org.apache.accumulo.server.security
Class SecurityOperation

java.lang.Object
  extended by org.apache.accumulo.server.security.SecurityOperation
Direct Known Subclasses:
AuditedSecurityOperation, WalkingSecurity

public class SecurityOperation
extends Object

Utility class for performing various security operations with the appropriate checks


Field Summary
protected  Authenticator authenticator
           
protected  Authorizor authorizor
           
protected static SecurityOperation instance
           
protected  PermissionHandler permHandle
           
 
Constructor Summary
SecurityOperation(Authorizor author, Authenticator authent, PermissionHandler pm, String instanceId)
           
SecurityOperation(String instanceId)
          Deprecated. not for client use
 
Method Summary
 boolean authenticateUser(TCredentials credentials, TCredentials toAuth)
           
 boolean canAlterTable(TCredentials c, String tableId)
           
 boolean canAskAboutUser(TCredentials credentials, String user)
           
 boolean canBulkImport(TCredentials c, String tableId)
           
 boolean canChangeAuthorizations(TCredentials c, String user)
           
 boolean canChangePassword(TCredentials c, String user)
           
 boolean canCloneTable(TCredentials c, String tableId)
           
 boolean canCompact(TCredentials c, String tableId)
           
 boolean canCreateTable(TCredentials c)
           
 boolean canCreateUser(TCredentials c, String user)
           
 boolean canDeleteRange(TCredentials c, String tableId)
           
 boolean canDeleteTable(TCredentials c, String tableId)
           
 boolean canDropUser(TCredentials c, String user)
           
 boolean canExport(TCredentials credentials, String tableId)
           
 boolean canFlush(TCredentials c, String tableId)
           
 boolean canGrantSystem(TCredentials c, String user, SystemPermission sysPerm)
           
 boolean canGrantTable(TCredentials c, String user, String table)
           
 boolean canImport(TCredentials credentials)
           
 boolean canMerge(TCredentials c, String tableId)
           
 boolean canOnlineOfflineTable(TCredentials c, String tableId)
           
 boolean canPerformSystemActions(TCredentials credentials)
          This is the check to perform any system action.
 boolean canRenameTable(TCredentials c, String tableId)
           
 boolean canRevokeSystem(TCredentials c, String user, SystemPermission sysPerm)
           
 boolean canRevokeTable(TCredentials c, String user, String table)
           
 boolean canScan(TCredentials credentials, String table)
           
 boolean canSplitTablet(TCredentials credentials, String table)
           
 boolean canWrite(TCredentials credentials, String table)
           
 void changeAuthorizations(TCredentials credentials, String user, Authorizations authorizations)
           
 void changePassword(TCredentials credentials, TCredentials toChange)
           
 void createUser(TCredentials credentials, TCredentials newUser, Authorizations authorizations)
           
 void deleteTable(TCredentials credentials, String tableId)
           
 void dropUser(TCredentials credentials, String user)
           
protected static Authenticator getAuthenticator(String instanceId, boolean initialize)
           
protected static Authorizor getAuthorizor(String instanceId, boolean initialize)
           
static SecurityOperation getInstance()
           
static SecurityOperation getInstance(String instanceId, boolean initialize)
           
protected static PermissionHandler getPermHandler(String instanceId, boolean initialize)
           
 String getRootUsername()
           
 Authorizations getUserAuthorizations(TCredentials credentials)
           
 Authorizations getUserAuthorizations(TCredentials credentials, String user)
           
 void grantSystemPermission(TCredentials credentials, String user, SystemPermission permissionById)
           
 void grantTablePermission(TCredentials c, String user, String tableId, TablePermission permission)
           
 boolean hasSystemPermission(TCredentials credentials, String user, SystemPermission permissionById)
           
 boolean hasTablePermission(TCredentials credentials, String user, String tableId, TablePermission permissionById)
           
 void initializeSecurity(TCredentials credentials, String rootPrincipal, byte[] token)
           
