| Package | Description |
|---|---|
| org.apache.hadoop.hbase.security.access |
| Modifier and Type | Class and Description |
|---|---|
class |
UserPermission
Represents an authorization for access over the given table, column family
plus qualifier, for the given user.
|
| Modifier and Type | Field and Description |
|---|---|
private ConcurrentSkipListMap<String,TableAuthManager.PermissionCache<TablePermission>> |
TableAuthManager.nsCache |
private ConcurrentSkipListMap<TableName,TableAuthManager.PermissionCache<TablePermission>> |
TableAuthManager.tableCache |
| Modifier and Type | Method and Description |
|---|---|
(package private) static com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.getNamespacePermissions(org.apache.hadoop.conf.Configuration conf,
String namespace) |
private TableAuthManager.PermissionCache<TablePermission> |
TableAuthManager.getNamespacePermissions(String namespace) |
(package private) static com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.getPermissions(org.apache.hadoop.conf.Configuration conf,
byte[] entryName)
Reads user permission assignments stored in the
l: column
family of the first table row in _acl_. |
(package private) static com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.getTablePermissions(org.apache.hadoop.conf.Configuration conf,
TableName tableName) |
private TableAuthManager.PermissionCache<TablePermission> |
TableAuthManager.getTablePermissions(TableName table) |
(package private) static Map<byte[],com.google.common.collect.ListMultimap<String,TablePermission>> |
AccessControlLists.loadAll(org.apache.hadoop.conf.Configuration conf)
Load all permissions from the region server holding
_acl_,
primarily intended for testing purposes. |
(package private) static Map<byte[],com.google.common.collect.ListMultimap<String,TablePermission>> |
AccessControlLists.loadAll(Region aclRegion)
Loads all of the permission grants stored in a region of the
_acl_
table. |
private static Pair<String,TablePermission> |
AccessControlLists.parsePermissionRecord(byte[] entryName,
Cell kv) |
private static com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.parsePermissions(byte[] entryName,
Result result) |
static com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.readPermissions(byte[] data,
org.apache.hadoop.conf.Configuration conf)
Reads a set of permissions as
Writable instances
from the input stream. |
| Modifier and Type | Method and Description |
|---|---|
private boolean |
TableAuthManager.authorize(List<TablePermission> perms,
String namespace,
Permission.Action action) |
private boolean |
TableAuthManager.authorize(List<TablePermission> perms,
TableName table,
byte[] family,
byte[] qualifier,
Permission.Action action) |
private boolean |
TableAuthManager.hasAccess(List<TablePermission> perms,
TableName table,
Permission.Action action) |
void |
TableAuthManager.setNamespaceGroupPermissions(String group,
String namespace,
List<TablePermission> perms)
Overwrites the existing permission set for a group and triggers an update
for zookeeper synchronization.
|
void |
TableAuthManager.setNamespaceUserPermissions(String username,
String namespace,
List<TablePermission> perms)
Overwrites the existing permission set for a given user for a table, and
triggers an update for zookeeper synchronization.
|
void |
TableAuthManager.setTableGroupPermissions(String group,
TableName table,
List<TablePermission> perms)
Overwrites the existing permission set for a group and triggers an update
for zookeeper synchronization.
|
void |
TableAuthManager.setTableUserPermissions(String username,
TableName table,
List<TablePermission> perms)
Overwrites the existing permission set for a given user for a table, and
triggers an update for zookeeper synchronization.
|
private void |
TableAuthManager.updateGlobalCache(com.google.common.collect.ListMultimap<String,TablePermission> userPerms)
Updates the internal global permissions cache
|
private void |
TableAuthManager.updateNsCache(String namespace,
com.google.common.collect.ListMultimap<String,TablePermission> tablePerms)
Updates the internal permissions cache for a single table, splitting
the permissions listed into separate caches for users and groups to optimize
group lookups.
|
private void |
TableAuthManager.updateTableCache(TableName table,
com.google.common.collect.ListMultimap<String,TablePermission> tablePerms)
Updates the internal permissions cache for a single table, splitting
the permissions listed into separate caches for users and groups to optimize
group lookups.
|
void |
TableAuthManager.writeNamespaceToZooKeeper(String namespace,
TableAuthManager.PermissionCache<TablePermission> tablePerms) |
static byte[] |
AccessControlLists.writePermissionsAsBytes(com.google.common.collect.ListMultimap<String,TablePermission> perms,
org.apache.hadoop.conf.Configuration conf)
Writes a set of permissions as
Writable instances
and returns the resulting byte array. |
void |
TableAuthManager.writeTableToZooKeeper(TableName table,
TableAuthManager.PermissionCache<TablePermission> tablePerms) |
| Constructor and Description |
|---|
UserPermission(byte[] user,
TablePermission perm)
Creates a new instance for the given user, table, column family and
qualifier, matching the actions with the given codes.
|
Copyright © 2007–2019 The Apache Software Foundation. All rights reserved.