本文整理了Java中org.apache.sentry.policy.common.KeyValue
类的一些代码示例,展示了KeyValue
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KeyValue
类的具体详情如下:
包路径:org.apache.sentry.policy.common.KeyValue
类名称:KeyValue
暂无
代码示例来源:origin: apache/incubator-sentry
private List<? extends Authorizable> toAuthorizables(String privilegeStr) {
List<Authorizable> authorizables = Lists.newArrayList();
if (privilegeStr == null) {
return authorizables;
}
for (String authorizable : PolicyConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
KeyValue tempKV = new KeyValue(authorizable);
final String key = tempKV.getKey();
final String value = tempKV.getValue();
authorizables.add(new Authorizable() {
@Override
public String getTypeName() {
return key;
}
@Override
public String getName() {
return value;
}
});
}
return authorizables;
}
代码示例来源:origin: apache/incubator-sentry
private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) {
Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()),
"Please report, this method should not be called with two different keys");
if(policyPart.getValue().equals(IndexerConstants.ALL) || policyPart.equals(requestPart)) {
return true;
} else if (!PolicyConstants.PRIVILEGE_NAME.equalsIgnoreCase(policyPart.getKey())
&& IndexerConstants.ALL.equalsIgnoreCase(requestPart.getValue())) {
/* privilege request is to match with any object of given type */
return true;
}
return false;
}
代码示例来源:origin: apache/incubator-sentry
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
for(KeyValue kv: this.parts) {
sb.append(kv.getKey() + "=" + kv.getValue() + "->");
}
return sb.toString();
}
}
代码示例来源:origin: co.cask.cdap/cdap-sentry-policy
/**
* Gets a {@link Authorizable} from the given key and value
*
* @param key the {@link AuthorizableType type} of the authorizable
* @param value the {@link Authorizable name} of the authorizable
* @return the created {@link Authorizable} with the given name if {@link AuthorizableType} given was valid
* @throws NoSuchElementException if the given {@link AuthorizableType} was not valid
*/
public static Authorizable from(String key, String value) {
return from(new KeyValue(key, value));
}
代码示例来源:origin: apache/incubator-sentry
private boolean hasHostWidCard(KeyValue policyPart) {
if (policyPart.getKey().equalsIgnoreCase(KafkaAuthorizable.AuthorizableType.HOST.toString()) &&
policyPart.getValue().equalsIgnoreCase(ALL_HOSTS)) {
return true;
}
return false;
}
代码示例来源:origin: co.cask.cdap/cdap-sentry-policy
/**
* Gets a {@link Authorizable} from the given {@link KeyValue}
*
* @param keyValue {@link KeyValue} containing the {@link AuthorizableType} and name of the {@link Authorizable}
* to be crearted
* @return the created {@link Authorizable} with the given name if {@link AuthorizableType} given was valid
* @throws NoSuchElementException if the given {@link AuthorizableType} was not valid
*/
static Authorizable from(String keyValue) {
return from(new KeyValue(keyValue));
}
代码示例来源:origin: co.cask.cdap/cdap-sentry-policy
private static Authorizable from(KeyValue keyValue) {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue();
for (Authorizable.AuthorizableType type : AuthorizableType.values()) {
if (prefix.equalsIgnoreCase(type.name())) {
return from(type, name);
}
}
throw new NoSuchElementException(String.format("Given AuthorizableType %s does not exists.", prefix));
}
代码示例来源:origin: apache/incubator-sentry
private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) {
Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()),
"Please report, this method should not be called with two different keys");
if(policyPart.getValue().equals(SearchConstants.ALL) || policyPart.equals(requestPart)) {
return true;
} else if (!PolicyConstants.PRIVILEGE_NAME.equalsIgnoreCase(policyPart.getKey())
&& SearchConstants.ALL.equalsIgnoreCase(requestPart.getValue())) {
/* privilege request is to match with any object of given type */
return true;
}
return false;
}
