├── .gitignore ├── CHANGELOG.txt ├── DISCLAIMER.txt ├── LICENSE.txt ├── NOTICE.txt ├── README.md ├── bin ├── config_tool ├── sentry └── sentryShell ├── build-tools └── sentry-pmd-ruleset.xml ├── conf ├── sentry-site.xml.hive-client.example ├── sentry-site.xml.hive-client.template ├── sentry-site.xml.service.example ├── sentry-site.xml.service.template └── sentry-site.xml.solr-client.example ├── dev-support ├── smart-apply-patch.sh └── test-patch.py ├── pom.xml ├── sentry-binding ├── pom.xml ├── sentry-binding-hive-v2 │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── binding │ │ │ └── hive │ │ │ └── v2 │ │ │ ├── HiveAuthzBindingHookV2.java │ │ │ ├── HiveAuthzBindingSessionHookV2.java │ │ │ ├── SentryAuthorizerFactory.java │ │ │ ├── SentryHiveAuthorizationTaskFactoryImplV2.java │ │ │ ├── SentryHivePrivilegeObject.java │ │ │ ├── authorizer │ │ │ ├── DefaultSentryAccessController.java │ │ │ ├── DefaultSentryValidator.java │ │ │ ├── SentryHiveAccessController.java │ │ │ ├── SentryHiveAuthorizationValidator.java │ │ │ └── SentryHiveAuthorizer.java │ │ │ ├── metastore │ │ │ ├── AuthorizingObjectStoreV2.java │ │ │ ├── MetastoreAuthzBindingV2.java │ │ │ └── SentryMetastorePostEventListenerV2.java │ │ │ └── util │ │ │ ├── SentryAuthorizerUtil.java │ │ │ └── SimpleSemanticAnalyzer.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── binding │ │ └── hive │ │ └── v2 │ │ └── DummyHiveAuthenticationProvider.java ├── sentry-binding-hive │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ ├── access │ │ │ └── binding │ │ │ │ └── hive │ │ │ │ └── HiveAuthzBindingSessionHook.java │ │ │ ├── hadoop │ │ │ └── hive │ │ │ │ ├── SentryHiveConstants.java │ │ │ │ └── ql │ │ │ │ └── exec │ │ │ │ ├── SentryFilterDDLTask.java │ │ │ │ ├── SentryGrantRevokeTask.java │ │ │ │ └── SentryHivePrivilegeObjectDesc.java │ │ │ └── sentry │ │ │ └── binding │ │ │ ├── hive │ │ │ ├── HiveAuthzBindingHook.java │ │ │ ├── HiveAuthzBindingSessionHook.java │ │ │ ├── SentryHiveAuthorizationTaskFactoryImpl.java │ │ │ ├── SentryIniPolicyFileFormatter.java │ │ │ ├── SentryOnFailureHook.java │ │ │ ├── SentryOnFailureHookContext.java │ │ │ ├── SentryOnFailureHookContextImpl.java │ │ │ ├── SentryPolicyFileFormatFactory.java │ │ │ ├── SentryPolicyFileFormatter.java │ │ │ ├── authz │ │ │ │ ├── HiveAuthzBinding.java │ │ │ │ ├── HiveAuthzPrivileges.java │ │ │ │ ├── HiveAuthzPrivilegesMap.java │ │ │ │ └── SentryConfigTool.java │ │ │ └── conf │ │ │ │ ├── HiveAuthzConf.java │ │ │ │ └── InvalidConfigurationException.java │ │ │ └── metastore │ │ │ ├── AuthorizingObjectStore.java │ │ │ ├── MetastoreAuthzBinding.java │ │ │ ├── SentryHiveMetaStoreClient.java │ │ │ ├── SentryMetaStoreFilterHook.java │ │ │ └── SentryMetastorePostEventListener.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── binding │ │ │ └── hive │ │ │ ├── MockUserToGroupMapping.java │ │ │ ├── TestHiveAuthzBindings.java │ │ │ ├── TestHiveAuthzConf.java │ │ │ ├── TestSentryHiveAuthorizationTaskFactory.java │ │ │ ├── TestSentryIniPolicyFileFormatter.java │ │ │ └── TestURI.java │ │ └── resources │ │ ├── log4j.properties │ │ ├── sentry-deprecated-site.xml │ │ ├── sentry-site.xml │ │ └── test-authz-provider.ini ├── sentry-binding-kafka │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── kafka │ │ │ ├── ConvertUtil.java │ │ │ ├── authorizer │ │ │ └── SentryKafkaAuthorizer.java │ │ │ ├── binding │ │ │ ├── KafkaAuthBinding.java │ │ │ └── KafkaAuthBindingSingleton.java │ │ │ └── conf │ │ │ └── KafkaAuthConf.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── kafka │ │ │ ├── MockGroupMappingServiceProvider.java │ │ │ └── authorizer │ │ │ ├── ConvertUtilTest.java │ │ │ └── SentryKafkaAuthorizerTest.java │ │ └── resources │ │ ├── core-site.xml │ │ ├── log4j.properties │ │ ├── sentry-site.xml │ │ └── test-authz-provider.ini ├── sentry-binding-solr │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── binding │ │ │ └── solr │ │ │ ├── authz │ │ │ ├── SentrySolrAuthorizationException.java │ │ │ └── SolrAuthzBinding.java │ │ │ └── conf │ │ │ └── SolrAuthzConf.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── binding │ │ │ └── solr │ │ │ ├── HdfsTestUtil.java │ │ │ └── TestSolrAuthzBinding.java │ │ └── resources │ │ ├── log4j.properties │ │ ├── sentry-site.xml │ │ └── test-authz-provider.ini └── sentry-binding-sqoop │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── sqoop │ │ ├── PrincipalDesc.java │ │ ├── SentrySqoopError.java │ │ ├── authz │ │ ├── SentryAccessController.java │ │ ├── SentryAuthorizationHander.java │ │ └── SentryAuthorizationValidator.java │ │ ├── binding │ │ ├── SqoopAuthBinding.java │ │ └── SqoopAuthBindingSingleton.java │ │ └── conf │ │ └── SqoopAuthConf.java │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── sqoop │ │ ├── MockAuthenticationProvider.java │ │ ├── TestSentryAuthorizationHander.java │ │ └── TestSqoopAuthConf.java │ └── resources │ ├── no-configure-sentry-site.xml │ ├── sentry-site.xml │ └── test-authz-provider.ini ├── sentry-core ├── pom.xml ├── sentry-core-common │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── Command.java │ │ │ ├── SentryMain.java │ │ │ ├── SentryUserException.java │ │ │ ├── SentryVersionAnnotation.java │ │ │ ├── SentryVersionInfo.java │ │ │ └── core │ │ │ └── common │ │ │ ├── Action.java │ │ │ ├── ActiveRoleSet.java │ │ │ ├── Authorizable.java │ │ │ ├── BitFieldAction.java │ │ │ ├── BitFieldActionFactory.java │ │ │ ├── SentryConfigurationException.java │ │ │ ├── Subject.java │ │ │ └── utils │ │ │ └── PathUtils.java │ │ ├── scripts │ │ └── saveVersion.sh │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── common │ │ └── utils │ │ └── TestPathUtils.java ├── sentry-core-model-db │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── db │ │ │ ├── AccessConstants.java │ │ │ ├── AccessURI.java │ │ │ ├── Column.java │ │ │ ├── DBModelAction.java │ │ │ ├── DBModelAuthorizable.java │ │ │ ├── Database.java │ │ │ ├── Server.java │ │ │ ├── ServerResource.java │ │ │ ├── Table.java │ │ │ ├── TableOrView.java │ │ │ └── View.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── db │ │ └── TestURI.java ├── sentry-core-model-indexer │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── indexer │ │ │ ├── Indexer.java │ │ │ ├── IndexerActionFactory.java │ │ │ ├── IndexerConstants.java │ │ │ ├── IndexerModelAction.java │ │ │ └── IndexerModelAuthorizable.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── indexer │ │ ├── TestIndexer.java │ │ └── TestIndexerBitFieldAction.java ├── sentry-core-model-kafka │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── kafka │ │ │ ├── Cluster.java │ │ │ ├── ConsumerGroup.java │ │ │ ├── Host.java │ │ │ ├── KafkaActionConstant.java │ │ │ ├── KafkaActionFactory.java │ │ │ ├── KafkaAuthorizable.java │ │ │ └── Topic.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── model │ │ └── kafka │ │ ├── TestKafkaAction.java │ │ └── TestKafkaAuthorizable.java ├── sentry-core-model-search │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── search │ │ │ ├── Collection.java │ │ │ ├── Field.java │ │ │ ├── SearchActionFactory.java │ │ │ ├── SearchConstants.java │ │ │ ├── SearchModelAction.java │ │ │ └── SearchModelAuthorizable.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── search │ │ ├── TestCollection.java │ │ └── TestSearchBitFieldAction.java └── sentry-core-model-sqoop │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── model │ │ └── sqoop │ │ ├── Connector.java │ │ ├── Job.java │ │ ├── Link.java │ │ ├── Server.java │ │ ├── SqoopActionConstant.java │ │ ├── SqoopActionFactory.java │ │ └── SqoopAuthorizable.java │ └── test │ └── java │ └── org │ └── apache │ └── sentry │ └── core │ └── model │ └── sqoop │ ├── TestSqoopAction.java │ └── TestSqoopAuthorizable.java ├── sentry-dist ├── pom.xml └── src │ └── main │ └── assembly │ ├── bin.xml │ └── src.xml ├── sentry-hdfs ├── pom.xml ├── sentry-hdfs-common │ ├── pom.xml │ └── src │ │ ├── gen │ │ └── thrift │ │ │ └── gen-javabean │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── hdfs │ │ │ └── service │ │ │ └── thrift │ │ │ ├── SentryHDFSService.java │ │ │ ├── TAuthzUpdateResponse.java │ │ │ ├── TPathChanges.java │ │ │ ├── TPathEntry.java │ │ │ ├── TPathsDump.java │ │ │ ├── TPathsUpdate.java │ │ │ ├── TPermissionsUpdate.java │ │ │ ├── TPrivilegeChanges.java │ │ │ └── TRoleChanges.java │ │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── apache │ │ │ │ └── sentry │ │ │ │ └── hdfs │ │ │ │ ├── AuthzPaths.java │ │ │ │ ├── AuthzPathsDumper.java │ │ │ │ ├── AuthzPermissions.java │ │ │ │ ├── HMSPaths.java │ │ │ │ ├── HMSPathsDumper.java │ │ │ │ ├── PathsUpdate.java │ │ │ │ ├── PermissionsUpdate.java │ │ │ │ ├── SentryAuthzUpdate.java │ │ │ │ ├── SentryHDFSServiceClient.java │ │ │ │ ├── SentryHDFSServiceClientDefaultImpl.java │ │ │ │ ├── SentryHDFSServiceClientFactory.java │ │ │ │ ├── SentryHdfsServiceException.java │ │ │ │ ├── ServiceConstants.java │ │ │ │ ├── ThriftSerializer.java │ │ │ │ ├── Updateable.java │ │ │ │ ├── UpdateableAuthzPaths.java │ │ │ │ └── ha │ │ │ │ └── HdfsHAClientInvocationHandler.java │ │ └── resources │ │ │ └── sentry_hdfs_service.thrift │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── hdfs │ │ │ ├── SentryHdfsServiceIntegrationBase.java │ │ │ ├── TestHMSPaths.java │ │ │ ├── TestHMSPathsFullDump.java │ │ │ ├── TestKrbConnectionTimeout.java │ │ │ ├── TestPathsUpdate.java │ │ │ └── TestUpdateableAuthzPaths.java │ │ └── resources │ │ └── hdfs-sentry.xml ├── sentry-hdfs-dist │ └── pom.xml ├── sentry-hdfs-namenode-plugin │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ ├── hadoop │ │ │ └── hdfs │ │ │ │ └── server │ │ │ │ └── namenode │ │ │ │ └── AuthorizationProvider.java │ │ │ └── sentry │ │ │ └── hdfs │ │ │ ├── SentryAuthorizationConstants.java │ │ │ ├── SentryAuthorizationInfo.java │ │ │ ├── SentryAuthorizationProvider.java │ │ │ ├── SentryPermissions.java │ │ │ ├── SentryUpdater.java │ │ │ └── UpdateableAuthzPermissions.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── hdfs │ │ │ ├── MockSentryAuthorizationProvider.java │ │ │ ├── SentryAuthorizationInfoX.java │ │ │ ├── TestSentryAuthorizationProvider.java │ │ │ └── TestSentryPermissions.java │ │ └── resources │ │ └── hdfs-sentry.xml └── sentry-hdfs-service │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── hdfs │ │ ├── MetastoreCacheInitializer.java │ │ ├── MetastorePlugin.java │ │ ├── MetastorePluginWithHA.java │ │ ├── PluginCacheSyncUtil.java │ │ ├── SentryHDFSServiceProcessor.java │ │ ├── SentryHDFSServiceProcessorFactory.java │ │ ├── SentryHdfsMetricsUtil.java │ │ ├── SentryPlugin.java │ │ ├── UpdateForwarder.java │ │ ├── UpdateForwarderWithHA.java │ │ └── UpdateablePermissions.java │ └── test │ └── java │ └── org │ └── apache │ └── sentry │ └── hdfs │ ├── TestHAUpdateForwarder.java │ ├── TestMetastoreCacheInitializer.java │ ├── TestPluginCacheSync.java │ └── TestUpdateForwarder.java ├── sentry-policy ├── pom.xml ├── sentry-policy-common │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── common │ │ │ ├── KeyValue.java │ │ │ ├── PolicyConstants.java │ │ │ ├── PolicyEngine.java │ │ │ ├── Privilege.java │ │ │ ├── PrivilegeFactory.java │ │ │ ├── PrivilegeUtils.java │ │ │ ├── PrivilegeValidator.java │ │ │ └── PrivilegeValidatorContext.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── policy │ │ └── common │ │ └── TestKeyValue.java ├── sentry-policy-db │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── db │ │ │ ├── AbstractDBPrivilegeValidator.java │ │ │ ├── DBModelAuthorizables.java │ │ │ ├── DBWildcardPrivilege.java │ │ │ ├── DatabaseMustMatch.java │ │ │ ├── DatabaseRequiredInPrivilege.java │ │ │ ├── ServerNameMustMatch.java │ │ │ ├── ServersAllIsInvalid.java │ │ │ └── SimpleDBPolicyEngine.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── db │ │ │ ├── AbstractTestSimplePolicyEngine.java │ │ │ ├── DBPolicyFileBackend.java │ │ │ ├── TestDBModelAuthorizables.java │ │ │ ├── TestDBWildcardPrivilege.java │ │ │ ├── TestDatabaseRequiredInRole.java │ │ │ ├── TestPolicyParsingNegative.java │ │ │ ├── TestResourceAuthorizationProviderGeneralCases.java │ │ │ ├── TestResourceAuthorizationProviderSpecialCases.java │ │ │ ├── TestSimpleDBPolicyEngineDFS.java │ │ │ └── TestSimpleDBPolicyEngineLocalFS.java │ │ └── resources │ │ ├── log4j.properties │ │ ├── test-authz-provider-other-group.ini │ │ └── test-authz-provider.ini ├── sentry-policy-indexer │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── indexer │ │ │ ├── AbstractIndexerPrivilegeValidator.java │ │ │ ├── IndexerModelAuthorizables.java │ │ │ ├── IndexerRequiredInPrivilege.java │ │ │ ├── IndexerWildcardPrivilege.java │ │ │ └── SimpleIndexerPolicyEngine.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── indexer │ │ │ ├── AbstractTestIndexerPolicyEngine.java │ │ │ ├── IndexerPolicyFileBackend.java │ │ │ ├── TestIndexerAuthorizationProviderGeneralCases.java │ │ │ ├── TestIndexerAuthorizationProviderSpecialCases.java │ │ │ ├── TestIndexerModelAuthorizables.java │ │ │ ├── TestIndexerPolicyEngineDFS.java │ │ │ ├── TestIndexerPolicyEngineLocalFS.java │ │ │ ├── TestIndexerPolicyNegative.java │ │ │ ├── TestIndexerRequiredInRole.java │ │ │ └── TestIndexerWildcardPrivilege.java │ │ └── resources │ │ ├── log4j.properties │ │ └── test-authz-provider.ini ├── sentry-policy-kafka │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── kafka │ │ │ ├── KafkaModelAuthorizables.java │ │ │ ├── KafkaPrivilegeValidator.java │ │ │ ├── KafkaWildcardPrivilege.java │ │ │ └── SimpleKafkaPolicyEngine.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── kafka │ │ │ ├── KafkaPolicyFileProviderBackend.java │ │ │ ├── MockGroupMappingServiceProvider.java │ │ │ ├── TestKafkaModelAuthorizables.java │ │ │ ├── TestKafkaPrivilegeValidator.java │ │ │ ├── TestKafkaWildcardPrivilege.java │ │ │ ├── engine │ │ │ ├── AbstractTestKafkaPolicyEngine.java │ │ │ ├── TestKafkaPolicyEngineDFS.java │ │ │ └── TestKafkaPolicyEngineLocalFS.java │ │ │ └── provider │ │ │ ├── TestKafkaAuthorizationProviderGeneralCases.java │ │ │ ├── TestKafkaAuthorizationProviderSpecialCases.java │ │ │ └── TestKafkaPolicyNegative.java │ │ └── resources │ │ ├── log4j.properties │ │ └── test-authz-provider.ini ├── sentry-policy-search │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── search │ │ │ ├── AbstractSearchPrivilegeValidator.java │ │ │ ├── CollectionRequiredInPrivilege.java │ │ │ ├── SearchModelAuthorizables.java │ │ │ ├── SearchWildcardPrivilege.java │ │ │ └── SimpleSearchPolicyEngine.