| <?xml version="1.0"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <!DOCTYPE jdo PUBLIC "-//Sun Microsystems, Inc.//DTD Java Data Objects Metadata 2.0//EN" |
| "http://java.sun.com/dtd/jdo_2_0.dtd"> |
| <!-- |
| Size Limitations: |
| |
| Indexed VARCHAR: 767 bytes (MySQL running on InnoDB Engine http://bugs.mysql.com/bug.php?id=13315) |
| Non-indexed VARCHAR: 4000 bytes (max length on Oracle 9i/10g/11g) |
| |
| --> |
| <jdo> |
| <package name="org.apache.sentry.provider.db.service.model"> |
| <class name="MSentryGroup" identity-type="datastore" table="SENTRY_GROUP" detachable="true"> |
| <datastore-identity> |
| <column name="GROUP_ID"/> |
| </datastore-identity> |
| <field name="groupName"> |
| <column name="GROUP_NAME" length="128" jdbc-type="VARCHAR"/> |
| <index name="SentryGroupName" unique="true"/> |
| </field> |
| <field name = "createTime"> |
| <column name = "CREATE_TIME" jdbc-type="BIGINT"/> |
| </field> |
| |
| <field name="roles" mapped-by="groups"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/> |
| </field> |
| |
| </class> |
| |
| <class name="MSentryUser" identity-type="datastore" table="SENTRY_USER" detachable="true"> |
| <datastore-identity> |
| <column name="USER_ID"/> |
| </datastore-identity> |
| <field name="userName"> |
| <column name="USER_NAME" length="128" jdbc-type="VARCHAR"/> |
| <index name="SentryUserName" unique="true"/> |
| </field> |
| <field name = "createTime"> |
| <column name = "CREATE_TIME" jdbc-type="BIGINT"/> |
| </field> |
| |
| <field name="roles" mapped-by="users"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/> |
| </field> |
| |
| <field name = "privileges" table="SENTRY_USER_DB_PRIVILEGE_MAP" default-fetch-group="true"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryPrivilege"/> |
| <join> |
| <column name="USER_ID"/> |
| </join> |
| <element> |
| <column name="DB_PRIVILEGE_ID"/> |
| </element> |
| </field> |
| </class> |
| |
| <class name="MSentryRole" identity-type="datastore" table="SENTRY_ROLE" detachable="true"> |
| <datastore-identity> |
| <column name="ROLE_ID"/> |
| </datastore-identity> |
| <field name="roleName"> |
| <column name="ROLE_NAME" length="128" jdbc-type="VARCHAR"/> |
| <index name="SentryRoleName" unique="true"/> |
| </field> |
| <field name = "createTime"> |
| <column name = "CREATE_TIME" jdbc-type="BIGINT"/> |
| </field> |
| <field name = "privileges" table="SENTRY_ROLE_DB_PRIVILEGE_MAP" default-fetch-group="true"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryPrivilege"/> |
| <join> |
| <column name="ROLE_ID"/> |
| </join> |
| <element> |
| <column name="DB_PRIVILEGE_ID"/> |
| </element> |
| </field> |
| |
| <field name = "gmPrivileges" table="SENTRY_ROLE_GM_PRIVILEGE_MAP" default-fetch-group="true"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryGMPrivilege"/> |
| <join> |
| <column name="ROLE_ID"/> |
| </join> |
| <element> |
| <column name="GM_PRIVILEGE_ID"/> |
| </element> |
| </field> |
| |
| <field name = "groups" table="SENTRY_ROLE_GROUP_MAP" default-fetch-group="true"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryGroup"/> |
| <join> |
| <column name="ROLE_ID"/> |
| </join> |
| <element> |
| <column name="GROUP_ID"/> |
| </element> |
| </field> |
| |
| <field name = "users" table="SENTRY_ROLE_USER_MAP" default-fetch-group="true"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryUser"/> |
| <join> |
| <column name="ROLE_ID"/> |
| </join> |
| <element> |
| <column name="USER_ID"/> |
| </element> |
| </field> |
| </class> |
| |
| <class name="MSentryPrivilege" identity-type="datastore" table="SENTRY_DB_PRIVILEGE" detachable="true"> |
| <datastore-identity> |
| <column name="DB_PRIVILEGE_ID"/> |
| </datastore-identity> |
| <index name="PRIVILEGE_INDEX" unique="true"> |
| <field name="serverName"/> |
| <field name="dbName"/> |
| <field name="tableName"/> |
| <field name="columnName"/> |
| <field name="URI"/> |
| <field name="action"/> |
