Examples with InputUser - org.apache.hadoop.hbase.security.access.AccessChecker.InputUser

Example 1 with InputUser

use of org.apache.hadoop.hbase.security.access.AccessChecker.InputUser in project hbase by apache.

the class MasterRpcServices method hasUserPermissions.

@Override
public HasUserPermissionsResponse hasUserPermissions(RpcController controller, HasUserPermissionsRequest request) throws ServiceException {
    try {
        server.checkInitialized();
        if (server.cpHost != null && hasAccessControlServiceCoprocessor(server.cpHost)) {
            User caller = RpcServer.getRequestUser().orElse(null);
            String userName = request.hasUserName() ? request.getUserName().toStringUtf8() : caller.getShortName();
            List<Permission> permissions = new ArrayList<>();
            for (int i = 0; i < request.getPermissionCount(); i++) {
                permissions.add(ShadedAccessControlUtil.toPermission(request.getPermission(i)));
            }
            server.getMasterCoprocessorHost().preHasUserPermissions(userName, permissions);
            if (!caller.getShortName().equals(userName)) {
                List<String> groups = AccessChecker.getUserGroups(userName);
                caller = new InputUser(userName, groups.toArray(new String[groups.size()]));
            }
            List<Boolean> hasUserPermissions = new ArrayList<>();
            if (getAccessChecker() != null) {
                for (Permission permission : permissions) {
                    boolean hasUserPermission = getAccessChecker().hasUserPermission(caller, "hasUserPermissions", permission);
                    hasUserPermissions.add(hasUserPermission);
                }
            } else {
                for (int i = 0; i < permissions.size(); i++) {
                    hasUserPermissions.add(true);
                }
            }
            server.getMasterCoprocessorHost().postHasUserPermissions(userName, permissions);
            HasUserPermissionsResponse.Builder builder = HasUserPermissionsResponse.newBuilder().addAllHasUserPermission(hasUserPermissions);
            return builder.build();
        } else {
            throw new DoNotRetryIOException(new UnsupportedOperationException(AccessController.class.getName() + " is not loaded"));
        }
    } catch (IOException ioe) {
        throw new ServiceException(ioe);
    }
}

Also used : HasUserPermissionsResponse(org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.HasUserPermissionsResponse) InputUser(org.apache.hadoop.hbase.security.access.AccessChecker.InputUser) User(org.apache.hadoop.hbase.security.User) InputUser(org.apache.hadoop.hbase.security.access.AccessChecker.InputUser) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) ArrayList(java.util.ArrayList) ByteString(org.apache.hbase.thirdparty.com.google.protobuf.ByteString) IOException(java.io.IOException) DoNotRetryIOException(org.apache.hadoop.hbase.DoNotRetryIOException) AccessController(org.apache.hadoop.hbase.security.access.AccessController) ServiceException(org.apache.hbase.thirdparty.com.google.protobuf.ServiceException) Permission(org.apache.hadoop.hbase.security.access.Permission) UserPermission(org.apache.hadoop.hbase.security.access.UserPermission)

Aggregations

IOException (java.io.IOException)1 ArrayList (java.util.ArrayList)1 DoNotRetryIOException (org.apache.hadoop.hbase.DoNotRetryIOException)1 User (org.apache.hadoop.hbase.security.User)1 InputUser (org.apache.hadoop.hbase.security.access.AccessChecker.InputUser)1 AccessController (org.apache.hadoop.hbase.security.access.AccessController)1 Permission (org.apache.hadoop.hbase.security.access.Permission)1 UserPermission (org.apache.hadoop.hbase.security.access.UserPermission)1 HasUserPermissionsResponse (org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.HasUserPermissionsResponse)1 ByteString (org.apache.hbase.thirdparty.com.google.protobuf.ByteString)1 ServiceException (org.apache.hbase.thirdparty.com.google.protobuf.ServiceException)1