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── search │ │ │ ├── AbstractTestSearchPolicyEngine.java │ │ │ ├── SearchPolicyFileBackend.java │ │ │ ├── TestCollectionRequiredInRole.java │ │ │ ├── TestSearchAuthorizationProviderGeneralCases.java │ │ │ ├── TestSearchAuthorizationProviderSpecialCases.java │ │ │ ├── TestSearchModelAuthorizables.java │ │ │ ├── TestSearchPolicyEngineDFS.java │ │ │ ├── TestSearchPolicyEngineLocalFS.java │ │ │ ├── TestSearchPolicyNegative.java │ │ │ └── TestSearchWildcardPrivilege.java │ │ └── resources │ │ ├── log4j.properties │ │ └── test-authz-provider.ini └── sentry-policy-sqoop │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── policy │ │ └── sqoop │ │ ├── ServerNameRequiredMatch.java │ │ ├── SimpleSqoopPolicyEngine.java │ │ ├── SqoopModelAuthorizables.java │ │ └── SqoopWildcardPrivilege.java │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── policy │ │ └── sqoop │ │ ├── AbstractTestSqoopPolicyEngine.java │ │ ├── MockGroupMappingServiceProvider.java │ │ ├── SqoopPolicyFileProviderBackend.java │ │ ├── TestServerNameRequiredMatch.java │ │ ├── TestSqoopAuthorizationProviderGeneralCases.java │ │ ├── TestSqoopAuthorizationProviderSpecialCases.java │ │ ├── TestSqoopModelAuthorizables.java │ │ ├── TestSqoopPolicyEngineDFS.java │ │ ├── TestSqoopPolicyEngineLocalFS.java │ │ ├── TestSqoopPolicyNegative.java │ │ └── TestSqoopWildcardPrivilege.java │ └── resources │ ├── log4j.properties │ └── test-authz-provider.ini ├── sentry-provider ├── pom.xml ├── sentry-provider-cache │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── provider │ │ │ └── cache │ │ │ ├── PrivilegeCache.java │ │ │ ├── SimpleCacheProviderBackend.java │ │ │ └── SimplePrivilegeCache.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── provider │ │ │ └── cache │ │ │ ├── PrivilegeCacheTestImpl.java │ │ │ └── TestCacheProvider.java │ │ └── resources │ │ └── test-authz-provider-local-group-mapping.ini ├── sentry-provider-common │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── provider │ │ │ ├── common │ │ │ ├── AuthorizationComponent.java │ │ │ ├── AuthorizationProvider.java │ │ │ ├── GroupMappingService.java │ │ │ ├── HadoopGroupMappingService.java │ │ │ ├── HadoopGroupResourceAuthorizationProvider.java │ │ │ ├── NoAuthorizationProvider.java │ │ │ ├── NoGroupMappingService.java │ │ │ ├── PolicyFileConstants.java │ │ │ ├── ProviderBackend.java │ │ │ ├── ProviderBackendContext.java │ │ │ ├── ResourceAuthorizationProvider.java │ │ │ └── SentryGroupNotFoundException.java │ │ │ └── file │ │ │ └── HadoopGroupResourceAuthorizationProvider.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── provider │ │ └── common │ │ ├── MockGroupMappingServiceProvider.java │ │ ├── TestGetGroupMapping.java │ │ └── TestNoAuthorizationProvider.java ├── sentry-provider-db │ ├── pom.xml │ └── src │ │ ├── gen │ │ └── thrift │ │ │ └── gen-javabean │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── provider │ │ │ └── db │ │ │ │ ├── generic │ │ │ │ └── service │ │ │ │ │ └── thrift │ │ │ │ │ ├── SentryGenericPolicyService.java │ │ │ │ │ ├── TAlterSentryRoleAddGroupsRequest.java │ │ │ │ │ ├── TAlterSentryRoleAddGroupsResponse.java │ │ │ │ │ ├── TAlterSentryRoleDeleteGroupsRequest.java │ │ │ │ │ ├── TAlterSentryRoleDeleteGroupsResponse.java │ │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeRequest.java │ │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeResponse.java │ │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeRequest.java │ │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeResponse.java │ │ │ │ │ ├── TAuthorizable.java │ │ │ │ │ ├── TCreateSentryRoleRequest.java │ │ │ │ │ ├── TCreateSentryRoleResponse.java │ │ │ │ │ ├── TDropPrivilegesRequest.java │ │ │ │ │ ├── TDropPrivilegesResponse.java │ │ │ │ │ ├── TDropSentryRoleRequest.java │ │ │ │ │ ├── TDropSentryRoleResponse.java │ │ │ │ │ ├── TListSentryPrivilegesByAuthRequest.java │ │ │ │ │ ├── TListSentryPrivilegesByAuthResponse.java │ │ │ │ │ ├── TListSentryPrivilegesForProviderRequest.java │ │ │ │ │ ├── TListSentryPrivilegesForProviderResponse.java │ │ │ │ │ ├── TListSentryPrivilegesRequest.java │ │ │ │ │ ├── TListSentryPrivilegesResponse.java │ │ │ │ │ ├── TListSentryRolesRequest.java │ │ │ │ │ ├── TListSentryRolesResponse.java │ │ │ │ │ ├── TRenamePrivilegesRequest.java │ │ │ │ │ ├── TRenamePrivilegesResponse.java │ │ │ │ │ ├── TSentryActiveRoleSet.java │ │ │ │ │ ├── TSentryGrantOption.java │ │ │ │ │ ├── TSentryPrivilege.java │ │ │ │ │ ├── TSentryPrivilegeMap.java │ │ │ │ │ └── TSentryRole.java │ │ │ │ └── service │ │ │ │ └── thrift │ │ │ │ ├── SentryPolicyService.java │ │ │ │ ├── TAlterSentryRoleAddGroupsRequest.java │ │ │ │ ├── TAlterSentryRoleAddGroupsResponse.java │ │ │ │ ├── TAlterSentryRoleDeleteGroupsRequest.java │ │ │ │ ├── TAlterSentryRoleDeleteGroupsResponse.java │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeRequest.java │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeResponse.java │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeRequest.java │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeResponse.java │ │ │ │ ├── TCreateSentryRoleRequest.java │ │ │ │ ├── TCreateSentryRoleResponse.java │ │ │ │ ├── TDropPrivilegesRequest.java │ │ │ │ ├── TDropPrivilegesResponse.java │ │ │ │ ├── TDropSentryRoleRequest.java │ │ │ │ ├── TDropSentryRoleResponse.java │ │ │ │ ├── TListSentryPrivilegesByAuthRequest.java │ │ │ │ ├── TListSentryPrivilegesByAuthResponse.java │ │ │ │ ├── TListSentryPrivilegesForProviderRequest.java │ │ │ │ ├── TListSentryPrivilegesForProviderResponse.java │ │ │ │ ├── TListSentryPrivilegesRequest.java │ │ │ │ ├── TListSentryPrivilegesResponse.java │ │ │ │ ├── TListSentryRolesRequest.java │ │ │ │ ├── TListSentryRolesResponse.java │ │ │ │ ├── TRenamePrivilegesRequest.java │ │ │ │ ├── TRenamePrivilegesResponse.java │ │ │ │ ├── TSentryActiveRoleSet.java │ │ │ │ ├── TSentryAuthorizable.java │ │ │ │ ├── TSentryConfigValueRequest.java │ │ │ │ ├── TSentryConfigValueResponse.java │ │ │ │ ├── TSentryExportMappingDataRequest.java │ │ │ │ ├── TSentryExportMappingDataResponse.java │ │ │ │ ├── TSentryGrantOption.java │ │ │ │ ├── TSentryGroup.java │ │ │ │ ├── TSentryImportMappingDataRequest.java │ │ │ │ ├── TSentryImportMappingDataResponse.java │ │ │ │ ├── TSentryMappingData.java │ │ │ │ ├── TSentryPrivilege.java │ │ │ │ ├── TSentryPrivilegeMap.java │ │ │ │ └── TSentryRole.java │ │ │ └── service │ │ │ └── thrift │ │ │ ├── TSentryResponseStatus.java │ │ │ └── sentry_common_serviceConstants.java │ │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── apache │ │ │ │ └── sentry │ │ │ │ ├── provider │ │ │ │ └── db │ │ │ │ │ ├── SentryAccessDeniedException.java │ │ │ │ │ ├── SentryAlreadyExistsException.java │ │ │ │ │ ├── SentryGrantDeniedException.java │ │ │ │ │ ├── SentryInvalidInputException.java │ │ │ │ │ ├── SentryMetastoreListenerPlugin.java │ │ │ │ │ ├── SentryNoSuchObjectException.java │ │ │ │ │ ├── SentryPolicyStorePlugin.java │ │ │ │ │ ├── SentryThriftAPIMismatchException.java │ │ │ │ │ ├── SimpleDBProviderBackend.java │ │ │ │ │ ├── generic │ │ │ │ │ ├── SentryGenericProviderBackend.java │ │ │ │ │ ├── service │ │ │ │ │ │ ├── persistent │ │ │ │ │ │ │ ├── DelegateSentryStore.java │ │ │ │ │ │ │ ├── PrivilegeObject.java │ │ │ │ │ │ │ ├── PrivilegeOperatePersistence.java │ │ │ │ │ │ │ └── SentryStoreLayer.java │ │ │ │ │ │ └── thrift │ │ │ │ │ │ │ ├── NotificationHandler.java │ │ │ │ │ │ │ ├── NotificationHandlerInvoker.java │ │ │ │ │ │ │ ├── SentryGenericPolicyProcessor.java │ │ │ │ │ │ │ ├── SentryGenericPolicyProcessorFactory.java │ │ │ │ │ │ │ ├── SentryGenericPolicyProcessorWrapper.java │ │ │ │ │ │ │ ├── SentryGenericServiceClient.java │ │ │ │ │ │ │ ├── SentryGenericServiceClientDefaultImpl.java │ │ │ │ │ │ │ └── SentryGenericServiceClientFactory.java │ │ │ │ │ └── tools │ │ │ │ │ │ ├── SentryShellSolr.java │ │ │ │ │ │ ├── SolrTSentryPrivilegeConvertor.java │ │ │ │ │ │ └── command │ │ │ │ │ │ ├── AddRoleToGroupCmd.java │ │ │ │ │ │ ├── Command.java │ │ │ │ │ │ ├── CreateRoleCmd.java │ │ │ │ │ │ ├── DeleteRoleFromGroupCmd.java │ │ │ │ │ │ ├── DropRoleCmd.java │ │ │ │ │ │ ├── GrantPrivilegeToRoleCmd.java │ │ │ │ │ │ ├── ListPrivilegesByRoleCmd.java │ │ │ │ │ │ ├── ListRolesCmd.java │ │ │ │ │ │ ├── RevokePrivilegeFromRoleCmd.java │ │ │ │ │ │ └── TSentryPrivilegeConvertor.java │ │ │ │ │ ├── log │ │ │ │ │ ├── appender │ │ │ │ │ │ ├── AuditLoggerTestAppender.java │ │ │ │ │ │ └── RollingFileWithoutDeleteAppender.java │ │ │ │ │ ├── entity │ │ │ │ │ │ ├── AuditMetadataLogEntity.java │ │ │ │ │ │ ├── DBAuditMetadataLogEntity.java │ │ │ │ │ │ ├── GMAuditMetadataLogEntity.java │ │ │ │ │ │ ├── JsonLogEntity.java │ │ │ │ │ │ └── JsonLogEntityFactory.java │ │ │ │ │ └── util │ │ │ │ │ │ ├── CommandUtil.java │ │ │ │ │ │ └── Constants.java │ │ │ │ │ ├── service │ │ │ │ │ ├── model │ │ │ │ │ │ ├── MSentryGMPrivilege.java │ │ │ │ │ │ ├── MSentryGroup.java │ │ │ │ │ │ ├── MSentryPrivilege.java │ │ │ │ │ │ ├── MSentryRole.java │ │ │ │ │ │ ├── MSentryVersion.java │ │ │ │ │ │ └── package.jdo │ │ │ │ │ ├── persistent │ │ │ │ │ │ ├── CommitContext.java │ │ │ │ │ │ ├── FixedJsonInstanceSerializer.java │ │ │ │ │ │ ├── HAContext.java │ │ │ │ │ │ ├── SentryStore.java │ │ │ │ │ │ ├── SentryStoreSchemaInfo.java │ │ │ │ │ │ ├── ServiceManager.java │ │ │ │ │ │ └── ServiceRegister.java │ │ │ │ │ └── thrift │ │ │ │ │ │ ├── ConfServlet.java │ │ │ │ │ │ ├── NotificationHandler.java │ │ │ │ │ │ ├── NotificationHandlerInvoker.java │ │ │ │ │ │ ├── PolicyStoreConstants.java │ │ │ │ │ │ ├── SentryAuthFilter.java │ │ │ │ │ │ ├── SentryConfigurationException.java │ │ │ │ │ │ ├── SentryHealthCheckServletContextListener.java │ │ │ │ │ │ ├── SentryMetrics.java │ │ │ │ │ │ ├── SentryMetricsServletContextListener.java │ │ │ │ │ │ ├── SentryPolicyServiceClient.java │ │ │ │ │ │ ├── SentryPolicyServiceClientDefaultImpl.java │ │ │ │ │ │ ├── SentryPolicyStoreProcessor.java │ │ │ │ │ │ ├── SentryPolicyStoreProcessorFactory.java │ │ │ │ │ │ ├── SentryProcessorWrapper.java │ │ │ │ │ │ ├── SentryWebServer.java │ │ │ │ │ │ └── ThriftUtil.java │ │ │ │ │ └── tools │ │ │ │ │ ├── SentrySchemaHelper.java │ │ │ │ │ ├── SentrySchemaTool.java │ │ │ │ │ ├── SentryShellCommon.java │ │ │ │ │ ├── SentryShellHive.java │ │ │ │ │ └── command │ │ │ │ │ └── hive │ │ │ │ │ ├── Command.java │ │ │ │ │ ├── CommandUtil.java │ │ │ │ │ ├── CreateRoleCmd.java │ │ │ │ │ ├── DropRoleCmd.java │ │ │ │ │ ├── GrantPrivilegeToRoleCmd.java │ │ │ │ │ ├── GrantRoleToGroupsCmd.java │ │ │ │ │ ├── ListPrivilegesCmd.java │ │ │ │ │ ├── ListRolesCmd.java │ │ │ │ │ ├── RevokePrivilegeFromRoleCmd.java │ │ │ │ │ └── RevokeRoleFromGroupsCmd.java │ │ │ │ └── service │ │ │ │ └── thrift │ │ │ │ ├── ConnectionDeniedException.java │ │ │ │ ├── GSSCallback.java │ │ │ │ ├── HAClientInvocationHandler.java │ │ │ │ ├── JaasConfiguration.java │ │ │ │ ├── KerberosConfiguration.java │ │ │ │ ├── PoolClientInvocationHandler.java │ │ │ │ ├── ProcessorFactory.java │ │ │ │ ├── SentryClientInvocationHandler.java │ │ │ │ ├── SentryKerberosContext.java │ │ │ │ ├── SentryService.java │ │ │ │ ├── SentryServiceClientFactory.java │ │ │ │ ├── SentryServiceClientPoolFactory.java │ │ │ │ ├── SentryServiceFactory.java │ │ │ │ ├── SentryServiceUtil.java │ │ │ │ ├── ServiceConstants.java │ │ │ │ └── Status.java │ │ ├── resources │ │ │ ├── 001-SENTRY-327.derby.sql │ │ │ ├── 001-SENTRY-327.mysql.sql │ │ │ ├── 001-SENTRY-327.oracle.sql │ │ │ ├── 001-SENTRY-327.postgres.sql │ │ │ ├── 002-SENTRY-339.derby.sql │ │ │ ├── 002-SENTRY-339.mysql.sql │ │ │ ├── 002-SENTRY-339.oracle.sql │ │ │ ├── 002-SENTRY-339.postgres.sql │ │ │ ├── 003-SENTRY-380.derby.sql │ │ │ ├── 003-SENTRY-380.mysql.sql │ │ │ ├── 003-SENTRY-380.oracle.sql │ │ │ ├── 003-SENTRY-380.postgres.sql │ │ │ ├── 004-SENTRY-74.derby.sql │ │ │ ├── 004-SENTRY-74.mysql.sql │ │ │ ├── 004-SENTRY-74.oracle.sql │ │ │ ├── 004-SENTRY-74.postgres.sql │ │ │ ├── 005-SENTRY-398.derby.sql │ │ │ ├── 005-SENTRY-398.mysql.sql │ │ │ ├── 005-SENTRY-398.oracle.sql │ │ │ ├── 005-SENTRY-398.postgres.sql │ │ │ ├── sentry-db2-1.4.0.sql │ │ │ ├── sentry-db2-1.5.0.sql │ │ │ ├── sentry-db2-1.6.0.sql │ │ │ ├── sentry-derby-1.4.0.sql │ │ │ ├── sentry-derby-1.5.0.sql │ │ │ ├── sentry-derby-1.6.0.sql │ │ │ ├── sentry-mysql-1.4.0.sql │ │ │ ├── sentry-mysql-1.5.0.sql │ │ │ ├── sentry-mysql-1.6.0.sql │ │ │ ├── sentry-oracle-1.4.0.sql │ │ │ ├── sentry-oracle-1.5.0.sql │ │ │ ├── sentry-oracle-1.6.0.sql │ │ │ ├── sentry-postgres-1.4.0.sql │ │ │ ├── sentry-postgres-1.5.0.sql │ │ │ ├── sentry-postgres-1.6.0.sql │ │ │ ├── sentry-upgrade-db2-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-db2-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-derby-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-derby-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-mysql-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-mysql-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-oracle-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-oracle-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-postgres-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-postgres-1.5.0-to-1.6.0.sql │ │ │ ├── sentry_common_service.thrift │ │ │ ├── sentry_generic_policy_service.thrift │ │ │ ├── sentry_policy_service.thrift │ │ │ ├── upgrade.order.db2 │ │ │ ├── upgrade.order.derby │ │ │ ├── upgrade.order.mysql │ │ │ ├── upgrade.order.oracle │ │ │ └── upgrade.order.postgres │ │ └── webapp │ │ │ ├── SentryService.html │ │ │ ├── css │ │ │ ├── bootstrap-theme.min.css │ │ │ ├── bootstrap.min.css │ │ │ └── sentry.css │ │ │ └── sentry.png │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── provider │ │ │ └── db │ │ │ │ ├── generic │ │ │ │ ├── service │ │ │ │ │ ├── persistent │ │ │ │ │ │ ├── SentryStoreIntegrationBase.java │ │ │ │ │ │ ├── TestDelegateSentryStore.java │ │ │ │ │ │ ├── TestPrivilegeOperatePersistence.java │ │ │ │ │ │ ├── TestSentryGMPrivilege.java │ │ │ │ │ │ └── TestSentryRole.java │ │ │ │ │ └── thrift │ │ │ │ │ │ ├── SentryGenericServiceIntegrationBase.java │ │ │ │ │ │ ├── TestAuditLogForSentryGenericService.java │ │ │ │ │ │ ├── TestSentryGenericPolicyProcessor.java │ │ │ │ │ │ └── TestSentryGenericServiceIntegration.java │ │ │ │ └── tools │ │ │ │ │ └── TestSentryShellSolr.java │ │ │ │ ├── log │ │ │ │ ├── appender │ │ │ │ │ └── TestRollingFileWithoutDeleteAppender.java │ │ │ │ ├── entity │ │ │ │ │ ├── TestDbAuditMetadataLogEntity.java │ │ │ │ │ ├── TestGMAuditMetadataLogEntity.java │ │ │ │ │ ├── TestJsonLogEntityFactory.java │ │ │ │ │ └── TestJsonLogEntityFactoryGM.java │ │ │ │ └── util │ │ │ │ │ └── TestCommandUtil.java │ │ │ │ ├── service │ │ │ │ ├── persistent │ │ │ │ │ ├── TestSentryPrivilege.java │ │ │ │ │ ├── TestSentryServiceDiscovery.java │ │ │ │ │ ├── TestSentryStore.java │ │ │ │ │ ├── TestSentryStoreImportExport.java │ │ │ │ │ ├── TestSentryStoreToAuthorizable.java │ │ │ │ │ └── TestSentryVersion.java │ │ │ │ └── thrift │ │ │ │ │ ├── SentryMiniKdcTestcase.java │ │ │ │ │ ├── TestAuthorizingDDLAuditLogWithKerberos.java │ │ │ │ │ ├── TestConnectionWithTicketTimeout.java │ │ │ │ │ ├── TestNotificationHandlerInvoker.java │ │ │ │ │ ├── TestSentryPolicyStoreProcessor.java │ │ │ │ │ ├── TestSentryServerForHaWithoutKerberos.java │ │ │ │ │ ├── TestSentryServerForPoolHAWithoutKerberos.java │ │ │ │ │ ├── TestSentryServerForPoolWithoutKerberos.java │ │ │ │ │ ├── TestSentryServerWithoutKerberos.java │ │ │ │ │ ├── TestSentryServiceClientPool.java │ │ │ │ │ ├── TestSentryServiceFailureCase.java │ │ │ │ │ ├── TestSentryServiceForHAWithKerberos.java │ │ │ │ │ ├── TestSentryServiceForPoolHAWithKerberos.java │ │ │ │ │ ├── TestSentryServiceForPoolWithKerberos.java │ │ │ │ │ ├── TestSentryServiceImportExport.java │ │ │ │ │ ├── TestSentryServiceIntegration.java │ │ │ │ │ ├── TestSentryServiceWithInvalidMsgSize.java │ │ │ │ │ ├── TestSentryServiceWithKerberos.java │ │ │ │ │ ├── TestSentryWebServerWithKerberos.java │ │ │ │ │ └── TestSentryWebServerWithoutSecurity.java │ │ │ │ └── tools │ │ │ │ ├── TestSentrySchemaTool.java │ │ │ │ └── TestSentryShellHive.java │ │ │ └── service │ │ │ └── thrift │ │ │ └── SentryServiceIntegrationBase.java │ │ └── resources │ │ └── log4j.properties └── sentry-provider-file │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── provider │ │ └── file │ │ ├── LocalGroupMappingService.java │ │ ├── LocalGroupResourceAuthorizationProvider.java │ │ ├── PolicyFile.java │ │ ├── PolicyFiles.java │ │ └── SimpleFileProviderBackend.java │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── provider │ │ └── file │ │ ├── TestLocalGroupMapping.java │ │ └── TestSimpleFileProvderBackend.java │ └── resources │ ├── log4j.properties │ └── test-authz-provider-local-group-mapping.ini ├── sentry-solr ├── pom.xml ├── solr-sentry-core │ ├── pom.xml │ └── src │ │ └── main │ │ └── java │ │ └── org │ │ └── apache │ │ └── solr │ │ └── sentry │ │ ├── AuditLogger.java │ │ ├── RollingFileWithoutDeleteAppender.java │ │ ├── SecureRequestHandlerUtil.java │ │ └── SentryIndexAuthorizationSingleton.java └── solr-sentry-handlers │ ├── pom.xml │ └── src │ ├── main │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── solr │ │ │ ├── handler │ │ │ ├── SecureDocumentAnalysisRequestHandler.java │ │ │ ├── SecureFieldAnalysisRequestHandler.java │ │ │ ├── SecureRealTimeGetHandler.java │ │ │ ├── SecureReplicationHandler.java │ │ │ ├── admin │ │ │ │ ├── SecureAdminHandlers.java │ │ │ │ ├── SecureCollectionsHandler.java │ │ │ │ ├── SecureCoreAdminHandler.java │ │ │ │ └── SecureInfoHandler.java │ │ │ └── component │ │ │ │ ├── QueryDocAuthorizationComponent.java │ │ │ │ ├── QueryIndexAuthorizationComponent.java │ │ │ │ └── SecureRealTimeGetComponent.java │ │ │ └── update │ │ │ └── processor │ │ │ ├── UpdateIndexAuthorizationProcessor.java │ │ │ └── UpdateIndexAuthorizationProcessorFactory.java │ └── resources │ │ ├── log4j.properties │ │ └── sentry-handlers │ │ ├── sentry │ │ └── test-authz-provider.ini │ │ └── solr │ │ └── collection1 │ │ ├── conf │ │ ├── schema-minimal.xml │ │ ├── solrconfig-secureadmin.xml │ │ └── solrconfig.xml │ │ └── lib │ │ ├── README │ │ └── classes │ │ └── empty-file-main-lib.txt │ └── test │ └── java │ └── org │ └── apache │ └── solr │ ├── handler │ ├── TestSecureAnalysisHandlers.java │ ├── TestSecureReplicationHandler.java │ ├── admin │ │ ├── SecureAdminHandlersTest.java │ │ ├── SecureCollectionsHandlerTest.java │ │ ├── SecureCoreAdminHandlerTest.java │ │ └── SecureInfoHandlerTest.java │ └── component │ │ ├── QueryDocAuthorizationComponentTest.java │ │ └── QueryIndexAuthorizationComponentTest.java │ ├── sentry │ ├── SentryIndexAuthorizationSingletonTest.java │ ├── SentrySingletonTestInstance.java │ └── SentryTestBase.java │ └── update │ └── processor │ └── UpdateIndexAuthorizationProcessorTest.java └── sentry-tests ├── pom.xml ├── sentry-tests-hive ├── pom.xml └── src │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── tests │ │ └── e2e │ │ ├── dbprovider │ │ ├── AbstractTestWithDbProvider.java │ │ ├── TestColumnEndToEnd.java │ │ ├── TestConcurrentClients.java │ │ ├── TestDatabaseProvider.java │ │ ├── TestDbColumnLevelMetaDataOps.java │ │ ├── TestDbComplexView.java │ │ ├── TestDbConnections.java │ │ ├── TestDbCrossDbOps.java │ │ ├── TestDbDDLAuditLog.java │ │ ├── TestDbEndToEnd.java │ │ ├── TestDbExportImportPrivileges.java │ │ ├── TestDbJDBCInterface.java │ │ ├── TestDbMetadataObjectRetrieval.java │ │ ├── TestDbMetadataPermissions.java │ │ ├── TestDbMovingToProduction.java │ │ ├── TestDbOperations.java │ │ ├── TestDbPrivilegeAtTransform.java │ │ ├── TestDbPrivilegeCleanupOnDrop.java │ │ ├── TestDbPrivilegesAtColumnScope.java │ │ ├── TestDbPrivilegesAtDatabaseScope.java │ │ ├── TestDbPrivilegesAtFunctionScope.java │ │ ├── TestDbPrivilegesAtTableScope.java │ │ ├── TestDbRuntimeMetadataRetrieval.java │ │ ├── TestDbSandboxOps.java │ │ ├── TestDbSentryOnFailureHookLoading.java │ │ ├── TestDbUriPermissions.java │ │ ├── TestPrivilegeWithGrantOption.java │ │ └── TestPrivilegeWithHAGrantOption.java │ │ ├── ha │ │ └── TestHaEnd2End.java │ │ ├── hdfs │ │ ├── TestHDFSIntegration.java │ │ └── TestHDFSIntegrationWithHA.java │ │ ├── hive │ │ ├── AbstractTestWithHiveServer.java │ │ ├── AbstractTestWithStaticConfiguration.java │ │ ├── Context.java │ │ ├── DummySentryOnFailureHook.java │ │ ├── PolicyFileEditor.java │ │ ├── PrivilegeResultSet.java │ │ ├── StaticUserGroup.java │ │ ├── TestConfigTool.java │ │ ├── TestCrossDbOps.java │ │ ├── TestCustomSerdePrivileges.java │ │ ├── TestEndToEnd.java │ │ ├── TestExportImportPrivileges.java │ │ ├── TestJDBCInterface.java │ │ ├── TestLockPrivileges.java │ │ ├── TestMetadataObjectRetrieval.java │ │ ├── TestMetadataPermissions.java │ │ ├── TestMovingToProduction.java │ │ ├── TestOperations.java │ │ ├── TestPerDBConfiguration.java │ │ ├── TestPerDatabasePolicyFile.java │ │ ├── TestPolicyImportExport.java │ │ ├── TestPrivilegeAtTransform.java │ │ ├── TestPrivilegesAtColumnScope.java │ │ ├── TestPrivilegesAtDatabaseScope.java │ │ ├── TestPrivilegesAtFunctionScope.java │ │ ├── TestPrivilegesAtTableScope.java │ │ ├── TestReloadPrivileges.java │ │ ├── TestRuntimeMetadataRetrieval.java │ │ ├── TestSandboxOps.java │ │ ├── TestSentryOnFailureHookLoading.java │ │ ├── TestServerConfiguration.java │ │ ├── TestUriPermissions.java │ │ ├── TestUserManagement.java │ │ ├── TestViewPrivileges.java │ │ ├── fs │ │ │ ├── AbstractDFS.java │ │ │ ├── ClusterDFS.java │ │ │ ├── DFS.java │ │ │ ├── DFSFactory.java │ │ │ └── MiniDFS.java │ │ └── hiveserver │ │ │ ├── AbstractHiveServer.java │ │ │ ├── EmbeddedHiveServer.java │ │ │ ├── ExternalHiveServer.java │ │ │ ├── HiveServer.java │ │ │ ├── HiveServerFactory.java │ │ │ ├── InternalHiveServer.java │ │ │ ├── InternalMetastoreServer.java │ │ │ └── UnmanagedHiveServer.java │ │ ├── metastore │ │ ├── AbstractMetastoreTestWithStaticConfiguration.java │ │ ├── SentryPolicyProviderForDb.java │ │ ├── TestAuthorizingObjectStore.java │ │ ├── TestMetaStoreWithPigHCat.java │ │ └── TestMetastoreEndToEnd.java │ │ └── minisentry │ │ ├── InternalSentrySrv.java │ │ ├── SentrySrv.java │ │ └── SentrySrvFactory.java │ ├── resources │ ├── core-site-for-sentry-test.xml │ ├── emp.dat │ ├── hadoop │ ├── kv1.dat │ ├── log4j.properties │ ├── sentry-provider.ini │ ├── sentry-site.xml │ ├── testPolicyImport.ini │ ├── testPolicyImportAdmin.ini │ └── testPolicyImportError.ini │ └── scripts │ └── scale-test │ └── create-many-dbs-tables.sh ├── sentry-tests-kafka ├── pom.xml └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── tests │ │ └── e2e │ │ └── kafka │ │ ├── CustomPrincipalBuilder.java │ │ ├── EmbeddedZkServer.java │ │ ├── KafkaTestServer.java │ │ └── TestUtils.java │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── tests │ │ └── e2e │ │ └── kafka │ │ ├── AbstractKafkaSentryTestBase.java │ │ ├── StaticUserGroupRole.java │ │ ├── TestAclsCrud.java │ │ └── TestAuthorize.java │ └── resources │ ├── log4j.properties │ ├── test.crt │ ├── test.keystore.jks │ ├── test.truststore.jks │ ├── user1.crt │ ├── user1.keystore.jks │ ├── user1.truststore.jks │ ├── user2.crt │ ├── user2.keystore.jks │ └── user2.truststore.jks ├── sentry-tests-solr ├── pom.xml └── src │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── tests │ │ └── e2e │ │ └── solr │ │ ├── AbstractSolrSentryTestBase.java │ │ ├── DocLevelGenerator.java │ │ ├── ModifiableUserAuthenticationFilter.java │ │ ├── TestCollAdminCoreOperations.java │ │ ├── TestDocLevelOperations.java │ │ ├── TestQueryOperations.java │ │ ├── TestRealTimeGet.java │ │ ├── TestUpdateOperations.java │ │ └── db │ │ └── integration │ │ ├── AbstractSolrSentryTestWithDbProvider.java │ │ ├── TestSolrAdminOperations.java │ │ ├── TestSolrDocLevelOperations.java │ │ ├── TestSolrQueryOperations.java │ │ └── TestSolrUpdateOperations.java │ └── resources │ ├── log4j.properties │ └── solr │ ├── collection1 │ └── conf │ │ ├── admin-extra.html │ │ ├── admin-extra.menu-bottom.html │ │ ├── admin-extra.menu-top.html │ │ ├── currency.xml │ │ ├── elevate.xml │ │ ├── lang │ │ ├── contractions_ca.txt │ │ ├── contractions_fr.txt │ │ ├── contractions_ga.txt │ │ ├── contractions_it.txt │ │ ├── hyphenations_ga.txt │ │ ├── stemdict_nl.txt │ │ ├── stoptags_ja.txt │ │ ├── stopwords_ar.txt │ │ ├── stopwords_bg.txt │ │ ├── stopwords_ca.txt │ │ ├── stopwords_cz.txt │ │ ├── stopwords_da.txt │ │ ├── stopwords_de.txt │ │ ├── stopwords_el.txt │ │ ├── stopwords_en.txt │ │ ├── stopwords_es.txt │ │ ├── stopwords_eu.txt │ │ ├── stopwords_fa.txt │ │ ├── stopwords_fi.txt │ │ ├── stopwords_fr.txt │ │ ├── stopwords_ga.txt │ │ ├── stopwords_gl.txt │ │ ├── stopwords_hi.txt │ │ ├── stopwords_hu.txt │ │ ├── stopwords_hy.txt │ │ ├── stopwords_id.txt │ │ ├── stopwords_it.txt │ │ ├── stopwords_ja.txt │ │ ├── stopwords_lv.txt │ │ ├── stopwords_nl.txt │ │ ├── stopwords_no.txt │ │ ├── stopwords_pt.txt │ │ ├── stopwords_ro.txt │ │ ├── stopwords_ru.txt │ │ ├── stopwords_sv.txt │ │ ├── stopwords_th.txt │ │ ├── stopwords_tr.txt │ │ └── userdict_ja.txt │ │ ├── mapping-FoldToASCII.txt │ │ ├── mapping-ISOLatin1Accent.txt │ │ ├── protwords.txt │ │ ├── schema.xml │ │ ├── scripts.conf │ │ ├── solrconfig-doclevel.xml │ │ ├── solrconfig.xml │ │ ├── spellings.txt │ │ ├── stopwords.txt │ │ ├── synonyms.txt │ │ ├── update-script.js │ │ ├── velocity │ │ ├── README.txt │ │ ├── VM_global_library.vm │ │ ├── browse.vm │ │ ├── cluster.vm │ │ ├── cluster_results.vm │ │ ├── debug.vm │ │ ├── did_you_mean.vm │ │ ├── error.vm │ │ ├── facet_fields.vm │ │ ├── facet_pivot.vm │ │ ├── facet_queries.vm │ │ ├── facet_ranges.vm │ │ ├── facets.vm │ │ ├── footer.vm │ │ ├── head.vm │ │ ├── header.vm │ │ ├── hit.vm │ │ ├── hit_grouped.vm │ │ ├── hit_plain.vm │ │ ├── join_doc.vm │ │ ├── jquery.autocomplete.css │ │ ├── jquery.autocomplete.js │ │ ├── layout.vm │ │ ├── main.css │ │ ├── mime_type_lists.vm │ │ ├── pagination_bottom.vm │ │ ├── pagination_top.vm │ │ ├── product_doc.vm │ │ ├── query.vm │ │ ├── query_form.vm │ │ ├── query_group.vm │ │ ├── query_spatial.vm │ │ ├── results_list.vm │ │ ├── richtext_doc.vm │ │ ├── suggest.vm │ │ └── tabs.vm │ │ └── xslt │ │ ├── example.xsl │ │ ├── example_atom.xsl │ │ ├── example_rss.xsl │ │ ├── luke.xsl │ │ └── updateXml.xsl │ ├── sentry │ └── test-authz-provider.ini │ └── solr-no-core.xml └── sentry-tests-sqoop ├── pom.xml └── src └── test └── java └── org └── apache └── sentry └── tests └── e2e └── sqoop ├── AbstractSqoopSentryTestBase.java ├── StaticUserGroupRole.java ├── TestConnectorEndToEnd.java ├── TestGrantPrivilege.java ├── TestJobEndToEnd.java ├── TestLinkEndToEnd.java ├── TestOwnerPrivilege.java ├── TestRevokePrivilege.java ├── TestRoleOperation.java ├── TestServerScopeEndToEnd.java ├── TestShowPrivilege.java └── TomcatSqoopRunner.java /.gitignore: -------------------------------------------------------------------------------- 1 | *.class 2 | classes/ 3 | target/ 4 | .classpath 5 | .project 6 | .settings 7 | .metadata 8 | .idea/ 9 | *.iml 10 | derby.log 11 | datanucleus.log 12 | sentry-core/sentry-core-common/src/gen 13 | **/TempStatsStore/ 14 | # Package Files # 15 | *.jar 16 | *.war 17 | *.ear 18 | test-output/ 19 | maven-repo/ 20 | *.orig 21 | *.rej 22 | .DS_Store 23 | **/thirdparty/* 24 | -------------------------------------------------------------------------------- /DISCLAIMER.txt: -------------------------------------------------------------------------------- 1 | Apache Sentry is an effort undergoing incubation at the Apache Software 2 | Foundation (ASF), sponsored by the Apache Incubator Project Management 3 | Committee. 4 | 5 | Incubation is required for all newly accepted projects until a further review 6 | indicates that the infrastructure, communications, and decisions making process 7 | have stabilized in a manner consistent with other successful ASF projects. 8 | 9 | While incubation status is not necessarily a reflection of the completeness or 10 | stability of the code, it does indicate that the project has yet to be fully 11 | endorsed by the ASF. 12 | 13 | For more information about the incubation status of the Sentry project you can 14 | go to the following page: 15 | 16 | http://incubator.apache.org/projects/sentry.html 17 | -------------------------------------------------------------------------------- /NOTICE.txt: -------------------------------------------------------------------------------- 1 | Apache Sentry 2 | Copyright 2014 The Apache Software Foundation 3 | 4 | This product includes software developed at 5 | The Apache Software Foundation (http://www.apache.org/). 6 | 7 | Portions of this software were developed at 8 | Cloudera, Inc. (http://www.cloudera.com/). 9 | 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | What is Sentry? 2 | 3 | Apache Sentry is a highly modular system for providing fine grained role based authorization to both data and metadata stored on an Apache Hadoop cluster. 4 | 5 | Contact us! 6 | 7 | * Mailing lists: https://cwiki.apache.org/confluence/display/SENTRY/Mailing+Lists 8 | 9 | Bug and Issues tracker 10 | 11 | * https://issues.apache.org/jira/browse/SENTRY 12 | 13 | Wiki 14 | 15 | * https://cwiki.apache.org/confluence/display/SENTRY/Home 16 | 17 | Building Sentry 18 | 19 | Building Sentry requires the following tools: 20 | 21 | * Apache Maven 3.2.5+ (Might hit issues with pentaho library with older maven versions) 22 | * Java JDK7 (can't access TBase errors with JDK8) 23 | 24 | To compile Sentry, run: 25 | 26 | mvn install -DskipTests 27 | 28 | To run Sentry tests, run: 29 | 30 | mvn test 31 | 32 | To build a distribution, run: 33 | 34 | mvn install 35 | 36 | The final Sentry distribution artifacts will be in $project/sentry-dist/target/. 37 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive-v2/src/main/java/org/apache/sentry/binding/hive/v2/SentryHivePrivilegeObject.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license 3 | * agreements. See the NOTICE file distributed with this work for additional information regarding 4 | * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the 5 | * "License"); you may not use this file except in compliance with the License. You may obtain a 6 | * copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License 11 | * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 12 | * or implied. See the License for the specific language governing permissions and limitations under 13 | * the License. 