fe/src/main/java/org/apache/impala/authorization/Privilege.java - impala - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.

 package org.apache.impala.authorization;

 import java.util.EnumSet;

 import org.apache.sentry.core.common.Action;
 import org.apache.sentry.core.common.BitFieldAction;

 /**
  * Maps an Impala Privilege to one or more Impala "Actions".
  */
 public enum Privilege {
   ALL(ImpalaAction.ALL, false),
   ALTER(ImpalaAction.ALTER, false),
   DROP(ImpalaAction.DROP, false),
   CREATE(ImpalaAction.CREATE, false),
   INSERT(ImpalaAction.INSERT, false),
   SELECT(ImpalaAction.SELECT, false),
   REFRESH(ImpalaAction.REFRESH, false),
   // Privileges required to view metadata on a server object.
   VIEW_METADATA(EnumSet.of(ImpalaAction.INSERT, ImpalaAction.SELECT,
       ImpalaAction.REFRESH), true),
   // Special privilege that is used to determine if the user has any valid privileges
   // on a target object.
   ANY(EnumSet.allOf(ImpalaAction.class), true),
   ;

   private final EnumSet<ImpalaAction> actions;

   // Determines whether to check if the user has ANY the privileges defined in the
   // actions list or whether to check if the user has ALL of the privileges in the
   // actions list.
   private final boolean anyOf_;

   /**
    * This enum provides a list of Sentry actions used in Impala.
    */
   public enum ImpalaAction implements Action {
     SELECT("select", 1),
     INSERT("insert", 1 << 2),
     ALTER("alter", 1 << 3),
     CREATE("create", 1 << 4),
     DROP("drop", 1 << 5),
     REFRESH("refresh", 1 << 6),
     ALL("*",
         SELECT.getCode() |
         INSERT.getCode() |
         ALTER.getCode() |
         CREATE.getCode() |
         DROP.getCode() |
         REFRESH.getCode()),
     OWNER("owner", ALL.getCode());

     private final BitFieldAction bitFieldAction_;

     // In Sentry 1.5.1, BitFieldAction is an abstract class. In Sentry 2.0.0,
     // BitFieldAction is no longer an absract class. To support both versions,
     // we can extend BitFieldAction.
     private static class ImpalaBitFieldAction extends BitFieldAction {
       public ImpalaBitFieldAction(String name, int code) {
         super(name, code);
       }
     }

     ImpalaAction(String value, int code) {
       bitFieldAction_ = new ImpalaBitFieldAction(value, code);
     }

     @Override
     public String getValue() { return bitFieldAction_.getValue(); }

     public int getCode() { return bitFieldAction_.getActionCode(); }

     public BitFieldAction getBitFieldAction() { return bitFieldAction_; }
   }

   private Privilege(EnumSet<ImpalaAction> actions, boolean anyOf) {
     this.actions = actions;
     this.anyOf_ = anyOf;
   }

   private Privilege(ImpalaAction action, boolean anyOf) {
     this(EnumSet.of(action), anyOf);
   }

   /*
    * Returns the set of Sentry Access Actions mapping to this Privilege.
    */
   public EnumSet<ImpalaAction> getSentryActions() {
     return actions;
   }

   /*
    * Determines whether to check if the user has ANY the privileges defined in the
    * actions list or whether to check if the user has ALL of the privileges in the
    * actions list.
    */
   public boolean getAnyOf() { return anyOf_; }
 }
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.

	package org.apache.impala.authorization;

	import java.util.EnumSet;

	import org.apache.sentry.core.common.Action;
	import org.apache.sentry.core.common.BitFieldAction;

	/**
	* Maps an Impala Privilege to one or more Impala "Actions".
	*/
	public enum Privilege {
	ALL(ImpalaAction.ALL, false),
	ALTER(ImpalaAction.ALTER, false),
	DROP(ImpalaAction.DROP, false),
	CREATE(ImpalaAction.CREATE, false),
	INSERT(ImpalaAction.INSERT, false),
	SELECT(ImpalaAction.SELECT, false),
	REFRESH(ImpalaAction.REFRESH, false),
	// Privileges required to view metadata on a server object.
	VIEW_METADATA(EnumSet.of(ImpalaAction.INSERT, ImpalaAction.SELECT,
	ImpalaAction.REFRESH), true),
	// Special privilege that is used to determine if the user has any valid privileges
	// on a target object.
	ANY(EnumSet.allOf(ImpalaAction.class), true),
	;

	private final EnumSet<ImpalaAction> actions;

	// Determines whether to check if the user has ANY the privileges defined in the
	// actions list or whether to check if the user has ALL of the privileges in the
	// actions list.
	private final boolean anyOf_;

	/**
	* This enum provides a list of Sentry actions used in Impala.
	*/
	public enum ImpalaAction implements Action {
	SELECT("select", 1),
	INSERT("insert", 1 << 2),
	ALTER("alter", 1 << 3),
	CREATE("create", 1 << 4),
	DROP("drop", 1 << 5),
	REFRESH("refresh", 1 << 6),
	ALL("*",
	SELECT.getCode() \|
	INSERT.getCode() \|
	ALTER.getCode() \|
	CREATE.getCode() \|
	DROP.getCode() \|
	REFRESH.getCode()),
	OWNER("owner", ALL.getCode());

	private final BitFieldAction bitFieldAction_;

	// In Sentry 1.5.1, BitFieldAction is an abstract class. In Sentry 2.0.0,
	// BitFieldAction is no longer an absract class. To support both versions,
	// we can extend BitFieldAction.
	private static class ImpalaBitFieldAction extends BitFieldAction {
	public ImpalaBitFieldAction(String name, int code) {
	super(name, code);
	}
	}

	ImpalaAction(String value, int code) {
	bitFieldAction_ = new ImpalaBitFieldAction(value, code);
	}

	@Override
	public String getValue() { return bitFieldAction_.getValue(); }

	public int getCode() { return bitFieldAction_.getActionCode(); }

	public BitFieldAction getBitFieldAction() { return bitFieldAction_; }
	}

	private Privilege(EnumSet<ImpalaAction> actions, boolean anyOf) {
	this.actions = actions;
	this.anyOf_ = anyOf;
	}

	private Privilege(ImpalaAction action, boolean anyOf) {
	this(EnumSet.of(action), anyOf);
	}

	/*
	* Returns the set of Sentry Access Actions mapping to this Privilege.
	*/
	public EnumSet<ImpalaAction> getSentryActions() {
	return actions;
	}

	/*
	* Determines whether to check if the user has ANY the privileges defined in the
	* actions list or whether to check if the user has ALL of the privileges in the
	* actions list.
	*/
	public boolean getAnyOf() { return anyOf_; }
	}