct.authorizableSet) + { + _iter177.write(oprot); + } + oprot.writeSetEnd(); + } + oprot.writeFieldEnd(); + } + if (struct.user != null) { + oprot.writeFieldBegin(USER_FIELD_DESC); + oprot.writeString(struct.user); + oprot.writeFieldEnd(); + } + oprot.writeFieldStop(); + oprot.writeStructEnd(); + } + + } + + private static class TListSentryPrivilegesByAuthUserRequestTupleSchemeFactory implements SchemeFactory { + public TListSentryPrivilegesByAuthUserRequestTupleScheme getScheme() { + return new TListSentryPrivilegesByAuthUserRequestTupleScheme(); + } + } + + private static class TListSentryPrivilegesByAuthUserRequestTupleScheme extends TupleScheme { + + @Override + public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthUserRequest struct) throws org.apache.thrift.TException { + TTupleProtocol oprot = (TTupleProtocol) prot; + oprot.writeI32(struct.protocol_version); + oprot.writeString(struct.requestorUserName); + { + oprot.writeI32(struct.authorizableSet.size()); + for (TSentryAuthorizable _iter178 : struct.authorizableSet) + { + _iter178.write(oprot); + } + } + oprot.writeString(struct.user); + } + + @Override + public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthUserRequest struct) throws org.apache.thrift.TException { + TTupleProtocol iprot = (TTupleProtocol) prot; + struct.protocol_version = iprot.readI32(); + struct.setProtocol_versionIsSet(true); + struct.requestorUserName = iprot.readString(); + struct.setRequestorUserNameIsSet(true); + { + org.apache.thrift.protocol.TSet _set179 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32()); + struct.authorizableSet = new HashSet(2*_set179.size); + TSentryAuthorizable _elem180; + for (int _i181 = 0; _i181 < _set179.size; ++_i181) + { + _elem180 = new TSentryAuthorizable(); + _elem180.read(iprot); + struct.authorizableSet.add(_elem180); + } + } + struct.setAuthorizableSetIsSet(true); + struct.user = iprot.readString(); + struct.setUserIsSet(true); + } + } + +} + diff --git a/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TListSentryPrivilegesByAuthUserResponse.java b/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TListSentryPrivilegesByAuthUserResponse.java new file mode 100644 index 0000000..f9f0e64 --- /dev/null +++ b/sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TListSentryPrivilegesByAuthUserResponse.java @@ -0,0 +1,598 @@ +/** + * Autogenerated by Thrift Compiler (0.9.3) + * + * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING + * @generated + */ +package org.apache.sentry.api.service.thrift; + +import org.apache.thrift.scheme.IScheme; +import org.apache.thrift.scheme.SchemeFactory; +import org.apache.thrift.scheme.StandardScheme; + +import org.apache.thrift.scheme.TupleScheme; +import org.apache.thrift.protocol.TTupleProtocol; +import org.apache.thrift.protocol.TProtocolException; +import org.apache.thrift.EncodingUtils; +import org.apache.thrift.TException; +import org.apache.thrift.async.AsyncMethodCallback; +import org.apache.thrift.server.AbstractNonblockingServer.*; +import java.util.List; +import java.util.ArrayList; +import java.util.Map; +import java.util.HashMap; +import java.util.EnumMap; +import java.util.Set; +import java.util.HashSet; +import java.util.EnumSet; +import java.util.Collections; +import java.util.BitSet; +import java.nio.ByteBuffer; +import java.util.Arrays; +import javax.annotation.Generated; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +@SuppressWarnings({"cast", "rawtypes", "serial", "unchecked"}) +@Generated(value = "Autogenerated by Thrift Compiler (0.9.3)") +public class TListSentryPrivilegesByAuthUserResponse implements org.apache.thrift.TBase, java.io.Serializable, Cloneable, Comparable { + private static final org.apache.thrift.protocol.TStruct STRUCT_DESC = new org.apache.thrift.protocol.TStruct("TListSentryPrivilegesByAuthUserResponse"); + + private static final org.apache.thrift.protocol.TField STATUS_FIELD_DESC = new org.apache.thrift.protocol.TField("status", org.apache.thrift.protocol.TType.STRUCT, (short)1); + private static final org.apache.thrift.protocol.TField PRIVILEGES_MAP_BY_AUTH_FIELD_DESC = new org.apache.thrift.protocol.TField("privilegesMapByAuth", org.apache.thrift.protocol.TType.MAP, (short)2); + + private static final Map, SchemeFactory> schemes = new HashMap, SchemeFactory>(); + static { + schemes.put(StandardScheme.class, new