Interface PermissionHandler
- All Known Implementing Classes:
KerberosPermissionHandler,ZKPermHandler
public interface PermissionHandler
This interface is used for the system which will be used for getting a users permissions. If the
implementation does not support configuration through Accumulo, it should throw an
AccumuloSecurityException with the error code UNSUPPORTED_OPERATION
-
Method Summary
Modifier and TypeMethodDescriptionvoidcleanNamespacePermissions(String namespace) Cleans up the permissions for a namespace.voidcleanTablePermissions(String table) Cleans up the permissions for a table.voidDeletes a uservoidgrantNamespacePermission(String user, String namespace, NamespacePermission permission) Gives the user the given namespace permissionvoidgrantSystemPermission(String user, SystemPermission permission) Gives the user the given system permissionvoidgrantTablePermission(String user, String table, TablePermission permission) Gives the user the given table permissionbooleanhasCachedNamespacePermission(String user, String namespace, NamespacePermission permission) Used to get the namespace permission of a user for a namespace, with caching.booleanhasCachedSystemPermission(String user, SystemPermission permission) Used to get the system permission for the user, with caching due to high frequency operation.booleanhasCachedTablePermission(String user, String table, TablePermission permission) Used to get the table permission of a user for a table, with caching.booleanhasNamespacePermission(String user, String namespace, NamespacePermission permission) Used to get the namespace permission of a user for a namespacebooleanhasSystemPermission(String user, SystemPermission permission) Used to get the system permission for the userbooleanhasTablePermission(String user, String table, TablePermission permission) Used to get the table permission of a user for a tablevoidinitialize(ServerContext context) Sets up the permission handler for a new instance of AccumulovoidinitializeSecurity(TCredentials credentials, String rootuser) Used to initialize security for the root uservoidInitializes a new uservoidrevokeNamespacePermission(String user, String namespace, NamespacePermission permission) Denies the user the given namespace permission.voidrevokeSystemPermission(String user, SystemPermission permission) Denies the user the given system permissionvoidrevokeTablePermission(String user, String table, TablePermission permission) Denies the user the given table permission.booleanvalidSecurityHandlers(Authenticator authent, Authorizor author) Used to validate that the Authorizor, Authenticator, and permission handler can coexist
-
Method Details
-
initialize
Sets up the permission handler for a new instance of Accumulo -
validSecurityHandlers
Used to validate that the Authorizor, Authenticator, and permission handler can coexist -
initializeSecurity
Used to initialize security for the root user- Throws:
AccumuloSecurityException
-
hasSystemPermission
Used to get the system permission for the user -
hasCachedSystemPermission
Used to get the system permission for the user, with caching due to high frequency operation. NOTE: At this time, this method is unused but is included just in case we need it in the future. -
hasTablePermission
boolean hasTablePermission(String user, String table, TablePermission permission) throws TableNotFoundException Used to get the table permission of a user for a table- Throws:
TableNotFoundException
-
hasCachedTablePermission
Used to get the table permission of a user for a table, with caching. This method is for high frequency operations -
hasNamespacePermission
boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws NamespaceNotFoundException Used to get the namespace permission of a user for a namespace- Throws:
NamespaceNotFoundException
-
hasCachedNamespacePermission
Used to get the namespace permission of a user for a namespace, with caching. This method is for high frequency operations -
grantSystemPermission
void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException Gives the user the given system permission- Throws:
AccumuloSecurityException
-
revokeSystemPermission
void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException Denies the user the given system permission- Throws:
AccumuloSecurityException
-
grantTablePermission
void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException Gives the user the given table permission -
revokeTablePermission
void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException, TableNotFoundException Denies the user the given table permission. -
grantNamespacePermission
void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException Gives the user the given namespace permission -
revokeNamespacePermission
void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException, NamespaceNotFoundException Denies the user the given namespace permission. -
cleanTablePermissions
Cleans up the permissions for a table. Used when a table gets deleted. -
cleanNamespacePermissions
void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException, NamespaceNotFoundException Cleans up the permissions for a namespace. Used when a namespace gets deleted. -
initUser
Initializes a new user- Throws:
AccumuloSecurityException
-
cleanUser
Deletes a user- Throws:
AccumuloSecurityException
-