@InterfaceAudience.Private public class DefaultVisibilityLabelServiceImpl extends Object implements VisibilityLabelService
Modifier and Type | Field and Description |
---|---|
private org.apache.hadoop.conf.Configuration |
conf |
private static byte[] |
DUMMY_VALUE |
private static Tag[] |
LABELS_TABLE_TAGS |
private VisibilityLabelsCache |
labelsCache |
private Region |
labelsRegion |
private static org.slf4j.Logger |
LOG |
private AtomicInteger |
ordinalCounter |
private List<ScanLabelGenerator> |
scanLabelGenerators |
private static int |
SYSTEM_LABEL_ORDINAL |
Constructor and Description |
---|
DefaultVisibilityLabelServiceImpl() |
Modifier and Type | Method and Description |
---|---|
OperationStatus[] |
addLabels(List<byte[]> labels)
Adds the set of labels into the system.
|
protected void |
addSystemLabel(Region region,
Map<String,Integer> labels,
Map<String,List<Integer>> userAuths) |
OperationStatus[] |
clearAuths(byte[] user,
List<byte[]> authLabels)
Removes given labels from user's globally authorized list of labels.
|
private static boolean |
compareTagsOrdinals(List<List<Integer>> putVisTags,
List<List<Integer>> deleteVisTags) |
private byte[] |
createModifiedVisExpression(List<Tag> tags)
n * - all the visibility tags associated with the current Cell
|
List<Tag> |
createVisibilityExpTags(String visExpression,
boolean withSerializationFormat,
boolean checkAuths)
Creates tags corresponding to given visibility expression.
|
byte[] |
encodeVisibilityForReplication(List<Tag> tags,
Byte serializationFormat)
Provides a way to modify the visibility tags of type
TagType .VISIBILITY_TAG_TYPE, that
are part of the cell created from the WALEdits that are prepared for replication while calling
ReplicationEndpoint .replicate(). |
protected Pair<Map<String,Integer>,Map<String,List<Integer>>> |
extractLabelsAndAuths(List<List<Cell>> labelDetails) |
org.apache.hadoop.conf.Configuration |
getConf() |
protected List<List<Cell>> |
getExistingLabelsWithAuths() |
List<String> |
getGroupAuths(String[] groups,
boolean systemCall)
Retrieve the visibility labels for the groups.
|
private static void |
getSortedTagOrdinals(List<List<Integer>> fullTagsList,
Tag tag) |
List<String> |
getUserAuths(byte[] user,
boolean systemCall)
Retrieve the visibility labels for the user.
|
VisibilityExpEvaluator |
getVisibilityExpEvaluator(Authorizations authorizations)
Creates VisibilityExpEvaluator corresponding to given Authorizations.
|
boolean |
havingSystemAuth(User user)
System checks for user auth during admin operations.
|
void |
init(RegionCoprocessorEnvironment e)
System calls this after opening of regions.
|
protected boolean |
isReadFromSystemAuthUser() |
List<String> |
listLabels(String regex)
Retrieve the list of visibility labels defined in the system.
|
private static boolean |
matchOrdinalSortedVisibilityTags(List<Tag> putVisTags,
List<Tag> deleteVisTags) |
private static boolean |
matchUnSortedVisibilityTags(List<Tag> putVisTags,
List<Tag> deleteVisTags) |
boolean |
matchVisibility(List<Tag> putVisTags,
Byte putTagsFormat,
List<Tag> deleteVisTags,
Byte deleteTagsFormat)
System uses this for deciding whether a Cell can be deleted by matching visibility expression
in Delete mutation and the cell in consideration.
|
private boolean |
mutateLabelsRegion(List<Mutation> mutations,
OperationStatus[] finalOpStatus)
Adds the mutations to labels region and set the results to the finalOpStatus.
|
OperationStatus[] |
setAuths(byte[] user,
List<byte[]> authLabels)
Sets given labels globally authorized for the user.
