Example 6 with EntityId
use of co.cask.cdap.proto.id.EntityId in project cdap by caskdata.
the class DatasetInstanceService method list.
/**
* Lists all dataset instances in a namespace. If perimeter security and authorization are enabled, only returns the
* dataset instances that the current user has access to.
*
* @param namespace the namespace to list datasets for
* @return the dataset instances in the provided namespace
* @throws NotFoundException if the namespace was not found
* @throws IOException if there is a problem in making an HTTP request to check if the namespace exists
*/
Collection<DatasetSpecification> list(final NamespaceId namespace) throws Exception {
Principal principal = authenticationContext.getPrincipal();
ensureNamespaceExists(namespace);
Collection<DatasetSpecification> datasets = instanceManager.getAll(namespace);
final Predicate<EntityId> filter = authorizationEnforcer.createFilter(principal);
return Lists.newArrayList(Iterables.filter(datasets, new com.google.common.base.Predicate<DatasetSpecification>() {
@Override
public boolean apply(DatasetSpecification spec) {
return filter.apply(namespace.dataset(spec.getName()));
}
}));
}
Also used :
EntityId(co.cask.cdap.proto.id.EntityId)
DatasetSpecification(co.cask.cdap.api.dataset.DatasetSpecification)
Principal(co.cask.cdap.proto.security.Principal)
Predicate(co.cask.cdap.api.Predicate)
Example 7 with EntityId
use of co.cask.cdap.proto.id.EntityId in project cdap by caskdata.
the class DatasetTypeService method getModule.
/**
* Returns the {@link DatasetModuleMeta metadata} of the specified {@link DatasetModuleId}.
*/
DatasetModuleMeta getModule(DatasetModuleId datasetModuleId) throws Exception {
ensureNamespaceExists(datasetModuleId.getParent());
DatasetModuleMeta moduleMeta = typeManager.getModule(datasetModuleId);
if (moduleMeta == null) {
throw new DatasetModuleNotFoundException(datasetModuleId);
}
Principal principal = authenticationContext.getPrincipal();
final Predicate<EntityId> filter = authorizationEnforcer.createFilter(principal);
if (!filter.apply(datasetModuleId)) {
throw new UnauthorizedException(principal, datasetModuleId);
}
return moduleMeta;
}
Also used :
DatasetModuleNotFoundException(co.cask.cdap.common.DatasetModuleNotFoundException)
EntityId(co.cask.cdap.proto.id.EntityId)
DatasetModuleMeta(co.cask.cdap.proto.DatasetModuleMeta)
UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)
Principal(co.cask.cdap.proto.security.Principal)
Example 8 with EntityId
use of co.cask.cdap.proto.id.EntityId in project cdap by caskdata.
the class DatasetTypeService method listTypes.
/**
* Lists all {@link DatasetType dataset types} in the specified {@link NamespaceId}.
*/
List<DatasetTypeMeta> listTypes(final NamespaceId namespaceId) throws Exception {
ensureNamespaceExists(namespaceId);
// Sorting by name for convenience
List<DatasetTypeMeta> allTypes = Lists.newArrayList(typeManager.getTypes(namespaceId));
Collections.sort(allTypes, new Comparator<DatasetTypeMeta>() {
@Override
public int compare(DatasetTypeMeta o1, DatasetTypeMeta o2) {
return o1.getName().compareTo(o2.getName());
}
});
Principal principal = authenticationContext.getPrincipal();
final Predicate<EntityId> authFilter = authorizationEnforcer.createFilter(principal);
Iterable<DatasetTypeMeta> authorizedDatasetTypes = Iterables.filter(allTypes, new com.google.common.base.Predicate<DatasetTypeMeta>() {
@Override
public boolean apply(DatasetTypeMeta datasetTypeMeta) {
DatasetTypeId datasetTypeId = namespaceId.datasetType(datasetTypeMeta.getName());
return authFilter.apply(datasetTypeId);
}
});
return Lists.newArrayList(authorizedDatasetTypes);
}
Also used :
EntityId(co.cask.cdap.proto.id.EntityId)
DatasetTypeId(co.cask.cdap.proto.id.DatasetTypeId)
DatasetTypeMeta(co.cask.cdap.proto.DatasetTypeMeta)
Principal(co.cask.cdap.proto.security.Principal)
Example 9 with EntityId
use of co.cask.cdap.proto.id.EntityId in project cdap by caskdata.
the class DatasetTypeService method getType.
