Interface PermissionHandler
-
- All Known Implementing Classes:
KerberosPermissionHandler
,ZKPermHandler
public interface PermissionHandler
This interface is used for the system which will be used for getting a users permissions. If the implementation does not support configuration through Accumulo, it should throw an AccumuloSecurityException with the error code UNSUPPORTED_OPERATION
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
cleanNamespacePermissions(String namespace)
Cleans up the permissions for a namespace.void
cleanTablePermissions(String table)
Cleans up the permissions for a table.void
cleanUser(String user)
Deletes a uservoid
grantNamespacePermission(String user, String namespace, NamespacePermission permission)
Gives the user the given namespace permissionvoid
grantSystemPermission(String user, SystemPermission permission)
Gives the user the given system permissionvoid
grantTablePermission(String user, String table, TablePermission permission)
Gives the user the given table permissionboolean
hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission)
Used to get the namespace permission of a user for a namespace, with caching.boolean
hasCachedSystemPermission(String user, SystemPermission permission)
Used to get the system permission for the user, with caching due to high frequency operation.boolean
hasCachedTablePermission(String user, String table, TablePermission permission)
Used to get the table permission of a user for a table, with caching.boolean
hasNamespacePermission(String user, String namespace, NamespacePermission permission)
Used to get the namespace permission of a user for a namespaceboolean
hasSystemPermission(String user, SystemPermission permission)
Used to get the system permission for the userboolean
hasTablePermission(String user, String table, TablePermission permission)
Used to get the table permission of a user for a tablevoid
initialize(ServerContext context)
Sets up the permission handler for a new instance of Accumulovoid
initializeSecurity(TCredentials credentials, String rootuser)
Used to initialize security for the root uservoid
initUser(String user)
Initializes a new uservoid
revokeNamespacePermission(String user, String namespace, NamespacePermission permission)
Denies the user the given namespace permission.void
revokeSystemPermission(String user, SystemPermission permission)
Denies the user the given system permissionvoid
revokeTablePermission(String user, String table, TablePermission permission)
Denies the user the given table permission.boolean
validSecurityHandlers(Authenticator authent, Authorizor author)
Used to validate that the Authorizor, Authenticator, and permission handler can coexist
-
-
-
Method Detail
-
initialize
void initialize(ServerContext context)
Sets up the permission handler for a new instance of Accumulo
-
validSecurityHandlers
boolean validSecurityHandlers(Authenticator authent, Authorizor author)
Used to validate that the Authorizor, Authenticator, and permission handler can coexist
-
initializeSecurity
void initializeSecurity(TCredentials credentials, String rootuser) throws AccumuloSecurityException
Used to initialize security for the root user- Throws:
AccumuloSecurityException
-
hasSystemPermission
boolean hasSystemPermission(String user, SystemPermission permission)
Used to get the system permission for the user
-
hasCachedSystemPermission
boolean hasCachedSystemPermission(String user, SystemPermission permission)
Used to get the system permission for the user, with caching due to high frequency operation. NOTE: At this time, this method is unused but is included just in case we need it in the future.
-
hasTablePermission
boolean hasTablePermission(String user, String table, TablePermission permission) throws TableNotFoundException
Used to get the table permission of a user for a table- Throws:
TableNotFoundException
-
hasCachedTablePermission
boolean hasCachedTablePermission(String user, String table, TablePermission permission)
Used to get the table permission of a user for a table, with caching. This method is for high frequency operations
-
hasNamespacePermission
boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws NamespaceNotFoundException
Used to get the namespace permission of a user for a namespace- Throws:
NamespaceNotFoundException
-
hasCachedNamespacePermission
boolean hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission)
Used to get the namespace permission of a user for a namespace, with caching. This method is for high frequency operations
-
grantSystemPermission
void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException
Gives the user the given system permission- Throws:
AccumuloSecurityException
-
revokeSystemPermission
void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException
Denies the user the given system permission- Throws:
AccumuloSecurityException
-
grantTablePermission
void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException
Gives the user the given table permission
-
revokeTablePermission
void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException
Denies the user the given table permission.
-
grantNamespacePermission
void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException
Gives the user the given namespace permission
-
revokeNamespacePermission
void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException
Denies the user the given namespace permission.
-
cleanTablePermissions
void cleanTablePermissions(String table) throws AccumuloSecurityException, TableNotFoundException
Cleans up the permissions for a table. Used when a table gets deleted.
-
cleanNamespacePermissions
void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException, NamespaceNotFoundException
Cleans up the permissions for a namespace. Used when a namespace gets deleted.
-
initUser
void initUser(String user) throws AccumuloSecurityException
Initializes a new user- Throws:
AccumuloSecurityException
-
cleanUser
void cleanUser(String user) throws AccumuloSecurityException
Deletes a user- Throws:
AccumuloSecurityException
-
-