 Set<String> listUsers(TCredentials credentials)
           
 void revokeSystemPermission(TCredentials credentials, String user, SystemPermission permission)
           
 void revokeTablePermission(TCredentials c, String user, String tableId, TablePermission permission)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

authorizor

protected Authorizor authorizor

authenticator

protected Authenticator authenticator

permHandle

protected PermissionHandler permHandle

instance

protected static SecurityOperation instance
Constructor Detail

SecurityOperation

public SecurityOperation(String instanceId)
Deprecated. not for client use


SecurityOperation

public SecurityOperation(Authorizor author,
                         Authenticator authent,
                         PermissionHandler pm,
                         String instanceId)
Method Detail

getInstance

public static SecurityOperation getInstance()

getInstance

public static SecurityOperation getInstance(String instanceId,
                                            boolean initialize)

getAuthorizor

protected static Authorizor getAuthorizor(String instanceId,
                                          boolean initialize)

getAuthenticator

protected static Authenticator getAuthenticator(String instanceId,
                                                boolean initialize)

getPermHandler

protected static PermissionHandler getPermHandler(String instanceId,
                                                  boolean initialize)

initializeSecurity

public void initializeSecurity(TCredentials credentials,
                               String rootPrincipal,
                               byte[] token)
                        throws AccumuloSecurityException,
                               ThriftSecurityException
Throws:
AccumuloSecurityException
ThriftSecurityException

getRootUsername

public String getRootUsername()

canAskAboutUser

public boolean canAskAboutUser(TCredentials credentials,
                               String user)
                        throws ThriftSecurityException
Throws:
ThriftSecurityException

authenticateUser

public boolean authenticateUser(TCredentials credentials,
                                TCredentials toAuth)
                         throws ThriftSecurityException
Throws:
ThriftSecurityException

getUserAuthorizations

public Authorizations getUserAuthorizations(TCredentials credentials,
                                            String user)
                                     throws ThriftSecurityException
Throws:
ThriftSecurityException

getUserAuthorizations

public Authorizations getUserAuthorizations(TCredentials credentials)
                                     throws ThriftSecurityException
Throws:
ThriftSecurityException

canScan

public boolean canScan(TCredentials credentials,
                       String table)
                throws ThriftSecurityException
Throws:
ThriftSecurityException

canWrite

public boolean canWrite(TCredentials credentials,
                        String table)
                 throws ThriftSecurityException
Throws:
ThriftSecurityException

canSplitTablet

public boolean canSplitTablet(TCredentials credentials,
                              String table)
                       throws ThriftSecurityException
Throws:
ThriftSecurityException

canPerformSystemActions

public boolean canPerformSystemActions(TCredentials credentials)
                                throws ThriftSecurityException
This is the check to perform any system action. This includes tserver's loading of a tablet, shutting the system down, or altering system properties.

Throws:
ThriftSecurityException

canFlush

public boolean canFlush(TCredentials c,
                        String tableId)
                 throws ThriftSecurityException
Throws:
ThriftSecurityException

canAlterTable

public boolean canAlterTable(TCredentials c,
                             String tableId)
                      throws ThriftSecurityException
Throws:
ThriftSecurityException

canCreateTable

public boolean canCreateTable(TCredentials c)
                       throws ThriftSecurityException
Throws:
ThriftSecurityException

canRenameTable

public boolean canRenameTable(TCredentials c,
                              String tableId)
                       throws ThriftSecurityException
Throws:
ThriftSecurityException

canCloneTable

public boolean canCloneTable(TCredentials c,
                             String tableId)
                      throws ThriftSecurityException
Throws:
ThriftSecurityException

canDeleteTable

public boolean canDeleteTable(TCredentials c,
                              String tableId)
                       throws ThriftSecurityException
Throws:
ThriftSecurityException

canOnlineOfflineTable

public boolean canOnlineOfflineTable(TCredentials c,
                                     String tableId)
                              throws ThriftSecurityException
Throws:
ThriftSecurityException

canMerge

public boolean canMerge(TCredentials c,
                        String tableId)
                 throws ThriftSecurityException
Throws:
ThriftSecurityException

canDeleteRange

public boolean canDeleteRange(TCredentials c,
                              String tableId)
                       throws ThriftSecurityException
Throws:
ThriftSecurityException

canBulkImport

public boolean canBulkImport(TCredentials c,
                             String tableId)
                      throws ThriftSecurityException
Throws:
ThriftSecurityException

