@InterfaceAudience.Private public final class NoopAccessChecker extends AccessChecker
AccessChecker.InputUser| Constructor and Description |
|---|
NoopAccessChecker(org.apache.hadoop.conf.Configuration conf) |
| Modifier and Type | Method and Description |
|---|---|
void |
checkLockPermissions(User user,
String namespace,
TableName tableName,
RegionInfo[] regionInfos,
String reason) |
boolean |
hasUserPermission(User user,
String request,
Permission permission)
Authorizes that if the current user has the given permissions.
|
void |
performOnSuperuser(String request,
User caller,
String userToBeChecked)
Check if caller is granting or revoking superusers's or supergroups's permissions.
|
AuthResult |
permissionGranted(String request,
User user,
Permission.Action permRequest,
TableName tableName,
Map<byte[],? extends Collection<?>> families)
Check the current user for authorization to perform a specific action against the given set of
row data.
|
void |
requireAccess(User user,
String request,
TableName tableName,
Permission.Action... permissions)
Authorizes that the current user has any of the given permissions to access the table.
|
void |
requireGlobalPermission(User user,
String request,
Permission.Action perm,
String namespace)
Checks that the user has the given global permission.
|
void |
requireGlobalPermission(User user,
String request,
Permission.Action perm,
TableName tableName,
Map<byte[],? extends Collection<byte[]>> familyMap,
String filterUser)
Checks that the user has the given global permission.
|
void |
requireNamespacePermission(User user,
String request,
String namespace,
String filterUser,
Permission.Action... permissions)
Checks that the user has the given global or namespace permission.
|
void |
requireNamespacePermission(User user,
String request,
String namespace,
TableName tableName,
Map<byte[],? extends Collection<byte[]>> familyMap,
Permission.Action... permissions)
Checks that the user has the given global or namespace permission.
|
void |
requirePermission(User user,
String request,
String filterUser,
Permission.Action perm)
Authorizes that the current user has global privileges for the given action.
|
void |
requirePermission(User user,
String request,
TableName tableName,
byte[] family,
byte[] qualifier,
String filterUser,
Permission.Action... permissions)
Authorizes that the current user has any of the given permissions for the
given table, column family and column qualifier.
|
void |
requireTablePermission(User user,
String request,
TableName tableName,
byte[] family,
byte[] qualifier,
Permission.Action... permissions)
Authorizes that the current user has any of the given permissions for the
given table, column family and column qualifier.
|
getAuthManager, getUserGroups, isAuthorizationSupported, logResult, validateCallerWithFilterUserpublic NoopAccessChecker(org.apache.hadoop.conf.Configuration conf) throws RuntimeException
RuntimeExceptionpublic void requireAccess(User user, String request, TableName tableName, Permission.Action... permissions)
AccessCheckerrequireAccess in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request type.tableName - Table requestedpermissions - Actions being requestedpublic void requirePermission(User user, String request, String filterUser, Permission.Action perm)
AccessCheckerrequirePermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typefilterUser - User name to be filtered from permission as requestedperm - The action being requestedpublic void requireGlobalPermission(User user, String request, Permission.Action perm, TableName tableName, Map<byte[],? extends Collection<byte[]>> familyMap, String filterUser)
AccessCheckerrequireGlobalPermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typeperm - Action being requestedtableName - Affected table name.familyMap - Affected column families.filterUser - User name to be filtered from permission as requestedpublic void requireGlobalPermission(User user, String request, Permission.Action perm, String namespace)
AccessCheckerrequireGlobalPermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typeperm - Action being requestednamespace - The given namespacepublic void requireNamespacePermission(User user, String request, String namespace, String filterUser, Permission.Action... permissions)
AccessCheckerrequireNamespacePermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typenamespace - Name space as requestedfilterUser - User name to be filtered from permission as requestedpermissions - Actions being requestedpublic void requireNamespacePermission(User user, String request, String namespace, TableName tableName, Map<byte[],? extends Collection<byte[]>> familyMap, Permission.Action... permissions)
AccessCheckerrequireNamespacePermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typenamespace - The given namespacetableName - Table requestedfamilyMap - Column family map requestedpermissions - Actions being requestedpublic void requirePermission(User user, String request, TableName tableName, byte[] family, byte[] qualifier, String filterUser, Permission.Action... permissions)
AccessCheckerrequirePermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typetableName - Table requestedfamily - Column family requestedqualifier - Column qualifier requestedfilterUser - User name to be filtered from permission as requestedpermissions - Actions being requestedpublic void requireTablePermission(User user, String request, TableName tableName, byte[] family, byte[] qualifier, Permission.Action... permissions)
AccessCheckerrequireTablePermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typetableName - Table requestedfamily - Column family paramqualifier - Column qualifier parampublic void performOnSuperuser(String request, User caller, String userToBeChecked)
AccessCheckerperformOnSuperuser in class AccessCheckerrequest - request namecaller - calleruserToBeChecked - target user or grouppublic void checkLockPermissions(User user, String namespace, TableName tableName, RegionInfo[] regionInfos, String reason)
checkLockPermissions in class AccessCheckerpublic boolean hasUserPermission(User user, String request, Permission permission)
AccessCheckerhasUserPermission in class AccessCheckeruser - Active user to which authorization checks should be appliedrequest - Request typepermission - Actions being requestedpublic AuthResult permissionGranted(String request, User user, Permission.Action permRequest, TableName tableName, Map<byte[],? extends Collection<?>> families)
AccessCheckerNote: Ordering of the authorization checks has been carefully optimized to short-circuit the most common requests and minimize the amount of processing required.
permissionGranted in class AccessCheckerrequest - User requestuser - User namepermRequest - the action being requestedtableName - Table namefamilies - the map of column families to qualifiers present in the requestCopyright © 2007–2020 The Apache Software Foundation. All rights reserved.