代码示例来源:origin: apache/incubator-sentry
public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) {
TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
for (String authorizable : PolicyConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
KeyValue tempKV = new KeyValue(authorizable);
String key = tempKV.getKey();
String value = tempKV.getValue();
if (PolicyFileConstants.PRIVILEGE_SERVER_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setServerName(value);
} else if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setDbName(value);
} else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setTableName(value);
} else if (PolicyFileConstants.PRIVILEGE_COLUMN_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setColumnName(value);
} else if (PolicyFileConstants.PRIVILEGE_URI_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setURI(value);
} else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setAction(value);
} else if (PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME.equalsIgnoreCase(key)) {
TSentryGrantOption grantOption = "true".equalsIgnoreCase(value) ? TSentryGrantOption.TRUE
: TSentryGrantOption.FALSE;
tSentryPrivilege.setGrantOption(grantOption);
}
}
tSentryPrivilege.setPrivilegeScope(getPrivilegeScope(tSentryPrivilege));
return tSentryPrivilege;
}
代码示例来源:origin: co.cask.cdap/cdap-sentry-policy
public WildcardPrivilege(String permission) {
if (Strings.isNullOrEmpty(permission)) {
throw new IllegalArgumentException("Permission string cannot be null or empty.");
}
List<KeyValue> parts = new ArrayList<>();
for (String authorizable : PolicyConstants.AUTHORIZABLE_SPLITTER.trimResults().split(permission)) {
if (authorizable.isEmpty()) {
throw new IllegalArgumentException("Privilege '" + permission + "' has an empty section");
}
parts.add(new KeyValue(authorizable));
}
Preconditions.checkState(!parts.isEmpty(), "Failed to split the permission string %s into a list of Authorizables" +
" separated by %s", permission, PolicyConstants.AUTHORIZABLE_SPLITTER);
this.privilegeParts = Collections.unmodifiableList(parts);
}
代码示例来源:origin: apache/incubator-sentry
public static SearchModelAuthorizable from(KeyValue keyValue) {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue().toLowerCase();
for(AuthorizableType type : AuthorizableType.values()) {
if(prefix.equalsIgnoreCase(type.name())) {
return from(type, name);
}
}
return null;
}
public static SearchModelAuthorizable from(String s) {
代码示例来源:origin: apache/incubator-sentry
private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) {
Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()),
"Please report, this method should not be called with two different keys");
if(policyPart.getValue().equalsIgnoreCase(SqoopActionConstant.ALL) ||
policyPart.getValue().equalsIgnoreCase(SqoopActionConstant.ALL_NAME) ||
policyPart.equals(requestPart)) {
return true;
} else if (!SqoopActionConstant.NAME.equalsIgnoreCase(policyPart.getKey())
&& SqoopActionConstant.ALL.equalsIgnoreCase(requestPart.getValue())) {
/* privilege request is to match with any object of given type */
return true;
}
return false;
}
}
代码示例来源:origin: apache/incubator-sentry
public static TSentryPrivilege convertToTSentryPrivilege(String privilegeStr) throws Exception {
TSentryPrivilege tSentryPrivilege = new TSentryPrivilege();
for (String authorizable : PolicyConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
KeyValue tempKV = new KeyValue(authorizable);
String key = tempKV.getKey();
String value = tempKV.getValue();
if (PolicyFileConstants.PRIVILEGE_SERVER_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setServerName(value);
} else if (PolicyFileConstants.PRIVILEGE_DATABASE_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setDbName(value);
} else if (PolicyFileConstants.PRIVILEGE_TABLE_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setTableName(value);
} else if (PolicyFileConstants.PRIVILEGE_COLUMN_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setColumnName(value);
