public class AuditedSecurityOperation extends SecurityOperation
authenticator, authorizor, context, isKerberos, permHandle
Constructor and Description |
---|
AuditedSecurityOperation(AccumuloServerContext context,
Authorizor author,
Authenticator authent,
PermissionHandler pm) |
Modifier and Type | Method and Description |
---|---|
protected void |
authenticate(TCredentials credentials) |
boolean |
canAlterTable(TCredentials c,
String tableId,
String namespaceId) |
boolean |
canBulkImport(TCredentials c,
String tableId,
String tableName,
String dir,
String failDir,
String namespaceId) |
boolean |
canChangeAuthorizations(TCredentials c,
String user) |
boolean |
canChangePassword(TCredentials c,
String user) |
boolean |
canCloneTable(TCredentials c,
String tableId,
String tableName,
String destinationNamespaceId,
String sourceNamespaceId) |
boolean |
canCompact(TCredentials c,
String tableId,
String namespaceId) |
boolean |
canCreateTable(TCredentials c,
String tableName,
String namespaceId) |
boolean |
canCreateUser(TCredentials c,
String user) |
boolean |
canDeleteRange(TCredentials c,
String tableId,
String tableName,
org.apache.hadoop.io.Text startRow,
org.apache.hadoop.io.Text endRow,
String namespaceId) |
boolean |
canDeleteTable(TCredentials c,
String tableId,
String namespaceId) |
boolean |
canDropUser(TCredentials c,
String user) |
boolean |
canExport(TCredentials credentials,
String tableId,
String tableName,
String exportDir,
String namespaceId) |
boolean |
canFlush(TCredentials c,
String tableId,
String namespaceId) |
boolean |
canGrantSystem(TCredentials c,
String user,
SystemPermission sysPerm) |
boolean |
canGrantTable(TCredentials c,
String user,
String table,
String namespaceId) |
boolean |
canImport(TCredentials credentials,
String tableName,
String importDir,
String namespaceId) |
boolean |
canMerge(TCredentials c,
String tableId,
String namespaceId) |
boolean |
canObtainDelegationToken(TCredentials credentials) |
boolean |
canOnlineOfflineTable(TCredentials credentials,
String tableId,
FateOperation op,
String namespaceId) |
boolean |
canPerformSystemActions(TCredentials credentials)
This is the check to perform any system action.
|
boolean |
canRenameTable(TCredentials c,
String tableId,
String oldTableName,
String newTableName,
String namespaceId) |
boolean |
canRevokeSystem(TCredentials c,
String user,
SystemPermission sysPerm) |
boolean |
canRevokeTable(TCredentials c,
String user,
String table,
String namespaceId) |
boolean |
canScan(TCredentials credentials,
String tableId,
String namespaceId,
Map<TKeyExtent,List<TRange>> tbatch,
List<TColumn> tcolumns,
List<IterInfo> ssiList,
Map<String,Map<String,String>> ssio,
List<ByteBuffer> authorizations) |
boolean |
canScan(TCredentials credentials,
String tableId,
String namespaceId,
TRange range,
List<TColumn> columns,
List<IterInfo> ssiList,
Map<String,Map<String,String>> ssio,
List<ByteBuffer> authorizations) |
boolean |
canSplitTablet(TCredentials credentials,
String table,
String namespaceId) |
void |
changeAuthorizations(TCredentials credentials,
String user,
Authorizations authorizations) |
void |
changePassword(TCredentials credentials,
Credentials newInfo) |
void |
createUser(TCredentials credentials,
Credentials newUser,
Authorizations authorizations) |
void |
dropUser(TCredentials credentials,
String user) |
static StringBuilder |
getAuthString(List<ByteBuffer> authorizations) |
static SecurityOperation |
getInstance(AccumuloServerContext context) |
static SecurityOperation |
getInstance(AccumuloServerContext context,
boolean initialize) |
void |
grantSystemPermission(TCredentials credentials,
String user,
SystemPermission permission) |
void |
grantTablePermission(TCredentials credentials,
String user,
String tableId,
TablePermission permission,
String namespaceId) |
boolean |
hasSystemPermission(TCredentials credentials,
String user,
SystemPermission permission) |
void |
revokeSystemPermission(TCredentials credentials,
String user,
SystemPermission permission) |
void |
revokeTablePermission(TCredentials credentials,
String user,
String tableId,
TablePermission permission,
String namespaceId) |
_createUser, _hasNamespacePermission, _hasTablePermission, authenticateUser, canAlterNamespace, canAskAboutUser, canBulkImport, canConditionallyUpdate, canCreateNamespace, canDeleteNamespace, canGrantNamespace, canRenameNamespace, canRevokeNamespace, canScan, canWrite, deleteNamespace, deleteTable, getAuthenticator, getAuthorizor, getPermHandler, getRootUsername, getUserAuthorizations, getUserAuthorizations, grantNamespacePermission, hasNamespacePermission, hasTablePermission, hasTablePermission, initializeSecurity, isSystemUser, listUsers, revokeNamespacePermission, userHasAuthorizations
public static final String AUDITLOG
