sqoop-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject sqoop git commit: SQOOP-2183: Sqoop2: Change resource type, privilege action and principal type from String to Enum.
Date Mon, 09 Mar 2015 07:23:17 GMT
Repository: sqoop
Updated Branches:
  refs/heads/sqoop2 3611112e2 -> 9b96277b4


SQOOP-2183: Sqoop2: Change resource type, privilege action and principal type from String
to Enum.

(Richard Zhou via Abraham Elmahrek)


Project: http://git-wip-us.apache.org/repos/asf/sqoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/sqoop/commit/9b96277b
Tree: http://git-wip-us.apache.org/repos/asf/sqoop/tree/9b96277b
Diff: http://git-wip-us.apache.org/repos/asf/sqoop/diff/9b96277b

Branch: refs/heads/sqoop2
Commit: 9b96277b4db27682765cffc6f93f81648cab6ef9
Parents: 3611112
Author: Abraham Elmahrek <abe@apache.org>
Authored: Mon Mar 9 00:22:00 2015 -0700
Committer: Abraham Elmahrek <abe@apache.org>
Committed: Mon Mar 9 00:22:55 2015 -0700

----------------------------------------------------------------------
 .../java/org/apache/sqoop/model/MPrincipal.java | 19 +++++-
 .../java/org/apache/sqoop/model/MPrivilege.java | 21 ++++++-
 .../java/org/apache/sqoop/model/MResource.java  | 19 +++++-
 .../Authorization/AuthorizationEngine.java      | 65 +++++++-------------
 .../sqoop/handler/ConnectorRequestHandler.java  |  5 +-
 .../apache/sqoop/handler/JobRequestHandler.java |  8 +--
 .../sqoop/handler/LinkRequestHandler.java       |  8 +--
 7 files changed, 83 insertions(+), 62 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sqoop/blob/9b96277b/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/model/MPrincipal.java b/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
index 471d63e..1fbf971 100644
--- a/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
+++ b/common/src/main/java/org/apache/sqoop/model/MPrincipal.java
@@ -22,11 +22,13 @@ package org.apache.sqoop.model;
  */
 public class MPrincipal {
 
+  public static enum TYPE {USER, GROUP, ROLE}
+
   private final String name;
   /**
    * Currently, the type supports user, group and role.
    */
-  private final String type;
+  private final TYPE type;
 
   /**
    * Default constructor to build  new MPrincipal model.
@@ -35,11 +37,22 @@ public class MPrincipal {
    * @param type Principal type
    */
   public MPrincipal(String name,
-                    String type) {
+                    TYPE type) {
     this.name = name;
     this.type = type;
   }
 
+  /**
+   * constructor to build  new MPrincipal model.
+   *
+   * @param name     Principal name
+   * @param typeName Principal type name
+   */
+  public MPrincipal(String name,
+                    String typeName) {
+    this(name, TYPE.valueOf(typeName.toUpperCase()));
+  }
+
   @Override
   public String toString() {
     StringBuilder sb = new StringBuilder("Principal (");
@@ -55,6 +68,6 @@ public class MPrincipal {
   }
 
   public String getType() {
-    return type;
+    return type.name();
   }
 }

http://git-wip-us.apache.org/repos/asf/sqoop/blob/9b96277b/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/model/MPrivilege.java b/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
index 25f7195..e10f094 100644
--- a/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
+++ b/common/src/main/java/org/apache/sqoop/model/MPrivilege.java
@@ -22,11 +22,13 @@ package org.apache.sqoop.model;
  */
 public class MPrivilege {
 
+  public static enum ACTION {ALL, READ, WRITE}
+
   private final MResource resource;
   /**
    * Currently, the action supports view, use, create, update, delete and enable_disable.
    */
-  private final String action;
+  private final ACTION action;
   private final boolean with_grant_option;
 
