org.apache.accumulo.server.security
Class SecurityOperation
java.lang.Object
org.apache.accumulo.server.security.SecurityOperation
- Direct Known Subclasses:
- AuditedSecurityOperation, WalkingSecurity
public class SecurityOperation
- extends Object
Utility class for performing various security operations with the appropriate checks
Method Summary |
boolean |
authenticateUser(TCredentials credentials,
TCredentials toAuth)
|
boolean |
canAlterTable(TCredentials c,
String tableId)
|
boolean |
canAskAboutUser(TCredentials credentials,
String user)
|
boolean |
canBulkImport(TCredentials c,
String tableId)
|
boolean |
canChangeAuthorizations(TCredentials c,
String user)
|
boolean |
canChangePassword(TCredentials c,
String user)
|
boolean |
canCloneTable(TCredentials c,
String tableId)
|
boolean |
canCompact(TCredentials c,
String tableId)
|
boolean |
canCreateTable(TCredentials c)
|
boolean |
canCreateUser(TCredentials c,
String user)
|
boolean |
canDeleteRange(TCredentials c,
String tableId)
|
boolean |
canDeleteTable(TCredentials c,
String tableId)
|
boolean |
canDropUser(TCredentials c,
String user)
|
boolean |
canExport(TCredentials credentials,
String tableId)
|
boolean |
canFlush(TCredentials c,
String tableId)
|
boolean |
canGrantSystem(TCredentials c,
String user,
SystemPermission sysPerm)
|
boolean |
canGrantTable(TCredentials c,
String user,
String table)
|
boolean |
canImport(TCredentials credentials)
|
boolean |
canMerge(TCredentials c,
String tableId)
|
boolean |
canOnlineOfflineTable(TCredentials c,
String tableId)
|
boolean |
canPerformSystemActions(TCredentials credentials)
This is the check to perform any system action. |
boolean |
canRenameTable(TCredentials c,
String tableId)
|
boolean |
canRevokeSystem(TCredentials c,
String user,
SystemPermission sysPerm)
|
boolean |
canRevokeTable(TCredentials c,
String user,
String table)
|
boolean |
canScan(TCredentials credentials,
String table)
|
boolean |
canSplitTablet(TCredentials credentials,
String table)
|
boolean |
canWrite(TCredentials credentials,
String table)
|
void |
changeAuthorizations(TCredentials credentials,
String user,
Authorizations authorizations)
|
void |
changePassword(TCredentials credentials,
TCredentials toChange)
|
void |
createUser(TCredentials credentials,
TCredentials newUser,
Authorizations authorizations)
|
void |
deleteTable(TCredentials credentials,
String tableId)
|
void |
dropUser(TCredentials credentials,
String user)
|
protected static Authenticator |
getAuthenticator(String instanceId,
boolean initialize)
|
protected static Authorizor |
getAuthorizor(String instanceId,
boolean initialize)
|
static SecurityOperation |
getInstance()
|
static SecurityOperation |
getInstance(String instanceId,
boolean initialize)
|
protected static PermissionHandler |
getPermHandler(String instanceId,
boolean initialize)
|
String |
getRootUsername()
|
Authorizations |
getUserAuthorizations(TCredentials credentials)
|
Authorizations |
getUserAuthorizations(TCredentials credentials,
String user)
|
void |
grantSystemPermission(TCredentials credentials,
String user,
SystemPermission permissionById)
|
void |
grantTablePermission(TCredentials c,
String user,
String tableId,
TablePermission permission)
|
boolean |
hasSystemPermission(TCredentials credentials,
String user,
SystemPermission permissionById)
|
boolean |
hasTablePermission(TCredentials credentials,
String user,
String tableId,
TablePermission permissionById)
|
void |
initializeSecurity(TCredentials credentials,
String rootPrincipal,
byte[] token)
|
Set<String> |
listUsers(TCredentials credentials)
|
void |
revokeSystemPermission(TCredentials credentials,
String user,
SystemPermission permission)
|
void |
revokeTablePermission(TCredentials c,
String user,
String tableId,
TablePermission permission)
|
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
authorizor
protected Authorizor authorizor
authenticator
protected Authenticator authenticator
permHandle
protected PermissionHandler permHandle
instance
protected static SecurityOperation instance
SecurityOperation
public SecurityOperation(String instanceId)
- Deprecated. not for client use
SecurityOperation
public SecurityOperation(Authorizor author,
Authenticator authent,
PermissionHandler pm,
String instanceId)
getInstance
public static SecurityOperation getInstance()
getInstance
public static SecurityOperation getInstance(String instanceId,
boolean initialize)
getAuthorizor
protected static Authorizor getAuthorizor(String instanceId,
boolean initialize)
getAuthenticator
protected static Authenticator getAuthenticator(String instanceId,
boolean initialize)
getPermHandler
protected static PermissionHandler getPermHandler(String instanceId,
boolean initialize)
initializeSecurity
public void initializeSecurity(TCredentials credentials,
String rootPrincipal,
byte[] token)
throws AccumuloSecurityException,
ThriftSecurityException
- Throws:
AccumuloSecurityException
ThriftSecurityException
getRootUsername
public String getRootUsername()
canAskAboutUser
public boolean canAskAboutUser(TCredentials credentials,
String user)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
authenticateUser
public boolean authenticateUser(TCredentials credentials,
TCredentials toAuth)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
getUserAuthorizations
public Authorizations getUserAuthorizations(TCredentials credentials,