14 | */ 15 | 16 | package org.apache.sentry.binding.hive.v2; 17 | 18 | import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject; 19 | 20 | public class SentryHivePrivilegeObject extends HivePrivilegeObject { 21 | 22 | boolean isServer = false; 23 | 24 | boolean isUri = false; 25 | 26 | String objectName = ""; 27 | 28 | public SentryHivePrivilegeObject(HivePrivilegeObjectType type, String objectName) { 29 | super(type, null, objectName); 30 | } 31 | 32 | } 33 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryOnFailureHook.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.binding.hive; 20 | 21 | import org.apache.hadoop.hive.ql.hooks.Hook; 22 | 23 | /** 24 | * 25 | * SentryOnFailureHook allows Sentry to be extended 26 | * with custom logic to be executed upon authorization failure. 27 | * 28 | */ 29 | public interface SentryOnFailureHook extends Hook { 30 | 31 | /** 32 | * 33 | * @param context 34 | * The hook context passed to each hook. 35 | * @throws Exception 36 | */ 37 | void run(SentryOnFailureHookContext context) throws Exception; 38 | } 39 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/conf/InvalidConfigurationException.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.binding.hive.conf; 18 | 19 | public class InvalidConfigurationException extends Exception 20 | { 21 | private static final long serialVersionUID = 1L; 22 | 23 | //Parameterless Constructor 24 | public InvalidConfigurationException() {} 25 | 26 | //Constructor that accepts a message 27 | public InvalidConfigurationException(String message) 28 | { 29 | super(message); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/MockUserToGroupMapping.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.binding.hive; 19 | 20 | import java.util.Set; 21 | 22 | import org.apache.sentry.provider.common.GroupMappingService; 23 | 24 | import com.google.common.collect.Sets; 25 | 26 | public class MockUserToGroupMapping implements GroupMappingService { 27 | 28 | // User to group 1-to-1 map 29 | @Override 30 | public Set getGroups(String user) { 31 | return Sets.newHashSet(user); 32 | } 33 | 34 | } 35 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/test/resources/sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.provider 23 | org.apache.sentry.provider.file.fooProvider 24 | 25 | 26 | sentry.hive.provider.resource 27 | classpath:test-authz-provider.ini 28 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-kafka/src/test/resources/core-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | hadoop.security.group.mapping 23 | org.apache.sentry.kafka.MockGroupMappingServiceProvider 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-kafka/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | sentry.root.logger=DEBUG,console 17 | log4j.rootLogger=${sentry.root.logger} 18 | 19 | log4j.appender.console=org.apache.log4j.ConsoleAppender 20 | log4j.appender.console.target=System.out 21 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 22 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 23 | 24 | log4g.logger.kafka.utils.Logging=WARN 25 | log4j.logger.org.apache.kafka=WARN 26 | log4j.logger.org.apache.sentry=DEBUG 27 | log4j.logger.org.apache.zookeeper=WARN 28 | log4j.logger.org.I0Itec.zkclient=WARN 29 | log4j.logger.org.apache.hadoop=WARN 30 | log4j.category.DataNucleus=OFF 31 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-solr/src/main/java/org/apache/sentry/binding/solr/authz/SentrySolrAuthorizationException.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.binding.solr.authz; 18 | 19 | public class SentrySolrAuthorizationException extends Exception { 20 | private static final long serialVersionUID = -263787088321897523L; 21 | 22 | public SentrySolrAuthorizationException(String message) { 23 | super(message); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-solr/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-solr/src/test/resources/sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.provider 23 | org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider 24 | 25 | 26 | sentry.solr.provider.resource 27 | classpath:test-authz-provider.ini 28 | 29 | 30 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-solr/src/test/resources/test-authz-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | corporal = corporal_role 20 | sergeant = corporal_role, sergeant_role 21 | general = corporal_role, sergeant_role, general_role 22 | undefinedRoleGroup = undefinedRole 23 | 24 | [roles] 25 | #test that specification of a bogus action doesn't affect further specifications 26 | corporal_role = collection=info->action=FOOBAR, \ 27 | collection=info->action=query 28 | sergeant_role = collection=info->action=update 29 | general_role = collection=*->action=* 30 | 31 | [users] 32 | corporal1=corporal 33 | sergeant1=sergeant 34 | general1=general, othergeneralgroup 35 | undefinedGroupUser=undefinedGroup 36 | undefinedRoleUser=undefinedRoleGroup 37 | overlappingUser=general, sergeant, corporal 38 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/sqoop/MockAuthenticationProvider.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.sqoop; 18 | 19 | import org.apache.sqoop.security.AuthenticationProvider; 20 | 21 | public class MockAuthenticationProvider extends AuthenticationProvider { 22 | 23 | @Override 24 | public String[] getGroupNames() { 25 | return new String[]{""}; 26 | } 27 | 28 | @Override 29 | public String getUserName() { 30 | return ""; 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-sqoop/src/test/resources/no-configure-sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/Command.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry; 19 | 20 | 21 | public interface Command { 22 | void run(String[] args) throws Exception; 23 | } 24 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/SentryUserException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry; 19 | 20 | public class SentryUserException extends Exception{ 21 | private static final long serialVersionUID = 2329620558380655835L; 22 | protected String reason; 23 | public SentryUserException(String msg) { 24 | super(msg); 25 | } 26 | public SentryUserException(String msg, String reason) { 27 | super(msg); 28 | this.reason = reason; 29 | } 30 | public SentryUserException(String msg, Throwable t) { 31 | super(msg, t); 32 | reason = t.getMessage(); 33 | } 34 | public String getReason() { 35 | return reason; 36 | } 37 | 38 | } 39 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Action.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common; 18 | 19 | public interface Action { 20 | String ALL = "*"; 21 | String getValue(); 22 | } 23 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Authorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common; 18 | 19 | public interface Authorizable { 20 | String getName(); 21 | 22 | String getTypeName(); 23 | } 24 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Subject.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common; 18 | 19 | public class Subject { 20 | 21 | private final String name; 22 | 23 | public Subject(String name) { 24 | this.name = name; 25 | } 26 | 27 | public String getName() { 28 | return name; 29 | } 30 | 31 | @Override 32 | public String toString() { 33 | return "Subject [name=" + name + "]"; 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.db; 18 | 19 | import org.apache.sentry.core.common.Authorizable; 20 | 21 | public interface DBModelAuthorizable extends Authorizable { 22 | 23 | public enum AuthorizableType { 24 | Server, 25 | Db, 26 | Table, 27 | Column, 28 | View, 29 | URI 30 | }; 31 | 32 | AuthorizableType getAuthzType(); 33 | } 34 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/ServerResource.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.db; 18 | 19 | public enum ServerResource { 20 | UDFS(); 21 | } 22 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/TableOrView.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.db; 18 | 19 | public interface TableOrView extends DBModelAuthorizable { 20 | 21 | } 22 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerConstants.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.indexer; 18 | 19 | public class IndexerConstants { 20 | 21 | public static final String ALL = "*"; 22 | public static final String READ = "read"; 23 | public static final String WRITE = "write"; 24 | 25 | } 26 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAction.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.indexer; 18 | 19 | import org.apache.sentry.core.common.Action; 20 | 21 | /** 22 | * Represents actions in the Indexer model. 23 | */ 24 | public enum IndexerModelAction implements Action { 25 | 26 | WRITE(IndexerConstants.WRITE), 27 | READ(IndexerConstants.READ), 28 | ALL(IndexerConstants.ALL); 29 | 30 | private final String value; 31 | private IndexerModelAction(String value) { 32 | this.value = value; 33 | } 34 | 35 | @Override 36 | public String getValue() { 37 | return value; 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.indexer; 18 | 19 | import org.apache.sentry.core.common.Authorizable; 20 | 21 | public interface IndexerModelAuthorizable extends Authorizable { 22 | 23 | public enum AuthorizableType { 24 | Indexer 25 | }; 26 | 27 | AuthorizableType getAuthzType(); 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-kafka/src/main/java/org/apache/sentry/core/model/kafka/KafkaActionConstant.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.kafka; 18 | 19 | /** 20 | * Actions supported by Kafka on its authorizable resources. 21 | */ 22 | public class KafkaActionConstant { 23 | 24 | public static final String ALL = "ALL"; 25 | public static final String READ = "read"; 26 | public static final String WRITE = "write"; 27 | public static final String CREATE = "create"; 28 | public static final String DELETE = "delete"; 29 | public static final String ALTER = "alter"; 30 | public static final String DESCRIBE = "describe"; 31 | public static final String CLUSTER_ACTION = "clusteraction"; 32 | 33 | public static final String actionName = "action"; 34 | } 35 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAction.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.search; 18 | 19 | import org.apache.sentry.core.common.Action; 20 | 21 | /** 22 | * Represents actions in the Search model. 23 | */ 24 | public enum SearchModelAction implements Action { 25 | 26 | UPDATE(SearchConstants.UPDATE), 27 | QUERY(SearchConstants.QUERY), 28 | ALL(SearchConstants.ALL); 29 | 30 | private final String value; 31 | private SearchModelAction(String value) { 32 | this.value = value; 33 | } 34 | 35 | @Override 36 | public String getValue() { 37 | return value; 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-search/src/main/java/org/apache/sentry/core/model/search/SearchModelAuthorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.search; 18 | 19 | import org.apache.sentry.core.common.Authorizable; 20 | 21 | public interface SearchModelAuthorizable extends Authorizable { 22 | 23 | public enum AuthorizableType { 24 | Collection, 25 | Field 26 | }; 27 | 28 | AuthorizableType getAuthzType(); 29 | } 30 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionConstant.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.sqoop; 18 | 19 | public class SqoopActionConstant { 20 | public static final String ALL = "*"; 21 | public static final String ALL_NAME = "ALL"; 22 | public static final String READ = "read"; 23 | public static final String WRITE = "write"; 24 | public static final String NAME = "action"; 25 | } 26 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopAuthorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.sqoop; 18 | 19 | import org.apache.sentry.core.common.Authorizable; 20 | 21 | /** 22 | * This interface represents authorizable resource in the sqoop component. 23 | * It used conjunction with the generic authorization model(SENTRY-398). 24 | */ 25 | public interface SqoopAuthorizable extends Authorizable { 26 | String ALL = "*"; 27 | public enum AuthorizableType { 28 | SERVER, 29 | CONNECTOR, 30 | LINK, 31 | JOB 32 | }; 33 | 34 | AuthorizableType getAuthzType(); 35 | } 36 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPathsDumper.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | import org.apache.sentry.hdfs.service.thrift.TPathsDump; 21 | 22 | public interface AuthzPathsDumper { 23 | 24 | TPathsDump createPathsDump(); 25 | 26 | K initializeFromDump(TPathsDump pathsDump); 27 | 28 | } 29 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPermissions.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | import org.apache.hadoop.fs.permission.AclEntry; 21 | 22 | import java.util.List; 23 | 24 | public interface AuthzPermissions { 25 | 26 | List getAcls(String authzObj); 27 | 28 | } 29 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryAuthzUpdate.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | import java.util.List; 21 | 22 | public class SentryAuthzUpdate { 23 | 24 | private final List permUpdates; 25 | private final List pathUpdates; 26 | 27 | public SentryAuthzUpdate(List permUpdates, 28 | List pathUpdates) { 29 | this.permUpdates = permUpdates; 30 | this.pathUpdates = pathUpdates; 31 | } 32 | 33 | public List getPermUpdates() { 34 | return permUpdates; 35 | } 36 | 37 | public List getPathUpdates() { 38 | return pathUpdates; 39 | } 40 | 41 | } 42 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHDFSServiceClient.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | public interface SentryHDFSServiceClient { 21 | String SENTRY_HDFS_SERVICE_NAME = "SentryHDFSService"; 22 | 23 | void notifyHMSUpdate(PathsUpdate update) 24 | throws SentryHdfsServiceException; 25 | 26 | long getLastSeenHMSPathSeqNum() throws SentryHdfsServiceException; 27 | 28 | SentryAuthzUpdate getAllUpdatesFrom(long permSeqNum, long pathSeqNum) 29 | throws SentryHdfsServiceException; 30 | 31 | void close(); 32 | } 33 | 34 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/SentryHdfsServiceException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.hdfs; 20 | 21 | public class SentryHdfsServiceException extends RuntimeException { 22 | private static final long serialVersionUID = 1511645864949767378L; 23 | 24 | public SentryHdfsServiceException(String message, Throwable cause) { 25 | super(message, cause); 26 | } 27 | 28 | public SentryHdfsServiceException(String message) { 29 | super(message); 30 | } 31 | 32 | 33 | } 34 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/test/java/org/apache/sentry/hdfs/TestPathsUpdate.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | *

