phoenix-core/src/main/java/org/apache/phoenix/parse/ChangePermsStatement.java - phoenix - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to you under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.phoenix.parse;

 import org.antlr.runtime.RecognitionException;
 import org.apache.hadoop.hbase.AuthUtil;
 import org.apache.hadoop.hbase.security.access.Permission;
 import org.apache.phoenix.exception.PhoenixParserException;
 import org.apache.phoenix.jdbc.PhoenixStatement;
 import org.apache.phoenix.util.SchemaUtil;

 import java.util.Arrays;

 /**
  * See PHOENIX-672, Use GRANT/REVOKE statements to assign or remove permissions for a user OR group on a table OR namespace
  * Permissions are managed by HBase using hbase:acl table, Allowed permissions are RWXCA
  */
 public class ChangePermsStatement implements BindableStatement {

     private Permission.Action[] permsList;
     private TableName tableName;
     private String schemaName;
     private String name;
     // Grant/Revoke statements are differentiated based on this boolean
     private boolean isGrantStatement;

     public ChangePermsStatement(String permsString, boolean isSchemaName,
                                 TableName tableName, String schemaName, boolean isGroupName, LiteralParseNode ugNode, boolean isGrantStatement) {
         // PHOENIX-672 HBase API doesn't allow to revoke specific permissions, hence this parameter will be ignored here.
         // To comply with SQL standards, we may support the user given permissions to revoke specific permissions in future.
         // GRANT permissions statement requires this parameter and the parsing will fail if it is not specified in SQL
         if(permsString != null) {
             Permission permission = new Permission(permsString.getBytes());
             permsList = permission.getActions();
         }
         if(isSchemaName) {
             this.schemaName = SchemaUtil.normalizeIdentifier(schemaName);
         } else {
             this.tableName = tableName;
         }
         name = SchemaUtil.normalizeLiteral(ugNode);
         name = isGroupName ? AuthUtil.toGroupEntry(name) : name;
         this.isGrantStatement = isGrantStatement;
     }

     public Permission.Action[] getPermsList() {
         return permsList;
     }

     public String getName() {
         return name;
     }

     public TableName getTableName() {
         return tableName;
     }

     public String getSchemaName() {
         return schemaName;
     }

     public boolean isGrantStatement() {
         return isGrantStatement;
     }

     public String toString() {
         StringBuffer buffer = new StringBuffer();
         buffer = this.isGrantStatement() ? buffer.append("GRANT ") : buffer.append("REVOKE ");
         buffer.append("permissions requested for user/group: " + this.getName());
         if (this.getSchemaName() != null) {
             buffer.append(" for Schema: " + this.getSchemaName());
         } else if (this.getTableName() != null) {
             buffer.append(" for Table: " + this.getTableName());
         }
         buffer.append(" Permissions: " + Arrays.toString(this.getPermsList()));
         return buffer.toString();
     }

     @Override
     public int getBindCount() {
         return 0;
     }

     @Override
     public PhoenixStatement.Operation getOperation() {
         return PhoenixStatement.Operation.ADMIN;
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to you under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.phoenix.parse;

	import org.antlr.runtime.RecognitionException;
	import org.apache.hadoop.hbase.AuthUtil;
	import org.apache.hadoop.hbase.security.access.Permission;
	import org.apache.phoenix.exception.PhoenixParserException;
	import org.apache.phoenix.jdbc.PhoenixStatement;
	import org.apache.phoenix.util.SchemaUtil;

	import java.util.Arrays;

	/**
	* See PHOENIX-672, Use GRANT/REVOKE statements to assign or remove permissions for a user OR group on a table OR namespace
	* Permissions are managed by HBase using hbase:acl table, Allowed permissions are RWXCA
	*/
	public class ChangePermsStatement implements BindableStatement {

	private Permission.Action[] permsList;
	private TableName tableName;
	private String schemaName;
	private String name;
	// Grant/Revoke statements are differentiated based on this boolean
	private boolean isGrantStatement;

	public ChangePermsStatement(String permsString, boolean isSchemaName,
	TableName tableName, String schemaName, boolean isGroupName, LiteralParseNode ugNode, boolean isGrantStatement) {
	// PHOENIX-672 HBase API doesn't allow to revoke specific permissions, hence this parameter will be ignored here.
	// To comply with SQL standards, we may support the user given permissions to revoke specific permissions in future.
	// GRANT permissions statement requires this parameter and the parsing will fail if it is not specified in SQL
	if(permsString != null) {
	Permission permission = new Permission(permsString.getBytes());
	permsList = permission.getActions();
	}
	if(isSchemaName) {
	this.schemaName = SchemaUtil.normalizeIdentifier(schemaName);
	} else {
	this.tableName = tableName;
	}
	name = SchemaUtil.normalizeLiteral(ugNode);
	name = isGroupName ? AuthUtil.toGroupEntry(name) : name;
	this.isGrantStatement = isGrantStatement;
	}

	public Permission.Action[] getPermsList() {
	return permsList;
	}

	public String getName() {
	return name;
	}

	public TableName getTableName() {
	return tableName;
	}

	public String getSchemaName() {
	return schemaName;
	}

	public boolean isGrantStatement() {
	return isGrantStatement;
	}

	public String toString() {
	StringBuffer buffer = new StringBuffer();
	buffer = this.isGrantStatement() ? buffer.append("GRANT ") : buffer.append("REVOKE ");
	buffer.append("permissions requested for user/group: " + this.getName());
	if (this.getSchemaName() != null) {
	buffer.append(" for Schema: " + this.getSchemaName());
	} else if (this.getTableName() != null) {
	buffer.append(" for Table: " + this.getTableName());
	}
	buffer.append(" Permissions: " + Arrays.toString(this.getPermsList()));
	return buffer.toString();
	}

	@Override
	public int getBindCount() {
	return 0;
	}

	@Override
	public PhoenixStatement.Operation getOperation() {
	return PhoenixStatement.Operation.ADMIN;
	}
	}