public static final org.apache.log4j.Logger audit
public static final String CAN_SCAN_AUDIT_TEMPLATE
public static final String CAN_SCAN_BATCH_AUDIT_TEMPLATE
public static final String CHANGE_AUTHORIZATIONS_AUDIT_TEMPLATE
public static final String CHANGE_PASSWORD_AUDIT_TEMPLATE
public static final String CREATE_USER_AUDIT_TEMPLATE
public static final String CAN_CREATE_TABLE_AUDIT_TEMPLATE
public static final String CAN_DELETE_TABLE_AUDIT_TEMPLATE
public static final String CAN_RENAME_TABLE_AUDIT_TEMPLATE
public static final String CAN_SPLIT_TABLE_AUDIT_TEMPLATE
public static final String CAN_PERFORM_SYSTEM_ACTION_AUDIT_TEMPLATE
public static final String CAN_FLUSH_TABLE_AUDIT_TEMPLATE
public static final String CAN_ALTER_TABLE_AUDIT_TEMPLATE
public static final String CAN_CLONE_TABLE_AUDIT_TEMPLATE
public static final String CAN_DELETE_RANGE_AUDIT_TEMPLATE
public static final String CAN_BULK_IMPORT_AUDIT_TEMPLATE
public static final String CAN_COMPACT_TABLE_AUDIT_TEMPLATE
public static final String CAN_CHANGE_AUTHORIZATIONS_AUDIT_TEMPLATE
public static final String CAN_CHANGE_PASSWORD_AUDIT_TEMPLATE
public static final String CAN_CREATE_USER_AUDIT_TEMPLATE
public static final String CAN_DROP_USER_AUDIT_TEMPLATE
public static final String CAN_GRANT_SYSTEM_AUDIT_TEMPLATE
public static final String CAN_GRANT_TABLE_AUDIT_TEMPLATE
public static final String CAN_REVOKE_SYSTEM_AUDIT_TEMPLATE
public static final String CAN_REVOKE_TABLE_AUDIT_TEMPLATE
public static final String CAN_IMPORT_AUDIT_TEMPLATE
public static final String CAN_EXPORT_AUDIT_TEMPLATE
public static final String DROP_USER_AUDIT_TEMPLATE
public static final String GRANT_SYSTEM_PERMISSION_AUDIT_TEMPLATE
public static final String GRANT_TABLE_PERMISSION_AUDIT_TEMPLATE
public static final String REVOKE_SYSTEM_PERMISSION_AUDIT_TEMPLATE
public static final String REVOKE_TABLE_PERMISSION_AUDIT_TEMPLATE
public static final String HAS_SYSTEM_PERMISSION_AUDIT_TEMPLATE
public static final String CAN_ONLINE_OFFLINE_TABLE_AUDIT_TEMPLATE
public static final String CAN_MERGE_TABLE_AUDIT_TEMPLATE
public static final String AUTHENICATE_AUDIT_TEMPLATE
public static final String DELEGATION_TOKEN_AUDIT_TEMPLATE
public AuditedSecurityOperation(AccumuloServerContext context, Authorizor author, Authenticator authent, PermissionHandler pm)
public static SecurityOperation getInstance(AccumuloServerContext context)
public static SecurityOperation getInstance(AccumuloServerContext context, boolean initialize)
public static StringBuilder getAuthString(List<ByteBuffer> authorizations)
public boolean canScan(TCredentials credentials, String tableId, String namespaceId, TRange range, List<TColumn> columns, List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException
canScan
in class SecurityOperation
ThriftSecurityException
public boolean canScan(TCredentials credentials, String tableId, String namespaceId, Map<TKeyExtent,List<TRange>> tbatch, List<TColumn> tcolumns, List<IterInfo> ssiList, Map<String,Map<String,String>> ssio, List<ByteBuffer> authorizations) throws ThriftSecurityException
canScan
in class SecurityOperation
ThriftSecurityException
public void changeAuthorizations(TCredentials credentials, String user, Authorizations authorizations) throws ThriftSecurityException
changeAuthorizations
in class SecurityOperation
ThriftSecurityException
public void changePassword(TCredentials credentials, Credentials newInfo) throws ThriftSecurityException
changePassword
in class SecurityOperation
ThriftSecurityException
public void createUser(TCredentials credentials, Credentials newUser, Authorizations authorizations) throws ThriftSecurityException
createUser
in class SecurityOperation
ThriftSecurityException
public boolean canCreateTable(TCredentials c, String tableName, String namespaceId) throws ThriftSecurityException
canCreateTable
in class SecurityOperation
ThriftSecurityException
public boolean canDeleteTable(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
canDeleteTable
in class SecurityOperation
ThriftSecurityException
public boolean canRenameTable(TCredentials c, String tableId, String oldTableName, String newTableName, String namespaceId) throws ThriftSecurityException
canRenameTable
in class SecurityOperation
ThriftSecurityException
public boolean canSplitTablet(TCredentials credentials, String table, String namespaceId) throws ThriftSecurityException
canSplitTablet
in class SecurityOperation
ThriftSecurityException
public boolean canPerformSystemActions(TCredentials credentials) throws ThriftSecurityException
SecurityOperation
canPerformSystemActions
in class SecurityOperation
ThriftSecurityException
public boolean canFlush(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
canFlush
in class SecurityOperation
ThriftSecurityException
public boolean canAlterTable(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
