sqoop-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject sqoop git commit: SQOOP-2101: Sqoop2: Add SqoopClient support to call Restful API
Date Tue, 17 Feb 2015 21:06:05 GMT
Repository: sqoop
Updated Branches:
  refs/heads/sqoop2 223bfcc0c -> 2b3ca36b1


SQOOP-2101: Sqoop2: Add SqoopClient support to call Restful API

(Richard Zhou via Abraham Elmahrek)


Project: http://git-wip-us.apache.org/repos/asf/sqoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/sqoop/commit/2b3ca36b
Tree: http://git-wip-us.apache.org/repos/asf/sqoop/tree/2b3ca36b
Diff: http://git-wip-us.apache.org/repos/asf/sqoop/diff/2b3ca36b

Branch: refs/heads/sqoop2
Commit: 2b3ca36b1702f7741fca8d38210e2039aecf25b0
Parents: 223bfcc
Author: Abraham Elmahrek <abe@apache.org>
Authored: Tue Feb 17 13:02:04 2015 -0800
Committer: Abraham Elmahrek <abe@apache.org>
Committed: Tue Feb 17 13:02:04 2015 -0800

----------------------------------------------------------------------
 .../org/apache/sqoop/client/SqoopClient.java    | 116 ++++++++++++++--
 .../request/AuthorizationResourceRequest.java   | 138 +++++++++++++++++++
 .../client/request/SqoopResourceRequests.java   |  63 +++++++--
 3 files changed, 297 insertions(+), 20 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sqoop/blob/2b3ca36b/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/sqoop/client/SqoopClient.java b/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
index 9e15c03..200f9b4 100644
--- a/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
+++ b/client/src/main/java/org/apache/sqoop/client/SqoopClient.java
@@ -31,16 +31,8 @@ import org.apache.sqoop.classification.InterfaceStability;
 import org.apache.sqoop.client.request.SqoopResourceRequests;
 import org.apache.sqoop.common.Direction;
 import org.apache.sqoop.common.SqoopException;
-import org.apache.sqoop.json.ConnectorBean;
-import org.apache.sqoop.json.DriverBean;
-import org.apache.sqoop.json.ValidationResultBean;
-import org.apache.sqoop.model.ConfigUtils;
-import org.apache.sqoop.model.MConnector;
-import org.apache.sqoop.model.MDriver;
-import org.apache.sqoop.model.MDriverConfig;
-import org.apache.sqoop.model.MJob;
-import org.apache.sqoop.model.MLink;
-import org.apache.sqoop.model.MSubmission;
+import org.apache.sqoop.json.*;
+import org.apache.sqoop.model.*;
 import org.apache.sqoop.validation.ConfigValidationResult;
 import org.apache.sqoop.validation.Status;
 
