sqoop-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject sqoop git commit: SQOOP-2255: Sqoop2: Throw Exception when no permission to the resource
Date Thu, 26 Mar 2015 04:52:19 GMT
Repository: sqoop
Updated Branches:
  refs/heads/sqoop2 06f6ceceb -> 615265db2


SQOOP-2255: Sqoop2: Throw Exception when no permission to the resource

(Richard Zhou via Abraham Elmahrek)


Project: http://git-wip-us.apache.org/repos/asf/sqoop/repo
Commit: http://git-wip-us.apache.org/repos/asf/sqoop/commit/615265db
Tree: http://git-wip-us.apache.org/repos/asf/sqoop/tree/615265db
Diff: http://git-wip-us.apache.org/repos/asf/sqoop/diff/615265db

Branch: refs/heads/sqoop2
Commit: 615265db2d86f774cfdd1e2829d331902516312a
Parents: 06f6cec
Author: Abraham Elmahrek <abe@apache.org>
Authored: Wed Mar 25 21:51:54 2015 -0700
Committer: Abraham Elmahrek <abe@apache.org>
Committed: Wed Mar 25 21:51:54 2015 -0700

----------------------------------------------------------------------
 .../sqoop/error/code/CommonRepositoryError.java   |  3 +++
 .../apache/sqoop/connector/ConnectorManager.java  |  4 +++-
 .../Authorization/AuthorizationEngine.java        | 18 ++++++++++++++++++
 .../sqoop/handler/ConnectorRequestHandler.java    |  9 ++++-----
 .../apache/sqoop/handler/JobRequestHandler.java   | 10 ++++------
 .../apache/sqoop/handler/LinkRequestHandler.java  | 10 ++++------
 6 files changed, 36 insertions(+), 18 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/sqoop/blob/615265db/common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java b/common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java
index 7db31dd..e5fbe2d 100644
--- a/common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java
+++ b/common/src/main/java/org/apache/sqoop/error/code/CommonRepositoryError.java
@@ -212,6 +212,9 @@ public enum CommonRepositoryError implements ErrorCode {
 
   COMMON_0056("Unable to update  USER_ONLY editable config"),
 
+  /** We can't restore specific connector**/
+  COMMON_0057("Unable to load specific connector"),
+
   ;
 
   private final String message;

http://git-wip-us.apache.org/repos/asf/sqoop/blob/615265db/core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java b/core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java
index 0b15046..0517413 100644
--- a/core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java
+++ b/core/src/main/java/org/apache/sqoop/connector/ConnectorManager.java
@@ -35,6 +35,7 @@ import org.apache.sqoop.core.ConfigurationConstants;
 import org.apache.sqoop.core.Reconfigurable;
 import org.apache.sqoop.core.SqoopConfiguration;
 import org.apache.sqoop.core.SqoopConfiguration.CoreConfigurationListener;
+import org.apache.sqoop.error.code.CommonRepositoryError;
 import org.apache.sqoop.error.code.ConnectorError;
 import org.apache.sqoop.model.MConnector;
 import org.apache.sqoop.repository.Repository;
@@ -129,7 +130,8 @@ public class ConnectorManager implements Reconfigurable {
   public MConnector getConnectorConfigurable(long connectorId) {
     ConnectorHandler handler = handlerMap.get(idToNameMap.get(connectorId));
     if (handler == null) {
-      return null;
+      throw new SqoopException(CommonRepositoryError.COMMON_0057, "Couldn't find"
+              + " connector with id " + connectorId);
     }
     return handler.getConnectorConfigurable();
   }

http://git-wip-us.apache.org/repos/asf/sqoop/blob/615265db/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
----------------------------------------------------------------------
diff --git a/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
b/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
index d261027..333919d 100644
--- a/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
+++ b/security/src/main/java/org/apache/sqoop/security/Authorization/AuthorizationEngine.java
@@ -26,9 +26,12 @@ import org.apache.hadoop.security.token.delegation.web.HttpUserGroupInformation;
 import org.apache.log4j.Logger;
 import org.apache.sqoop.common.SqoopException;
 import org.apache.sqoop.model.*;
+import org.apache.sqoop.repository.Repository;
+import org.apache.sqoop.repository.RepositoryManager;
 import org.apache.sqoop.security.AuthorizationHandler;
 import org.apache.sqoop.security.AuthorizationManager;
 
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
@@ -59,8 +62,19 @@ public class AuthorizationEngine {
   }
 
