org.apache.accumulo.core.client.admin
Class SecurityOperationsImpl

java.lang.Object
  org.apache.accumulo.core.client.admin.SecurityOperationsImpl

All Implemented Interfaces:

SecurityOperations

public class SecurityOperationsImpl
extends Object
implements SecurityOperations

Constructor Summary

SecurityOperationsImpl(Instance instance, AuthInfo credentials)

Method Summary

boolean	authenticateUser(String user, byte[] password) Verify a username/password combination is valid
void	changeUserAuthorizations(String user, Authorizations authorizations) Set the user's record-level authorizations
void	changeUserPassword(String user, byte[] password) Set the user's password
void	createUser(String user, byte[] password, Authorizations authorizations) Create a user
void	dropUser(String user) Delete a user
Authorizations	getUserAuthorizations(String user) Retrieves the user's authorizations for scanning
void	grantSystemPermission(String user, SystemPermission permission) Grant a user a system permission
void	grantTablePermission(String user, String table, TablePermission permission) Grant a user a specific permission for a specific table
boolean	hasSystemPermission(String user, SystemPermission perm) Verify the user has a particular system permission
boolean	hasTablePermission(String user, String table, TablePermission perm) Verify the user has a particular table permission
Set<String>	listUsers() Return a list of users in accumulo
void	revokeSystemPermission(String user, SystemPermission permission) Revoke a system permission from a user
void	revokeTablePermission(String user, String table, TablePermission permission) Revoke a table permission for a specific user on a specific table

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

SecurityOperationsImpl

public SecurityOperationsImpl(Instance instance,
                              AuthInfo credentials)

Parameters:

instance - the connection information

credentials - the user credentials to use for security operations

Method Detail

createUser

public void createUser(String user,
                       byte[] password,
                       Authorizations authorizations)
                throws AccumuloException,
                       AccumuloSecurityException

Create a user

Specified by:

createUser in interface SecurityOperations

Parameters:

user - the name of the user to create

password - the plaintext password for the user

authorizations - the authorizations that the user has for scanning

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to create a user

dropUser

public void dropUser(String user)
              throws AccumuloException,
                     AccumuloSecurityException

Delete a user

Specified by:

dropUser in interface SecurityOperations

Parameters:

user - the user name to delete

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to delete a user

authenticateUser

public boolean authenticateUser(String user,
                                byte[] password)
                         throws AccumuloException,
                                AccumuloSecurityException

Verify a username/password combination is valid

Specified by:

authenticateUser in interface SecurityOperations

Parameters:

user - the name of the user to authenticate

password - the plaintext password for the user

Returns:

true if the user asking is allowed to know and the specified user/password is valid, false otherwise

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to ask

changeUserPassword

public void changeUserPassword(String user,
                               byte[] password)
                        throws AccumuloException,
                               AccumuloSecurityException

Set the user's password

Specified by:

changeUserPassword in interface SecurityOperations

Parameters:

user - the name of the user to modify

password - the plaintext password for the user

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to modify a user

changeUserAuthorizations

public void changeUserAuthorizations(String user,
                                     Authorizations authorizations)
                              throws AccumuloException,
                                     AccumuloSecurityException

Set the user's record-level authorizations

Specified by:

changeUserAuthorizations in interface SecurityOperations

Parameters:

user - the name of the user to modify

authorizations - the authorizations that the user has for scanning

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to modify a user

getUserAuthorizations

public Authorizations getUserAuthorizations(String user)
                                     throws AccumuloException,
                                            AccumuloSecurityException

Retrieves the user's authorizations for scanning

Specified by:

getUserAuthorizations in interface SecurityOperations

Parameters:

user - the name of the user to query

Returns:

the set of authorizations the user has available for scanning

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to query a user

hasSystemPermission

public boolean hasSystemPermission(String user,
                                   SystemPermission perm)
                            throws AccumuloException,
                                   AccumuloSecurityException

Verify the user has a particular system permission

Specified by:

hasSystemPermission in interface SecurityOperations

Parameters:

user - the name of the user to query

perm - the system permission to check for

Returns:

true if user has that permission; false otherwise

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to query a user

hasTablePermission

public boolean hasTablePermission(String user,
                                  String table,
                                  TablePermission perm)
                           throws AccumuloException,
                                  AccumuloSecurityException

Verify the user has a particular table permission

Specified by:

hasTablePermission in interface SecurityOperations

Parameters:

user - the name of the user to query

table - the name of the table to query about

perm - the table permission to check for

Returns:

true if user has that permission; false otherwise

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to query a user

grantSystemPermission

public void grantSystemPermission(String user,
                                  SystemPermission permission)
                           throws AccumuloException,
                                  AccumuloSecurityException

Grant a user a system permission

Specified by:

grantSystemPermission in interface SecurityOperations

Parameters:

user - the name of the user to modify

permission - the system permission to grant to the user

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to grant a user permissions

grantTablePermission

public void grantTablePermission(String user,
                                 String table,
                                 TablePermission permission)
                          throws AccumuloException,
                                 AccumuloSecurityException

Grant a user a specific permission for a specific table

Specified by:

grantTablePermission in interface SecurityOperations

Parameters:

user - the name of the user to modify

table - the name of the table to modify for the user

permission - the table permission to grant to the user

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to grant a user permissions

revokeSystemPermission

public void revokeSystemPermission(String user,
                                   SystemPermission permission)
                            throws AccumuloException,
                                   AccumuloSecurityException

Revoke a system permission from a user

Specified by:

revokeSystemPermission in interface SecurityOperations

Parameters:

user - the name of the user to modify

permission - the system permission to revoke for the user

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to revoke a user's permissions

revokeTablePermission

public void revokeTablePermission(String user,
                                  String table,
                                  TablePermission permission)
                           throws AccumuloException,
                                  AccumuloSecurityException

Revoke a table permission for a specific user on a specific table

Specified by:

revokeTablePermission in interface SecurityOperations

Parameters:

user - the name of the user to modify

table - the name of the table to modify for the user

permission - the table permission to revoke for the user

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to revoke a user's permissions

listUsers

public Set<String> listUsers()
                      throws AccumuloException,
                             AccumuloSecurityException

Return a list of users in accumulo

Specified by:

listUsers in interface SecurityOperations

Returns:

a set of user names

Throws:

AccumuloException - if a general error occurs

AccumuloSecurityException - if the user does not have permission to query users