10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | *

12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | import java.util.List; 21 | import org.junit.Test; 22 | import org.junit.Assert; 23 | 24 | public class TestPathsUpdate { 25 | @Test 26 | public void testParsePath(){ 27 | List results = PathsUpdate.parsePath( 28 | "hdfs://hostname.test.com:8020/user/hive/warehouse/break/b=all | ' & the spaces/c=in PartKeys/With fun chars *%!|" 29 | ); 30 | System.out.println(results); 31 | Assert.assertNotNull("Parse path without throwing exception",results); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/test/resources/hdfs-sentry.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-namenode-plugin/src/test/java/org/apache/sentry/hdfs/MockSentryAuthorizationProvider.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | public class MockSentryAuthorizationProvider extends 21 | SentryAuthorizationProvider { 22 | 23 | public MockSentryAuthorizationProvider() { 24 | super(new SentryAuthorizationInfoX()); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-namenode-plugin/src/test/java/org/apache/sentry/hdfs/TestSentryPermissions.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | 20 | package org.apache.sentry.hdfs; 21 | 22 | import org.junit.Assert; 23 | import org.junit.Test; 24 | 25 | /** 26 | * Test suits for components inside SentryPermissions. 27 | */ 28 | public class TestSentryPermissions { 29 | 30 | @Test 31 | public void testRoleInfoCaseInsensitive() { 32 | SentryPermissions perm = new SentryPermissions(); 33 | SentryPermissions.RoleInfo roleInfo = new SentryPermissions.RoleInfo("Admin"); 34 | perm.addRoleInfo(roleInfo); 35 | 36 | // RoleInfo is case insensitive. 37 | Assert.assertNotNull(perm.getRoleInfo("admin")); 38 | Assert.assertNull(perm.getRoleInfo("doesNotExist")); 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-namenode-plugin/src/test/resources/hdfs-sentry.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.hdfs-plugin.path-prefixes 23 | /user/hive/dw 24 | 25 | 26 | sentry.hdfs-plugin.sentry-uri 27 | thrift://localhost:1234 28 | 29 | 30 | sentry.hdfs-plugin.stale-threshold.ms 31 | -1 32 | 33 | 34 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/Privilege.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.common; 18 | 19 | public interface Privilege { 20 | boolean implies(Privilege p); 21 | } 22 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeFactory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.common; 18 | 19 | /** 20 | * Factory for creating Privilege 21 | */ 22 | public interface PrivilegeFactory { 23 | Privilege createPrivilege(String permission); 24 | } 25 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeUtils.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.common; 18 | 19 | import java.util.Set; 20 | 21 | import org.apache.shiro.util.PermissionUtils; 22 | 23 | public class PrivilegeUtils { 24 | public static Set toPrivilegeStrings(String s) { 25 | return PermissionUtils.toPermissionStrings(s); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidator.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.common; 18 | 19 | import org.apache.shiro.config.ConfigurationException; 20 | 21 | public interface PrivilegeValidator { 22 | 23 | void validate(PrivilegeValidatorContext context) throws ConfigurationException; 24 | } 25 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeValidatorContext.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.common; 18 | 19 | import javax.annotation.Nullable; 20 | 21 | public class PrivilegeValidatorContext { 22 | private final String database; 23 | private final String privilege; 24 | public PrivilegeValidatorContext(String privilege) { 25 | this(null, privilege); 26 | } 27 | public PrivilegeValidatorContext(@Nullable String database, String privilege) { 28 | super(); 29 | this.database = database; 30 | this.privilege = privilege; 31 | } 32 | public @Nullable String getDatabase() { 33 | return database; 34 | } 35 | public String getPrivilege() { 36 | return privilege; 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-db/src/test/java/org/apache/sentry/policy/db/DBPolicyFileBackend.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.db; 18 | 19 | import java.io.IOException; 20 | 21 | import org.apache.hadoop.conf.Configuration; 22 | import org.apache.sentry.provider.file.SimpleFileProviderBackend; 23 | 24 | public class DBPolicyFileBackend extends SimpleDBPolicyEngine { 25 | public DBPolicyFileBackend(String server, String resource) throws IOException{ 26 | super(server, new SimpleFileProviderBackend(new Configuration(), resource)); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-db/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-db/src/test/resources/test-authz-provider-other-group.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | other_group = analyst_role 20 | 21 | [roles] 22 | analyst_role = server=server1->db=other_group_db->table=purchases->action=select -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-db/src/test/resources/test-authz-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [databases] 19 | other_group_db = test-authz-provider-other-group.ini 20 | 21 | [groups] 22 | manager = analyst_role, junior_analyst_role 23 | analyst = analyst_role 24 | jranalyst = junior_analyst_role 25 | admin = admin 26 | 27 | [roles] 28 | analyst_role = server=server1->db=customers->table=purchases->action=select, \ 29 | server=server1->db=analyst1, \ 30 | server=server1->db=jranalyst1->table=*->action=select 31 | junior_analyst_role = server=server1->db=jranalyst1, server=server1->db=customers->table=purchases_partial->action=select 32 | admin = server=server1 33 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-indexer/src/test/java/org/apache/sentry/policy/indexer/IndexerPolicyFileBackend.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.indexer; 18 | 19 | import java.io.IOException; 20 | 21 | import org.apache.hadoop.conf.Configuration; 22 | import org.apache.sentry.provider.file.SimpleFileProviderBackend; 23 | 24 | public class IndexerPolicyFileBackend extends SimpleIndexerPolicyEngine { 25 | public IndexerPolicyFileBackend(String resource) throws IOException{ 26 | super(new SimpleFileProviderBackend(new Configuration(), resource)); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-indexer/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-indexer/src/test/resources/test-authz-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | manager = analyst_role, junior_analyst_role 20 | analyst = analyst_role 21 | jranalyst = junior_analyst_role 22 | admin = admin 23 | 24 | [roles] 25 | analyst_role = indexer=purchases->action=write, \ 26 | indexer=analyst1, \ 27 | indexer=jranalyst1->action=*, \ 28 | indexer=tmpindexer->action=write, \ 29 | indexer=tmpindexer->action=read 30 | junior_analyst_role = indexer=jranalyst1, indexer=purchases_partial->action=read 31 | admin = indexer=* 32 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-kafka/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-search/src/test/java/org/apache/sentry/policy/search/SearchPolicyFileBackend.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.search; 18 | 19 | import java.io.IOException; 20 | 21 | import org.apache.hadoop.conf.Configuration; 22 | import org.apache.sentry.provider.file.SimpleFileProviderBackend; 23 | 24 | public class SearchPolicyFileBackend extends SimpleSearchPolicyEngine { 25 | public SearchPolicyFileBackend(String resource) throws IOException{ 26 | super(new SimpleFileProviderBackend(new Configuration(), resource)); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-search/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-search/src/test/resources/test-authz-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | manager = analyst_role, junior_analyst_role 20 | analyst = analyst_role 21 | jranalyst = junior_analyst_role 22 | admin = admin 23 | 24 | [roles] 25 | analyst_role = collection=purchases->action=update, \ 26 | collection=analyst1, \ 27 | collection=jranalyst1->action=*, \ 28 | collection=tmpcollection->action=update, \ 29 | collection=tmpcollection->action=query 30 | junior_analyst_role = collection=jranalyst1, collection=purchases_partial->action=query 31 | admin = collection=* 32 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-sqoop/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-cache/src/main/java/org/apache/sentry/provider/cache/PrivilegeCache.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.provider.cache; 19 | 20 | import java.util.Set; 21 | 22 | import org.apache.sentry.core.common.ActiveRoleSet; 23 | 24 | public interface PrivilegeCache { 25 | /** 26 | * Get the privileges for the give set of groups with the give active roles 27 | * from the cache 28 | */ 29 | Set listPrivileges(Set groups, 30 | ActiveRoleSet roleSet); 31 | 32 | void close(); 33 | } 34 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-cache/src/test/resources/test-authz-provider-local-group-mapping.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | manager = analyst_role, junior_analyst_role, functions 20 | analyst = analyst_role 21 | jranalyst = junior_analyst_role 22 | admin = admin 23 | 24 | [roles] 25 | analyst_role = server=server1->db=customers->table=purchases->select, server=server1->db=analyst1, \ 26 | server=server1->db=jranalyst1->table=*->select 27 | junior_analyst_role = server=server1->db=jranalyst1 28 | functions = server=server1->functions 29 | admin = server=server1 30 | 31 | [users] 32 | foo = admin,analyst 33 | bar = jranalyst 34 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationComponent.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.provider.common; 18 | /** 19 | * Represent which component being authorized by Sentry 20 | * using generic model 21 | */ 22 | public class AuthorizationComponent{ 23 | public static final String Search = "solr"; 24 | public static final String SQOOP = "sqoop"; 25 | public static final String KAFKA = "kafka"; 26 | } 27 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.provider.common; 18 | 19 | import java.util.Set; 20 | 21 | import javax.annotation.concurrent.ThreadSafe; 22 | 23 | /** 24 | * Interface so the Groups class is easier to unit test with. 25 | * Implementations of this class are expected to be thread safe 26 | * after construction. 27 | */ 28 | @ThreadSafe 29 | public interface GroupMappingService { 30 | 31 | /** 32 | * @return non-null list of groups for user 33 | */ 34 | Set getGroups(String user); 35 | } 36 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.provider.common; 18 | 19 | import java.util.HashSet; 20 | import java.util.Set; 21 | 22 | /** 23 | * GroupMappingService that always returns an empty list of groups 24 | */ 25 | public class NoGroupMappingService implements GroupMappingService { 26 | 27 | /** 28 | * @return empty list of groups for every user 29 | */ 30 | public Set getGroups(String user) { 31 | return new HashSet(); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/generic/service/thrift/TSentryGrantOption.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Autogenerated by Thrift Compiler (0.9.0) 3 | * 4 | * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING 5 | * @generated 6 | */ 7 | package org.apache.sentry.provider.db.generic.service.thrift; 8 | 9 | 10 | import java.util.Map; 11 | import java.util.HashMap; 12 | import org.apache.thrift.TEnum; 13 | 14 | public enum TSentryGrantOption implements org.apache.thrift.TEnum { 15 | TRUE(1), 16 | FALSE(0), 17 | UNSET(-1); 18 | 19 | private final int value; 20 | 21 | private TSentryGrantOption(int value) { 22 | this.value = value; 23 | } 24 | 25 | /** 26 | * Get the integer value of this enum value, as defined in the Thrift IDL. 27 | */ 28 | public int getValue() { 29 | return value; 30 | } 31 | 32 | /** 33 | * Find a the enum type by its integer value, as defined in the Thrift IDL. 34 | * @return null if the value is not found. 35 | */ 36 | public static TSentryGrantOption findByValue(int value) { 37 | switch (value) { 38 | case 1: 39 | return TRUE; 40 | case 0: 41 | return FALSE; 42 | case -1: 43 | return UNSET; 44 | default: 45 | return null; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/gen/thrift/gen-javabean/org/apache/sentry/provider/db/service/thrift/TSentryGrantOption.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Autogenerated by Thrift Compiler (0.9.0) 3 | * 4 | * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING 5 | * @generated 6 | */ 7 | package org.apache.sentry.provider.db.service.thrift; 8 | 9 | 10 | import java.util.Map; 11 | import java.util.HashMap; 12 | import org.apache.thrift.TEnum; 13 | 14 | public enum TSentryGrantOption implements org.apache.thrift.TEnum { 15 | TRUE(1), 16 | FALSE(0), 17 | UNSET(-1); 18 | 19 | private final int value; 20 | 21 | private TSentryGrantOption(int value) { 22 | this.value = value; 23 | } 24 | 25 | /** 26 | * Get the integer value of this enum value, as defined in the Thrift IDL. 27 | */ 28 | public int getValue() { 29 | return value; 30 | } 31 | 32 | /** 33 | * Find a the enum type by its integer value, as defined in the Thrift IDL. 34 | * @return null if the value is not found. 35 | */ 36 | public static TSentryGrantOption findByValue(int value) { 37 | switch (value) { 38 | case 1: 39 | return TRUE; 40 | case 0: 41 | return FALSE; 42 | case -1: 43 | return UNSET; 44 | default: 45 | return null; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryAccessDeniedException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db; 19 | 20 | import org.apache.sentry.SentryUserException; 21 | 22 | public class SentryAccessDeniedException extends SentryUserException { 23 | private static final long serialVersionUID = 2962080655835L; 24 | public SentryAccessDeniedException(String msg) { 25 | super(msg); 26 | } 27 | public SentryAccessDeniedException(String msg, String reason) { 28 | super(msg, reason); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryAlreadyExistsException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db; 19 | 20 | import org.apache.sentry.SentryUserException; 21 | 22 | public class SentryAlreadyExistsException extends SentryUserException { 23 | private static final long serialVersionUID = 1298632655835L; 24 | public SentryAlreadyExistsException(String msg) { 25 | super(msg); 26 | } 27 | public SentryAlreadyExistsException(String msg, String reason) { 28 | super(msg, reason); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryGrantDeniedException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db; 19 | 20 | public class SentryGrantDeniedException extends SentryAccessDeniedException { 21 | private static final long serialVersionUID = 1962330785835L; 22 | public SentryGrantDeniedException(String msg) { 23 | super(msg); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryInvalidInputException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db; 19 | 20 | import org.apache.sentry.SentryUserException; 21 | 22 | public class SentryInvalidInputException extends SentryUserException { 23 | private static final long serialVersionUID = 2962080655835L; 24 | public SentryInvalidInputException(String msg) { 25 | super(msg); 26 | } 27 | public SentryInvalidInputException(String msg, String reason) { 28 | super(msg, reason); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryNoSuchObjectException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db; 19 | 20 | import org.apache.sentry.SentryUserException; 21 | 22 | public class SentryNoSuchObjectException extends SentryUserException { 23 | private static final long serialVersionUID = 2962080655835L; 24 | public SentryNoSuchObjectException(String msg) { 25 | super(msg); 26 | } 27 | public SentryNoSuchObjectException(String msg, String reason) { 28 | super(msg, reason); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/SentryThriftAPIMismatchException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db; 19 | 20 | import org.apache.sentry.SentryUserException; 21 | 22 | public class SentryThriftAPIMismatchException extends SentryUserException { 23 | private static final long serialVersionUID = 7535410604425511738L; 24 | public SentryThriftAPIMismatchException(String msg) { 25 | super(msg); 26 | } 27 | public SentryThriftAPIMismatchException(String msg, String reason) { 28 | super(msg, reason); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/service/thrift/SentryGenericServiceClientFactory.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.generic.service.thrift; 19 | 20 | import org.apache.hadoop.conf.Configuration; 21 | 22 | /** 23 | * SentryGenericServiceClientFactory is a public class for the components which using Generic Model to create sentry client. 24 | */ 25 | public class SentryGenericServiceClientFactory { 26 | 27 | private SentryGenericServiceClientFactory() { 28 | } 29 | 30 | public static SentryGenericServiceClient create(Configuration conf) throws Exception { 31 | return new SentryGenericServiceClientDefaultImpl(conf); 32 | } 33 | 34 | } 35 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/Command.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.generic.tools.command; 19 | 20 | import org.apache.sentry.provider.db.generic.service.thrift.SentryGenericServiceClient; 21 | 22 | /** 23 | * The interface for all admin commands, eg, CreateRoleCmd. 24 | */ 25 | public interface Command { 26 | void execute(SentryGenericServiceClient client, String requestorName) throws Exception; 27 | } 28 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/generic/tools/command/TSentryPrivilegeConvertor.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.generic.tools.command; 19 | 20 | import org.apache.sentry.provider.db.generic.service.thrift.TSentryPrivilege; 21 | 22 | public interface TSentryPrivilegeConvertor { 23 | 24 | /** 25 | * Convert string to privilege 26 | */ 27 | TSentryPrivilege fromString(String privilegeStr) throws Exception; 28 | 29 | /** 30 | * Convert privilege to string 31 | */ 32 | String toString(TSentryPrivilege tSentryPrivilege); 33 | } 34 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.provider.db.log.entity; 20 | 21 | public interface JsonLogEntity { 22 | 23 | String toJsonFormatLog() throws Exception; 24 | 25 | } 26 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/PolicyStoreConstants.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.service.thrift; 19 | 20 | public class PolicyStoreConstants { 21 | public static final String SENTRY_GENERIC_POLICY_NOTIFICATION = "sentry.generic.policy.notification"; 22 | public static final String SENTRY_GENERIC_POLICY_STORE = "sentry.generic.policy.store"; 23 | public static final String SENTRY_GENERIC_POLICY_STORE_DEFAULT = 24 | "org.apache.sentry.provider.db.generic.service.persistent.DelegateSentryStore"; 25 | public static class PolicyStoreServerConfig { 26 | public static final String NOTIFICATION_HANDLERS = "sentry.policy.store.notification.handlers"; 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryConfigurationException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.service.thrift; 19 | 20 | import org.apache.sentry.SentryUserException; 21 | 22 | public class SentryConfigurationException extends SentryUserException { 23 | private static final long serialVersionUID = 1298632655835L; 24 | public SentryConfigurationException(String msg) { 25 | super(msg); 26 | } 27 | public SentryConfigurationException(String msg, Throwable t) { 28 | super(msg, t); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryMetricsServletContextListener.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.service.thrift; 19 | 20 | import com.codahale.metrics.MetricRegistry; 21 | import com.codahale.metrics.servlets.MetricsServlet; 22 | 23 | public class SentryMetricsServletContextListener extends MetricsServlet.ContextListener { 24 | 25 | public static final MetricRegistry METRIC_REGISTRY = new MetricRegistry(); 26 | 27 | @Override 28 | protected MetricRegistry getMetricRegistry() { 29 | return METRIC_REGISTRY; 30 | } 31 | 32 | } 33 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/service/thrift/SentryProcessorWrapper.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.provider.db.service.thrift; 20 | 21 | import org.apache.thrift.TException; 22 | import org.apache.thrift.protocol.TProtocol; 23 | 24 | public class SentryProcessorWrapper extends 25 | SentryPolicyService.Processor { 26 | 27 | public SentryProcessorWrapper(I iface) { 28 | super(iface); 29 | } 30 | 31 | @Override 32 | public boolean process(TProtocol in, TProtocol out) throws TException { 33 | ThriftUtil.setIpAddress(in); 34 | ThriftUtil.setImpersonator(in); 35 | return super.process(in, out); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/Command.