 
@@ -38,13 +40,26 @@ public class MPrivilege {
    * @param with_grant_option Privilege with_grant_option
    */
   public MPrivilege(MResource resource,
-                    String action,
+                    ACTION action,
                     boolean with_grant_option) {
     this.resource = resource;
     this.action = action;
     this.with_grant_option = with_grant_option;
   }
 
+  /**
+   * constructor to build  new MPrivilege model.
+   *
+   * @param resource          Privilege resource
+   * @param actionName        Privilege action name
+   * @param with_grant_option Privilege with_grant_option
+   */
+  public MPrivilege(MResource resource,
+                    String actionName,
+                    boolean with_grant_option) {
+    this(resource, ACTION.valueOf(actionName.toUpperCase()), with_grant_option);
+  }
+
   @Override
   public String toString() {
     StringBuilder sb = new StringBuilder("Privilege (");
@@ -61,7 +76,7 @@ public class MPrivilege {
   }
 
   public String getAction() {
-    return action;
+    return action.name();
   }
 
   public boolean isWith_grant_option() {

http://git-wip-us.apache.org/repos/asf/sqoop/blob/9b96277b/common/src/main/java/org/apache/sqoop/model/MResource.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/model/MResource.java b/common/src/main/java/org/apache/sqoop/model/MResource.java
index b21ce19..1185e48 100644
--- a/common/src/main/java/org/apache/sqoop/model/MResource.java
+++ b/common/src/main/java/org/apache/sqoop/model/MResource.java
@@ -22,11 +22,13 @@ package org.apache.sqoop.model;
  */
 public class MResource {
 
+  public static enum TYPE {SERVER, CONNECTOR, LINK, JOB}
+
   private final String name;
   /**
    * Currently, the type supports connector, link, job and submission.
    */
-  private final String type;
+  private final TYPE type;
 
   /**
    * Default constructor to build  new MResource model.
@@ -35,11 +37,22 @@ public class MResource {
    * @param type Resource type
    */
   public MResource(String name,
-                   String type) {
+                   TYPE type) {
     this.name = name;
     this.type = type;
   }
 
+  /**
+   * constructor to build  new MResource model.
+   *
+   * @param name     Resource name
+   * @param typeName Resource type name
+   */
+  public MResource(String name,
+                   String typeName) {
+    this(name, TYPE.valueOf(typeName.toUpperCase()));
+  }
+
   @Override
   public String toString() {
     StringBuilder sb = new StringBuilder("Resource (");
@@ -55,6 +68,6 @@ public class MResource {
   }
 
   public String getType() {
-    return type;
+    return type.name();
   }
 }

http://git-wip-us.apache.org/repos/asf/sqoop/blob/9b96277b/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
----------------------------------------------------------------------
diff --git a/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
b/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
index 09a9f38..d261027 100644
--- a/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
+++ b/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
@@ -38,36 +38,15 @@ public class AuthorizationEngine {
   private static final Logger LOG = Logger.getLogger(AuthorizationEngine.class);
 
   /**
-   * Role type
-   */
-  public enum RoleType {
-    USER, GROUP, ROLE
-  }
-
-  /**
-   * Resource type
-   */
-  public enum ResourceType {
-    SERVER, CONNECTOR, LINK, JOB
-  }
-
-  /**
-   * Action type in Privilege
-   */
-  public enum PrivilegeActionType {
-    ALL, READ, WRITE
-  }
-
-  /**
    * Filter resources, get all valid resources from all resources
    */
-  public static <T extends MPersistableEntity> List<T> filterResource(final ResourceType
type, List<T> resources) throws SqoopException {
+  public static <T extends MPersistableEntity> List<T> filterResource(final MResource.TYPE
type, List<T> resources) throws SqoopException {
     Collection<T> collection = Collections2.filter(resources, new Predicate<T>()
{
       @Override
       public boolean apply(T input) {
         try {
           String name = String.valueOf(input.getPersistenceId());
-          checkPrivilege(getPrivilege(type, name, PrivilegeActionType.READ));
+          checkPrivilege(getPrivilege(type, name, MPrivilege.ACTION.READ));
           // add valid resource
           return true;
         } catch (Exception e) {
@@ -83,58 +62,58 @@ public class AuthorizationEngine {
    * Link related function
    */
   public static void createLink(String connectorId) throws SqoopException {
-    checkPrivilege(getPrivilege(ResourceType.CONNECTOR, connectorId, PrivilegeActionType.READ));
+    checkPrivilege(getPrivilege(MResource.TYPE.CONNECTOR, connectorId, MPrivilege.ACTION.READ));
   }
 