TListSentryPrivilegesByAuthUserResponseStandardSchemeFactory()); + schemes.put(TupleScheme.class, new TListSentryPrivilegesByAuthUserResponseTupleSchemeFactory()); + } + + private org.apache.sentry.service.thrift.TSentryResponseStatus status; // required + private Map> privilegesMapByAuth; // required + + /** The set of fields this struct contains, along with convenience methods for finding and manipulating them. */ + public enum _Fields implements org.apache.thrift.TFieldIdEnum { + STATUS((short)1, "status"), + PRIVILEGES_MAP_BY_AUTH((short)2, "privilegesMapByAuth"); + + private static final Map byName = new HashMap(); + + static { + for (_Fields field : EnumSet.allOf(_Fields.class)) { + byName.put(field.getFieldName(), field); + } + } + + /** + * Find the _Fields constant that matches fieldId, or null if its not found. + */ + public static _Fields findByThriftId(int fieldId) { + switch(fieldId) { + case 1: // STATUS + return STATUS; + case 2: // PRIVILEGES_MAP_BY_AUTH + return PRIVILEGES_MAP_BY_AUTH; + default: + return null; + } + } + + /** + * Find the _Fields constant that matches fieldId, throwing an exception + * if it is not found. + */ + public static _Fields findByThriftIdOrThrow(int fieldId) { + _Fields fields = findByThriftId(fieldId); + if (fields == null) throw new IllegalArgumentException("Field " + fieldId + " doesn't exist!"); + return fields; + } + + /** + * Find the _Fields constant that matches name, or null if its not found. + */ + public static _Fields findByName(String name) { + return byName.get(name); + } + + private final short _thriftId; + private final String _fieldName; + + _Fields(short thriftId, String fieldName) { + _thriftId = thriftId; + _fieldName = fieldName; + } + + public short getThriftFieldId() { + return _thriftId; + } + + public String getFieldName() { + return _fieldName; + } + } + + // isset id assignments + public static final Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> metaDataMap; + static { + Map<_Fields, org.apache.thrift.meta_data.FieldMetaData> tmpMap = new EnumMap<_Fields, org.apache.thrift.meta_data.FieldMetaData>(_Fields.class); + tmpMap.put(_Fields.STATUS, new org.apache.thrift.meta_data.FieldMetaData("status", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, org.apache.sentry.service.thrift.TSentryResponseStatus.class))); + tmpMap.put(_Fields.PRIVILEGES_MAP_BY_AUTH, new org.apache.thrift.meta_data.FieldMetaData("privilegesMapByAuth", org.apache.thrift.TFieldRequirementType.REQUIRED, + new org.apache.thrift.meta_data.MapMetaData(org.apache.thrift.protocol.TType.MAP, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryAuthorizable.class), + new org.apache.thrift.meta_data.SetMetaData(org.apache.thrift.protocol.TType.SET, + new org.apache.thrift.meta_data.StructMetaData(org.apache.thrift.protocol.TType.STRUCT, TSentryPrivilege.class))))); + metaDataMap = Collections.unmodifiableMap(tmpMap); + org.apache.thrift.meta_data.FieldMetaData.addStructMetaDataMap(TListSentryPrivilegesByAuthUserResponse.class, metaDataMap); + } + + public TListSentryPrivilegesByAuthUserResponse() { + } + + public TListSentryPrivilegesByAuthUserResponse( + org.apache.sentry.service.thrift.TSentryResponseStatus status, + Map> privilegesMapByAuth) + { + this(); + this.status = status; + this.privilegesMapByAuth = privilegesMapByAuth; + } + + /** + * Performs a deep copy on other. + */ + public TListSentryPrivilegesByAuthUserResponse(TListSentryPrivilegesByAuthUserResponse other) { + if (other.isSetStatus()) { + this.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(other.status); + } + if (other.isSetPrivilegesMapByAuth()) { + Map> __this__privilegesMapByAuth = new HashMap>(other.privilegesMapByAuth.size()); + for (Map.Entry> other_element : other.privilegesMapByAuth.entrySet()) { + + TSentryAuthorizable other_element_key = other_element.getKey(); + Set other_element_value = other_element.getValue(); + + TSentryAuthorizable __this__privilegesMapByAuth_copy_key = new TSentryAuthorizable(other_element_key); + + Set __this__privilegesMapByAuth_copy_value = new HashSet(other_element_value.size()); + for (TSentryPrivilege other_element_value_element : other_element_value) { + __this__privilegesMapByAuth_copy_value.add(new TSentryPrivilege(other_element_value_element)); + } + + __this__privilegesMapByAuth.put(__this__privilegesMapByAuth_copy_key, __this__privilegesMapByAuth_copy_value); + } + this.privilegesMapByAuth = __this__privilegesMapByAuth; + } + } + + public