Java Code Examples for org.apache.hadoop.hbase.security.access.Permission#Action

The following examples show how to use org.apache.hadoop.hbase.security.access.Permission#Action . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: IntegrationTestBigLinkedListWithVisibility.java    From hbase with Apache License 2.0 6 votes vote down vote up
private void createTable(Admin admin, TableName tableName, boolean setVersion,
    boolean acl) throws IOException {
  if (!admin.tableExists(tableName)) {
    TableDescriptorBuilder.ModifyableTableDescriptor tableDescriptor =
      new TableDescriptorBuilder.ModifyableTableDescriptor(tableName);
    ColumnFamilyDescriptorBuilder.ModifyableColumnFamilyDescriptor familyDescriptor =
      new ColumnFamilyDescriptorBuilder.ModifyableColumnFamilyDescriptor(FAMILY_NAME);
    if (setVersion) {
      familyDescriptor.setMaxVersions(DEFAULT_TABLES_COUNT);
    }
    tableDescriptor.setColumnFamily(familyDescriptor);
    admin.createTable(tableDescriptor);
    if (acl) {
      LOG.info("Granting permissions for user " + USER.getShortName());
      Permission.Action[] actions = { Permission.Action.READ };
      try {
        AccessControlClient.grant(ConnectionFactory.createConnection(getConf()), tableName,
            USER.getShortName(), null, null, actions);
      } catch (Throwable e) {
        LOG.error(HBaseMarkers.FATAL, "Error in granting permission for the user " +
            USER.getShortName(), e);
        throw new IOException(e);
      }
    }
  }
}
 
Example 2
Source File: CompatPermissionUtil.java    From phoenix with Apache License 2.0 5 votes vote down vote up
public static boolean authorizeUserTable(AccessChecker accessChecker, User user, 
        TableName table, Permission.Action action) {
    if(accessChecker.getAuthManager().userHasAccess(user, table, action)) {
        return true;
    }
    String[] groupNames = user.getGroupNames();
    if (groupNames != null) {
      for (String group : groupNames) {
        if(accessChecker.getAuthManager().groupHasAccess(group, table, action)) {
            return true;
        }
      }
    }
    return false;
}
 
Example 3
Source File: CompatPermissionUtil.java    From phoenix with Apache License 2.0 5 votes vote down vote up
public static boolean authorizeUserTable(AccessChecker accessChecker, User user, 
        TableName table, Permission.Action action) {
    if(accessChecker.getAuthManager().userHasAccess(user, table, action)) {
        return true;
    }
    String[] groupNames = user.getGroupNames();
    if (groupNames != null) {
      for (String group : groupNames) {
        if(accessChecker.getAuthManager().groupHasAccess(group, table, action)) {
            return true;
        }
      }
    }
    return false;
}
 
Example 4
Source File: HBasePartitionAdmin.java    From spliceengine with GNU Affero General Public License v3.0 5 votes vote down vote up
private boolean hasPrivileges(String userName, String spliceNamespace) throws Throwable {
    List<UserPermission> permissions = AccessControlClient.getUserPermissions(admin.getConnection(), "@"+spliceNamespace);
    for (String user : Arrays.asList(userName, userName.toUpperCase(), userName.toLowerCase())) {
        UserPermission up = getPermission(permissions, user);
        if (up == null)
            return false;
        
        for (Permission.Action action : Arrays.asList(Permission.Action.WRITE, Permission.Action.READ, Permission.Action.EXEC)) {
            if (!up.implies(spliceNamespace, action))
                return false;
        }
    }
    return true;
}
 
Example 5
Source File: RSRpcServices.java    From hbase with Apache License 2.0 4 votes vote down vote up
protected void requirePermission(String request, Permission.Action perm) throws IOException {
  if (accessChecker != null) {
    accessChecker.requirePermission(RpcServer.getRequestUser().orElse(null), request, null, perm);
  }
}
 
Example 6
Source File: CompatPermissionUtil.java    From phoenix with Apache License 2.0 4 votes vote down vote up
public static boolean authorizeUserTable(AccessChecker accessChecker, User user,
        TableName table, Permission.Action action) {
    // This also checks for group access
    return accessChecker.getAuthManager().authorizeUserTable(user, table, action);
}
 
Example 7
Source File: ChangePermsStatement.java    From phoenix with Apache License 2.0 4 votes vote down vote up
public Permission.Action[] getPermsList() {
    return permsList;
}
 
Example 8
Source File: BasePermissionsIT.java    From phoenix with Apache License 2.0 4 votes vote down vote up
void grantPermissions(String toUser, Set<String> tablesToGrant, Permission.Action... actions) throws Throwable {
    for (String table : tablesToGrant) {
        AccessControlClient.grant(getUtility().getConnection(), TableName.valueOf(table), toUser, null, null,
                actions);
    }
}
 
Example 9
Source File: BasePermissionsIT.java    From phoenix with Apache License 2.0 4 votes vote down vote up
void grantPermissions(String toUser, String namespace, Permission.Action... actions) throws Throwable {
    AccessControlClient.grant(getUtility().getConnection(), namespace, toUser, actions);
}
 
Example 10
Source File: BasePermissionsIT.java    From phoenix with Apache License 2.0 4 votes vote down vote up
void grantPermissions(String groupEntry, Permission.Action... actions) throws IOException, Throwable {
    AccessControlClient.grant(getUtility().getConnection(), groupEntry, actions);
}