   public static void updateLink(String connectorId, String linkId) throws SqoopException
{
-    MPrivilege privilege1 = getPrivilege(ResourceType.CONNECTOR, connectorId, PrivilegeActionType.READ);
-    MPrivilege privilege2 = getPrivilege(ResourceType.LINK, linkId, PrivilegeActionType.WRITE);
+    MPrivilege privilege1 = getPrivilege(MResource.TYPE.CONNECTOR, connectorId, MPrivilege.ACTION.READ);
+    MPrivilege privilege2 = getPrivilege(MResource.TYPE.LINK, linkId, MPrivilege.ACTION.WRITE);
     checkPrivilege(privilege1, privilege2);
   }
 
   public static void deleteLink(String linkId) throws SqoopException {
-    checkPrivilege(getPrivilege(ResourceType.LINK, linkId, PrivilegeActionType.WRITE));
+    checkPrivilege(getPrivilege(MResource.TYPE.LINK, linkId, MPrivilege.ACTION.WRITE));
   }
 
   public static void enableDisableLink(String linkId) throws SqoopException {
-    checkPrivilege(getPrivilege(ResourceType.LINK, linkId, PrivilegeActionType.WRITE));
+    checkPrivilege(getPrivilege(MResource.TYPE.LINK, linkId, MPrivilege.ACTION.WRITE));
   }
 
   /**
    * Job related function
    */
   public static void createJob(String linkId1, String linkId2) throws SqoopException {
-    MPrivilege privilege1 = getPrivilege(ResourceType.LINK, linkId1, PrivilegeActionType.READ);
-    MPrivilege privilege2 = getPrivilege(ResourceType.LINK, linkId2, PrivilegeActionType.READ);
+    MPrivilege privilege1 = getPrivilege(MResource.TYPE.LINK, linkId1, MPrivilege.ACTION.READ);
+    MPrivilege privilege2 = getPrivilege(MResource.TYPE.LINK, linkId2, MPrivilege.ACTION.READ);
     checkPrivilege(privilege1, privilege2);
   }
 
   public static void updateJob(String linkId1, String linkId2, String jobId) throws SqoopException
{
-    MPrivilege privilege1 = getPrivilege(ResourceType.LINK, linkId1, PrivilegeActionType.READ);
-    MPrivilege privilege2 = getPrivilege(ResourceType.LINK, linkId2, PrivilegeActionType.READ);
-    MPrivilege privilege3 = getPrivilege(ResourceType.JOB, jobId, PrivilegeActionType.WRITE);
+    MPrivilege privilege1 = getPrivilege(MResource.TYPE.LINK, linkId1, MPrivilege.ACTION.READ);
+    MPrivilege privilege2 = getPrivilege(MResource.TYPE.LINK, linkId2, MPrivilege.ACTION.READ);
+    MPrivilege privilege3 = getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.WRITE);
     checkPrivilege(privilege1, privilege2, privilege3);
   }
 
   public static void deleteJob(String jobId) throws SqoopException {
-    checkPrivilege(getPrivilege(ResourceType.JOB, jobId, PrivilegeActionType.WRITE));
+    checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.WRITE));
   }
 
   public static void enableDisableJob(String jobId) throws SqoopException {
-    checkPrivilege(getPrivilege(ResourceType.JOB, jobId, PrivilegeActionType.WRITE));
+    checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.WRITE));
   }
 