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.tools.command.hive; 19 | 20 | import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient; 21 | 22 | /** 23 | * The interface for all admin commands, eg, CreateRoleCmd. 24 | */ 25 | public interface Command { 26 | void execute(SentryPolicyServiceClient client, String requestorName) throws Exception; 27 | } 28 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/CreateRoleCmd.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.tools.command.hive; 19 | 20 | import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient; 21 | 22 | /** 23 | * The class for admin command to create role. 24 | */ 25 | public class CreateRoleCmd implements Command { 26 | 27 | private String roleName; 28 | 29 | public CreateRoleCmd(String roleName) { 30 | this.roleName = roleName; 31 | } 32 | 33 | @Override 34 | public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception { 35 | client.createRole(requestorName, roleName); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/provider/db/tools/command/hive/DropRoleCmd.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.tools.command.hive; 19 | 20 | import org.apache.sentry.provider.db.service.thrift.SentryPolicyServiceClient; 21 | 22 | /** 23 | * The class for admin command to drop role. 24 | */ 25 | public class DropRoleCmd implements Command { 26 | 27 | private String roleName; 28 | 29 | public DropRoleCmd(String roleName) { 30 | this.roleName = roleName; 31 | } 32 | 33 | @Override 34 | public void execute(SentryPolicyServiceClient client, String requestorName) throws Exception { 35 | client.dropRole(requestorName, roleName); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/ProcessorFactory.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.service.thrift; 19 | 20 | import org.apache.hadoop.conf.Configuration; 21 | import org.apache.thrift.TMultiplexedProcessor; 22 | 23 | public abstract class ProcessorFactory { 24 | protected final Configuration conf; 25 | 26 | public ProcessorFactory(Configuration conf) { 27 | this.conf = conf; 28 | } 29 | 30 | public abstract boolean register(TMultiplexedProcessor processor) throws Exception; 31 | } 32 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.service.thrift; 20 | import org.apache.hadoop.conf.Configuration; 21 | 22 | public class SentryServiceFactory { 23 | 24 | public SentryService create(Configuration conf) throws Exception { 25 | SentryService server = new SentryService(conf); 26 | return server; 27 | } 28 | 29 | } -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN WITH_GRANT_OPTION CHAR(1) NOT NULL DEFAULT 'N'; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD `WITH_GRANT_OPTION` CHAR(1) NOT NULL DEFAULT 'N'; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD WITH_GRANT_OPTION CHAR(1) DEFAULT 'N' NOT NULL; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD COLUMN "WITH_GRANT_OPTION" CHAR(1) NOT NULL DEFAULT 'N'; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | DROP INDEX SENTRYPRIVILEGENAME; 3 | CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME",URI,"ACTION",WITH_GRANT_OPTION); 4 | 5 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP COLUMN PRIVILEGE_NAME; 6 | 7 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN DB_NAME SET DEFAULT '__NULL__'; 8 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN TABLE_NAME SET DEFAULT '__NULL__'; 9 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN URI SET DEFAULT '__NULL__'; 10 | 11 | UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null; 12 | UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null; 13 | UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null; 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP INDEX `SENTRY_DB_PRIV_PRIV_NAME_UNIQ`; 3 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`); 4 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP `PRIVILEGE_NAME`; 5 | 6 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN DB_NAME SET DEFAULT '__NULL__'; 7 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN TABLE_NAME SET DEFAULT '__NULL__'; 8 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN URI SET DEFAULT '__NULL__'; 9 | 10 | UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null; 11 | UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null; 12 | UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null; 13 | 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" DROP INDEX; 3 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","URI","ACTION","WITH_GRANT_OPTION"); 4 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP COLUMN PRIVILEGE_NAME; 5 | 6 | ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY DB_NAME DEFAULT '__NULL__'; 7 | ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY TABLE_NAME DEFAULT '__NULL__'; 8 | ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY URI DEFAULT '__NULL__'; 9 | 10 | UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null; 11 | UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null; 12 | UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null; 13 | 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ"; 3 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","URI", "ACTION","WITH_GRANT_OPTION"); 4 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP COLUMN "PRIVILEGE_NAME"; 5 | 6 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "DB_NAME" SET DEFAULT '__NULL__'; 7 | AlTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "TABLE_NAME" SET DEFAULT '__NULL__'; 8 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "URI" SET DEFAULT '__NULL__'; 9 | 10 | UPDATE "SENTRY_DB_PRIVILEGE" SET "DB_NAME" = DEFAULT where "DB_NAME" is null; 11 | UPDATE "SENTRY_DB_PRIVILEGE" SET "TABLE_NAME" = DEFAULT where "TABLE_NAME" is null; 12 | UPDATE "SENTRY_DB_PRIVILEGE" SET "URI" = DEFAULT where "URI" is null; 13 | 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP GRANTOR_PRINCIPAL; 3 | ALTER TABLE SENTRY_ROLE DROP GRANTOR_PRINCIPAL; 4 | ALTER TABLE SENTRY_GROUP DROP GRANTOR_PRINCIPAL; 5 | 6 | ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD GRANTOR_PRINCIPAL VARCHAR(128); 7 | ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD GRANTOR_PRINCIPAL VARCHAR(128); 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP `GRANTOR_PRINCIPAL`; 3 | ALTER TABLE `SENTRY_ROLE` DROP `GRANTOR_PRINCIPAL`; 4 | ALTER TABLE `SENTRY_GROUP` DROP `GRANTOR_PRINCIPAL`; 5 | 6 | ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin; 7 | ALTER TABLE `SENTRY_ROLE_GROUP_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP COLUMN "GRANTOR_PRINCIPAL"; 3 | ALTER TABLE "SENTRY_ROLE" DROP COLUMN "GRANTOR_PRINCIPAL"; 4 | ALTER TABLE "SENTRY_GROUP" DROP COLUMN "GRANTOR_PRINCIPAL"; 5 | 6 | ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" ADD "GRANTOR_PRINCIPAL" VARCHAR2(128); 7 | ALTER TABLE "SENTRY_ROLE_GROUP_MAP" ADD "GRANTOR_PRINCIPAL" VARCHAR2(128); 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP "GRANTOR_PRINCIPAL"; 3 | ALTER TABLE "SENTRY_ROLE" DROP "GRANTOR_PRINCIPAL"; 4 | ALTER TABLE "SENTRY_GROUP" DROP "GRANTOR_PRINCIPAL"; 5 | 6 | ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" ADD "GRANTOR_PRINCIPAL" character varying(128); 7 | ALTER TABLE "SENTRY_ROLE_GROUP_MAP" ADD "GRANTOR_PRINCIPAL" character varying(128); 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN COLUMN_NAME VARCHAR(4000) DEFAULT '__NULL__'; 3 | DROP INDEX SENTRYPRIVILEGENAME; 4 | CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD `COLUMN_NAME` VARCHAR(128) DEFAULT '__NULL__'; 3 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP INDEX `SENTRY_DB_PRIV_PRIV_NAME_UNIQ`; 4 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`COLUMN_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN_NAME VARCHAR2(128) DEFAULT '__NULL__'; 3 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" DROP INDEX; 4 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI","ACTION","WITH_GRANT_OPTION"); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD COLUMN "COLUMN_NAME" character varying(128) DEFAULT '__NULL__'; 3 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ"; 4 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI", "ACTION","WITH_GRANT_OPTION"); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | RUN '001-SENTRY-327.derby.sql'; 2 | RUN '002-SENTRY-339.derby.sql'; 3 | RUN '003-SENTRY-380.derby.sql'; 4 | RUN '004-SENTRY-74.derby.sql'; 5 | RUN '005-SENTRY-398.derby.sql'; 6 | 7 | -- Version update 8 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1; 9 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0' AS ' '; 2 | SOURCE 001-SENTRY-327.mysql.sql; 3 | SOURCE 002-SENTRY-339.mysql.sql; 4 | SOURCE 003-SENTRY-380.mysql.sql; 5 | SOURCE 004-SENTRY-74.mysql.sql; 6 | SOURCE 005-SENTRY-398.mysql.sql; 7 | 8 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1; 9 | SELECT 'Finish upgrading Sentry store schema from 1.4.0 to 1.5.0' AS ' '; 10 | 11 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0' AS ' '; 2 | 3 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; 4 | 5 | SELECT 'Finish upgrading Sentry store schema from 1.5.0 to 1.6.0' AS ' '; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0' AS Status from dual; 2 | @001-SENTRY-327.oracle.sql; 3 | @002-SENTRY-339.oracle.sql; 4 | @003-SENTRY-380.oracle.sql; 5 | @004-SENTRY-74.oracle.sql; 6 | @005-SENTRY-398.oracle.sql; 7 | 8 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1; 9 | SELECT 'Finished upgrading Sentry store schema from 1.4.0 to 1.5.0' AS Status from dual; 10 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0' AS Status from dual; 2 | 3 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; 4 | 5 | SELECT 'Finished upgrading Sentry store schema from 1.5.0 to 1.6.0' AS Status from dual; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0'; 2 | \i 001-SENTRY-327.postgres.sql; 3 | \i 002-SENTRY-339.postgres.sql; 4 | \i 003-SENTRY-380.postgres.sql; 5 | \i 004-SENTRY-74.postgres.sql; 6 | \i 005-SENTRY-398.postgres.sql; 7 | 8 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.5.0', "VERSION_COMMENT"='Sentry release version 1.5.0' WHERE "VER_ID"=1; 9 | SELECT 'Finished upgrading Sentry store schema from 1.4.0 to 1.5.0'; 10 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0'; 2 | 3 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.6.0', "VERSION_COMMENT"='Sentry release version 1.6.0' WHERE "VER_ID"=1; 4 | 5 | SELECT 'Finished upgrading Sentry store schema from 1.5.0 to 1.6.0'; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.db2: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.derby: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.mysql: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.oracle: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.postgres: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/webapp/css/sentry.css: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | /* General styling */ 20 | body { padding-top: 80px; } 21 | .navbar-collapse {margin-top:10px} 22 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/webapp/sentry.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/incubator-sentry/4643f988a5e0ce2b9749e6365edea3a16482de86/sentry-provider/sentry-provider-db/src/main/webapp/sentry.png -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolHAWithoutKerberos.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless createRequired by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.provider.db.service.thrift; 20 | 21 | import org.junit.BeforeClass; 22 | 23 | public class TestSentryServerForPoolHAWithoutKerberos extends TestSentryServerForHaWithoutKerberos { 24 | 25 | @BeforeClass 26 | public static void setup() throws Exception { 27 | kerberos = false; 28 | haEnabled = true; 29 | pooled = true; 30 | beforeSetup(); 31 | setupConf(); 32 | startSentryService(); 33 | afterSetup(); 34 | } 35 | 36 | } -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServerForPoolWithoutKerberos.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless createRequired by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.provider.db.service.thrift; 20 | 21 | import org.junit.BeforeClass; 22 | 23 | public class TestSentryServerForPoolWithoutKerberos extends TestSentryServerWithoutKerberos { 24 | 25 | @BeforeClass 26 | public static void setup() throws Exception { 27 | kerberos = false; 28 | haEnabled = false; 29 | pooled = true; 30 | beforeSetup(); 31 | setupConf(); 32 | startSentryService(); 33 | afterSetup(); 34 | } 35 | 36 | } -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolHAWithKerberos.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless createRequired by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.provider.db.service.thrift; 20 | 21 | import org.junit.BeforeClass; 22 | 23 | public class TestSentryServiceForPoolHAWithKerberos extends TestSentryServiceWithKerberos { 24 | 25 | @BeforeClass 26 | public static void setup() throws Exception { 27 | kerberos = true; 28 | haEnabled = true; 29 | pooled = true; 30 | beforeSetup(); 31 | setupConf(); 32 | startSentryService(); 33 | afterSetup(); 34 | } 35 | 36 | } -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/test/java/org/apache/sentry/provider/db/service/thrift/TestSentryServiceForPoolWithKerberos.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless createRequired by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.provider.db.service.thrift; 20 | 21 | import org.junit.BeforeClass; 22 | 23 | public class TestSentryServiceForPoolWithKerberos extends TestSentryServiceWithKerberos { 24 | 25 | @BeforeClass 26 | public static void setup() throws Exception { 27 | kerberos = true; 28 | haEnabled = false; 29 | pooled = true; 30 | beforeSetup(); 31 | setupConf(); 32 | startSentryService(); 33 | afterSetup(); 34 | } 35 | 36 | } -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | log4j.logger.org.apache.hadoop.metrics2=INFO 33 | log4j.logger.org.apache.directory=INFO 34 | log4j.logger.org.apache.directory.api.ldap.model.entry.AbstractValue=WARN 35 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-file/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-file/src/test/resources/test-authz-provider-local-group-mapping.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | manager = analyst_role, junior_analyst_role, functions 20 | analyst = analyst_role 21 | jranalyst = junior_analyst_role 22 | admin = admin 23 | 24 | [roles] 25 | analyst_role = server=server1->db=customers->table=purchases->select, server=server1->db=analyst1, \ 26 | server=server1->db=jranalyst1->table=*->select 27 | junior_analyst_role = server=server1->db=jranalyst1 28 | functions = server=server1->functions 29 | admin = server=server1 30 | 31 | [users] 32 | foo = admin,analyst 33 | bar = jranalyst 34 | -------------------------------------------------------------------------------- /sentry-solr/pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 19 | 20 | 4.0.0 21 | 22 | 23 | org.apache.sentry 24 | sentry 25 | 1.7.0-incubating-SNAPSHOT 26 | 27 | 28 | sentry-solr 29 | Sentry Solr 30 | pom 31 | 32 | 33 | solr-sentry-handlers 34 | solr-sentry-core 35 | 36 | 37 | 38 | -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/SecureRealTimeGetHandler.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.solr.handler; 19 | 20 | 21 | import org.apache.solr.handler.component.RealTimeGetComponent; 22 | import org.apache.solr.handler.component.SecureRealTimeGetComponent; 23 | 24 | import java.util.ArrayList; 25 | import java.util.List; 26 | 27 | public class SecureRealTimeGetHandler extends RealTimeGetHandler { 28 | @Override 29 | protected List getDefaultComponents() 30 | { 31 | List names = new ArrayList<>(1); 32 | names.add(RealTimeGetComponent.COMPONENT_NAME); 33 | names.add(SecureRealTimeGetComponent.COMPONENT_NAME); 34 | return names; 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/resources/sentry-handlers/sentry/test-authz-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | junit = junit_role 20 | queryOnlyAdmin = queryOnlyAdmin_role 21 | updateOnlyAdmin = updateOnlyAdmin_role 22 | undefinedRoleGroup = undefinedRole 23 | 24 | [roles] 25 | junit_role = collection=admin, collection=collection1, collection=queryCollection->action=query, \ 26 | collection=updateCollection->action=update 27 | queryOnlyAdmin_role = collection=admin->action=query 28 | updateOnlyAdmin_role = collection=admin->action=update 29 | 30 | [users] 31 | junit=junit 32 | queryOnlyAdmin=queryOnlyAdmin 33 | updateOnlyAdmin=updateOnlyAdmin 34 | multiGroupUser=junit, queryOnlyAdmin, updateOnlyAdmin 35 | undefinedRoleUser=undefinedRoleGroup 36 | bogusUser=bogusUserGroup 37 | -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/resources/sentry-handlers/solr/collection1/conf/schema-minimal.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/resources/sentry-handlers/solr/collection1/lib/README: -------------------------------------------------------------------------------- 1 | 17 | 18 | Items under this directory are used by TestConfig.testLibs() 19 | -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/resources/sentry-handlers/solr/collection1/lib/classes/empty-file-main-lib.txt: -------------------------------------------------------------------------------- 1 | 2 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/dbprovider/TestDbPrivilegesAtColumnScope.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.tests.e2e.dbprovider; 19 | 20 | import org.apache.sentry.tests.e2e.hive.TestPrivilegesAtColumnScope; 21 | import org.junit.Before; 22 | import org.junit.BeforeClass; 23 | 24 | public class TestDbPrivilegesAtColumnScope extends TestPrivilegesAtColumnScope { 25 | @Override 26 | @Before 27 | public void setup() throws Exception { 28 | setupAdmin(); 29 | super.setup(); 30 | } 31 | 32 | @BeforeClass 33 | public static void setupTestStaticConfiguration() throws Exception { 34 | useSentryService = true; 35 | TestPrivilegesAtColumnScope.setupTestStaticConfiguration(); 36 | } 37 | 38 | } 39 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hdfs/TestHDFSIntegrationWithHA.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.tests.e2e.hdfs; 19 | 20 | import org.junit.BeforeClass; 21 | 22 | public class TestHDFSIntegrationWithHA extends TestHDFSIntegration { 23 | @BeforeClass 24 | public static void setup() throws Exception { 25 | TestHDFSIntegration.testSentryHA = true; 26 | TestHDFSIntegration.setup(); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/fs/DFS.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.tests.e2e.hive.fs; 18 | 19 | import org.apache.hadoop.fs.FileSystem; 20 | import org.apache.hadoop.fs.Path; 21 | 22 | import java.io.File; 23 | import java.io.IOException; 24 | 25 | public interface DFS { 26 | FileSystem getFileSystem(); 27 | void tearDown() throws Exception; 28 | Path assertCreateDir(String dir) throws Exception; 29 | Path getBaseDir(); 30 | void createBaseDir() throws Exception; 31 | void writePolicyFile(File srcFile) throws IOException; 32 | } 33 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/HiveServer.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.tests.e2e.hive.hiveserver; 19 | 20 | import java.sql.Connection; 21 | 22 | public interface HiveServer { 23 | 24 | void start() throws Exception; 25 | 26 | void shutdown() throws Exception; 27 | 28 | String getURL(); 29 | 30 | String getProperty(String key); 31 | 32 | Connection createConnection(String user, String password) throws Exception; 33 | 34 | } 35 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/core-site-for-sentry-test.