Example 1 with SqoopException
use of org.apache.sqoop.common.SqoopException in project ranger by apache.
the class RangerSqoopAccessRequest method checkPrivileges.
@Override
public void checkPrivileges(MPrincipal principal, List<MPrivilege> privileges) throws SqoopException {
if (LOG.isDebugEnabled()) {
LOG.debug("==> RangerSqoopAuthorizer.checkPrivileges( principal=" + principal + ", privileges=" + privileges + ")");
}
if (CollectionUtils.isEmpty(privileges)) {
if (LOG.isDebugEnabled()) {
LOG.debug("<== RangerSqoopAuthorizer.checkPrivileges() return because privileges is empty.");
}
return;
}
RangerSqoopPlugin plugin = sqoopPlugin;
String clusterName = sqoopPlugin.getClusterName();
if (plugin != null) {
for (MPrivilege privilege : privileges) {
RangerSqoopAccessRequest request = new RangerSqoopAccessRequest(principal, privilege, clusterName, clientIPAddress);
RangerAccessResult result = plugin.isAccessAllowed(request);
if (result != null && !result.getIsAllowed()) {
throw new SqoopException(SecurityError.AUTH_0014, "principal=" + principal + " does not have privileges for : " + privilege);
}
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("<== RangerSqoopAuthorizer.checkPrivileges() success without exception.");
}
}
Also used :
MPrivilege(org.apache.sqoop.model.MPrivilege)
RangerAccessResult(org.apache.ranger.plugin.policyengine.RangerAccessResult)
SqoopException(org.apache.sqoop.common.SqoopException)
Example 2 with SqoopException
use of org.apache.sqoop.common.SqoopException in project testcases by coheigea.
the class SqoopSentryTest method testAliceUser.
// "alice" can create links and read connectors and jobs
@org.junit.Test
public void testAliceUser() throws Exception {
SqoopClient client = jettySqoopRunner.getSqoopClient("alice");
assertFalse(client.getConnectors().isEmpty());
assertEquals(client.getLinks().size(), 2);
assertEquals(client.getJobs().size(), 1);
// Update one of the links
MLink rdbmsLink = client.getLink("JDBC_link1");
assertNotNull(rdbmsLink);
rdbmsLink.setName("JDBC_link2");
client.updateLink(rdbmsLink, "JDBC_link1");
// Try to read the job
MJob job1 = client.getJob("HDFS_JDBS_job1");
assertNotNull(job1);
job1.setName("HDFS_JDBS_job2");
try {
client.updateJob(job1, "HDFS_JDBS_job1");
fail("Authorization failure expected");
} catch (SqoopException ex) {
// expected
}
}
Also used :
MJob(org.apache.sqoop.model.MJob)
MLink(org.apache.sqoop.model.MLink)
SqoopClient(org.apache.sqoop.client.SqoopClient)
SqoopException(org.apache.sqoop.common.SqoopException)
Example 3 with SqoopException
use of org.apache.sqoop.common.SqoopException in project testcases by coheigea.
the class SqoopRangerTest method testAliceUser.
// "alice" can create links and read connectors and jobs
@org.junit.Test
public void testAliceUser() throws Exception {
SqoopClient client = jettySqoopRunner.getSqoopClient("alice");
assertFalse(client.getConnectors().isEmpty());
assertEquals(client.getLinks().size(), 2);
assertEquals(client.getJobs().size(), 1);
// Update one of the links
MLink rdbmsLink = client.getLink("JDBC_link1");
assertNotNull(rdbmsLink);
rdbmsLink.setName("JDBC_link2");
client.updateLink(rdbmsLink, "JDBC_link1");
// Try to read the job
MJob job1 = client.getJob("HDFS_JDBS_job1");
assertNotNull(job1);
job1.setName("HDFS_JDBS_job2");
try {
client.updateJob(job1, "HDFS_JDBS_job1");
fail("Authorization failure expected");
} catch (SqoopException ex) {
// expected
}
}
Also used :
MJob(org.apache.sqoop.model.MJob)
MLink(org.apache.sqoop.model.MLink)
SqoopClient(org.apache.sqoop.client.SqoopClient)
SqoopException(org.apache.sqoop.common.SqoopException)
Aggregations
SqoopException (org.apache.sqoop.common.SqoopException)3
SqoopClient (org.apache.sqoop.client.SqoopClient)2
MJob (org.apache.sqoop.model.MJob)2
MLink (org.apache.sqoop.model.MLink)2
RangerAccessResult (org.apache.ranger.plugin.policyengine.RangerAccessResult)1
MPrivilege (org.apache.sqoop.model.MPrivilege)1