   public static void startJob(String jobId) throws SqoopException {
     ;
-    checkPrivilege(getPrivilege(ResourceType.JOB, jobId, PrivilegeActionType.WRITE));
+    checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.WRITE));
   }
 
   public static void stopJob(String jobId) throws SqoopException {
-    checkPrivilege(getPrivilege(ResourceType.JOB, jobId, PrivilegeActionType.WRITE));
+    checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.WRITE));
   }
 
   public static void statusJob(String jobId) throws SqoopException {
-    checkPrivilege(getPrivilege(ResourceType.JOB, jobId, PrivilegeActionType.READ));
+    checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.READ));
   }
 
   /**
@@ -146,7 +125,7 @@ public class AuthorizationEngine {
       public boolean apply(MSubmission input) {
         try {
           String jobId = String.valueOf(input.getJobId());
-          checkPrivilege(getPrivilege(ResourceType.JOB, jobId, PrivilegeActionType.READ));
+          checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.READ));
           // add valid submission
           return true;
         } catch (Exception e) {
@@ -161,17 +140,17 @@ public class AuthorizationEngine {
   /**
    * Help function
    */
-  private static MPrivilege getPrivilege(ResourceType resourceType,
+  private static MPrivilege getPrivilege(MResource.TYPE resourceType,
                                          String resourceId,
-                                         PrivilegeActionType privilegeActionType) {
-    return new MPrivilege(new MResource(resourceId, resourceType.name()), privilegeActionType.name(),
false);
+                                         MPrivilege.ACTION privilegeAction) {
+    return new MPrivilege(new MResource(resourceId, resourceType), privilegeAction, false);
   }
 
   private static void checkPrivilege(MPrivilege... privileges) {
     AuthorizationHandler handler = AuthorizationManager.getAuthorizationHandler();
     UserGroupInformation user = HttpUserGroupInformation.get();
     String user_name = user == null ? StringUtils.EMPTY : user.getShortUserName();
-    MPrincipal principal = new MPrincipal(user_name, RoleType.USER.name());
+    MPrincipal principal = new MPrincipal(user_name, MPrincipal.TYPE.USER);
     handler.checkPrivileges(principal, Arrays.asList(privileges));
   }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sqoop/blob/9b96277b/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java b/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
index 41a8b95..e469c09 100644
--- a/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
+++ b/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
@@ -32,6 +32,7 @@ import org.apache.sqoop.json.ConnectorBean;
 import org.apache.sqoop.json.ConnectorsBean;
 import org.apache.sqoop.json.JsonBean;
 import org.apache.sqoop.model.MConnector;
+import org.apache.sqoop.model.MResource;
 import org.apache.sqoop.security.Authorization.AuthorizationEngine;
 import org.apache.sqoop.server.RequestContext;
 import org.apache.sqoop.server.RequestContext.Method;
@@ -70,7 +71,7 @@ public class ConnectorRequestHandler implements RequestHandler {
           ctx.getRequest().getRemoteAddr(), "get", "connectors", "all");
 
       // Authorization check
-      connectors = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.CONNECTOR,
connectors);
+      connectors = AuthorizationEngine.filterResource(MResource.TYPE.CONNECTOR, connectors);
 
       return new ConnectorsBean(connectors, configParamBundles);
 
@@ -89,7 +90,7 @@ public class ConnectorRequestHandler implements RequestHandler {
           ctx.getRequest().getRemoteAddr(), "get", "connector", String.valueOf(cIdentifier));
 