   /**
+   * Connector related function
+   */
+  public static void readConnector(String connectorId) throws SqoopException {
+    checkPrivilege(getPrivilege(MResource.TYPE.CONNECTOR, connectorId, MPrivilege.ACTION.READ));
+  }
+
+  /**
    * Link related function
    */
+  public static void readLink(String linkId) throws SqoopException {
+    checkPrivilege(getPrivilege(MResource.TYPE.LINK, linkId, MPrivilege.ACTION.READ));
+  }
+
   public static void createLink(String connectorId) throws SqoopException {
     checkPrivilege(getPrivilege(MResource.TYPE.CONNECTOR, connectorId, MPrivilege.ACTION.READ));
   }
@@ -82,6 +96,10 @@ public class AuthorizationEngine {
   /**
    * Job related function
    */
+  public static void readJob(String jobId) throws SqoopException {
+    checkPrivilege(getPrivilege(MResource.TYPE.JOB, jobId, MPrivilege.ACTION.READ));
+  }
+
   public static void createJob(String linkId1, String linkId2) throws SqoopException {
     MPrivilege privilege1 = getPrivilege(MResource.TYPE.LINK, linkId1, MPrivilege.ACTION.READ);
     MPrivilege privilege2 = getPrivilege(MResource.TYPE.LINK, linkId2, MPrivilege.ACTION.READ);

http://git-wip-us.apache.org/repos/asf/sqoop/blob/615265db/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java b/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
index 2305a51..570c974 100644
--- a/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
+++ b/server/src/main/java/org/apache/sqoop/handler/ConnectorRequestHandler.java
@@ -17,8 +17,8 @@
  */
 package org.apache.sqoop.handler;
 
+import java.util.Arrays;
 import java.util.HashMap;
-import java.util.LinkedList;
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
@@ -80,19 +80,18 @@ public class ConnectorRequestHandler implements RequestHandler {
       // NOTE: connectorId is a fallback for older sqoop clients if any, since we want to
primarily use unique conenctorNames
       long cId = HandlerUtils.getConnectorIdFromIdentifier(cIdentifier);
 
-      connectors = new LinkedList<MConnector>();
       configParamBundles = new HashMap<Long, ResourceBundle>();
 
-      connectors.add(ConnectorManager.getInstance().getConnectorConfigurable(cId));
+      MConnector connector = ConnectorManager.getInstance().getConnectorConfigurable(cId);
       configParamBundles.put(cId, ConnectorManager.getInstance().getResourceBundle(cId, locale));
 
       AuditLoggerManager.getInstance().logAuditEvent(ctx.getUserName(),
           ctx.getRequest().getRemoteAddr(), "get", "connector", String.valueOf(cIdentifier));
 
       // Authorization check
-      connectors = AuthorizationEngine.filterResource(MResource.TYPE.CONNECTOR, connectors);
+      AuthorizationEngine.readConnector(String.valueOf(connector.getPersistenceId()));
 
-      return new ConnectorBean(connectors, configParamBundles);
+      return new ConnectorBean(Arrays.asList(connector), configParamBundles);
     }
   }
 }
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/sqoop/blob/615265db/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java b/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
index 0c5f1f2..e22b1e8 100644
--- a/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
+++ b/server/src/main/java/org/apache/sqoop/handler/JobRequestHandler.java
@@ -18,7 +18,7 @@
 package org.apache.sqoop.handler;
 
 import java.io.IOException;
-import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.Locale;
 
@@ -306,14 +306,12 @@ public class JobRequestHandler implements RequestHandler {
           ctx.getRequest().getRemoteAddr(), "get", "job", connectorIdentifier);
 
       long jobId = HandlerUtils.getJobIdFromIdentifier(connectorIdentifier, repository);
-      List<MJob> jobList = new ArrayList<MJob>();
-      // a list of single element
-      jobList.add(repository.findJob(jobId));
+      MJob job = repository.findJob(jobId);
 
       // Authorization check
-      jobList = AuthorizationEngine.filterResource(MResource.TYPE.JOB, jobList);
+      AuthorizationEngine.readJob(String.valueOf(job.getPersistenceId()));
 
-      jobBean = createJobBean(jobList, locale);
+      jobBean = createJobBean(Arrays.asList(job), locale);
     }
     return jobBean;
   }

http://git-wip-us.apache.org/repos/asf/sqoop/blob/615265db/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
----------------------------------------------------------------------
diff --git a/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java b/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
index 3187bcf..6d4aa38 100644
--- a/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
+++ b/server/src/main/java/org/apache/sqoop/handler/LinkRequestHandler.java
@@ -18,7 +18,7 @@
 package org.apache.sqoop.handler;
 
 import java.io.IOException;
-import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 import java.util.Locale;
 
@@ -234,14 +234,12 @@ public class LinkRequestHandler implements RequestHandler {
           ctx.getRequest().getRemoteAddr(), "get", "link", identifier);
 
       long linkId = HandlerUtils.getLinkIdFromIdentifier(identifier, repository);
-      List<MLink> linkList = new ArrayList<MLink>();
-      // a list of single element
-      linkList.add(repository.findLink(linkId));
+      MLink link = repository.findLink(linkId);
 
       // Authorization check
-      linkList = AuthorizationEngine.filterResource(MResource.TYPE.LINK, linkList);
+      AuthorizationEngine.readLink(String.valueOf(link.getPersistenceId()));
 
-      linkBean = createLinkBean(linkList, locale);
+      linkBean = createLinkBean(Arrays.asList(link), locale);
     }
     return linkBean;
   }


Mime
View raw message