TListSentryPrivilegesByAuthUserResponse deepCopy() { + return new TListSentryPrivilegesByAuthUserResponse(this); + } + + @Override + public void clear() { + this.status = null; + this.privilegesMapByAuth = null; + } + + public org.apache.sentry.service.thrift.TSentryResponseStatus getStatus() { + return this.status; + } + + public void setStatus(org.apache.sentry.service.thrift.TSentryResponseStatus status) { + this.status = status; + } + + public void unsetStatus() { + this.status = null; + } + + /** Returns true if field status is set (has been assigned a value) and false otherwise */ + public boolean isSetStatus() { + return this.status != null; + } + + public void setStatusIsSet(boolean value) { + if (!value) { + this.status = null; + } + } + + public int getPrivilegesMapByAuthSize() { + return (this.privilegesMapByAuth == null) ? 0 : this.privilegesMapByAuth.size(); + } + + public void putToPrivilegesMapByAuth(TSentryAuthorizable key, Set val) { + if (this.privilegesMapByAuth == null) { + this.privilegesMapByAuth = new HashMap>(); + } + this.privilegesMapByAuth.put(key, val); + } + + public Map> getPrivilegesMapByAuth() { + return this.privilegesMapByAuth; + } + + public void setPrivilegesMapByAuth(Map> privilegesMapByAuth) { + this.privilegesMapByAuth = privilegesMapByAuth; + } + + public void unsetPrivilegesMapByAuth() { + this.privilegesMapByAuth = null; + } + + /** Returns true if field privilegesMapByAuth is set (has been assigned a value) and false otherwise */ + public boolean isSetPrivilegesMapByAuth() { + return this.privilegesMapByAuth != null; + } + + public void setPrivilegesMapByAuthIsSet(boolean value) { + if (!value) { + this.privilegesMapByAuth = null; + } + } + + public void setFieldValue(_Fields field, Object value) { + switch (field) { + case STATUS: + if (value == null) { + unsetStatus(); + } else { + setStatus((org.apache.sentry.service.thrift.TSentryResponseStatus)value); + } + break; + + case PRIVILEGES_MAP_BY_AUTH: + if (value == null) { + unsetPrivilegesMapByAuth(); + } else { + setPrivilegesMapByAuth((Map>)value); + } + break; + + } + } + + public Object getFieldValue(_Fields field) { + switch (field) { + case STATUS: + return getStatus(); + + case PRIVILEGES_MAP_BY_AUTH: + return getPrivilegesMapByAuth(); + + } + throw new IllegalStateException(); + } + + /** Returns true if field corresponding to fieldID is set (has been assigned a value) and false otherwise */ + public boolean isSet(_Fields field) { + if (field == null) { + throw new IllegalArgumentException(); + } + + switch (field) { + case STATUS: + return isSetStatus(); + case PRIVILEGES_MAP_BY_AUTH: + return isSetPrivilegesMapByAuth(); + } + throw new IllegalStateException(); + } + + @Override + public boolean equals(Object that) { + if (that == null) + return false; + if (that instanceof TListSentryPrivilegesByAuthUserResponse) + return this.equals((TListSentryPrivilegesByAuthUserResponse)that); + return false; + } + + public boolean equals(TListSentryPrivilegesByAuthUserResponse that) { + if (that == null) + return false; + + boolean this_present_status = true && this.isSetStatus(); + boolean that_present_status = true && that.isSetStatus(); + if (this_present_status || that_present_status) { + if (!(this_present_status && that_present_status)) + return false; + if (!this.status.equals(that.status)) + return false; + } + + boolean this_present_privilegesMapByAuth = true && this.isSetPrivilegesMapByAuth(); + boolean that_present_privilegesMapByAuth = true && that.isSetPrivilegesMapByAuth(); + if (this_present_privilegesMapByAuth || that_present_privilegesMapByAuth) { + if (!(this_present_privilegesMapByAuth && that_present_privilegesMapByAuth)) + return false; + if (!this.privilegesMapByAuth.equals(that.privilegesMapByAuth)) + return false; + } + + return true; + } + + @Override + public int hashCode() { + List list = new ArrayList(); + + boolean present_status = true && (isSetStatus()); + list.add(present_status); + if (present_status) + list.add(status); + + boolean present_privilegesMapByAuth = true && (isSetPrivilegesMapByAuth()); + list.add(present_privilegesMapByAuth); + if (present_privilegesMapByAuth) + list.add(privilegesMapByAuth); + + return list.hashCode(); + } + + @Override + public int compareTo(TListSentryPrivilegesByAuthUserResponse other) { + if (!getClass().equals(other.getClass())) { + return