@@ -560,6 +552,110 @@ public class SqoopClient {
   }
 
   /**
+   * Retrieve list of all roles.
+   *
+   * @return
+   */
+  public List<MRole> getRoles() {
+    return resourceRequests.readRoles().getRoles();
+  }
+
+  /**
+   * Create a new role.
+   *
+   * @param role MRole
+   * @return
+   */
+  public void createRole(MRole role) {
+    resourceRequests.createRole(role);
+  }
+
+  /**
+   * Drop a role.
+   *
+   * @param role MRole
+   * @return
+   */
+  public void dropRole(MRole role) {
+    resourceRequests.dropRole(role);
+  }
+
+  /**
+   * Grant roles on principals.
+   *
+   * @param roles      MRole List
+   * @param principals MPrincipal List
+   * @return
+   */
+  public void grantRole(List<MRole> roles, List<MPrincipal> principals) {
+    resourceRequests.grantRole(roles, principals);
+  }
+
+  /**
+   * Revoke roles on principals.
+   *
+   * @param roles      MRole List
+   * @param principals MPrincipal List
+   * @return
+   */
+  public void revokeRole(List<MRole> roles, List<MPrincipal> principals) {
+    resourceRequests.revokeRole(roles, principals);
+  }
+
+  /**
+   * Get roles by principal.
+   *
+   * @param principal MPrincipal
+   * @return
+   */
+  public RolesBean getRolesByPrincipal(MPrincipal principal) {
+    return resourceRequests.readRolesByPrincipal(principal);
+  }
+
+  /**
+   * Get principals by role.
+   *
+   * @param role MRole
+   * @return
+   */
+  public PrincipalsBean getPrincipalsByRole(MRole role) {
+    return resourceRequests.readPrincipalsByRole(role);
+  }
+
+  /**
+   * Grant privileges on principals.
+   *
+   * @param principals MPrincipal List
+   * @param privileges MPrivilege List
+   * @return
+   */
+  public void grantPrivilege(List<MPrincipal> principals, List<MPrivilege> privileges)
{
+    resourceRequests.grantPrivilege(principals, privileges);
+  }
+
+  /**
+   * Revoke privileges on principals.
+   *
+   * @param principals MPrincipal List
+   * @param privileges MPrivilege List
+   * @return
+   */
+  public void revokePrivilege(List<MPrincipal> principals, List<MPrivilege> privileges)
{
+    resourceRequests.revokePrivilege(principals, privileges);
+  }
+
+  /**
+   * Get privileges by principal.
+   *
+   * @param principal MPrincipal
+   * @param resource MResource
+   * @return
+   */
+  public PrivilegesBean getPrivilegesByPrincipal(MPrincipal principal, MResource resource)
{
+    return resourceRequests.readPrivilegesByPrincipal(principal, resource);
+  }
+
+  /**
    * Add delegation token into credentials of Hadoop security.
    *
    * @param renewer renewer string