| <field name="grantOption"/> |
| </index> |
| <field name="privilegeScope"> |
| <column name="PRIVILEGE_SCOPE" length="40" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="serverName"> |
| <column name="SERVER_NAME" length="4000" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="dbName"> |
| <column name="DB_NAME" length="4000" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="tableName"> |
| <column name="TABLE_NAME" length="4000" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="columnName"> |
| <column name="COLUMN_NAME" length="4000" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="URI"> |
| <column name="URI" length="4000" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="action"> |
| <column name="ACTION" length="40" jdbc-type="VARCHAR"/> |
| </field> |
| <field name = "createTime"> |
| <column name = "CREATE_TIME" jdbc-type="BIGINT"/> |
| </field> |
| <field name="grantOption"> |
| <column name="WITH_GRANT_OPTION" length="1" jdbc-type="CHAR"/> |
| </field> |
| <field name="roles" mapped-by="privileges"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/> |
| </field> |
| <field name="users" mapped-by="privileges"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryUser"/> |
| </field> |
| </class> |
| |
| <class name="MSentryGMPrivilege" identity-type="datastore" table="SENTRY_GM_PRIVILEGE" detachable="true"> |
| <datastore-identity> |
| <column name="GM_PRIVILEGE_ID"/> |
| </datastore-identity> |
| <index name="GM_PRIVILEGE_INDEX" unique="true"> |
| <field name="componentName"/> |
| <field name="serviceName"/> |
| <field name="resourceName0"/> |
| <field name="resourceType0"/> |
| <field name="resourceName1"/> |
| <field name="resourceType1"/> |
| <field name="resourceName2"/> |
| <field name="resourceType2"/> |
| <field name="resourceName3"/> |
| <field name="resourceType3"/> |
| <field name="action"/> |
| <field name="grantOption"/> |
| </index> |
| <field name="componentName"> |
| <column name="COMPONENT_NAME" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="serviceName"> |
| <column name="SERVICE_NAME" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceName0"> |
| <column name="RESOURCE_NAME_0" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceType0"> |
| <column name="RESOURCE_TYPE_0" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceName1"> |
| <column name="RESOURCE_NAME_1" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceType1"> |
| <column name="RESOURCE_TYPE_1" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceName2"> |
| <column name="RESOURCE_NAME_2" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceType2"> |
| <column name="RESOURCE_TYPE_2" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceName3"> |
| <column name="RESOURCE_NAME_3" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="resourceType3"> |
| <column name="RESOURCE_TYPE_3" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="action"> |
| <column name="ACTION" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name="scope"> |
| <column name="SCOPE" length="100" jdbc-type="VARCHAR"/> |
| </field> |
| <field name = "createTime"> |
| <column name = "CREATE_TIME" jdbc-type="BIGINT"/> |
| </field> |
| <field name="grantOption"> |
| <column name="WITH_GRANT_OPTION" length="1" jdbc-type="CHAR"/> |
| </field> |
| <field name="roles" mapped-by="gmPrivileges"> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MSentryRole"/> |
| </field> |
| </class> |
| |
| <class name="MSentryVersion" table="SENTRY_VERSION" identity-type="datastore" detachable="true"> |
| <datastore-identity> |
| <column name="VER_ID"/> |
| </datastore-identity> |
| <field name ="schemaVersion"> |
| <column name="SCHEMA_VERSION" length="127" jdbc-type="VARCHAR" allows-null="false"/> |
| </field> |
| <field name ="versionComment"> |
| <column name="VERSION_COMMENT" length="255" jdbc-type="VARCHAR" allows-null="false"/> |
| </field> |