/**
* Returns details of the specified {@link DatasetTypeId dataset type}.
*/
DatasetTypeMeta getType(DatasetTypeId datasetTypeId) throws Exception {
ensureNamespaceExists(datasetTypeId.getParent());
DatasetTypeMeta typeMeta = typeManager.getTypeInfo(datasetTypeId);
if (typeMeta == null) {
throw new DatasetTypeNotFoundException(datasetTypeId);
}
// TODO: Test if this can be removed
if (NamespaceId.SYSTEM.equals(datasetTypeId.getParent())) {
return typeMeta;
}
// only return the type if the user has some privileges on it
Principal principal = authenticationContext.getPrincipal();
Predicate<EntityId> authFilter = authorizationEnforcer.createFilter(principal);
if (!authFilter.apply(datasetTypeId)) {
throw new UnauthorizedException(principal, datasetTypeId);
}
return typeMeta;
}
Also used :
EntityId(co.cask.cdap.proto.id.EntityId)
DatasetTypeMeta(co.cask.cdap.proto.DatasetTypeMeta)
UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)
DatasetTypeNotFoundException(co.cask.cdap.common.DatasetTypeNotFoundException)
Principal(co.cask.cdap.proto.security.Principal)
Example 10 with EntityId
use of co.cask.cdap.proto.id.EntityId in project cdap by caskdata.
the class DatasetTypeService method listModules.
/**
* Returns all {@link DatasetModuleMeta dataset modules} in the specified {@link NamespaceId namespace}.
*/
List<DatasetModuleMeta> listModules(final NamespaceId namespaceId) throws Exception {
ensureNamespaceExists(namespaceId);
// Sorting by name for convenience
List<DatasetModuleMeta> allModules = Lists.newArrayList(typeManager.getModules(namespaceId));
Collections.sort(allModules, new Comparator<DatasetModuleMeta>() {
@Override
public int compare(DatasetModuleMeta o1, DatasetModuleMeta o2) {
return o1.getName().compareTo(o2.getName());
}
});
Principal principal = authenticationContext.getPrincipal();
final Predicate<EntityId> authFilter = authorizationEnforcer.createFilter(principal);
Iterable<DatasetModuleMeta> authorizedDatasetModules = Iterables.filter(allModules, new com.google.common.base.Predicate<DatasetModuleMeta>() {
@Override
public boolean apply(DatasetModuleMeta datasetModuleMeta) {
return authFilter.apply(namespaceId.datasetModule(datasetModuleMeta.getName()));
}
});
return Lists.newArrayList(authorizedDatasetModules);
}
Also used :
EntityId(co.cask.cdap.proto.id.EntityId)
DatasetModuleMeta(co.cask.cdap.proto.DatasetModuleMeta)
Principal(co.cask.cdap.proto.security.Principal)
Aggregations
EntityId (co.cask.cdap.proto.id.EntityId)62
Principal (co.cask.cdap.proto.security.Principal)21
EnumSet (java.util.EnumSet)18
HashSet (java.util.HashSet)18
Set (java.util.Set)18
PartitionedFileSet (co.cask.cdap.api.dataset.lib.PartitionedFileSet)17
ImmutableSet (com.google.common.collect.ImmutableSet)17
Test (org.junit.Test)17
Action (co.cask.cdap.proto.security.Action)14
UnauthorizedException (co.cask.cdap.security.spi.authorization.UnauthorizedException)13
DatasetId (co.cask.cdap.proto.id.DatasetId)12
ProgramId (co.cask.cdap.proto.id.ProgramId)11
ApplicationManager (co.cask.cdap.test.ApplicationManager)11
ApplicationId (co.cask.cdap.proto.id.ApplicationId)10
StreamId (co.cask.cdap.proto.id.StreamId)9
NamespaceId (co.cask.cdap.proto.id.NamespaceId)8
PrivilegedAction (java.security.PrivilegedAction)8
KeyValueTable (co.cask.cdap.api.dataset.lib.KeyValueTable)7
NamespaceMeta (co.cask.cdap.proto.NamespaceMeta)7
Authorizer (co.cask.cdap.security.spi.authorization.Authorizer)7