canAlterTable
in class SecurityOperation
ThriftSecurityException
public boolean canCloneTable(TCredentials c, String tableId, String tableName, String destinationNamespaceId, String sourceNamespaceId) throws ThriftSecurityException
canCloneTable
in class SecurityOperation
ThriftSecurityException
public boolean canDeleteRange(TCredentials c, String tableId, String tableName, org.apache.hadoop.io.Text startRow, org.apache.hadoop.io.Text endRow, String namespaceId) throws ThriftSecurityException
canDeleteRange
in class SecurityOperation
ThriftSecurityException
public boolean canBulkImport(TCredentials c, String tableId, String tableName, String dir, String failDir, String namespaceId) throws ThriftSecurityException
canBulkImport
in class SecurityOperation
ThriftSecurityException
public boolean canCompact(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
canCompact
in class SecurityOperation
ThriftSecurityException
public boolean canChangeAuthorizations(TCredentials c, String user) throws ThriftSecurityException
canChangeAuthorizations
in class SecurityOperation
ThriftSecurityException
public boolean canChangePassword(TCredentials c, String user) throws ThriftSecurityException
canChangePassword
in class SecurityOperation
ThriftSecurityException
public boolean canCreateUser(TCredentials c, String user) throws ThriftSecurityException
canCreateUser
in class SecurityOperation
ThriftSecurityException
public boolean canDropUser(TCredentials c, String user) throws ThriftSecurityException
canDropUser
in class SecurityOperation
ThriftSecurityException
public boolean canGrantSystem(TCredentials c, String user, SystemPermission sysPerm) throws ThriftSecurityException
canGrantSystem
in class SecurityOperation
ThriftSecurityException
public boolean canGrantTable(TCredentials c, String user, String table, String namespaceId) throws ThriftSecurityException
canGrantTable
in class SecurityOperation
ThriftSecurityException
public boolean canRevokeSystem(TCredentials c, String user, SystemPermission sysPerm) throws ThriftSecurityException
canRevokeSystem
in class SecurityOperation
ThriftSecurityException
public boolean canRevokeTable(TCredentials c, String user, String table, String namespaceId) throws ThriftSecurityException
canRevokeTable
in class SecurityOperation
ThriftSecurityException
public boolean canImport(TCredentials credentials, String tableName, String importDir, String namespaceId) throws ThriftSecurityException
canImport
in class SecurityOperation
ThriftSecurityException
public boolean canExport(TCredentials credentials, String tableId, String tableName, String exportDir, String namespaceId) throws ThriftSecurityException
canExport
in class SecurityOperation
ThriftSecurityException
public void dropUser(TCredentials credentials, String user) throws ThriftSecurityException
dropUser
in class SecurityOperation
ThriftSecurityException
public void grantSystemPermission(TCredentials credentials, String user, SystemPermission permission) throws ThriftSecurityException
grantSystemPermission
in class SecurityOperation
ThriftSecurityException
public void grantTablePermission(TCredentials credentials, String user, String tableId, TablePermission permission, String namespaceId) throws ThriftSecurityException
grantTablePermission
in class SecurityOperation
ThriftSecurityException
public void revokeSystemPermission(TCredentials credentials, String user, SystemPermission permission) throws ThriftSecurityException
revokeSystemPermission
in class SecurityOperation
ThriftSecurityException
public void revokeTablePermission(TCredentials credentials, String user, String tableId, TablePermission permission, String namespaceId) throws ThriftSecurityException
revokeTablePermission
in class SecurityOperation
ThriftSecurityException
public boolean hasSystemPermission(TCredentials credentials, String user, SystemPermission permission) throws ThriftSecurityException
hasSystemPermission
in class SecurityOperation
ThriftSecurityException
public boolean canOnlineOfflineTable(TCredentials credentials, String tableId, FateOperation op, String namespaceId) throws ThriftSecurityException
canOnlineOfflineTable
in class SecurityOperation
ThriftSecurityException
public boolean canMerge(TCredentials c, String tableId, String namespaceId) throws ThriftSecurityException
canMerge
in class SecurityOperation
ThriftSecurityException
protected void authenticate(TCredentials credentials) throws ThriftSecurityException
authenticate
in class SecurityOperation
ThriftSecurityException
public boolean canObtainDelegationToken(TCredentials credentials) throws ThriftSecurityException
canObtainDelegationToken
in class SecurityOperation
ThriftSecurityException
Copyright © 2011–2018 The Apache Software Foundation. All rights reserved.