getClass().getName().compareTo(other.getClass().getName()); + } + + int lastComparison = 0; + + lastComparison = Boolean.valueOf(isSetStatus()).compareTo(other.isSetStatus()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetStatus()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.status, other.status); + if (lastComparison != 0) { + return lastComparison; + } + } + lastComparison = Boolean.valueOf(isSetPrivilegesMapByAuth()).compareTo(other.isSetPrivilegesMapByAuth()); + if (lastComparison != 0) { + return lastComparison; + } + if (isSetPrivilegesMapByAuth()) { + lastComparison = org.apache.thrift.TBaseHelper.compareTo(this.privilegesMapByAuth, other.privilegesMapByAuth); + if (lastComparison != 0) { + return lastComparison; + } + } + return 0; + } + + public _Fields fieldForId(int fieldId) { + return _Fields.findByThriftId(fieldId); + } + + public void read(org.apache.thrift.protocol.TProtocol iprot) throws org.apache.thrift.TException { + schemes.get(iprot.getScheme()).getScheme().read(iprot, this); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot) throws org.apache.thrift.TException { + schemes.get(oprot.getScheme()).getScheme().write(oprot, this); + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("TListSentryPrivilegesByAuthUserResponse("); + boolean first = true; + + sb.append("status:"); + if (this.status == null) { + sb.append("null"); + } else { + sb.append(this.status); + } + first = false; + if (!first) sb.append(", "); + sb.append("privilegesMapByAuth:"); + if (this.privilegesMapByAuth == null) { + sb.append("null"); + } else { + sb.append(this.privilegesMapByAuth); + } + first = false; + sb.append(")"); + return sb.toString(); + } + + public void validate() throws org.apache.thrift.TException { + // check for required fields + if (!isSetStatus()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'status' is unset! Struct:" + toString()); + } + + if (!isSetPrivilegesMapByAuth()) { + throw new org.apache.thrift.protocol.TProtocolException("Required field 'privilegesMapByAuth' is unset! Struct:" + toString()); + } + + // check for sub-struct validity + if (status != null) { + status.validate(); + } + } + + private void writeObject(java.io.ObjectOutputStream out) throws java.io.IOException { + try { + write(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(out))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private void readObject(java.io.ObjectInputStream in) throws java.io.IOException, ClassNotFoundException { + try { + read(new org.apache.thrift.protocol.TCompactProtocol(new org.apache.thrift.transport.TIOStreamTransport(in))); + } catch (org.apache.thrift.TException te) { + throw new java.io.IOException(te); + } + } + + private static class TListSentryPrivilegesByAuthUserResponseStandardSchemeFactory implements SchemeFactory { + public TListSentryPrivilegesByAuthUserResponseStandardScheme getScheme() { + return new TListSentryPrivilegesByAuthUserResponseStandardScheme(); + } + } + + private static class TListSentryPrivilegesByAuthUserResponseStandardScheme extends StandardScheme { + + public void read(org.apache.thrift.protocol.TProtocol iprot, TListSentryPrivilegesByAuthUserResponse struct) throws org.apache.thrift.TException { + org.apache.thrift.protocol.TField schemeField; + iprot.readStructBegin(); + while (true) + { + schemeField = iprot.readFieldBegin(); + if (schemeField.type == org.apache.thrift.protocol.TType.STOP) { + break; + } + switch (schemeField.id) { + case 1: // STATUS + if (schemeField.type == org.apache.thrift.protocol.TType.STRUCT) { + struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(); + struct.status.read(iprot); + struct.setStatusIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + case 2: // PRIVILEGES_MAP_BY_AUTH + if (schemeField.type == org.apache.thrift.protocol.TType.MAP) { + { + org.apache.thrift.protocol.TMap _map182 = iprot.readMapBegin(); + struct.privilegesMapByAuth = new HashMap>(2*_map182.size); + TSentryAuthorizable _key183; + Set _val184; + for (int _i185 = 0; _i185 < _map182.size; ++_i185) + { + _key183 = new TSentryAuthorizable(); + _key183.read(iprot); + { + org.apache.thrift.protocol.TSet _set186 = iprot.readSetBegin(); + _val184 = new HashSet(2*_set186.size); + TSentryPrivilege _elem187; + for (int _i188 = 0; _i188 < _set186.size; ++_i188) + { + _elem187 = new