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | hadoop.security.group.mapping 23 | org.apache.sentry.tests.e2e.hive.fs.MiniDFS$PseudoGroupMappingService 24 | 25 | 26 | fs.permissions 27 | false 28 | 29 | 30 | fs.permissions.umask-mode 31 | 000 32 | 33 | 34 | 35 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/emp.dat: -------------------------------------------------------------------------------- 1 | 16|john 2 | 17|robert 3 | 18|andrew 4 | 19|katty 5 | 21|tom 6 | 22|tim 7 | 23|james 8 | 24|paul 9 | 27|edward 10 | 29|alan 11 | 31|kerry 12 | 34|terri -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | sentry.root.logger=INFO,console 25 | log4j.rootLogger=${sentry.root.logger} 26 | 27 | log4j.appender.console=org.apache.log4j.ConsoleAppender 28 | log4j.appender.console.target=System.err 29 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 30 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 31 | 32 | log4j.logger.org.apache.hadoop.conf.Configuration=ERROR 33 | log4j.logger.org.apache.sentry=DEBUG 34 | 35 | log4j.category.DataNucleus=ERROR 36 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/sentry-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | foo = all_default 20 | 21 | [roles] 22 | all_default = server=server1->db=default 23 | 24 | [users] 25 | foo = foo 26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.provider 23 | invalid 24 | 25 | 26 | sentry.hive.provider.resource 27 | invalid 28 | 29 | 30 | sentry.hive.server 31 | myHS2 32 | 33 | 34 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/testPolicyImportAdmin.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | admin=adminRole 20 | 21 | [roles] 22 | adminRole=server=server1 23 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/testPolicyImportError.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | group1=roleImport1 20 | [roles] 21 | roleImport1=server->db=db_1 22 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/main/java/org/apache/sentry/tests/e2e/kafka/TestUtils.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.tests.e2e.kafka; 18 | 19 | import java.io.IOException; 20 | import java.net.ServerSocket; 21 | 22 | public class TestUtils { 23 | public static int getFreePort() throws IOException { 24 | synchronized (TestUtils.class) { 25 | ServerSocket serverSocket = new ServerSocket(0); 26 | int port = serverSocket.getLocalPort(); 27 | serverSocket.close(); 28 | return port; 29 | } 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/test.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICxzCCAa+gAwIBAgIEK13qfTANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlzdXBlcnVzZXIw 3 | HhcNMTUxMjE1MjMzNTAzWhcNMTYwMzE0MjMzNTAzWjAUMRIwEAYDVQQDEwlzdXBlcnVzZXIwggEi 4 | MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChGUnirhdFKW6OXbPBqQ1tWEFrxvCHr51uVU9H 5 | V2aqO+Q02a+Vzyb24dzyqnbM5uOeGqAyTFXpCPOK0oxTCvf/0idmHIcgt40797I7rxWDJw9/wYos 6 | UGkqizAb878LaFScIo6Phu6zjdj/J16vd5KiWN5pzOLnwO8DebzO5s+N34VuNZ8s45zemq2bES9Z 7 | z8mMolTkZS4d8wGExC93n5oiNrPGUneKRZJYukv3SiDMajaOTqnI4Xo/LIs3dynq8dTBQPTtUwnA 8 | UZz8kpew6PfxDYYHjg2eHli/6Dopmur/R27xuxn5VnJHnxgL5mbxrRgAidGN6CwJFA7ZxSBn67pr 9 | AgMBAAGjITAfMB0GA1UdDgQWBBTxczVGKoS4NuNIPlS4yJfm8fSj3zANBgkqhkiG9w0BAQsFAAOC 10 | AQEAC4PSVAzUVGqhESIGDpJ6kbHzw/wBUmrjceTDQv9cVPNrHlMWoG67nM45tECWud3osB57nunV 11 | vcwSNXxhf4M+IPK1BoT2awUjEfWN+F7guxFXpU2lQpmHPj+015g9pGvvneRLZj8VfdFo8PuyDeRy 12 | V0HuG7xJ2xZMM8XpgL9BHrgD/4CITzRkaHnyuYb+Yz5GUFYOpLn0ANNm3gfW+eMiE/38zc+o23wJ 13 | V49hAKGqalJUATWVzq7iCqTqxeIQ2RQyJ9O5p82Y5CIG1Tp07zdCPVqkKz7NAbt2K0ZW5/5qc5V/ 14 | y88rnXWj9nZPYwyVj5rxqB8h2WDLDmxr1JuwuMOlYw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/test.keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/incubator-sentry/4643f988a5e0ce2b9749e6365edea3a16482de86/sentry-tests/sentry-tests-kafka/src/test/resources/test.keystore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/test.truststore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/incubator-sentry/4643f988a5e0ce2b9749e6365edea3a16482de86/sentry-tests/sentry-tests-kafka/src/test/resources/test.truststore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user1.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICvzCCAaegAwIBAgIEWaKEszANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDEwV1c2VyMTAeFw0x 3 | NTEyMTUyMzQyNTlaFw0xNjAzMTQyMzQyNTlaMBAxDjAMBgNVBAMTBXVzZXIxMIIBIjANBgkqhkiG 4 | 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDzGn4VvJnROVCC+CR77DfqmF1wkNUrOiaLL9qufoRi9DuZU 5 | epmqebg0YyCQVyuIUe1p7qhnOGNnFN0nJC75C4MbCDX/s2+gxUBb6iaP7pwmdKzprvP3YGQrQXo/ 6 | pv+zV9EH1P5JP+27B6NVGTGJPUP4UqZF2uyhNOHIcB9sMvZTnyfDLs+8o9dCv3bFPpwEGZnk3I1I 7 | xD1cYSz+qb3E3M68L6cFVSo1qnK0QN8eBXXB/ljCHaQ47jLfZrJjjiRKA1YOnY+sRCbQDv4wU+dc 8 | oOenLzLikrMdVyONokbkneS/LnwjmNev2i9I9NA0D3bZvJuN/DkuQ245iXgdnqOvJwIDAQABoyEw 9 | HzAdBgNVHQ4EFgQUfzocV1Og4CsGte7Ux4luCVA3TTYwDQYJKoZIhvcNAQELBQADggEBAEeemqwJ 10 | eY/GahjPesuyJKiIfH4MgMGvZ19441WnKG1CuHrtwMES8Znxc+iS4hutPX6I/Mvb9HMg8M3u9B7W 11 | 1dj4QOvi5iZuWqrV2bhBrFoUV7fXPjjMfu15i/CX5Lfu56cBeyKshq674rQ4AWn1k5saxa6Jhaao 12 | 6ceFfnTldgVSSS0rBFyz1fBj7dLXnS8MmxN0cmDO1jVXu2Tfjw0ofRmLxD1SCMEwrNEcERRUWudm 13 | nIy1Q14xCYmTnGEf9uG8TmHO/y5Elc/jcMN2mGwb8N0FIV7nh1HLyAmR6O7JPrQ3QWR4Vr5tMH/K 14 | 3b9N51c0enX9UZedGYVc+qlLJ/P6B5w= 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user1.keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/incubator-sentry/4643f988a5e0ce2b9749e6365edea3a16482de86/sentry-tests/sentry-tests-kafka/src/test/resources/user1.keystore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user1.truststore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/incubator-sentry/4643f988a5e0ce2b9749e6365edea3a16482de86/sentry-tests/sentry-tests-kafka/src/test/resources/user1.truststore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user2.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICvzCCAaegAwIBAgIEC6qUijANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDEwV1c2VyMjAeFw0x 3 | NTEyMTUyMzQ0MjVaFw0xNjAzMTQyMzQ0MjVaMBAxDjAMBgNVBAMTBXVzZXIyMIIBIjANBgkqhkiG 4 | 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm2vitVj2xApz7ZtaWNcqegodc9nFY+HCcIx2WqoUzQTXZ8q 5 | Fm6H6blKrL+xJXY7ZlEB8nMdfWFfOdS2zX6hutkstkwId5MSceWUb5GUzdClUQAS8DGMtQdU3LlY 6 | EcIgz9fim6/Ad0ZIKwyAc47HJLd/nQOozAaDDnWdLbhRymv/PNEt5IndkeTfbFd1uWgpV9vhfLWN 7 | 3FmXOksVoIKR+l9YBOmAUIjstK2Tq8b/q4Dbcp82X1nPW12fG2FlowgolWEOlaCbSGwN60LjoP69 8 | 1azAFU5IPaxmQ46oZpb7jMCRrHgdx+zhjRxjY9PpTCYWdtBHqnLyuckl/mpOxS64vwIDAQABoyEw 9 | HzAdBgNVHQ4EFgQUHaTI3Xl/CjJLhVCZto5ZJBCTaLUwDQYJKoZIhvcNAQELBQADggEBAEg/SxvT 10 | +NLmh7tWF0QZR2S6wl+UgJIqiS6NlEk3Te6TdPda2t2K8cmFndBcAmZqvLkz7dIkeDwa507SbrTg 11 | NJXcOycpH1s15VjiVRF8dXqflLCEcBUNw8h4AENsdVcNKliR+YXLk1i/x5jVfncQps6Zxj68NFoN 12 | h6tf7KyBHT4DvekYocjdXDQ/tPdvPqokYIM/q0K7NRZvDg6yUYukkFjta9D9623PwydtA/t75AEb 13 | zOJra5A6qp/qo/U1UyLzEkwSlWaLaOa7MrNaFy/OQbkVncP+6jFCIXlWpQ+TqyUmTfwmL+A2oJWW 14 | l3Ziy62zAfuaJ1EwY4zwFlZHJR4lF7E= 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user2.keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/incubator-sentry/4643f988a5e0ce2b9749e6365edea3a16482de86/sentry-tests/sentry-tests-kafka/src/test/resources/user2.keystore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user2.truststore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/incubator-sentry/4643f988a5e0ce2b9749e6365edea3a16482de86/sentry-tests/sentry-tests-kafka/src/test/resources/user2.truststore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | sentry.root.logger=INFO,console 25 | log4j.rootLogger=${sentry.root.logger} 26 | 27 | log4j.appender.console=org.apache.log4j.ConsoleAppender 28 | log4j.appender.console.target=System.err 29 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 30 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 31 | 32 | log4j.logger.org.apache.hadoop.conf.Configuration=ERROR 33 | log4j.logger.org.apache.sentry=DEBUG 34 | 35 | log4j.category.DataNucleus=ERROR 36 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/admin-extra.html: -------------------------------------------------------------------------------- 1 | 17 | 18 | 25 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/admin-extra.menu-bottom.html: -------------------------------------------------------------------------------- 1 | 17 | 18 | 19 | 26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/admin-extra.menu-top.html: -------------------------------------------------------------------------------- 1 | 17 | 18 | 19 | 26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/elevate.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 19 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_ca.txt: -------------------------------------------------------------------------------- 1 | # Set of Catalan contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | d 4 | l 5 | m 6 | n 7 | s 8 | t 9 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_fr.txt: -------------------------------------------------------------------------------- 1 | # Set of French contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | l 4 | m 5 | t 6 | qu 7 | n 8 | s 9 | j 10 | d 11 | c 12 | jusqu 13 | quoiqu 14 | lorsqu 15 | puisqu 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_ga.txt: -------------------------------------------------------------------------------- 1 | # Set of Irish contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | d 4 | m 5 | b 6 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_it.txt: -------------------------------------------------------------------------------- 1 | # Set of Italian contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | c 4 | l 5 | all 6 | dall 7 | dell 8 | nell 9 | sull 10 | coll 11 | pell 12 | gl 13 | agl 14 | dagl 15 | degl 16 | negl 17 | sugl 18 | un 19 | m 20 | t 21 | s 22 | v 23 | d 24 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/hyphenations_ga.txt: -------------------------------------------------------------------------------- 1 | # Set of Irish hyphenations for StopFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | h 4 | n 5 | t 6 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stemdict_nl.txt: -------------------------------------------------------------------------------- 1 | # Set of overrides for the dutch stemmer 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | fiets fiets 4 | bromfiets bromfiets 5 | ei eier 6 | kind kinder 7 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_el.txt: -------------------------------------------------------------------------------- 1 | # Lucene Greek Stopwords list 2 | # Note: by default this file is used after GreekLowerCaseFilter, 3 | # so when modifying this file use 'σ' instead of 'ς' 4 | ο 5 | η 6 | το 7 | οι 8 | τα 9 | του 10 | τησ 11 | των 12 | τον 13 | την 14 | και 15 | κι 16 | κ 17 | ειμαι 18 | εισαι 19 | ειναι 20 | ειμαστε 21 | ειστε 22 | στο 23 | στον 24 | στη 25 | στην 26 | μα 27 | αλλα 28 | απο 29 | για 30 | προσ 31 | με 32 | σε 33 | ωσ 34 | παρα 35 | αντι 36 | κατα 37 | μετα 38 | θα 39 | να 40 | δε 41 | δεν 42 | μη 43 | μην 44 | επι 45 | ενω 46 | εαν 47 | αν 48 | τοτε 49 | που 50 | πωσ 51 | ποιοσ 52 | ποια 53 | ποιο 54 | ποιοι 55 | ποιεσ 56 | ποιων 57 | ποιουσ 58 | αυτοσ 59 | αυτη 60 | αυτο 61 | αυτοι 62 | αυτων 63 | αυτουσ 64 | αυτεσ 65 | αυτα 66 | εκεινοσ 67 | εκεινη 68 | εκεινο 69 | εκεινοι 70 | εκεινεσ 71 | εκεινα 72 | εκεινων 73 | εκεινουσ 74 | οπωσ 75 | ομωσ 76 | ισωσ 77 | οσο 78 | οτι 79 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_en.txt: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | # a couple of test stopwords to test that the words are really being 17 | # configured from this file: 18 | stopworda 19 | stopwordb 20 | 21 | # Standard english stop words taken from Lucene's StopAnalyzer 22 | a 23 | an 24 | and 25 | are 26 | as 27 | at 28 | be 29 | but 30 | by 31 | for 32 | if 33 | in 34 | into 35 | is 36 | it 37 | no 38 | not 39 | of 40 | on 41 | or 42 | such 43 | that 44 | the 45 | their 46 | then 47 | there 48 | these 49 | they 50 | this 51 | to 52 | was 53 | will 54 | with 55 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_eu.txt: -------------------------------------------------------------------------------- 1 | # example set of basque stopwords 2 | al 3 | anitz 4 | arabera 5 | asko 6 | baina 7 | bat 8 | batean 9 | batek 10 | bati 11 | batzuei 12 | batzuek 13 | batzuetan 14 | batzuk 15 | bera 16 | beraiek 17 | berau 18 | berauek 19 | bere 20 | berori 21 | beroriek 22 | beste 23 | bezala 24 | da 25 | dago 26 | dira 27 | ditu 28 | du 29 | dute 30 | edo 31 | egin 32 | ere 33 | eta 34 | eurak 35 | ez 36 | gainera 37 | gu 38 | gutxi 39 | guzti 40 | haiei 41 | haiek 42 | haietan 43 | hainbeste 44 | hala 45 | han 46 | handik 47 | hango 48 | hara 49 | hari 50 | hark 51 | hartan 52 | hau 53 | hauei 54 | hauek 55 | hauetan 56 | hemen 57 | hemendik 58 | hemengo 59 | hi 60 | hona 61 | honek 62 | honela 63 | honetan 64 | honi 65 | hor 66 | hori 67 | horiei 68 | horiek 69 | horietan 70 | horko 71 | horra 72 | horrek 73 | horrela 74 | horretan 75 | horri 76 | hortik 77 | hura 78 | izan 79 | ni 80 | noiz 81 | nola 82 | non 83 | nondik 84 | nongo 85 | nor 86 | nora 87 | ze 88 | zein 89 | zen 90 | zenbait 91 | zenbat 92 | zer 93 | zergatik 94 | ziren 95 | zituen 96 | zu 97 | zuek 98 | zuen 99 | zuten 100 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_ga.txt: -------------------------------------------------------------------------------- 1 | 2 | a 3 | ach 4 | ag 5 | agus 6 | an 7 | aon 8 | ar 9 | arna 10 | as 11 | b' 12 | ba 13 | beirt 14 | bhúr 15 | caoga 16 | ceathair 17 | ceathrar 18 | chomh 19 | chtó 20 | chuig 21 | chun 22 | cois 23 | céad 24 | cúig 25 | cúigear 26 | d' 27 | daichead 28 | dar 29 | de 30 | deich 31 | deichniúr 32 | den 33 | dhá 34 | do 35 | don 36 | dtí 37 | dá 38 | dár 39 | dó 40 | faoi 41 | faoin 42 | faoina 43 | faoinár 44 | fara 45 | fiche 46 | gach 47 | gan 48 | go 49 | gur 50 | haon 51 | hocht 52 | i 53 | iad 54 | idir 55 | in 56 | ina 57 | ins 58 | inár 59 | is 60 | le 61 | leis 62 | lena 63 | lenár 64 | m' 65 | mar 66 | mo 67 | mé 68 | na 69 | nach 70 | naoi 71 | naonúr 72 | ná 73 | ní 74 | níor 75 | nó 76 | nócha 77 | ocht 78 | ochtar 79 | os 80 | roimh 81 | sa 82 | seacht 83 | seachtar 84 | seachtó 85 | seasca 86 | seisear 87 | siad 88 | sibh 89 | sinn 90 | sna 91 | sé 92 | sí 93 | tar 94 | thar 95 | thú 96 | triúr 97 | trí 98 | trína 99 | trínár 100 | tríocha 101 | tú 102 | um 103 | ár 104 | é 105 | éis 106 | í 107 | ó 108 | ón 109 | óna 110 | ónár 111 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_hy.txt: -------------------------------------------------------------------------------- 1 | # example set of Armenian stopwords. 2 | այդ 3 | այլ 4 | այն 5 | այս 6 | դու 7 | դուք 8 | եմ 9 | են 10 | ենք 11 | ես 12 | եք 13 | է 14 | էի 15 | էին 16 | էինք 17 | էիր 18 | էիք 19 | էր 20 | ըստ 21 | թ 22 | ի 23 | ին 24 | իսկ 25 | իր 26 | կամ 27 | համար 28 | հետ 29 | հետո 30 | մենք 31 | մեջ 32 | մի 33 | ն 34 | նա 35 | նաև 36 | նրա 37 | նրանք 38 | որ 39 | որը 40 | որոնք 41 | որպես 42 | ու 43 | ում 44 | պիտի 45 | վրա 46 | և 47 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_th.txt: -------------------------------------------------------------------------------- 1 | # Thai stopwords from: 2 | # "Opinion Detection in Thai Political News Columns 3 | # Based on Subjectivity Analysis" 4 | # Khampol Sukhum, Supot Nitsuwat, and Choochart Haruechaiyasak 5 | ไว้ 6 | ไม่ 7 | ไป 8 | ได้ 9 | ให้ 10 | ใน 11 | โดย 12 | แห่ง 13 | แล้ว 14 | และ 15 | แรก 16 | แบบ 17 | แต่ 18 | เอง 19 | เห็น 20 | เลย 21 | เริ่ม 22 | เรา 23 | เมื่อ 24 | เพื่อ 25 | เพราะ 26 | เป็นการ 27 | เป็น 28 | เปิดเผย 29 | เปิด 30 | เนื่องจาก 31 | เดียวกัน 32 | เดียว 33 | เช่น 34 | เฉพาะ 35 | เคย 36 | เข้า 37 | เขา 38 | อีก 39 | อาจ 40 | อะไร 41 | ออก 42 | อย่าง 43 | อยู่ 44 | อยาก 45 | หาก 46 | หลาย 47 | หลังจาก 48 | หลัง 49 | หรือ 50 | หนึ่ง 51 | ส่วน 52 | ส่ง 53 | สุด 54 | สําหรับ 55 | ว่า 56 | วัน 57 | ลง 58 | ร่วม 59 | ราย 60 | รับ 61 | ระหว่าง 62 | รวม 63 | ยัง 64 | มี 65 | มาก 66 | มา 67 | พร้อม 68 | พบ 69 | ผ่าน 70 | ผล 71 | บาง 72 | น่า 73 | นี้ 74 | นํา 75 | นั้น 76 | นัก 77 | นอกจาก 78 | ทุก 79 | ที่สุด 80 | ที่ 81 | ทําให้ 82 | ทํา 83 | ทาง 84 | ทั้งนี้ 85 | ทั้ง 86 | ถ้า 87 | ถูก 88 | ถึง 89 | ต้อง 90 | ต่างๆ 91 | ต่าง 92 | ต่อ 93 | ตาม 94 | ตั้งแต่ 95 | ตั้ง 96 | ด้าน 97 | ด้วย 98 | ดัง 99 | ซึ่ง 100 | ช่วง 101 | จึง 102 | จาก 103 | จัด 104 | จะ 105 | คือ 106 | ความ 107 | ครั้ง 108 | คง 109 | ขึ้น 110 | ของ 111 | ขอ 112 | ขณะ 113 | ก่อน 114 | ก็ 115 | การ 116 | กับ 117 | กัน 118 | กว่า 119 | กล่าว 120 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/userdict_ja.txt: -------------------------------------------------------------------------------- 1 | # 2 | # This is a sample user dictionary for Kuromoji (JapaneseTokenizer) 3 | # 4 | # Add entries to this file in order to override the statistical model in terms 5 | # of segmentation, readings and part-of-speech tags. Notice that entries do 6 | # not have weights since they are always used when found. This is by-design 7 | # in order to maximize ease-of-use. 8 | # 9 | # Entries are defined using the following CSV format: 10 | # , ... , ... , 11 | # 12 | # Notice that a single half-width space separates tokens and readings, and 13 | # that the number tokens and readings must match exactly. 14 | # 15 | # Also notice that multiple entries with the same is undefined. 16 | # 17 | # Whitespace only lines are ignored. Comments are not allowed on entry lines. 18 | # 19 | 20 | # Custom segmentation for kanji compounds 21 | 日本経済新聞,日本 経済 新聞,ニホン ケイザイ シンブン,カスタム名詞 22 | 関西国際空港,関西 国際 空港,カンサイ コクサイ クウコウ,カスタム名詞 23 | 24 | # Custom segmentation for compound katakana 25 | トートバッグ,トート バッグ,トート バッグ,かずカナ名詞 26 | ショルダーバッグ,ショルダー バッグ,ショルダー バッグ,かずカナ名詞 27 | 28 | # Custom reading for former sumo wrestler 29 | 朝青龍,朝青龍,アサショウリュウ,カスタム人名 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/protwords.txt: -------------------------------------------------------------------------------- 1 | # The ASF licenses this file to You under the Apache License, Version 2.0 2 | # (the "License"); you may not use this file except in compliance with 3 | # the License. You may obtain a copy of the License at 4 | # 5 | # http://www.apache.org/licenses/LICENSE-2.0 6 | # 7 | # Unless required by applicable law or agreed to in writing, software 8 | # distributed under the License is distributed on an "AS IS" BASIS, 9 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 10 | # See the License for the specific language governing permissions and 11 | # limitations under the License. 12 | 13 | #----------------------------------------------------------------------- 14 | # Use a protected word file to protect against the stemmer reducing two 15 | # unrelated words to the same base word. 16 | 17 | # Some non-words that normally won't be encountered, 18 | # just to test that they won't be stemmed. 19 | dontstems 20 | zwhacky 21 | 22 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/scripts.conf: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | user= 17 | solr_hostname=localhost 18 | solr_port=8983 19 | rsyncd_port=18983 20 | data_dir= 21 | webapp_name=solr 22 | master_host= 23 | master_data_dir= 24 | master_status_dir= 25 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/spellings.txt: -------------------------------------------------------------------------------- 1 | pizza 2 | history 3 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/stopwords.txt: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/synonyms.txt: -------------------------------------------------------------------------------- 1 | # The ASF licenses this file to You under the Apache License, Version 2.0 2 | # (the "License"); you may not use this file except in compliance with 3 | # the License. You may obtain a copy of the License at 4 | # 5 | # http://www.apache.org/licenses/LICENSE-2.0 6 | # 7 | # Unless required by applicable law or agreed to in writing, software 8 | # distributed under the License is distributed on an "AS IS" BASIS, 9 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 10 | # See the License for the specific language governing permissions and 11 | # limitations under the License. 12 | 13 | #----------------------------------------------------------------------- 14 | #some test synonym mappings unlikely to appear in real input text 15 | aaafoo => aaabar 16 | bbbfoo => bbbfoo bbbbar 17 | cccfoo => cccbar cccbaz 18 | fooaaa,baraaa,bazaaa 19 | 20 | # Some synonym groups specific to this example 21 | GB,gib,gigabyte,gigabytes 22 | MB,mib,megabyte,megabytes 23 | Television, Televisions, TV, TVs 24 | #notice we use "gib" instead of "GiB" so any WordDelimiterFilter coming 25 | #after us won't split it into two words. 26 | 27 | # Synonym mappings can be used for spelling correction too 28 | pixima => pixma 29 | 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/browse.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Main entry point into the /browse templates 3 | *# 4 | 5 | #set($searcher = $request.searcher) 6 | #set($params = $request.params) 7 | #set($clusters = $response.response.clusters) 8 | #set($mltResults = $response.response.get("moreLikeThis")) 9 | #set($annotate = $params.get("annotateBrowse")) 10 | #parse('query_form.vm') 11 | #parse('did_you_mean.vm') 12 | 13 |

