Interface PermissionHandler
-
- All Known Implementing Classes:
KerberosPermissionHandler,ZKPermHandler
public interface PermissionHandlerThis interface is used for the system which will be used for getting a users permissions. If the implementation does not support configuration through Accumulo, it should throw an AccumuloSecurityException with the error code UNSUPPORTED_OPERATION
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description voidcleanNamespacePermissions(String namespace)Cleans up the permissions for a namespace.voidcleanTablePermissions(String table)Cleans up the permissions for a table.voidcleanUser(String user)Deletes a uservoidgrantNamespacePermission(String user, String namespace, NamespacePermission permission)Gives the user the given namespace permissionvoidgrantSystemPermission(String user, SystemPermission permission)Gives the user the given system permissionvoidgrantTablePermission(String user, String table, TablePermission permission)Gives the user the given table permissionbooleanhasCachedNamespacePermission(String user, String namespace, NamespacePermission permission)Used to get the namespace permission of a user for a namespace, with caching.booleanhasCachedSystemPermission(String user, SystemPermission permission)Used to get the system permission for the user, with caching due to high frequency operation.booleanhasCachedTablePermission(String user, String table, TablePermission permission)Used to get the table permission of a user for a table, with caching.booleanhasNamespacePermission(String user, String namespace, NamespacePermission permission)Used to get the namespace permission of a user for a namespacebooleanhasSystemPermission(String user, SystemPermission permission)Used to get the system permission for the userbooleanhasTablePermission(String user, String table, TablePermission permission)Used to get the table permission of a user for a tablevoidinitialize(ServerContext context)Sets up the permission handler for a new instance of AccumulovoidinitializeSecurity(TCredentials credentials, String rootuser)Used to initialize security for the root uservoidinitUser(String user)Initializes a new uservoidrevokeNamespacePermission(String user, String namespace, NamespacePermission permission)Denies the user the given namespace permission.voidrevokeSystemPermission(String user, SystemPermission permission)Denies the user the given system permissionvoidrevokeTablePermission(String user, String table, TablePermission permission)Denies the user the given table permission.booleanvalidSecurityHandlers(Authenticator authent, Authorizor author)Used to validate that the Authorizor, Authenticator, and permission handler can coexist
-
-
-
Method Detail
-
initialize
void initialize(ServerContext context)
Sets up the permission handler for a new instance of Accumulo
-
validSecurityHandlers
boolean validSecurityHandlers(Authenticator authent, Authorizor author)
Used to validate that the Authorizor, Authenticator, and permission handler can coexist
-
initializeSecurity
void initializeSecurity(TCredentials credentials, String rootuser) throws AccumuloSecurityException
Used to initialize security for the root user- Throws:
AccumuloSecurityException
-
hasSystemPermission
boolean hasSystemPermission(String user, SystemPermission permission)
Used to get the system permission for the user
-
hasCachedSystemPermission
boolean hasCachedSystemPermission(String user, SystemPermission permission)
Used to get the system permission for the user, with caching due to high frequency operation. NOTE: At this time, this method is unused but is included just in case we need it in the future.
-
hasTablePermission
boolean hasTablePermission(String user, String table, TablePermission permission) throws TableNotFoundException
Used to get the table permission of a user for a table- Throws:
TableNotFoundException
-
hasCachedTablePermission
boolean hasCachedTablePermission(String user, String table, TablePermission permission)
Used to get the table permission of a user for a table, with caching. This method is for high frequency operations
-
hasNamespacePermission
boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws NamespaceNotFoundException
Used to get the namespace permission of a user for a namespace- Throws:
NamespaceNotFoundException
-
hasCachedNamespacePermission
boolean hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission)
Used to get the namespace permission of a user for a namespace, with caching. This method is for high frequency operations
-
grantSystemPermission
void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException
Gives the user the given system permission- Throws:
AccumuloSecurityException
-
revokeSystemPermission
void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException
Denies the user the given system permission- Throws:
AccumuloSecurityException
-
grantTablePermission
void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException
Gives the user the given table permission
-
revokeTablePermission
void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException
Denies the user the given table permission.
-
grantNamespacePermission
void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException
Gives the user the given namespace permission
-
revokeNamespacePermission
void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException
Denies the user the given namespace permission.
-
cleanTablePermissions
void cleanTablePermissions(String table) throws AccumuloSecurityException, TableNotFoundException
Cleans up the permissions for a table. Used when a table gets deleted.
-
cleanNamespacePermissions
void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException, NamespaceNotFoundException
Cleans up the permissions for a namespace. Used when a namespace gets deleted.
-
initUser
void initUser(String user) throws AccumuloSecurityException
Initializes a new user- Throws:
AccumuloSecurityException
-
cleanUser
void cleanUser(String user) throws AccumuloSecurityException
Deletes a user- Throws:
AccumuloSecurityException
-
-