use of co.cask.cdap.proto.security.Action in project cdap by caskdata.
the class RevokeActionCommand method perform.
@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
EntityId entity = EntityId.fromString(arguments.get(ArgumentName.ENTITY.toString()));
String principalName = arguments.getOptional("principal-name", null);
String type = arguments.getOptional("principal-type", null);
Principal.PrincipalType principalType = type != null ? Principal.PrincipalType.valueOf(type.toUpperCase()) : null;
Principal principal = type != null ? new Principal(principalName, principalType) : null;
String actionsString = arguments.getOptional("actions", null);
Set<Action> actions = actionsString == null ? null : ACTIONS_STRING_TO_SET.apply(actionsString);
client.revoke(entity, principal, actions);
if (principal == null && actions == null) {
// Revoked all actions for all principals on the entity
output.printf("Successfully revoked all actions on entity '%s' for all principals", entity.toString());
} else {
// currently, the CLI only supports 2 scenarios:
// 1. both actions and principal are null - supported in the if block.
// 2. both actions and principal are non-null - supported here. So it should be ok to have preconditions here to
// enforce that both are non-null. In fact, if only one of them is null, the CLI will fail to parse the command.
Preconditions.checkNotNull(actions, "Actions cannot be null when principal is not null in the revoke command");
Preconditions.checkNotNull(principal, "Principal cannot be null when actions is not null in the revoke command");
output.printf("Successfully revoked action(s) '%s' on entity '%s' for %s '%s'\n", Joiner.on(",").join(actions), entity.toString(), principal.getType(), principal.getName());
}
}
use of co.cask.cdap.proto.security.Action in project cdap by caskdata.
the class GrantActionCommand method perform.
@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
EntityId entity = EntityId.fromString(arguments.get(ArgumentName.ENTITY.toString()));
String principalName = arguments.get("principal-name");
Principal.PrincipalType principalType = Principal.PrincipalType.valueOf(arguments.get("principal-type").toUpperCase());
Principal principal = new Principal(principalName, principalType);
Set<Action> actions = ACTIONS_STRING_TO_SET.apply(arguments.get("actions"));
// actions is not an optional argument so should never be null
Preconditions.checkNotNull(actions, "Actions can never be null in the grant command.");
client.grant(entity, principal, actions);
output.printf("Successfully granted action(s) '%s' on entity '%s' to %s '%s'\n", Joiner.on(",").join(actions), entity.toString(), principal.getType(), principal.getName());
}
use of co.cask.cdap.proto.security.Action in project cdap by caskdata.
the class DatasetInstanceService method create.
/**
* Creates a dataset instance.
*
* @param namespaceId the namespace to create the dataset instance in
* @param name the name of the new dataset instance
* @param props the properties for the new dataset instance
* @throws NamespaceNotFoundException if the specified namespace was not found
* @throws DatasetAlreadyExistsException if a dataset with the same name already exists
* @throws DatasetTypeNotFoundException if the dataset type was not found
* @throws UnauthorizedException if perimeter security and authorization are enabled, and the current user does not
* have {@link Action#WRITE} privilege on the #instance's namespace
*/
void create(String namespaceId, String name, DatasetInstanceConfiguration props) throws Exception {
NamespaceId namespace = ConversionHelpers.toNamespaceId(namespaceId);
Principal principal = authenticationContext.getPrincipal();
authorizationEnforcer.enforce(namespace, principal, Action.WRITE);
ensureNamespaceExists(namespace);
DatasetId datasetId = ConversionHelpers.toDatasetInstanceId(namespaceId, name);
DatasetSpecification existing = instanceManager.get(datasetId);
if (existing != null) {
throw new DatasetAlreadyExistsException(datasetId);
}
DatasetTypeMeta typeMeta = getTypeInfo(namespace, props.getTypeName());
if (typeMeta == null) {
// Type not found in the instance's namespace and the system namespace. Bail out.
throw new DatasetTypeNotFoundException(ConversionHelpers.toDatasetTypeId(namespace, props.getTypeName()));
}
// It is now determined that a new dataset will be created. First grant privileges, then create the dataset.
// If creation fails, revoke the granted privileges. This ensures that just like delete, there may be orphaned
// privileges in rare scenarios, but there can never be orphaned datasets.
// If the dataset previously existed and was deleted, but revoking privileges somehow failed, there may be orphaned
// privileges for the dataset. Revoke them first, so no users unintentionally get privileges on the dataset.
privilegesManager.revoke(datasetId);
// grant all privileges on the dataset to be created
privilegesManager.grant(datasetId, principal, EnumSet.allOf(Action.class));
LOG.info("Creating dataset {}.{}, type name: {}, properties: {}", namespaceId, name, props.getTypeName(), props.getProperties());
// Note how we execute configure() via opExecutorClient (outside of ds service) to isolate running user code
try {
String ownerPrincipal = props.getOwnerPrincipal();
// exists or not
if (ownerPrincipal != null) {
KerberosPrincipalId owner = new KerberosPrincipalId(ownerPrincipal);
ownerAdmin.add(datasetId, owner);
}
try {
DatasetSpecification spec = opExecutorClient.create(datasetId, typeMeta, DatasetProperties.builder().addAll(props.getProperties()).setDescription(props.getDescription()).build());
instanceManager.add(namespace, spec);
metaCache.invalidate(datasetId);
publishAudit(datasetId, AuditType.CREATE);
// Enable explore
enableExplore(datasetId, spec, props);
} catch (Exception e) {
// there was a problem in creating the dataset instance so delete the owner if it got added earlier
// safe to call for entities which does not have an owner too
ownerAdmin.delete(datasetId);
throw e;
}
} catch (Exception e) {
// there was a problem in creating the dataset instance so revoke the privileges
privilegesManager.revoke(datasetId);
throw e;
}
}
use of co.cask.cdap.proto.security.Action in project cdap by caskdata.
the class HiveExploreServiceStreamTest method revokeAndAssertSuccess.
private static void revokeAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
Set<Privilege> existingPrivileges = new HashSet<>(authorizer.listPrivileges(principal));
authorizer.revoke(entityId, principal, actions);
for (Action action : actions) {
existingPrivileges.remove(new Privilege(entityId, action));
}
Assert.assertEquals(existingPrivileges, authorizer.listPrivileges(principal));
}
use of co.cask.cdap.proto.security.Action in project cdap by caskdata.
the class HiveExploreServiceStreamTest method grantAndAssertSuccess.
private static void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
Set<Privilege> existingPrivileges = new HashSet<>(authorizer.listPrivileges(principal));
authorizer.grant(entityId, principal, actions);
ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
for (Action action : actions) {
expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
}
Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()), authorizer.listPrivileges(principal));
}
Aggregations