Search in sources :

Example 46 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method changeAuthorizations.

public void changeAuthorizations(TCredentials credentials, String user, Authorizations authorizations) throws ThriftSecurityException {
    if (!canChangeAuthorizations(credentials, user))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    targetUserExists(user);
    try {
        authorizor.changeAuthorizations(user, authorizations);
        log.info("Changed authorizations for user {} at the request of user {}", user, credentials.getPrincipal());
    } catch (AccumuloSecurityException ase) {
        throw ase.asThriftException();
    }
}
Also used : AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException)

Example 47 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method revokeSystemPermission.

public void revokeSystemPermission(TCredentials credentials, String user, SystemPermission permission) throws ThriftSecurityException {
    if (!canRevokeSystem(credentials, user, permission))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    targetUserExists(user);
    try {
        permHandle.revokeSystemPermission(user, permission);
        log.info("Revoked system permission {} for user {} at the request of user {}", permission, user, credentials.getPrincipal());
    } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
    }
}
Also used : AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException)

Example 48 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method changePassword.

public void changePassword(TCredentials credentials, Credentials toChange) throws ThriftSecurityException {
    if (!canChangePassword(credentials, toChange.getPrincipal()))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    try {
        AuthenticationToken token = toChange.getToken();
        authenticator.changePassword(toChange.getPrincipal(), token);
        log.info("Changed password for user {} at the request of user {}", toChange.getPrincipal(), credentials.getPrincipal());
    } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
    }
}
Also used : AuthenticationToken(org.apache.accumulo.core.client.security.tokens.AuthenticationToken) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException)

Example 49 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method getUserAuthorizations.

public Authorizations getUserAuthorizations(TCredentials credentials, String user) throws ThriftSecurityException {
    authenticate(credentials);
    targetUserExists(user);
    if (!credentials.getPrincipal().equals(user) && !hasSystemPermission(credentials, SystemPermission.SYSTEM, false) && !hasSystemPermission(credentials, SystemPermission.ALTER_USER, false))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    return authorizor.getCachedUserAuthorizations(user);
}
Also used : ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException)

Example 50 with ThriftSecurityException

use of org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException in project accumulo by apache.

the class SecurityOperation method dropUser.

public void dropUser(TCredentials credentials, String user) throws ThriftSecurityException {
    if (!canDropUser(credentials, user))
        throw new ThriftSecurityException(credentials.getPrincipal(), SecurityErrorCode.PERMISSION_DENIED);
    try {
        authorizor.dropUser(user);
        authenticator.dropUser(user);
        permHandle.cleanUser(user);
        log.info("Deleted user {} at the request of user {}", user, credentials.getPrincipal());
    } catch (AccumuloSecurityException e) {
        throw e.asThriftException();
    }
}
Also used : AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) ThriftSecurityException(org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException)

Aggregations

ThriftSecurityException (org.apache.accumulo.core.clientImpl.thrift.ThriftSecurityException)61 AccumuloSecurityException (org.apache.accumulo.core.client.AccumuloSecurityException)33 TableNotFoundException (org.apache.accumulo.core.client.TableNotFoundException)28 TException (org.apache.thrift.TException)25 ThriftTableOperationException (org.apache.accumulo.core.clientImpl.thrift.ThriftTableOperationException)20 IOException (java.io.IOException)19 ArrayList (java.util.ArrayList)14 AccumuloException (org.apache.accumulo.core.client.AccumuloException)14 TableId (org.apache.accumulo.core.data.TableId)14 TKeyExtent (org.apache.accumulo.core.dataImpl.thrift.TKeyExtent)14 NamespaceNotFoundException (org.apache.accumulo.core.client.NamespaceNotFoundException)13 KeyExtent (org.apache.accumulo.core.dataImpl.KeyExtent)13 NamespaceId (org.apache.accumulo.core.data.NamespaceId)11 Tablet (org.apache.accumulo.tserver.tablet.Tablet)10 NoNodeException (org.apache.zookeeper.KeeperException.NoNodeException)10 HashSet (java.util.HashSet)9 NotServingTabletException (org.apache.accumulo.core.tabletserver.thrift.NotServingTabletException)9 TabletClientService (org.apache.accumulo.core.tabletserver.thrift.TabletClientService)9 HashMap (java.util.HashMap)8 Map (java.util.Map)8