http://git-wip-us.apache.org/repos/asf/sqoop/blob/2b3ca36b/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java
b/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java
new file mode 100644
index 0000000..cdd8e73
--- /dev/null
+++ b/client/src/main/java/org/apache/sqoop/client/request/AuthorizationResourceRequest.java
@@ -0,0 +1,138 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sqoop.client.request;
+
+import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
+import org.apache.sqoop.json.*;
+import org.apache.sqoop.model.MPrincipal;
+import org.apache.sqoop.model.MPrivilege;
+import org.apache.sqoop.model.MResource;
+import org.apache.sqoop.model.MRole;
+import org.json.simple.JSONObject;
+
+import java.util.List;
+
+/**
+ * Provide CRUD semantics over RESTfull HTTP API for authorization. All operations are
+ * normally supported.
+ */
+public class AuthorizationResourceRequest extends ResourceRequest {
+
+  public static final String RESOURCE = "v1/authorization";
+
+  public static final String ROLES = "/roles";
+  public static final String PRINCIPALS = "/principals";
+  public static final String PRIVILEGES = "/privileges";
+
+  private static final String CREATE = "/create";
+  private static final String GRANT = "/grant";
+  private static final String REVOKE = "/revoke";
+
+  public AuthorizationResourceRequest() {
+    super();
+  }
+
+  public AuthorizationResourceRequest(DelegationTokenAuthenticatedURL.Token token) {
+    super(token);
+  }
+
+  public RolesBean readRoles(String serverUrl) {
+    String response = super.get(serverUrl + RESOURCE + ROLES);
+    JSONObject jsonObject = JSONUtils.parse(response);
+    RolesBean bean = new RolesBean();
+    bean.restore(jsonObject);
+    return bean;
+  }
+
+  public void createRole(String serverUrl, MRole role) {
+    RoleBean roleBean = new RoleBean(role);
+    // Extract all config inputs including sensitive inputs
+    JSONObject roleJson = roleBean.extract(false);
+    super.put(serverUrl + RESOURCE + ROLES + CREATE, roleJson.toJSONString());
+  }
+
+  public void dropRole(String serverUrl, MRole role) {
+    super.delete(serverUrl + RESOURCE + ROLES + "/" + role.getName());
+  }
+
+  public void grantRevokeRole(String serverUrl, List<MRole> roles, List<MPrincipal>
principals, boolean isGrant) {
+    RolesBean rolesBean = new RolesBean(roles);
+    PrincipalsBean principalsBean = new PrincipalsBean(principals);
+    // Extract all config inputs including sensitive inputs
+    JSONObject jsonObject = new JSONObject();
+    jsonObject.putAll(rolesBean.extract(false));
+    jsonObject.putAll(principalsBean.extract(false));
+    if (isGrant) {
+      super.put(serverUrl + RESOURCE + ROLES + GRANT, jsonObject.toJSONString());
+    } else {
+      super.put(serverUrl + RESOURCE + ROLES + REVOKE, jsonObject.toJSONString());
+    }
+  }
+
+  public RolesBean readRolesByPrincipal(String serverUrl, MPrincipal principal) {
+    String response = super.get(serverUrl + RESOURCE + ROLES
+            + "?principal_name=" + principal.getName()
+            + "&principal_type=" + principal.getType());
+    JSONObject jsonObject = JSONUtils.parse(response);
+    RolesBean bean = new RolesBean();
+    bean.restore(jsonObject);
+    return bean;
+  }
+
+  public PrincipalsBean readPrincipalsByRole(String serverUrl, MRole role) {
+    String response = super.get(serverUrl + RESOURCE + PRINCIPALS
+            + "?role_name=" + role.getName());
+    JSONObject jsonObject = JSONUtils.parse(response);
+    PrincipalsBean bean = new PrincipalsBean();
+    bean.restore(jsonObject);
+    return bean;
+  }
+
+  public void grantRevokePrivilege(String serverUrl, List<MPrincipal> principals, List<MPrivilege>
privileges, boolean isGrant) {
+    PrincipalsBean principalsBean = new PrincipalsBean(principals);
+    // Extract all config inputs including sensitive inputs
+    JSONObject jsonObject = new JSONObject();
+    jsonObject.putAll(principalsBean.extract(false));
+
+    if (privileges != null && privileges.size() != 0) {
+      PrivilegesBean privilegesBean = new PrivilegesBean(privileges);
+      jsonObject.putAll(privilegesBean.extract(false));
+    }
+
+    if (isGrant) {
+      super.put(serverUrl + RESOURCE + PRIVILEGES + GRANT, jsonObject.toJSONString());
+    } else {
+      super.put(serverUrl + RESOURCE + PRIVILEGES + REVOKE, jsonObject.toJSONString());
+    }
+  }
+
+  public PrivilegesBean readPrivilegesByPrincipal(String serverUrl, MPrincipal principal,
MResource resource) {
+    String url = serverUrl + RESOURCE + PRIVILEGES
+            + "?principal_name=" + principal.getName()
+            + "&principal_type=" + principal.getType();
+    if (resource != null) {
+      url += "&resource_name=" + resource.getName();
+      url += "&resource_type=" + resource.getType();
+    }
+    String response = super.get(url);
+    JSONObject jsonObject = JSONUtils.parse(response);
+    PrivilegesBean bean = new PrivilegesBean();
+    bean.restore(jsonObject);
+    return bean;
+  }
+}

