org.apache.accumulo.server.security.handler
Interface PermissionHandler

All Known Implementing Classes:
InsecurePermHandler, WalkingSecurity, ZKPermHandler

public interface PermissionHandler

This interface is used for the system which will be used for getting a users permissions. If the implementation does not support configuration through Accumulo, it should throw an AccumuloSecurityException with the error code UNSUPPORTED_OPERATION


Method Summary
 void cleanTablePermissions(String table)
          Cleans up the permissions for a table.
 void cleanUser(String user)
          Deletes a user
 void grantSystemPermission(String user, SystemPermission permission)
          Gives the user the given system permission
 void grantTablePermission(String user, String table, TablePermission permission)
          Gives the user the given table permission
 boolean hasCachedSystemPermission(String user, SystemPermission permission)
          Used to get the system permission for the user, with caching due to high frequency operation.
 boolean hasCachedTablePermission(String user, String table, TablePermission permission)
          Used to get the table permission of a user for a table, with caching.
 boolean hasSystemPermission(String user, SystemPermission permission)
          Used to get the system permission for the user
 boolean hasTablePermission(String user, String table, TablePermission permission)
          Used to get the table permission of a user for a table
 void initialize(String instanceId, boolean initialize)
          Sets up the permission handler for a new instance of Accumulo
 void initializeSecurity(TCredentials credentials, String rootuser)
          Used to initialize security for the root user
 void initTable(String table)
          Initializes a new user
 void initUser(String user)
          Initializes a new user
 void revokeSystemPermission(String user, SystemPermission permission)
          Denies the user the given system permission
 void revokeTablePermission(String user, String table, TablePermission permission)
          Denies the user the given table permission.
 boolean validSecurityHandlers(Authenticator authent, Authorizor author)
          Used to validate that the Authorizor, Authenticator, and permission handler can coexist
 

Method Detail

initialize

void initialize(String instanceId,
                boolean initialize)
Sets up the permission handler for a new instance of Accumulo


validSecurityHandlers

boolean validSecurityHandlers(Authenticator authent,
                              Authorizor author)
Used to validate that the Authorizor, Authenticator, and permission handler can coexist


initializeSecurity

void initializeSecurity(TCredentials credentials,
                        String rootuser)
                        throws AccumuloSecurityException,
                               ThriftSecurityException
Used to initialize security for the root user

Throws:
AccumuloSecurityException
ThriftSecurityException

hasSystemPermission

boolean hasSystemPermission(String user,
                            SystemPermission permission)
                            throws AccumuloSecurityException
Used to get the system permission for the user

Throws:
AccumuloSecurityException

hasCachedSystemPermission

boolean hasCachedSystemPermission(String user,
                                  SystemPermission permission)
                                  throws AccumuloSecurityException
Used to get the system permission for the user, with caching due to high frequency operation. NOTE: At this time, this method is unused but is included just in case we need it in the future.

Throws:
AccumuloSecurityException

hasTablePermission

boolean hasTablePermission(String user,
                           String table,
                           TablePermission permission)
                           throws AccumuloSecurityException,
                                  TableNotFoundException
Used to get the table permission of a user for a table

Throws:
AccumuloSecurityException
TableNotFoundException

hasCachedTablePermission

boolean hasCachedTablePermission(String user,
                                 String table,
                                 TablePermission permission)
                                 throws AccumuloSecurityException,
                                        TableNotFoundException
Used to get the table permission of a user for a table, with caching. This method is for high frequency operations

Throws:
AccumuloSecurityException
TableNotFoundException

grantSystemPermission

void grantSystemPermission(String user,
                           SystemPermission permission)
                           throws AccumuloSecurityException
Gives the user the given system permission

Throws:
AccumuloSecurityException

revokeSystemPermission

void revokeSystemPermission(String user,
                            SystemPermission permission)
                            throws AccumuloSecurityException
Denies the user the given system permission

Throws:
AccumuloSecurityException

grantTablePermission

void grantTablePermission(String user,
                          String table,
                          TablePermission permission)
                          throws AccumuloSecurityException,
                                 TableNotFoundException
Gives the user the given table permission

Throws:
AccumuloSecurityException
TableNotFoundException

revokeTablePermission

void revokeTablePermission(String user,
                           String table,
                           TablePermission permission)
                           throws AccumuloSecurityException,
                                  TableNotFoundException
Denies the user the given table permission.

Throws:
AccumuloSecurityException
TableNotFoundException

cleanTablePermissions

void cleanTablePermissions(String table)
                           throws AccumuloSecurityException,
                                  TableNotFoundException
Cleans up the permissions for a table. Used when a table gets deleted.

Throws:
AccumuloSecurityException
TableNotFoundException

initUser

void initUser(String user)
              throws AccumuloSecurityException
Initializes a new user

Throws:
AccumuloSecurityException

initTable

void initTable(String table)
               throws AccumuloSecurityException
Initializes a new user

Throws:
AccumuloSecurityException

cleanUser

void cleanUser(String user)
               throws AccumuloSecurityException
Deletes a user

Throws:
AccumuloSecurityException


Copyright © 2013 Apache Accumulo Project. All Rights Reserved.