canCompact

public boolean canCompact(TCredentials c,
                          String tableId)
                   throws ThriftSecurityException
Throws:
ThriftSecurityException

canChangeAuthorizations

public boolean canChangeAuthorizations(TCredentials c,
                                       String user)
                                throws ThriftSecurityException
Throws:
ThriftSecurityException

canChangePassword

public boolean canChangePassword(TCredentials c,
                                 String user)
                          throws ThriftSecurityException
Throws:
ThriftSecurityException

canCreateUser

public boolean canCreateUser(TCredentials c,
                             String user)
                      throws ThriftSecurityException
Throws:
ThriftSecurityException

canDropUser

public boolean canDropUser(TCredentials c,
                           String user)
                    throws ThriftSecurityException
Throws:
ThriftSecurityException

canGrantSystem

public boolean canGrantSystem(TCredentials c,
                              String user,
                              SystemPermission sysPerm)
                       throws ThriftSecurityException
Throws:
ThriftSecurityException

canGrantTable

public boolean canGrantTable(TCredentials c,
                             String user,
                             String table)
                      throws ThriftSecurityException
Throws:
ThriftSecurityException

canRevokeSystem

public boolean canRevokeSystem(TCredentials c,
                               String user,
                               SystemPermission sysPerm)
                        throws ThriftSecurityException
Throws:
ThriftSecurityException

canRevokeTable

public boolean canRevokeTable(TCredentials c,
                              String user,
                              String table)
                       throws ThriftSecurityException
Throws:
ThriftSecurityException

changeAuthorizations

public void changeAuthorizations(TCredentials credentials,
                                 String user,
                                 Authorizations authorizations)
                          throws ThriftSecurityException
Throws:
ThriftSecurityException

changePassword

public void changePassword(TCredentials credentials,
                           TCredentials toChange)
                    throws ThriftSecurityException
Throws:
ThriftSecurityException

createUser

public void createUser(TCredentials credentials,
                       TCredentials newUser,
                       Authorizations authorizations)
                throws ThriftSecurityException
Throws:
ThriftSecurityException

dropUser

public void dropUser(TCredentials credentials,
                     String user)
              throws ThriftSecurityException
Throws:
ThriftSecurityException

grantSystemPermission

public void grantSystemPermission(TCredentials credentials,
                                  String user,
                                  SystemPermission permissionById)
                           throws ThriftSecurityException
Throws:
ThriftSecurityException

grantTablePermission

public void grantTablePermission(TCredentials c,
                                 String user,
                                 String tableId,
                                 TablePermission permission)
                          throws ThriftSecurityException
Throws:
ThriftSecurityException

revokeSystemPermission

public void revokeSystemPermission(TCredentials credentials,
                                   String user,
                                   SystemPermission permission)
                            throws ThriftSecurityException
Throws:
ThriftSecurityException

revokeTablePermission

public void revokeTablePermission(TCredentials c,
                                  String user,
                                  String tableId,
                                  TablePermission permission)
                           throws ThriftSecurityException
Throws:
ThriftSecurityException

hasSystemPermission

public boolean hasSystemPermission(TCredentials credentials,
                                   String user,
                                   SystemPermission permissionById)
                            throws ThriftSecurityException
Throws:
ThriftSecurityException

hasTablePermission

public boolean hasTablePermission(TCredentials credentials,
                                  String user,
                                  String tableId,
                                  TablePermission permissionById)
                           throws ThriftSecurityException
Throws:
ThriftSecurityException

listUsers

public Set<String> listUsers(TCredentials credentials)
                      throws ThriftSecurityException
Throws:
ThriftSecurityException

deleteTable

public void deleteTable(TCredentials credentials,
                        String tableId)
                 throws ThriftSecurityException
Throws:
ThriftSecurityException

canExport

public boolean canExport(TCredentials credentials,
                         String tableId)
                  throws ThriftSecurityException
Throws:
ThriftSecurityException

canImport

public boolean canImport(TCredentials credentials)
                  throws ThriftSecurityException
Throws:
ThriftSecurityException


Copyright © 2013 Apache Accumulo Project. All Rights Reserved.