String user)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
getUserAuthorizations
public Authorizations getUserAuthorizations(TCredentials credentials)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canScan
public boolean canScan(TCredentials credentials,
String table)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canWrite
public boolean canWrite(TCredentials credentials,
String table)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canSplitTablet
public boolean canSplitTablet(TCredentials credentials,
String table)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canPerformSystemActions
public boolean canPerformSystemActions(TCredentials credentials)
throws ThriftSecurityException
- This is the check to perform any system action. This includes tserver's loading of a tablet, shutting the system down, or altering system properties.
- Throws:
ThriftSecurityException
canFlush
public boolean canFlush(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canAlterTable
public boolean canAlterTable(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canCreateTable
public boolean canCreateTable(TCredentials c)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canRenameTable
public boolean canRenameTable(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canCloneTable
public boolean canCloneTable(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canDeleteTable
public boolean canDeleteTable(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canOnlineOfflineTable
public boolean canOnlineOfflineTable(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canMerge
public boolean canMerge(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canDeleteRange
public boolean canDeleteRange(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canBulkImport
public boolean canBulkImport(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canCompact
public boolean canCompact(TCredentials c,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canChangeAuthorizations
public boolean canChangeAuthorizations(TCredentials c,
String user)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canChangePassword
public boolean canChangePassword(TCredentials c,
String user)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canCreateUser
public boolean canCreateUser(TCredentials c,
String user)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canDropUser
public boolean canDropUser(TCredentials c,
String user)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canGrantSystem
public boolean canGrantSystem(TCredentials c,
String user,
SystemPermission sysPerm)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canGrantTable
public boolean canGrantTable(TCredentials c,
String user,
String table)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canRevokeSystem
public boolean canRevokeSystem(TCredentials c,
String user,
SystemPermission sysPerm)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canRevokeTable
public boolean canRevokeTable(TCredentials c,
String user,
String table)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
changeAuthorizations
public void changeAuthorizations(TCredentials credentials,
String user,
Authorizations authorizations)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
changePassword
public void changePassword(TCredentials credentials,
TCredentials toChange)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
createUser
public void createUser(TCredentials credentials,
TCredentials newUser,
Authorizations authorizations)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
dropUser
public void dropUser(TCredentials credentials,
String user)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
grantSystemPermission
public void grantSystemPermission(TCredentials credentials,
String user,
SystemPermission permissionById)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
grantTablePermission
public void grantTablePermission(TCredentials c,
String user,
String tableId,
TablePermission permission)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
revokeSystemPermission
public void revokeSystemPermission(TCredentials credentials,
String user,
SystemPermission permission)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
revokeTablePermission
public void revokeTablePermission(TCredentials c,
String user,
String tableId,
TablePermission permission)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
hasSystemPermission
public boolean hasSystemPermission(TCredentials credentials,
String user,
SystemPermission permissionById)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
hasTablePermission
public boolean hasTablePermission(TCredentials credentials,
String user,
String tableId,
TablePermission permissionById)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
listUsers
public Set<String> listUsers(TCredentials credentials)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
deleteTable
public void deleteTable(TCredentials credentials,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canExport
public boolean canExport(TCredentials credentials,
String tableId)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
canImport
public boolean canImport(TCredentials credentials)
throws ThriftSecurityException
- Throws:
ThriftSecurityException
Copyright © 2013 Apache Accumulo Project. All Rights Reserved.