|
void |
setConf(org.apache.hadoop.conf.Configuration conf) |
private static List<List<Integer>> |
sortTagsBasedOnOrdinal(List<Tag> tags) |
protected void |
updateZk(boolean labelAddition) |
private static final org.slf4j.Logger LOG
private static final int SYSTEM_LABEL_ORDINAL
private static final Tag[] LABELS_TABLE_TAGS
private static final byte[] DUMMY_VALUE
private AtomicInteger ordinalCounter
private org.apache.hadoop.conf.Configuration conf
private Region labelsRegion
private VisibilityLabelsCache labelsCache
private List<ScanLabelGenerator> scanLabelGenerators
public DefaultVisibilityLabelServiceImpl()
public void setConf(org.apache.hadoop.conf.Configuration conf)
setConf
in interface org.apache.hadoop.conf.Configurable
public org.apache.hadoop.conf.Configuration getConf()
getConf
in interface org.apache.hadoop.conf.Configurable
public void init(RegionCoprocessorEnvironment e) throws IOException
VisibilityLabelService
init
in interface VisibilityLabelService
IOException
protected List<List<Cell>> getExistingLabelsWithAuths() throws IOException
IOException
protected Pair<Map<String,Integer>,Map<String,List<Integer>>> extractLabelsAndAuths(List<List<Cell>> labelDetails)
protected void addSystemLabel(Region region, Map<String,Integer> labels, Map<String,List<Integer>> userAuths) throws IOException
IOException
public OperationStatus[] addLabels(List<byte[]> labels) throws IOException
VisibilityLabelService
addLabels
in interface VisibilityLabelService
IOException
public OperationStatus[] setAuths(byte[] user, List<byte[]> authLabels) throws IOException
VisibilityLabelService
setAuths
in interface VisibilityLabelService
IOException
public OperationStatus[] clearAuths(byte[] user, List<byte[]> authLabels) throws IOException
VisibilityLabelService
clearAuths
in interface VisibilityLabelService
IOException
private boolean mutateLabelsRegion(List<Mutation> mutations, OperationStatus[] finalOpStatus) throws IOException
IOException
public List<String> getUserAuths(byte[] user, boolean systemCall) throws IOException
VisibilityLabelService
getUserAuths
in interface VisibilityLabelService
IOException
public List<String> getGroupAuths(String[] groups, boolean systemCall) throws IOException
VisibilityLabelService
getGroupAuths
in interface VisibilityLabelService
IOException
public List<String> listLabels(String regex) throws IOException
VisibilityLabelService
listLabels
in interface VisibilityLabelService
regex
- The regular expression to filter which labels are returned.IOException
public List<Tag> createVisibilityExpTags(String visExpression, boolean withSerializationFormat, boolean checkAuths) throws IOException
VisibilityLabelService
createVisibilityExpTags
in interface VisibilityLabelService
visExpression
- The Expression for which corresponding Tags to be created.withSerializationFormat
- specifies whether a tag, denoting the serialization version of
the tags, to be added in the list. When this is true make sure
to add the serialization format Tag also. The format tag value
should be byte type.checkAuths
- denotes whether to check individual labels in visExpression
against user's global auth label.IOException
protected void updateZk(boolean labelAddition) throws IOException
IOException
public VisibilityExpEvaluator getVisibilityExpEvaluator(Authorizations authorizations) throws IOException
VisibilityLabelService
getVisibilityExpEvaluator
in interface VisibilityLabelService
IOException
protected boolean isReadFromSystemAuthUser() throws IOException
IOException
public boolean havingSystemAuth(User user) throws IOException
VisibilityLabelService
havingSystemAuth
in interface VisibilityLabelService
IOException
public boolean matchVisibility(List<Tag> putVisTags, Byte putTagsFormat, List<Tag> deleteVisTags, Byte deleteTagsFormat) throws IOException
VisibilityLabelService
null
value for this format
means the tags are written with unsorted label ordinals n * - The visibility tags in the delete
mutation (the specified Cell Visibility) n * The serialization format for the Delete visibility
tags. A null
value for this format means the tags are written with unsorted label
ordinalsmatchVisibility
in interface VisibilityLabelService
IOException
VisibilityConstants.SORTED_ORDINAL_SERIALIZATION_FORMAT
private static boolean matchUnSortedVisibilityTags(List<Tag> putVisTags, List<Tag> deleteVisTags) throws IOException
putVisTags
- Visibility tags in Put MutationdeleteVisTags
- Visibility tags in Delete MutationIOException
private static boolean matchOrdinalSortedVisibilityTags(List<Tag> putVisTags, List<Tag> deleteVisTags)
putVisTags
- Visibility tags in Put MutationdeleteVisTags
- Visibility tags in Delete Mutationprivate static List<List<Integer>> sortTagsBasedOnOrdinal(List<Tag> tags) throws IOException
IOException
private static void getSortedTagOrdinals(List<List<Integer>> fullTagsList, Tag tag) throws IOException
IOException
private static boolean compareTagsOrdinals(List<List<Integer>> putVisTags, List<List<Integer>> deleteVisTags)
public byte[] encodeVisibilityForReplication(List<Tag> tags, Byte serializationFormat) throws IOException
VisibilityLabelService
TagType
.VISIBILITY_TAG_TYPE, that
are part of the cell created from the WALEdits that are prepared for replication while calling
ReplicationEndpoint
.replicate().
VisibilityReplicationEndpoint
calls this
API to provide an opportunity to modify the visibility tags before replicating. n * the
visibility tags associated with the cell n * the serialization format associated with the tagencodeVisibilityForReplication
in interface VisibilityLabelService
IOException
private byte[] createModifiedVisExpression(List<Tag> tags) throws IOException
IOException
Copyright © 2007–2020 The Apache Software Foundation. All rights reserved.