Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

org.apache.hadoop.hbase.security.access
Class TablePermission

java.lang.Object
  extended by org.apache.hadoop.io.VersionedWritable
      extended by org.apache.hadoop.hbase.security.access.Permission
          extended by org.apache.hadoop.hbase.security.access.TablePermission
All Implemented Interfaces:
org.apache.hadoop.io.Writable
Direct Known Subclasses:
UserPermission
public class TablePermission
extends Permission

Represents an authorization for access for the given actions, optionally restricted to the given column family or column qualifier, over the given table. If the family property is null, it implies full table access.

Nested Class Summary
 
Nested classes/interfaces inherited from class org.apache.hadoop.hbase.security.access.Permission
Permission.Action
 
Field Summary
 
Fields inherited from class org.apache.hadoop.hbase.security.access.Permission
ACTION_BY_CODE, actions, VERSION
 
Constructor Summary
TablePermission()
          Nullary constructor for Writable, do not use
TablePermission(byte[] table, byte[] family, byte[] qualifier, byte[] actionCodes)
          Creates a new permission for the given table, family and column qualifier, allowing the actions matching the provided byte codes to be performed.
TablePermission(byte[] table, byte[] family, byte[] qualifier, Permission.Action... assigned)
          Creates a new permission for the given table, restricted to the given column family and qualifer, allowing the assigned actions to be performed.
TablePermission(byte[] table, byte[] family, Permission.Action... assigned)
          Create a new permission for the given table and (optionally) column family, allowing the given actions.
 
Method Summary
 boolean equals(Object obj)
           
 byte[] getFamily()
           
 byte[] getQualifier()
           
 byte[] getTable()
           
 boolean hasFamily()
           
 int hashCode()
           
 boolean hasQualifier()
           
 boolean hasTable()
           
 boolean implies(byte[] table, byte[] family, byte[] qualifier, Permission.Action action)
          Checks that a given table operation is authorized by this permission instance.
 boolean implies(byte[] table, KeyValue kv, Permission.Action action)
          Checks if this permission grants access to perform the given action on the given table and key value.
 boolean matchesFamily(byte[] table, byte[] family, Permission.Action action)
          Returns true if this permission matches the given column family at least.
 boolean matchesFamilyQualifier(byte[] table, byte[] family, byte[] qualifier, Permission.Action action)
          Returns if the given permission matches the given qualifier.
 void readFields(DataInput in)
           
 String toString()
           
 void write(DataOutput out)
           
 
Methods inherited from class org.apache.hadoop.hbase.security.access.Permission
getActions, getVersion, implies
 
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
 

Constructor Detail

TablePermission

public TablePermission()
Nullary constructor for Writable, do not use

TablePermission

public TablePermission(byte[] table,
                       byte[] family,
                       Permission.Action... assigned)
Create a new permission for the given table and (optionally) column family, allowing the given actions.

Parameters:
table - the table
family - the family, can be null if a global permission on the table
assigned - the list of allowed actions

TablePermission

public TablePermission(byte[] table,
                       byte[] family,
                       byte[] qualifier,
                       Permission.Action... assigned)
Creates a new permission for the given table, restricted to the given column family and qualifer, allowing the assigned actions to be performed.

Parameters:
table - the table
family - the family, can be null if a global permission on the table
assigned - the list of allowed actions

TablePermission

public TablePermission(byte[] table,
                       byte[] family,
                       byte[] qualifier,
                       byte[] actionCodes)
Creates a new permission for the given table, family and column qualifier, allowing the actions matching the provided byte codes to be performed.

Parameters:
table - the table
family - the family, can be null if a global permission on the table
actionCodes - the list of allowed action codes
Method Detail

hasTable

public boolean hasTable()

getTable

public byte[] getTable()

hasFamily

public boolean hasFamily()

getFamily

public byte[] getFamily()

hasQualifier

public boolean hasQualifier()

getQualifier

public byte[] getQualifier()

implies

public boolean implies(byte[] table,
                       byte[] family,
                       byte[] qualifier,
                       Permission.Action action)
Checks that a given table operation is authorized by this permission instance.

Parameters:
table - the table where the operation is being performed
family - the column family to which the operation is restricted, if null implies "all"
qualifier - the column qualifier to which the action is restricted, if null implies "all"
action - the action being requested
Returns:
true if the action within the given scope is allowed by this permission, false

implies

public boolean implies(byte[] table,
                       KeyValue kv,
                       Permission.Action action)
Checks if this permission grants access to perform the given action on the given table and key value.

Parameters:
table - the table on which the operation is being performed
kv - the KeyValue on which the operation is being requested
action - the action requested
Returns:
true if the action is allowed over the given scope by this permission, otherwise false

matchesFamily

public boolean matchesFamily(byte[] table,
                             byte[] family,
                             Permission.Action action)
Returns true if this permission matches the given column family at least. This only indicates a partial match against the table and column family, however, and does not guarantee that implies() for the column same family would return true. In the case of a column-qualifier specific permission, for example, implies() would still return false.

matchesFamilyQualifier

public boolean matchesFamilyQualifier(byte[] table,
                                      byte[] family,
                                      byte[] qualifier,
                                      Permission.Action action)
Returns if the given permission matches the given qualifier.

Parameters:
table - the table name to match
family - the column family to match
qualifier - the qualifier name to match
action - the action requested
Returns:
true if the table, family and qualifier match, otherwise false

equals

public boolean equals(Object obj)
Overrides:
equals in class Permission

hashCode

public int hashCode()
Overrides:
hashCode in class Permission

toString

public String toString()
Overrides:
toString in class Permission

readFields

public void readFields(DataInput in)
                throws IOException
Specified by:
readFields in interface org.apache.hadoop.io.Writable
Overrides:
readFields in class Permission
Throws:
IOException

write

public void write(DataOutput out)
           throws IOException
Specified by:
write in interface org.apache.hadoop.io.Writable
Overrides:
write in class Permission
Throws:
IOException
Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © 2013 The Apache Software Foundation. All Rights Reserved.