TSentryPrivilege(); + _elem187.read(iprot); + _val184.add(_elem187); + } + iprot.readSetEnd(); + } + struct.privilegesMapByAuth.put(_key183, _val184); + } + iprot.readMapEnd(); + } + struct.setPrivilegesMapByAuthIsSet(true); + } else { + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + break; + default: + org.apache.thrift.protocol.TProtocolUtil.skip(iprot, schemeField.type); + } + iprot.readFieldEnd(); + } + iprot.readStructEnd(); + struct.validate(); + } + + public void write(org.apache.thrift.protocol.TProtocol oprot, TListSentryPrivilegesByAuthUserResponse struct) throws org.apache.thrift.TException { + struct.validate(); + + oprot.writeStructBegin(STRUCT_DESC); + if (struct.status != null) { + oprot.writeFieldBegin(STATUS_FIELD_DESC); + struct.status.write(oprot); + oprot.writeFieldEnd(); + } + if (struct.privilegesMapByAuth != null) { + oprot.writeFieldBegin(PRIVILEGES_MAP_BY_AUTH_FIELD_DESC); + { + oprot.writeMapBegin(new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRUCT, org.apache.thrift.protocol.TType.SET, struct.privilegesMapByAuth.size())); + for (Map.Entry> _iter189 : struct.privilegesMapByAuth.entrySet()) + { + _iter189.getKey().write(oprot); + { + oprot.writeSetBegin(new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, _iter189.getValue().size())); + for (TSentryPrivilege _iter190 : _iter189.getValue()) + { + _iter190.write(oprot); + } + oprot.writeSetEnd(); + } + } + oprot.writeMapEnd(); + } + oprot.writeFieldEnd(); + } + oprot.writeFieldStop(); + oprot.writeStructEnd(); + } + + } + + private static class TListSentryPrivilegesByAuthUserResponseTupleSchemeFactory implements SchemeFactory { + public TListSentryPrivilegesByAuthUserResponseTupleScheme getScheme() { + return new TListSentryPrivilegesByAuthUserResponseTupleScheme(); + } + } + + private static class TListSentryPrivilegesByAuthUserResponseTupleScheme extends TupleScheme { + + @Override + public void write(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthUserResponse struct) throws org.apache.thrift.TException { + TTupleProtocol oprot = (TTupleProtocol) prot; + struct.status.write(oprot); + { + oprot.writeI32(struct.privilegesMapByAuth.size()); + for (Map.Entry> _iter191 : struct.privilegesMapByAuth.entrySet()) + { + _iter191.getKey().write(oprot); + { + oprot.writeI32(_iter191.getValue().size()); + for (TSentryPrivilege _iter192 : _iter191.getValue()) + { + _iter192.write(oprot); + } + } + } + } + } + + @Override + public void read(org.apache.thrift.protocol.TProtocol prot, TListSentryPrivilegesByAuthUserResponse struct) throws org.apache.thrift.TException { + TTupleProtocol iprot = (TTupleProtocol) prot; + struct.status = new org.apache.sentry.service.thrift.TSentryResponseStatus(); + struct.status.read(iprot); + struct.setStatusIsSet(true); + { + org.apache.thrift.protocol.TMap _map193 = new org.apache.thrift.protocol.TMap(org.apache.thrift.protocol.TType.STRUCT, org.apache.thrift.protocol.TType.SET, iprot.readI32()); + struct.privilegesMapByAuth = new HashMap>(2*_map193.size); + TSentryAuthorizable _key194; + Set _val195; + for (int _i196 = 0; _i196 < _map193.size; ++_i196) + { + _key194 = new TSentryAuthorizable(); + _key194.read(iprot); + { + org.apache.thrift.protocol.TSet _set197 = new org.apache.thrift.protocol.TSet(org.apache.thrift.protocol.TType.STRUCT, iprot.readI32()); + _val195 = new HashSet(2*_set197.size); + TSentryPrivilege _elem198; + for (int _i199 = 0; _i199 < _set197.size; ++_i199) + { + _elem198 = new TSentryPrivilege(); + _elem198.read(iprot); + _val195.add(_elem198); + } + } + struct.privilegesMapByAuth.put(_key194, _val195); + } + } + struct.setPrivilegesMapByAuthIsSet(true); + } + } + +} + diff --git a/sentry-service/sentry-service-api/src/main/resources/sentry_policy_service.thrift b/sentry-service/sentry-service-api/src/main/resources/sentry_policy_service.thrift index 74837a8..953b96b 100644 --- a/sentry-service/sentry-service-api/src/main/resources/sentry_policy_service.thrift +++ b/sentry-service/sentry-service-api/src/main/resources/sentry_policy_service.thrift @@ -283,6 +283,19 @@ struct TListSentryPrivilegesByAuthResponse { 3: optional map privilegesMapByAuthForUsers } +struct TListSentryPrivilegesByAuthUserRequest { +1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2, +2: required string requestorUserName, # user on whose behalf the request is issued +3: required set authorizableSet, +4: required string user +} + +struct TListSentryPrivilegesByAuthUserResponse { +1: required sentry_common_service.TSentryResponseStatus