14 | #parse("facets.vm") 15 |
16 | 17 | 20 | 21 | ## Show Error Message, if any 22 |
23 | #parse("error.vm") 24 |
25 | 26 | ## Render Results, actual matching docs 27 |
28 | #parse("results_list.vm") 29 |
30 | 31 | 34 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/cluster.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Check if Clustering is Enabled and then 3 | * call cluster_results.vm 4 | *# 5 | 6 |

7 | Clusters 8 |

9 | 10 | ## Div tag has placeholder text by default 11 |
12 | Run Solr with java -Dsolr.clustering.enabled=true -jar start.jar to see results 13 |
14 | 15 | ## Replace the div content *if* Carrot^2 is available 16 | 20 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/cluster_results.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Actual rendering of Clusters 3 | *# 4 | 5 | ## For each cluster 6 | #foreach ($clusters in $response.response.clusters) 7 | 8 | #set($labels = $clusters.get('labels')) 9 | #set($docs = $clusters.get('docs')) 10 | 11 | ## This Cluster's Heading 12 |

13 | #foreach ($label in $labels) 14 | ## Keep the following line together to prevent 15 | ## a space appearing before each comma 16 | $label#if( $foreach.hasNext ),#end 17 | #end 18 |

19 | 20 | ## This Cluster's Documents 21 |
    22 | ## For each doc in this cluster 23 | #foreach ($cluDoc in $docs) 24 |
  1. 25 | 26 | $cluDoc 27 |
    2. 28 | #end 29 |
30 | 31 | #end ## end for each Cluster 32 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/debug.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Show Debugging Information, if enabled 3 | *# 4 | 5 | #if( $params.getBool("debugQuery",false) ) 6 | 7 | toggle explain 8 | 9 | 
10 |     $response.getExplainMap().get($doc.getFirstValue('id'))
11 |
12 | 13 | 14 | toggle all fields 15 | 16 | 17 | #foreach($fieldname in $doc.fieldNames) 18 |
19 | $fieldname : 20 | 21 | #foreach($value in $doc.getFieldValues($fieldname)) 22 | $esc.html($value) 23 | #end 24 | 25 |
26 | #end 27 | 28 | #end 29 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/did_you_mean.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Hyperlinked spelling suggestions in results list 3 | *# 4 | 5 | #set($dym = $response.response.spellcheck.suggestions.collation.collationQuery) 6 | #if($dym) 7 | Did you mean 8 | $esc.html($dym)? 9 | #end 10 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/error.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Show Error Message, if any 3 | *# 4 | 5 | ## Show Error Message, if any 6 | ## Usually rendered inside div class=error 7 | 8 | #if( $response.response.error.code ) 9 |

ERROR $response.response.error.code

10 | $response.response.error.msg 11 | #end 12 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_fields.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display facets based on field values 3 | * e.g.: fields specified by &facet.field= 4 | *# 5 | 6 | #if($response.facetFields) 7 |

8 | Field Facets 9 |

10 | #foreach($field in $response.facetFields) 11 | ## Hide facets without value 12 | #if($field.values.size() > 0) 13 | $field.name 14 |
    15 | #foreach($facet in $field.values) 16 |
  • 17 | $facet.name ($facet.count) 18 |
    • 19 | #end 20 |
21 | #end ## end if > 0 22 | #end ## end for each facet field 23 | #end ## end if response has facet fields 24 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_pivot.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display Pivot-Based Facets 3 | * e.g.: facets specified by &facet.pivot= 4 | *# 5 | 6 |

7 | Pivot Facets 8 |

9 | 10 | #set($pivot = $response.response.facet_counts.facet_pivot) 11 | 12 | #display_facet_pivot($pivot, "") 13 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_queries.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display facets based on specific facet queries 3 | * e.g.: facets specified by &facet.query= 4 | *# 5 | 6 | #set($field = $response.response.facet_counts.facet_queries) 7 | 8 |

9 | Query Facets 10 |

11 | 12 | #display_facet_query($field, "", "") 13 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_ranges.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display facets based on ranges of values, AKA "Bukets" 3 | * e.g.: ranges specified by &facet.range= 4 | *# 5 | 6 |

7 | Range Facets 8 |

9 | 10 | #foreach ($field in $response.response.facet_counts.facet_ranges) 11 | ## Hide facets without value 12 | #if($field.value.counts.size() > 0) 13 | #set($name = $field.key) 14 | #set($display = $name) 15 | #set($f = $field.value.counts) 16 | #set($start = $field.value.start) 17 | #set($end = $field.value.end) 18 | #set($gap = $field.value.gap) 19 | #set($before = $field.value.before) 20 | #set($after = $field.value.after) 21 | #display_facet_range($f, $display, $name, $start, $end, $gap, $before, $after) 22 | #end ## end if has any values 23 | #end ## end for each facet range 24 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facets.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Overall Facet display block 3 | * Invokes the 4 facet and 1 cluster template 4 | *# 5 | 6 | #parse('facet_fields.vm') 7 | #parse('facet_queries.vm') 8 | #parse('facet_ranges.vm') 9 | #parse('facet_pivot.vm') 10 | #parse('cluster.vm') 11 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/footer.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Render the bottom section of the page visible to users 3 | *# 4 | 5 |
6 |
7 | Options: 8 | 9 | #if($request.params.get('debugQuery')) 10 | 11 | disable debug 12 | #else 13 | 14 | enable debug 15 | #end 16 | - 17 | #if($annotate) 18 | 19 | disable annotation 20 | #else 21 | 22 | enable annotation 23 | #end 24 | - 25 | 26 | XML results 27 | 28 |
29 | 30 |
31 | Generated by VelocityResponseWriter 32 |
33 |
34 | Documentation: 35 | Solr Home Page, 36 | Solr Wiki 37 |
38 |
39 | Disclaimer: 40 | The locations displayed in this demonstration are purely fictional. 41 | It is more than likely that no store with the items listed actually 42 | exists at that location! 43 |
44 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/header.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Render the top section of the page visible to users 3 | *# 4 | 5 | 8 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/hit.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Called for each matching document but then 3 | * calls one of product_doc, join_doc or richtext_doc 4 | * depending on which fields the doc has 5 | *# 6 | 7 | #set($docId = $doc.getFieldValue('id')) 8 | 9 |
10 | 11 | ## Has a "name" field ? 12 | #if($doc.getFieldValue('name')) 13 | #parse("product_doc.vm") 14 | 15 | ## Has a "compName_s" field ? 16 | #elseif($doc.getFieldValue('compName_s')) 17 | #parse("join_doc.vm") 18 | 19 | ## Fallback to richtext_doc 20 | #else 21 | #parse("richtext_doc.vm") 22 | 23 | #end 24 | 25 |
26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/hit_grouped.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display grouped results 3 | *# 4 | 5 |
6 | 7 |
8 | $grouping.key 9 |
10 | 11 |
12 | Total Matches in Group: $grouping.value.matches 13 |
14 | 15 |
## list of groups 16 | 17 | #foreach ($group in $grouping.value.groups) 18 |
19 | #if($group.groupValue)$group.groupValue#{else}No group#end 20 | 21 | ($group.doclist.numFound) 22 | 23 |
24 | 25 |
28 | #foreach ($doc in $group.doclist) 29 | #set($docId = $doc.getFieldValue('id')) 30 | #if($doc.getFieldValue('name')) 31 | #parse("product_doc.vm") 32 | #elseif($doc.getFieldValue('compName_s')) 33 | #parse("join_doc.vm") 34 | #else 35 | #parse("richtext_doc.vm") 36 | #end 37 | #end 38 |
39 | 40 | #end ## end of foreach group in grouping.value.groups 41 |
## div tag for entire list of groups 42 | 43 |
## end of div class=result-document 44 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/hit_plain.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * An extremely plain / debug version of hit.vm 3 | *# 4 | 5 | 6 | ## For each field 7 | #foreach( $fieldName in $doc.fieldNames ) 8 | ## For each value 9 | #foreach( $value in $doc.getFieldValues($fieldName) ) 10 | 11 | ## Field Name 12 | 17 | ## Field Value(s) 18 | 21 | 22 | #end ## end for each value 23 | #end ## end for each field 24 |
13 | #if( $foreach.count == 1 ) 14 | $fieldName: 15 | #end 16 | 19 | $esc.html($value)
20 |
25 |
26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/join_doc.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display documents that are joined to other documents 3 | *# 4 | 5 |
6 | #field('compName_s') 7 |
8 | 9 |
10 | Id: #field('id') 11 | (company-details document for 12 | join 13 | ) 14 |
15 | 16 |
17 | Address: #field('address_s') 18 |
19 | 20 | #parse('debug.vm') 21 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/jquery.autocomplete.css: -------------------------------------------------------------------------------- 1 | .ac_results { 2 | padding: 0px; 3 | border: 1px solid black; 4 | background-color: white; 5 | overflow: hidden; 6 | z-index: 99999; 7 | } 8 | 9 | .ac_results ul { 10 | width: 100%; 11 | list-style-position: outside; 12 | list-style: none; 13 | padding: 0; 14 | margin: 0; 15 | } 16 | 17 | .ac_results li { 18 | margin: 0px; 19 | padding: 2px 5px; 20 | cursor: default; 21 | display: block; 22 | /* 23 | if width will be 100% horizontal scrollbar will apear 24 | when scroll mode will be used 25 | */ 26 | /*width: 100%;*/ 27 | font: menu; 28 | font-size: 12px; 29 | /* 30 | it is very important, if line-height not setted or setted 31 | in relative units scroll will be broken in firefox 32 | */ 33 | line-height: 16px; 34 | overflow: hidden; 35 | } 36 | 37 | .ac_loading { 38 | background: white url('indicator.gif') right center no-repeat; 39 | } 40 | 41 | .ac_odd { 42 | background-color: #eee; 43 | } 44 | 45 | .ac_over { 46 | background-color: #0A246A; 47 | color: white; 48 | } 49 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/layout.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Overall HTML page layout 3 | *# 4 | 5 | 6 | 7 | #parse("head.vm") 8 | 9 | 10 | 11 | 14 |
15 | #parse("tabs.vm") 16 |
17 |
18 | $content 19 |
20 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/pagination_bottom.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Paging and Statistics at bottom of results 3 | *# 4 | 5 | ## Usually rendered in pagination div tag 6 | 7 | #if($response.response.get('grouped')) 8 | ## pass 9 | #else 10 | 11 | #link_to_previous_page("previous") 12 | 13 | $page.results_found 14 | results found. 15 | 16 | Page $page.current_page_number 17 | of $page.page_count 18 | 19 | #link_to_next_page("next") 20 | 21 | #end 22 |
23 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/pagination_top.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Paging and Statistics at top of results 3 | *# 4 | 5 | ## Usually rendered in pagination div tag 6 | 7 | ## Grouped Results / Not Paginated 8 | #if($response.response.get('grouped')) 9 | 10 | 11 | 12 | $response.response.get('grouped').size() group(s) 13 | 14 | found in ${response.responseHeader.QTime} ms 15 | 16 | 17 | ## Regular Results / Use Paging Links if needed 18 | #else 19 | 20 | 21 | $page.results_found 22 | results found in 23 | ${response.responseHeader.QTime} ms 24 | 25 | 26 | Page $page.current_page_number 27 | of $page.page_count 28 | 29 | #end ## end else non-grouped results, normal pagination 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/query_group.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Query settings for grouping by fields, 3 | * e.g.: Manufacturer or Popularity 4 | *# 5 | 6 | #set($queryOpts = $params.get("queryOpts")) 7 | 8 | #if($queryOpts == "group") 9 |
10 | #set($groupF = $request.params.get('group.field')) 11 | 12 | 38 | 39 | 40 | 41 |
42 | 43 | #end 44 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/results_list.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Render the main Results List 3 | *# 4 | 5 | ## Usually displayed inside
6 | 7 | #if($response.response.get('grouped')) 8 | 9 | #foreach($grouping in $response.response.get('grouped')) 10 | #parse("hit_grouped.vm") 11 | #end 12 | 13 | #else 14 | 15 | #foreach($doc in $response.results) 16 | #parse("hit.vm") 17 | ## Can get an extremely simple view of the doc 18 | ## which might be nicer for debugging 19 | ##parse("hit_plain.vm") 20 | #end 21 | 22 | #end 23 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/suggest.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Provides cynamic spelling suggestions 3 | * as you type in the search form 4 | *# 5 | 6 | #foreach($t in $response.response.terms.name) 7 | $t.key 8 | #end 9 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/tabs.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Provides navigation/access to Advanced search options 3 | * Usually displayed near the top of the page 4 | *# 5 | 6 | ##TODO: Make some nice tabs here 7 | 8 | #set($queryOpts = $params.get("queryOpts")) 9 | 10 |
11 | 12 | Type of Search: 13 | 14 | ##queryOpts=$queryOpts 15 | 16 | ## return to Simple Search 17 | ##set( $selected = ($queryOpts && $queryOpts != "") ) 18 | #set( $selected = ! $queryOpts ) 19 | 20 | #if($selected) 21 | Simple 22 | #else 23 | 24 | Simple 25 | #end 26 | 27 | 28 | ## GEO-Spatial / Location Based 29 | #set( $selected = ($queryOpts == "spatial") ) 30 | 31 | #if($selected) 32 | Spatial 33 | #else 34 | 35 | Spatial 36 | #end 37 | 38 | 39 | ## Group By Field 40 | #set( $selected = ($queryOpts == "group") ) 41 | 42 | #if($selected) 43 | Group By 44 | #else 45 | 46 | Group By 47 | #end 48 | 49 | 50 |
51 | --------------------------------------------------------------------------------