       // Authorization check
-      connectors = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.CONNECTOR,
connectors);
+      connectors = AuthorizationEngine.filterResource(MResource.TYPE.CONNECTOR, connectors);
 
       return new ConnectorBean(connectors, configParamBundles);
     }

http://git-wip-us.apache.org/repos/asf/sqoop/blob/9b96277b/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java b/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
index 6dae043..551d5fe 100644
--- a/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
+++ b/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
@@ -147,7 +147,7 @@ public class JobRequestHandler implements RequestHandler {
     AuditLoggerManager.getInstance().logAuditEvent(ctx.getUserName(),
         ctx.getRequest().getRemoteAddr(), "delete", "job", jobIdentifier);
     repository.deleteJob(jobId);
-    MResource resource = new MResource(String.valueOf(jobId), AuthorizationEngine.ResourceType.JOB.name());
+    MResource resource = new MResource(String.valueOf(jobId), MResource.TYPE.JOB);
     AuthorizationManager.getAuthorizationHandler().removeResource(resource);
     return JsonBean.EMPTY_BEAN;
   }
@@ -285,7 +285,7 @@ public class JobRequestHandler implements RequestHandler {
       List<MJob> jobList = repository.findJobsForConnector(connectorId);
 
       // Authorization check
-      jobList = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.JOB,
jobList);
+      jobList = AuthorizationEngine.filterResource(MResource.TYPE.JOB, jobList);
 
       jobBean = createJobsBean(jobList, locale);
     } else
@@ -297,7 +297,7 @@ public class JobRequestHandler implements RequestHandler {
       List<MJob> jobList = repository.findJobs();
 
       // Authorization check
-      jobList = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.JOB,
jobList);
+      jobList = AuthorizationEngine.filterResource(MResource.TYPE.JOB, jobList);
 
       jobBean = createJobsBean(jobList, locale);
     }
@@ -312,7 +312,7 @@ public class JobRequestHandler implements RequestHandler {
       jobList.add(repository.findJob(jobId));
 
       // Authorization check
-      jobList = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.JOB,
jobList);
+      jobList = AuthorizationEngine.filterResource(MResource.TYPE.JOB, jobList);
 
       jobBean = createJobBean(jobList, locale);
     }

http://git-wip-us.apache.org/repos/asf/sqoop/blob/9b96277b/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java b/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
index 0bffc63..24b1754 100644
--- a/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
+++ b/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
@@ -101,7 +101,7 @@ public class LinkRequestHandler implements RequestHandler {
         ctx.getRequest().getRemoteAddr(), "delete", "link", linkIdentifier);
 
     repository.deleteLink(linkId);
-    MResource resource = new MResource(String.valueOf(linkId), AuthorizationEngine.ResourceType.LINK.name());
+    MResource resource = new MResource(String.valueOf(linkId), MResource.TYPE.LINK);
     AuthorizationManager.getAuthorizationHandler().removeResource(resource);
     return JsonBean.EMPTY_BEAN;
   }
@@ -207,7 +207,7 @@ public class LinkRequestHandler implements RequestHandler {
         List<MLink> linkList = repository.findLinksForConnector(connectorId);
 
         // Authorization check
-        linkList = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.LINK,
linkList);
+        linkList = AuthorizationEngine.filterResource(MResource.TYPE.LINK, linkList);
 
         linkBean = createLinksBean(linkList, locale);
       } else {
@@ -224,7 +224,7 @@ public class LinkRequestHandler implements RequestHandler {
       List<MLink> linkList = repository.findLinks();
 
       // Authorization check
-      linkList = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.LINK,
linkList);
+      linkList = AuthorizationEngine.filterResource(MResource.TYPE.LINK, linkList);
 
       linkBean = createLinksBean(linkList, locale);
     }
@@ -239,7 +239,7 @@ public class LinkRequestHandler implements RequestHandler {
       linkList.add(repository.findLink(linkId));
 
       // Authorization check
-      linkList = AuthorizationEngine.filterResource(AuthorizationEngine.ResourceType.LINK,
linkList);
+      linkList = AuthorizationEngine.filterResource(MResource.TYPE.LINK, linkList);
 
       linkBean = createLinkBean(linkList, locale);
     }


Mime
View raw message