http://git-wip-us.apache.org/repos/asf/sqoop/blob/2b3ca36b/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
----------------------------------------------------------------------
diff --git a/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
b/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
index 1825cf3..882c336 100644
--- a/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
+++ b/client/src/main/java/org/apache/sqoop/client/request/SqoopResourceRequests.java
@@ -20,17 +20,11 @@ package org.apache.sqoop.client.request;
 import org.apache.hadoop.security.token.Token;
 import org.apache.hadoop.security.token.delegation.web.DelegationTokenAuthenticatedURL;
 import org.apache.hadoop.security.Credentials;
-import org.apache.sqoop.json.ConnectorBean;
-import org.apache.sqoop.json.DriverBean;
-import org.apache.sqoop.json.JobBean;
-import org.apache.sqoop.json.LinkBean;
-import org.apache.sqoop.json.SubmissionBean;
-import org.apache.sqoop.json.SubmissionsBean;
-import org.apache.sqoop.json.ValidationResultBean;
-import org.apache.sqoop.model.MJob;
-import org.apache.sqoop.model.MLink;
+import org.apache.sqoop.json.*;
+import org.apache.sqoop.model.*;
 
 import java.io.IOException;
+import java.util.List;
 
 /**
  * Unified class for all request objects.
@@ -44,9 +38,10 @@ public class SqoopResourceRequests {
   private LinkResourceRequest linkRequest;
   private JobResourceRequest jobRequest;
   private SubmissionResourceRequest submissionRequest;
+  private AuthorizationResourceRequest authorizationRequest;
   private DelegationTokenAuthenticatedURL.Token authToken;
 
-  public SqoopResourceRequests(){
+  public SqoopResourceRequests() {
     authToken = new DelegationTokenAuthenticatedURL.Token();
   }
 
@@ -94,6 +89,14 @@ public class SqoopResourceRequests {
     return submissionRequest;
   }
 
+  public AuthorizationResourceRequest getAuthorizationRequest() {
+    if (authorizationRequest == null) {
+      authorizationRequest = new AuthorizationResourceRequest(authToken);
+    }
+
+    return authorizationRequest;
+  }
+
   public DriverBean readDriver() {
     return getDriverResourceRequest().read(serverUrl);
   }
@@ -162,6 +165,46 @@ public class SqoopResourceRequests {
     return getSubmissionResourceRequest().read(serverUrl, jid);
   }
 
+  public RolesBean readRoles() {
+    return getAuthorizationRequest().readRoles(serverUrl);
+  }
+
+  public void createRole(MRole role) {
+    getAuthorizationRequest().createRole(serverUrl, role);
+  }
+
+  public void dropRole(MRole role) {
+    getAuthorizationRequest().dropRole(serverUrl, role);
+  }
+
+  public void grantRole(List<MRole> roles, List<MPrincipal> principals) {
+    getAuthorizationRequest().grantRevokeRole(serverUrl, roles, principals, true);
+  }
+
+  public void revokeRole(List<MRole> roles, List<MPrincipal> principals) {
+    getAuthorizationRequest().grantRevokeRole(serverUrl, roles, principals, false);
+  }
+
+  public RolesBean readRolesByPrincipal(MPrincipal principal) {
+    return getAuthorizationRequest().readRolesByPrincipal(serverUrl, principal);
+  }
+
+  public PrincipalsBean readPrincipalsByRole(MRole role) {
+    return getAuthorizationRequest().readPrincipalsByRole(serverUrl, role);
+  }
+
+  public void grantPrivilege(List<MPrincipal> principals, List<MPrivilege> privileges)
{
+    getAuthorizationRequest().grantRevokePrivilege(serverUrl, principals, privileges, true);
+  }
+
+  public PrivilegesBean readPrivilegesByPrincipal(MPrincipal principal, MResource resource)
{
+    return getAuthorizationRequest().readPrivilegesByPrincipal(serverUrl, principal, resource);
+  }
+
+  public void revokePrivilege(List<MPrincipal> principals, List<MPrivilege> privileges)
{
+    getAuthorizationRequest().grantRevokePrivilege(serverUrl, principals, privileges, false);
+  }
+
   public Token<?>[] addDelegationTokens(String renewer,
                                         Credentials credentials) throws IOException {
     return getDriverResourceRequest().addDelegationTokens(serverUrl + DriverResourceRequest.RESOURCE,
renewer, credentials);


Mime
View raw message