| Package | Description |
|---|---|
| org.apache.hadoop.hbase.security.access |
| Modifier and Type | Class and Description |
|---|---|
class |
UserPermission
Represents an authorization for access over the given table, column family
plus qualifier, for the given user.
|
| Modifier and Type | Field and Description |
|---|---|
private ConcurrentSkipListMap<String,TableAuthManager.PermissionCache<TablePermission>> |
TableAuthManager.nsCache |
private ConcurrentSkipListMap<TableName,TableAuthManager.PermissionCache<TablePermission>> |
TableAuthManager.tableCache |
| Modifier and Type | Method and Description |
|---|---|
static TablePermission |
AccessControlUtil.toTablePermission(org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos.Permission proto)
Converts a Permission proto to a client TablePermission object.
|
static TablePermission |
ShadedAccessControlUtil.toTablePermission(org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.Permission proto)
Converts a Permission shaded proto to a client TablePermission object.
|
| Modifier and Type | Method and Description |
|---|---|
static org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.getNamespacePermissions(org.apache.hadoop.conf.Configuration conf,
String namespace) |
private TableAuthManager.PermissionCache<TablePermission> |
TableAuthManager.getNamespacePermissions(String namespace) |
(package private) static org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.getPermissions(org.apache.hadoop.conf.Configuration conf,
byte[] entryName,
Table t)
Reads user permission assignments stored in the
l: column
family of the first table row in _acl_. |
static org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.getTablePermissions(org.apache.hadoop.conf.Configuration conf,
TableName tableName) |
private TableAuthManager.PermissionCache<TablePermission> |
TableAuthManager.getTablePermissions(TableName table) |
(package private) static Map<byte[],org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission>> |
AccessControlLists.loadAll(org.apache.hadoop.conf.Configuration conf)
Load all permissions from the region server holding
_acl_,
primarily intended for testing purposes. |
(package private) static Map<byte[],org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission>> |
AccessControlLists.loadAll(Region aclRegion)
Loads all of the permission grants stored in a region of the
_acl_
table. |
private static Pair<String,TablePermission> |
AccessControlLists.parsePermissionRecord(byte[] entryName,
Cell kv) |
private static org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.parsePermissions(byte[] entryName,
Result result) |
static org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlLists.readPermissions(byte[] data,
org.apache.hadoop.conf.Configuration conf)
Reads a set of permissions as
Writable instances from the input
stream. |
private static List<TablePermission> |
AccessControlLists.readWritablePermissions(DataInput in,
org.apache.hadoop.conf.Configuration conf) |
static org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> |
AccessControlUtil.toUserTablePermissions(org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos.UsersAndPermissions proto)
Convert a protobuf UserTablePermissions to a
ListMultimap<String, TablePermission> where key is username.
|
static org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> |
ShadedAccessControlUtil.toUserTablePermissions(org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.UsersAndPermissions proto)
Convert a shaded protobuf UserTablePermissions to a ListMultimap<String, TablePermission>
where key is username.
|
| Modifier and Type | Method and Description |
|---|---|
boolean |
TablePermission.tableFieldsEqual(TablePermission other) |
| Modifier and Type | Method and Description |
|---|---|
private boolean |
TableAuthManager.authorize(List<TablePermission> perms,
String namespace,
Permission.Action action) |
private boolean |
TableAuthManager.authorize(List<TablePermission> perms,
TableName table,
byte[] family,
byte[] qualifier,
Permission.Action action) |
private boolean |
TableAuthManager.hasAccess(List<TablePermission> perms,
TableName table,
Permission.Action action) |
void |
TableAuthManager.setNamespaceGroupPermissions(String group,
String namespace,
List<TablePermission> perms)
Overwrites the existing permission set for a group and triggers an update
for zookeeper synchronization.
|
void |
TableAuthManager.setNamespaceUserPermissions(String username,
String namespace,
List<TablePermission> perms)
Overwrites the existing permission set for a given user for a table, and
triggers an update for zookeeper synchronization.
|
void |
TableAuthManager.setTableGroupPermissions(String group,
TableName table,
List<TablePermission> perms)
Overwrites the existing permission set for a group and triggers an update
for zookeeper synchronization.
|
void |
TableAuthManager.setTableUserPermissions(String username,
TableName table,
List<TablePermission> perms)
Overwrites the existing permission set for a given user for a table, and
triggers an update for zookeeper synchronization.
|
static org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos.UsersAndPermissions |
AccessControlUtil.toUserTablePermissions(org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> perm)
Convert a ListMultimap<String, TablePermission> where key is username
to a protobuf UserPermission
|
static org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.UsersAndPermissions |
ShadedAccessControlUtil.toUserTablePermissions(org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> perm)
Convert a ListMultimap<String, TablePermission> where key is username to a shaded
protobuf UserPermission
|
private void |
TableAuthManager.updateGlobalCache(org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> userPerms)
Updates the internal global permissions cache
|
private void |
TableAuthManager.updateNsCache(String namespace,
org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> tablePerms)
Updates the internal permissions cache for a single table, splitting
the permissions listed into separate caches for users and groups to optimize
group lookups.
|
private void |
TableAuthManager.updateTableCache(TableName table,
org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> tablePerms)
Updates the internal permissions cache for a single table, splitting
the permissions listed into separate caches for users and groups to optimize
group lookups.
|
void |
TableAuthManager.writeNamespaceToZooKeeper(String namespace,
TableAuthManager.PermissionCache<TablePermission> tablePerms) |
static byte[] |
AccessControlLists.writePermissionsAsBytes(org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap<String,TablePermission> perms,
org.apache.hadoop.conf.Configuration conf)
Writes a set of permissions as
Writable instances
and returns the resulting byte array. |
void |
TableAuthManager.writeTableToZooKeeper(TableName table,
TableAuthManager.PermissionCache<TablePermission> tablePerms) |
| Constructor and Description |
|---|
UserPermission(byte[] user,
TablePermission perm)
Creates a new instance for the given user, table, column family and
qualifier, matching the actions with the given codes.
|
Copyright © 2007–2019 The Apache Software Foundation. All rights reserved.