} else if (PolicyFileConstants.PRIVILEGE_URI_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setURI(value);
} else if (PolicyFileConstants.PRIVILEGE_ACTION_NAME.equalsIgnoreCase(key)) {
tSentryPrivilege.setAction(value);
} else if (PolicyFileConstants.PRIVILEGE_GRANT_OPTION_NAME.equalsIgnoreCase(key)) {
TSentryGrantOption grantOption = "true".equalsIgnoreCase(value) ? TSentryGrantOption.TRUE
: TSentryGrantOption.FALSE;
tSentryPrivilege.setGrantOption(grantOption);
}
}
tSentryPrivilege.setPrivilegeScope(getPrivilegeScope(tSentryPrivilege));
validatePrivilegeHierarchy(tSentryPrivilege);
return tSentryPrivilege;
}
代码示例来源:origin: apache/incubator-sentry
public static SqoopAuthorizable from(String keyValue) {
return from(new KeyValue(keyValue));
}
代码示例来源:origin: apache/incubator-sentry
public static SqoopAuthorizable from(KeyValue keyValue) {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue().toLowerCase();
for (AuthorizableType type : AuthorizableType.values()) {
if(prefix.equalsIgnoreCase(type.name())) {
return from(type, name);
}
}
return null;
}
代码示例来源:origin: apache/incubator-sentry
private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) {
Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()),
"Please report, this method should not be called with two different keys");
// Host is a special resource, not declared as resource in Kafka. Each Kafka resource can be
// authorized based on the host request originated from and to handle this, Sentry uses host as
// a resource. Kafka allows using '*' as wildcard for all hosts. '*' however is not a valid
// Kafka action.
if (hasHostWidCard(policyPart)) {
return true;
}
if (KafkaActionConstant.actionName.equalsIgnoreCase(policyPart.getKey())) { // is action
return policyPart.getValue().equalsIgnoreCase(KafkaActionConstant.ALL) ||
policyPart.equals(requestPart);
} else {
return policyPart.getValue().equals(requestPart.getValue());
}
}
代码示例来源:origin: apache/incubator-sentry
List<TAuthorizable> authorizables = new LinkedList<TAuthorizable>();
for (String authorizable : PolicyConstants.AUTHORIZABLE_SPLITTER.split(privilegeStr)) {
KeyValue keyValue = new KeyValue(authorizable);
String key = keyValue.getKey();
String value = keyValue.getValue();
代码示例来源:origin: apache/incubator-sentry
public static KafkaAuthorizable from(String keyValue) throws ConfigurationException {
return from(new KeyValue(keyValue));
}
代码示例来源:origin: apache/incubator-sentry
public static KafkaAuthorizable from(KeyValue keyValue) throws ConfigurationException {
String prefix = keyValue.getKey().toLowerCase();
String name = keyValue.getValue();
for (AuthorizableType type : AuthorizableType.values()) {
if (prefix.equalsIgnoreCase(type.name())) {
return from(type, name);
}
}
return null;
}
代码示例来源:origin: co.cask.cdap/cdap-sentry-policy
/**
* For policy and request parts with the same key, ensure that the policy implies the request. In this method, the
* keys for both #policyPart and #requestPart are expected to be the same.
*
* @param policyPart the policy part
* @param requestPart the request part
* @return true if either
* - policy part is {@link Action#ALL}; or
* - policy part equals request part;
* false otherwise.
*/
private boolean impliesKeyValue(KeyValue policyPart, KeyValue requestPart) {
Preconditions.checkState(policyPart.getKey().equalsIgnoreCase(requestPart.getKey()),
String.format("Privilege Key Mismatch: Key %s and %s does not match.", policyPart.getKey
(), requestPart.getKey()));
// if it is an action, then either the policy part must include ALL, or be the same as the request part.
if (ActionConstant.ACTION_NAME.equalsIgnoreCase(policyPart.getKey()) &&
policyPart.getValue().equalsIgnoreCase(ActionConstant.ALL)) {
return true;
}
// if policy part is not Action#ALL, make sure that the policy and request parts match.
return policyPart.equals(requestPart);
}
}
内容来源于网络,如有侵权,请联系作者删除!