status, +# Authorizable to set of privileges map +2: required map> privilegesMapByAuth, +} + # Obtain a config value from the Sentry service struct TSentryConfigValueRequest { 1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2, @@ -437,8 +450,14 @@ service SentryPolicyService TRenamePrivilegesResponse rename_sentry_privilege(1:TRenamePrivilegesRequest request); + # List sentry privileges filterted based on a set of authorizables, that + # granted to the given user and the given role if present. TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(1:TListSentryPrivilegesByAuthRequest request); + # List sentry privileges filterted based on a set of authorizables, that + # granted to the given user and the groups the user associated with. + TListSentryPrivilegesByAuthUserResponse list_sentry_privileges_by_authorizable_and_user(1:TListSentryPrivilegesByAuthUserRequest request); + TSentryConfigValueResponse get_sentry_config_value(1:TSentryConfigValueRequest request); # export the mapping data in sentry diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryMetrics.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryMetrics.java index 7626e2c..01dcaac 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryMetrics.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryMetrics.java @@ -119,6 +119,8 @@ public final class SentryMetrics { name(SentryPolicyStoreProcessor.class, "list-privileges-for-provider")); final Timer listPrivilegesByAuthorizableTimer = METRIC_REGISTRY.timer( name(SentryPolicyStoreProcessor.class, "list-privileges-by-authorizable")); + final Timer listPrivilegesByAuthorizableAndUserTimer = METRIC_REGISTRY.timer( + name(SentryPolicyStoreProcessor.class, "list-privileges-by-authorizable-and-user")); final Timer listRolesPrivilegesTimer = METRIC_REGISTRY.timer( name(SentryPolicyStoreProcessor.class, "list-roles-privileges")); final Timer listUsersPrivilegesTimer = METRIC_REGISTRY.timer( diff --git a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java index b2731b1..b808a55 100644 --- a/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java +++ b/sentry-service/sentry-service-server/src/main/java/org/apache/sentry/api/service/thrift/SentryPolicyStoreProcessor.java @@ -1295,6 +1295,100 @@ public class SentryPolicyStoreProcessor implements SentryPolicyService.Iface { return response; } + @Override + public TListSentryPrivilegesByAuthUserResponse list_sentry_privileges_by_authorizable_and_user( + TListSentryPrivilegesByAuthUserRequest request) throws TException { + final Timer.Context timerContext = + sentryMetrics.listPrivilegesByAuthorizableAndUserTimer.time(); + TListSentryPrivilegesByAuthUserResponse response = + new TListSentryPrivilegesByAuthUserResponse(); + + // Sanity validation of the required fields. + String requestor = request.getRequestorUserName(); + String principalName = request.getUser(); + TSentryResponseStatus status = + checkRequiredParameter(requestor, "requestor parameter must not be null"); + status = status != null ? + status : checkRequiredParameter(principalName, "user parameter must not be null"); + if (status != null) { + response.setStatus(status); + return response; + } + principalName = principalName.trim(); + Map> authMap = Maps.newHashMap(); + + try { + validateClientVersion(request.getProtocol_version()); + + // To allow listing the privileges, the requestor user must be part of + // the admins group, or the requestor user must be the same user requesting + // privileges for. + Set requestorGroups = getRequestorGroups(requestor); + Boolean admin = inAdminGroups(requestorGroups); + if(!admin && !principalName.equalsIgnoreCase(requestor)) { + throw new SentryAccessDeniedException("Access denied to " + requestor); + } + + // Get the groups the user is associated with. + Set principalGroups; + if (principalName.equals(requestor)) { + principalGroups = requestorGroups; + } else { + principalGroups = getRequestorGroups(principalName); + } + Set principalUsers = new HashSet<>(); + principalUsers.add(principalName); + + // Return the privileges found that granted to the given user and the groups the + // user associated with per authorizable object. + for (TSentryAuthorizable authorizable : request.getAuthorizableSet()) { + Set privileges = new HashSet(); + + // Search for privileges granted to the groups the user associated with. + TSentryPrivilegeMap groupMap = sentryStore.listSentryPrivilegesByAuthorizable( + principalGroups, null, authorizable, false); + if (groupMap.getPrivilegeMap() != null) { + for (Set groupPrivilege : groupMap.getPrivilegeMap().values()) { + privileges.addAll(groupPrivilege); + } + } + + // Search for privileges granted to the user. + TSentryPrivilegeMap userMap = sentryStore.listSentryPrivilegesByAuthorizableForUser( + principalUsers, authorizable, false); + if (userMap.getPrivilegeMap() != null) { + for (Set userPrivilege : userMap.getPrivilegeMap().values()) { + privileges.addAll(userPrivilege); + } + } + + authMap.put(authorizable, privileges); + } + response.setPrivilegesMapByAuth(authMap); + response.setStatus(Status.OK()); + } catch (SentryAccessDeniedException e) { + LOGGER.error(e.getMessage(), e); + response.setStatus(Status.AccessDenied(e.getMessage(), e)); + } catch (SentryGroupNotFoundException e) { + LOGGER.error(e.getMessage(), e); + response.setStatus(Status.AccessDenied(e.getMessage(), e)); + } catch (SentryThriftAPIMismatchException e) { + LOGGER.error(e.getMessage(), e); + response.setStatus(Status.THRIFT_VERSION_MISMATCH(e.getMessage(), e)); + } catch (SentryInvalidInputException e) { + LOGGER.error(e.getMessage(), e); + response.setStatus(Status.InvalidInput(e.getMessage(), e)); + } catch (Exception e) { + String msg = "Unknown error for request: " + request + ", message: " + + e.getMessage(); + LOGGER.error(msg, e); + response.setStatus(Status.RuntimeError(msg, e)); + } finally { + timerContext.stop(); + } + return response; + } + /** * Respond to a request for a config value in the sentry server. The client * can request any config value that starts with "sentry." and doesn't contain diff --git a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java index 6f90fb4..e593870 100644 --- a/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java +++ b/sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryPolicyStoreProcessor.java @@ -25,9 +25,11 @@ import static org.junit.Assert.assertTrue; import com.codahale.metrics.Gauge; import com.google.common.collect.ImmutableMap; +import com.google.common.collect.Maps; import com.google.common.collect.Sets; -import java.util.Collections; -import java.util.Set; + +import java.util.*; + import org.apache.hadoop.hive.metastore.messaging.EventMessage; import org.apache.hadoop.hive.metastore.messaging.EventMessage.EventType; import org.apache.sentry.api.common.ApiConstants; @@ -342,6 +344,127 @@ public class TestSentryPolicyStoreProcessor { returnedResp.getPrivileges().contains(newSentryPrivilege("database", "db1", "t1", "*"))); } + @Test + public void testListPrivilegesByAuthorizableAndUser() throws Exception { + MockGroupMappingService.addUserGroupMapping("admin", Sets.newHashSet("admin")); + String user1 = "user1"; + String g1 = "g1"; + MockGroupMappingService.addUserGroupMapping(user1, Sets.newHashSet(g1)); + + Configuration conf = new Configuration(); + conf.set(ServerConfig.SENTRY_STORE_GROUP_MAPPING, + "org.apache.sentry.api.service.thrift.MockGroupMappingService"); + conf.set(ServerConfig.ADMIN_GROUPS, "admin"); + + SentryPolicyStoreProcessor policyStoreProcessor = new SentryPolicyStoreProcessor( + ApiConstants.SentryPolicyServiceConstants.SENTRY_POLICY_SERVICE_NAME, + conf, sentryStore); + TListSentryPrivilegesByAuthUserResponse returnedResp; + TListSentryPrivilegesByAuthUserResponse expectedResp; + + // Request privileges when user is null must throw an exception that + // user must not be null. + returnedResp = policyStoreProcessor.list_sentry_privileges_by_authorizable_and_user( + newAuthRequest("admin", null, null)); + expectedResp = new TListSentryPrivilegesByAuthUserResponse(); + expectedResp.setStatus(Status.InvalidInput("user parameter must not be null", + new SentryInvalidInputException("user parameter must not be null"))); + Assert.assertEquals(expectedResp.getStatus().getValue(), + returnedResp.getStatus().getValue()); + + // Prepare request for getting privileges for user1 based on the given authorizables + TSentryAuthorizable requestedAuthorizable = new TSentryAuthorizable(); + requestedAuthorizable.setServer("server1"); + requestedAuthorizable.setDb("db1"); + Set requestedAuthorizables = new HashSet<>(); + requestedAuthorizables.add(requestedAuthorizable); + + Set users = new HashSet<>(); + users.add(user1); + Set groups = new HashSet<>(); + groups.add(g1); + + Set user1Privileges = Sets.newHashSet( + newSentryPrivilege("database", "db1", "t1", "*"), + newSentryPrivilege("database", "db1", "t2", "*")); + Map> user1PrivilegesMap = Maps.newTreeMap(); + user1PrivilegesMap.put(user1, user1Privileges); + + Mockito.when(sentryStore.listSentryPrivilegesByAuthorizableForUser( + users, requestedAuthorizable, false)).thenReturn( + new TSentryPrivilegeMap(user1PrivilegesMap)); + + Mockito.when(sentryStore.listSentryPrivilegesByAuthorizable( + groups, null, requestedAuthorizable, false)).thenReturn( + new TSentryPrivilegeMap()); + + // Request privileges of a user as admin + returnedResp = policyStoreProcessor.list_sentry_privileges_by_authorizable_and_user( + newAuthRequest("admin", requestedAuthorizables, user1)); + Assert.assertEquals(1, returnedResp.getPrivilegesMapByAuthSize()); + Assert.assertEquals(2, returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).size()); + Assert.assertEquals(Status.OK(), returnedResp.getStatus()); + assertTrue("User1 should have ALL privileges in db1.t1", + returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).contains( + newSentryPrivilege("database", "db1", "t1", "*"))); + assertTrue("User1 should have ALL privileges in db1.t2", + returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).contains( + newSentryPrivilege("database", "db1", "t2", "*"))); + + // Request privileges of a user as the same user + returnedResp = policyStoreProcessor.list_sentry_privileges_by_authorizable_and_user( + newAuthRequest(user1, requestedAuthorizables, user1)); + Assert.assertEquals(1, returnedResp.getPrivilegesMapByAuthSize()); + Assert.assertEquals(2, returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).size()); + Assert.assertEquals(Status.OK(), returnedResp.getStatus()); + assertTrue("User1 should have ALL privileges in db1.t1", + returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).contains( + newSentryPrivilege("database", "db1", "t1", "*"))); + assertTrue("User1 should have ALL privileges in db1.t2", + returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).contains( + newSentryPrivilege("database", "db1", "t2", "*"))); + + // Request privileges of a user as an unauthorized user + returnedResp = policyStoreProcessor.list_sentry_privileges_by_authorizable_and_user( + newAuthRequest("bad_user", requestedAuthorizables, user1)); + Assert.assertEquals(Status.ACCESS_DENIED.getCode(), returnedResp.getStatus().getValue()); + assertNull(returnedResp.getPrivilegesMapByAuth()); + + // Assign new privileges for g1 based on the given authorizables + Set g1Privileges = Sets.newHashSet( + newSentryPrivilege("database", "db1", "t3", "*")); + Map> g1PrivilegesMap = Maps.newTreeMap(); + g1PrivilegesMap.put(g1, g1Privileges); + + Mockito.when(sentryStore.listSentryPrivilegesByAuthorizable( + groups, null, requestedAuthorizable, false)).thenReturn( + new TSentryPrivilegeMap(g1PrivilegesMap)); + returnedResp = policyStoreProcessor.list_sentry_privileges_by_authorizable_and_user( + newAuthRequest(user1, requestedAuthorizables, user1)); + Assert.assertEquals(1, returnedResp.getPrivilegesMapByAuthSize()); + Assert.assertEquals(3, returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).size()); + Assert.assertEquals(Status.OK(), returnedResp.getStatus()); + assertTrue("User1 should have ALL privileges in db1.t1", + returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).contains( + newSentryPrivilege("database", "db1", "t1", "*"))); + assertTrue("User1 should have ALL privileges in db1.t2", + returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).contains( + newSentryPrivilege("database", "db1", "t2", "*"))); + assertTrue("User1 should have ALL privileges in db1.t3", + returnedResp.getPrivilegesMapByAuth().get(requestedAuthorizable).contains( + newSentryPrivilege("database", "db1", "t3", "*"))); + } + + private TListSentryPrivilegesByAuthUserRequest newAuthRequest( + String requestorUser, Set authorizables, String user) { + TListSentryPrivilegesByAuthUserRequest request = + new TListSentryPrivilegesByAuthUserRequest(); + request.setRequestorUserName(requestorUser); + request.setAuthorizableSet(authorizables); + request.setUser(user); + return request; + } + private TListSentryPrivilegesRequest newPrivilegesRequest(String requestorUser, String principalName, TSentryAuthorizable authorizable) { TListSentryPrivilegesRequest request = new TListSentryPrivilegesRequest(); request.setRequestorUserName(requestorUser);