| </class> |
| |
| <class name="MAuthzPathsSnapshotId" identity-type="application" table="AUTHZ_PATHS_SNAPSHOT_ID" detachable="true"> |
| <field name="authzSnapshotID" primary-key="true"> |
| <column name="AUTHZ_SNAPSHOT_ID" jdbc-type="BIGINT" allows-null="false"/> |
| </field> |
| </class> |
| |
| <class name="MAuthzPathsMapping" identity-type="datastore" table="AUTHZ_PATHS_MAPPING" detachable="true"> |
| <datastore-identity strategy="increment"> |
| <column name="AUTHZ_OBJ_ID"/> |
| </datastore-identity> |
| <index name="AUTHZ_SNAPSHOT_ID_INDEX" unique="false"> |
| <field name="authzSnapshotID"/> |
| </index> |
| <!-- |
| authzObjName is composed by hive database name, and table name. e.g. "default.tb1". Since |
| both hive database name, and table name have restrictions to be at most 128 characters long, |
| 384 characters length should be enough for AUTHZ_OBJ_NAM. |
| --> |
| <field name="authzObjName"> |
| <column name="AUTHZ_OBJ_NAME" length="384" jdbc-type="VARCHAR" allows-null="false"/> |
| </field> |
| <field name="createTimeMs"> |
| <column name="CREATE_TIME_MS" jdbc-type="BIGINT"/> |
| </field> |
| <field name = "paths"> |
| <!-- Setting attribute dependent-element to true enables JDO cascading operations. in this case we need it to |
| cascade delete. |
| --> |
| <collection element-type="org.apache.sentry.provider.db.service.model.MPath" dependent-element="true"/> |
| <element> |
| <column name="AUTHZ_OBJ_ID"/> |
| </element> |
| </field> |
| <fetch-group name="includingPaths"> |
| <field name="paths"/> |
| </fetch-group> |
| <field name="authzSnapshotID"> |
| <column name="AUTHZ_SNAPSHOT_ID" jdbc-type="BIGINT" allows-null="false"/> |
| </field> |
| </class> |
| |
| <class name="MPath" identity-type="datastore" table="AUTHZ_PATH" detachable="true"> |
| <datastore-identity strategy="increment"> |
| <column name="PATH_ID"/> |
| </datastore-identity> |
| <field name="path"> |
| <column name="PATH_NAME" length="4000" jdbc-type="VARCHAR"/> |
| </field> |
| </class> |
| |
| <class name="MSentryPermChange" table="SENTRY_PERM_CHANGE" identity-type="application" detachable="true"> |
| <field name="changeID" primary-key="true"> |
| <column name="CHANGE_ID" jdbc-type="BIGINT" allows-null="false"/> |
| </field> |
| <field name ="permChange"> |
| <column name="PERM_CHANGE" length="4000" jdbc-type="VARCHAR" allows-null="false"/> |
| </field> |
| <field name="createTimeMs"> |
| <column name="CREATE_TIME_MS" jdbc-type="BIGINT"/> |
| </field> |
| </class> |
| |
| <class name="MSentryPathChange" table="SENTRY_PATH_CHANGE" identity-type="application" detachable="true"> |
| <field name="changeID" primary-key="true"> |
| <column name="CHANGE_ID" jdbc-type="BIGINT" allows-null="false"/> |
| </field> |
| <!-- |
| notificationHash is a unique identifier for the HMS notification used to prevent |
| the same HMS notification message to be processed twice. |
| The current HMS code may send different notifications messages with the same ID. To |
| keep this ID unique, we calculate the SHA-1 hash of the full message received. |
| (This is a temporary fix until HIVE-16886 fixes the issue with duplicated IDs) |
| --> |
| <field name="notificationHash"> |
| <column name="NOTIFICATION_HASH" jdbc-type="CHAR(40)" allows-null="false"/> |
| <index name="NOTIFICATION_HASH_INDEX" unique="true"/> |
| </field> |
| <field name ="pathChange"> |
| <column name="PATH_CHANGE" jdbc-type="LONGVARCHAR" allows-null="false"/> |
| </field> |
| <field name="createTimeMs"> |
| <column name="CREATE_TIME_MS" jdbc-type="BIGINT"/> |
| </field> |
| </class> |
| |
| <class name="MSentryHmsNotification" table="SENTRY_HMS_NOTIFICATION_ID" identity-type="nondurable" detachable="true"> |
| <field name="notificationId"> |
| <column name="NOTIFICATION_ID" jdbc-type="BIGINT" allows-null="false"/> |
| <index name="SENTRY_HMS_NOTIF_ID_INDEX"/> |
| </field> |
| </class> |
| </package> |
| </jdo> |