├── .gitignore ├── CHANGELOG.txt ├── LICENSE.txt ├── NOTICE.txt ├── README.md ├── README_license.txt ├── bin ├── config_tool ├── run_sentry.sh ├── sentry ├── sentryCli └── sentryShell ├── build-tools └── sentry-pmd-ruleset.xml ├── conf ├── sentry-site.xml.hive-client.example ├── sentry-site.xml.hive-client.template ├── sentry-site.xml.service.example ├── sentry-site.xml.service.template └── sentry-site.xml.solr-client.example ├── dev-support ├── smart-apply-patch.sh └── test-patch.py ├── lombok.config ├── pom.xml ├── sentry-binding ├── pom.xml ├── sentry-binding-hbase-indexer │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── binding │ │ │ └── hbaseindexer │ │ │ ├── authz │ │ │ └── HBaseIndexerAuthzBinding.java │ │ │ └── conf │ │ │ └── HBaseIndexerAuthzConf.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── binding │ │ │ └── hbaseindexer │ │ │ └── TestHBaseIndexerAuthzBinding.java │ │ └── resources │ │ ├── log4j.properties │ │ ├── sentry-site-service.xml │ │ ├── sentry-site.xml │ │ └── test-authz-provider.ini ├── sentry-binding-hive-common │ ├── pom.xml │ └── src │ │ └── main │ │ └── java │ │ └── org │ │ └── apache │ │ ├── hadoop │ │ └── hive │ │ │ ├── SentryHiveConstants.java │ │ │ └── ql │ │ │ └── exec │ │ │ └── SentryHivePrivilegeObjectDesc.java │ │ └── sentry │ │ └── binding │ │ └── hive │ │ ├── SentryIniPolicyFileFormatter.java │ │ ├── SentryOnFailureHook.java │ │ ├── SentryOnFailureHookContext.java │ │ ├── SentryOnFailureHookContextImpl.java │ │ ├── SentryPolicyFileFormatFactory.java │ │ ├── SentryPolicyFileFormatter.java │ │ ├── authz │ │ ├── HiveAuthzBinding.java │ │ └── HiveAuthzPrivileges.java │ │ └── conf │ │ └── InvalidConfigurationException.java ├── sentry-binding-hive-conf │ ├── pom.xml │ └── src │ │ └── main │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── binding │ │ └── hive │ │ └── conf │ │ └── HiveAuthzConf.java ├── sentry-binding-hive-follower │ ├── pom.xml │ └── src │ │ └── main │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── binding │ │ └── metastore │ │ └── messaging │ │ └── json │ │ ├── SentryJSONAddPartitionMessage.java │ │ ├── SentryJSONAlterPartitionMessage.java │ │ ├── SentryJSONAlterTableMessage.java │ │ ├── SentryJSONCreateDatabaseMessage.java │ │ ├── SentryJSONCreateTableMessage.java │ │ ├── SentryJSONDropDatabaseMessage.java │ │ ├── SentryJSONDropPartitionMessage.java │ │ ├── SentryJSONDropTableMessage.java │ │ ├── SentryJSONMessageDeserializer.java │ │ └── SentryJSONMessageFactory.java ├── sentry-binding-hive │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ ├── access │ │ │ └── binding │ │ │ │ └── hive │ │ │ │ └── HiveAuthzBindingSessionHook.java │ │ │ ├── hadoop │ │ │ └── hive │ │ │ │ └── ql │ │ │ │ └── exec │ │ │ │ └── SentryFilterDDLTask.java │ │ │ └── sentry │ │ │ └── binding │ │ │ ├── hive │ │ │ ├── HiveAuthzBindingHook.java │ │ │ ├── HiveAuthzBindingSessionHook.java │ │ │ ├── SentryHiveAuthorizationTaskFactoryImpl.java │ │ │ ├── SentryHivePrivilegeObject.java │ │ │ └── authz │ │ │ │ ├── DefaultSentryAccessController.java │ │ │ │ ├── DefaultSentryValidator.java │ │ │ │ ├── HiveAuthzBindingHookBase.java │ │ │ │ ├── HiveAuthzPrivilegesMap.java │ │ │ │ ├── MetastoreAuthzObjectFilter.java │ │ │ │ ├── SentryConfigTool.java │ │ │ │ ├── SentryHiveAccessController.java │ │ │ │ ├── SentryHiveAuthorizationValidator.java │ │ │ │ ├── SentryHiveAuthorizerFactory.java │ │ │ │ └── SentryHiveAuthorizerImpl.java │ │ │ ├── metastore │ │ │ ├── AuthorizingObjectStore.java │ │ │ ├── AuthorizingObjectStoreBase.java │ │ │ ├── HiveAuthzBindingFactory.java │ │ │ ├── MetastoreAuthzBinding.java │ │ │ ├── MetastoreAuthzBindingBase.java │ │ │ ├── SentryHiveMetaStoreClient.java │ │ │ ├── SentryHmsEvent.java │ │ │ ├── SentryMetaStoreFilterHook.java │ │ │ └── SentrySyncHMSNotificationsPostEventListener.java │ │ │ └── util │ │ │ ├── SentryAuthorizerUtil.java │ │ │ └── SimpleSemanticAnalyzer.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── binding │ │ │ ├── hive │ │ │ │ ├── MockUserToGroupMapping.java │ │ │ │ ├── TestHiveAuthzBindingHookBase.java │ │ │ │ ├── TestHiveAuthzBindings.java │ │ │ │ ├── TestHiveAuthzConf.java │ │ │ │ ├── TestSentryHiveAuthorizationTaskFactory.java │ │ │ │ ├── TestSentryIniPolicyFileFormatter.java │ │ │ │ ├── TestURI.java │ │ │ │ └── authz │ │ │ │ │ └── TestMetastoreAuthzObjectFilter.java │ │ │ └── metastore │ │ │ │ ├── TestSentryMetaStoreFilterHook.java │ │ │ │ └── TestSentrySyncHMSNotificationsPostEventListener.java │ │ │ ├── policy │ │ │ └── hive │ │ │ │ ├── AbstractTestSimplePolicyEngine.java │ │ │ │ ├── DBPolicyTestUtil.java │ │ │ │ ├── TestDBModelAuthorizables.java │ │ │ │ ├── TestDatabaseRequiredInRole.java │ │ │ │ ├── TestPolicyParsingNegative.java │ │ │ │ ├── TestResourceAuthorizationProviderGeneralCases.java │ │ │ │ ├── TestResourceAuthorizationProviderSpecialCases.java │ │ │ │ ├── TestSimpleDBPolicyEngineDFS.java │ │ │ │ └── TestSimpleDBPolicyEngineLocalFS.java │ │ │ └── privilege │ │ │ └── hive │ │ │ └── TestCommonPrivilegeForHive.java │ │ └── resources │ │ ├── hive-policy-test-authz-provider-other-group.ini │ │ ├── hive-policy-test-authz-provider.ini │ │ ├── log4j.properties │ │ ├── log4j2.properties │ │ ├── sentry-deprecated-site.xml │ │ ├── sentry-site.xml │ │ └── test-authz-provider.ini ├── sentry-binding-kafka │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── kafka │ │ │ ├── ConvertUtil.java │ │ │ ├── authorizer │ │ │ └── SentryKafkaAuthorizer.java │ │ │ ├── binding │ │ │ ├── KafkaAuthBinding.java │ │ │ └── KafkaAuthBindingSingleton.java │ │ │ └── conf │ │ │ └── KafkaAuthConf.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── kafka │ │ │ ├── MockGroupMappingServiceProvider.java │ │ │ └── authorizer │ │ │ │ ├── ConvertUtilTest.java │ │ │ │ └── SentryKafkaAuthorizerTest.java │ │ │ ├── policy │ │ │ └── kafka │ │ │ │ ├── AbstractTestKafkaPolicyEngine.java │ │ │ │ ├── KafkaPolicyTestUtil.java │ │ │ │ ├── MockGroupMappingServiceProvider.java │ │ │ │ ├── TestKafkaAuthorizationProviderGeneralCases.java │ │ │ │ ├── TestKafkaAuthorizationProviderSpecialCases.java │ │ │ │ ├── TestKafkaModelAuthorizables.java │ │ │ │ ├── TestKafkaPolicyEngineDFS.java │ │ │ │ ├── TestKafkaPolicyEngineLocalFS.java │ │ │ │ ├── TestKafkaPolicyNegative.java │ │ │ │ └── TestKafkaPrivilegeValidator.java │ │ │ └── privilege │ │ │ └── kafka │ │ │ └── TestKafkaWildcardPrivilege.java │ │ └── resources │ │ ├── core-site.xml │ │ ├── kafka-policy-test-authz-provider.ini │ │ ├── log4j.properties │ │ └── sentry-site.xml ├── sentry-binding-solr │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ ├── sentry │ │ │ └── binding │ │ │ │ └── solr │ │ │ │ ├── authz │ │ │ │ ├── SentrySolrPluginImpl.java │ │ │ │ ├── SolrAuthzBinding.java │ │ │ │ └── SolrAuthzUtil.java │ │ │ │ └── conf │ │ │ │ └── SolrAuthzConf.java │ │ │ └── solr │ │ │ └── sentry │ │ │ ├── AuditLogger.java │ │ │ └── RollingFileWithoutDeleteAppender.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── binding │ │ │ └── solr │ │ │ │ ├── HdfsTestUtil.java │ │ │ │ └── TestSolrAuthzBinding.java │ │ │ ├── policy │ │ │ └── solr │ │ │ │ ├── AbstractTestSolrPolicyEngine.java │ │ │ │ ├── SolrPolicyTestUtil.java │ │ │ │ ├── TestSolrAuthorizationProviderGeneralCases.java │ │ │ │ ├── TestSolrAuthorizationProviderSpecialCases.java │ │ │ │ ├── TestSolrModelAuthorizables.java │ │ │ │ ├── TestSolrPolicyEngineDFS.java │ │ │ │ ├── TestSolrPolicyEngineLocalFS.java │ │ │ │ └── TestSolrPolicyNegative.java │ │ │ └── privilege │ │ │ └── solr │ │ │ └── TestCommonPrivilegeForSolr.java │ │ └── resources │ │ ├── log4j.properties │ │ ├── sentry-site.xml │ │ ├── solr-policy-test-authz-provider.ini │ │ └── test-authz-provider.ini └── sentry-binding-sqoop │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── sqoop │ │ ├── PrincipalDesc.java │ │ ├── SentrySqoopError.java │ │ ├── authz │ │ ├── SentryAccessController.java │ │ ├── SentryAuthorizationHandler.java │ │ └── SentryAuthorizationValidator.java │ │ ├── binding │ │ ├── SqoopAuthBinding.java │ │ └── SqoopAuthBindingSingleton.java │ │ └── conf │ │ └── SqoopAuthConf.java │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ ├── policy │ │ └── sqoop │ │ │ ├── AbstractTestSqoopPolicyEngine.java │ │ │ ├── SqoopPolicyTestUtil.java │ │ │ ├── TestServerNameRequiredMatch.java │ │ │ ├── TestSqoopAuthorizationProviderGeneralCases.java │ │ │ ├── TestSqoopAuthorizationProviderSpecialCases.java │ │ │ ├── TestSqoopModelAuthorizables.java │ │ │ ├── TestSqoopPolicyEngineDFS.java │ │ │ ├── TestSqoopPolicyEngineLocalFS.java │ │ │ └── TestSqoopPolicyNegative.java │ │ ├── privilege │ │ └── sqoop │ │ │ └── TestCommonPrivilegeForSqoop.java │ │ └── sqoop │ │ ├── MockAuthenticationProvider.java │ │ ├── TestSentryAuthorizationHandler.java │ │ └── TestSqoopAuthConf.java │ └── resources │ ├── no-configure-sentry-site.xml │ ├── sentry-site.xml │ ├── sqoop-policy-test-authz-provider.ini │ └── test-authz-provider.ini ├── sentry-core ├── pom.xml ├── sentry-core-common │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── Command.java │ │ │ ├── SentryOwnerInfo.java │ │ │ ├── SentryVersionAnnotation.java │ │ │ ├── SentryVersionInfo.java │ │ │ ├── api │ │ │ └── common │ │ │ │ └── ApiConstants.java │ │ │ ├── core │ │ │ └── common │ │ │ │ ├── Action.java │ │ │ │ ├── ActiveRoleSet.java │ │ │ │ ├── Authorizable.java │ │ │ │ ├── BitFieldAction.java │ │ │ │ ├── BitFieldActionFactory.java │ │ │ │ ├── ImplyMethodType.java │ │ │ │ ├── Model.java │ │ │ │ ├── Resource.java │ │ │ │ ├── Subject.java │ │ │ │ ├── exception │ │ │ │ ├── ConnectionDeniedException.java │ │ │ │ ├── MissingConfigurationException.java │ │ │ │ ├── SentryAccessDeniedException.java │ │ │ │ ├── SentryAlreadyExistsException.java │ │ │ │ ├── SentryConfigurationException.java │ │ │ │ ├── SentryGrantDeniedException.java │ │ │ │ ├── SentryGroupNotFoundException.java │ │ │ │ ├── SentryHdfsServiceException.java │ │ │ │ ├── SentryInvalidHMSEventException.java │ │ │ │ ├── SentryInvalidInputException.java │ │ │ │ ├── SentryNoSuchObjectException.java │ │ │ │ ├── SentrySiteConfigurationException.java │ │ │ │ ├── SentryStandbyException.java │ │ │ │ ├── SentryThriftAPIMismatchException.java │ │ │ │ └── SentryUserException.java │ │ │ │ ├── transport │ │ │ │ ├── RetryClientInvocationHandler.java │ │ │ │ ├── SentryClientInvocationHandler.java │ │ │ │ ├── SentryClientTransportConfigInterface.java │ │ │ │ ├── SentryClientTransportConstants.java │ │ │ │ ├── SentryConnection.java │ │ │ │ ├── SentryHDFSClientTransportConfig.java │ │ │ │ ├── SentryPolicyClientTransportConfig.java │ │ │ │ ├── SentryTransportFactory.java │ │ │ │ ├── SentryTransportPool.java │ │ │ │ ├── TTransportWrapper.java │ │ │ │ └── TransportFactory.java │ │ │ │ ├── utils │ │ │ │ ├── KeyValue.java │ │ │ │ ├── PathUtils.java │ │ │ │ ├── PolicyFileConstants.java │ │ │ │ ├── PolicyFiles.java │ │ │ │ ├── PolicyStoreConstants.java │ │ │ │ ├── PubSub.java │ │ │ │ ├── SentryConstants.java │ │ │ │ ├── SentryUtils.java │ │ │ │ ├── SigUtils.java │ │ │ │ ├── StrictStringTokenizer.java │ │ │ │ ├── ThriftUtil.java │ │ │ │ └── Version.java │ │ │ │ └── validator │ │ │ │ ├── PrivilegeValidator.java │ │ │ │ └── PrivilegeValidatorContext.java │ │ │ └── service │ │ │ └── common │ │ │ ├── SentryOwnerPrivilegeType.java │ │ │ └── ServiceConstants.java │ │ ├── scripts │ │ └── saveVersion.sh │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── common │ │ └── utils │ │ ├── TestKeyValue.java │ │ ├── TestPathUtils.java │ │ └── TestSentryUtils.java ├── sentry-core-model-db │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── db │ │ │ ├── AccessConstants.java │ │ │ ├── AccessURI.java │ │ │ ├── Column.java │ │ │ ├── DBModelAction.java │ │ │ ├── DBModelAuthorizable.java │ │ │ ├── DBModelAuthorizables.java │ │ │ ├── Database.java │ │ │ ├── HiveActionFactory.java │ │ │ ├── HivePrivilegeModel.java │ │ │ ├── Server.java │ │ │ ├── ServerResource.java │ │ │ ├── Table.java │ │ │ ├── TableOrView.java │ │ │ ├── View.java │ │ │ └── validator │ │ │ ├── AbstractDBPrivilegeValidator.java │ │ │ ├── DatabaseMustMatch.java │ │ │ ├── DatabaseRequiredInPrivilege.java │ │ │ ├── ServerNameMustMatch.java │ │ │ └── ServersAllIsInvalid.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── db │ │ └── TestURI.java ├── sentry-core-model-indexer │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── indexer │ │ │ ├── Indexer.java │ │ │ ├── IndexerActionFactory.java │ │ │ ├── IndexerConstants.java │ │ │ ├── IndexerModelAction.java │ │ │ ├── IndexerModelAuthorizable.java │ │ │ ├── IndexerModelAuthorizables.java │ │ │ ├── IndexerPrivilegeModel.java │ │ │ └── validator │ │ │ ├── AbstractIndexerPrivilegeValidator.java │ │ │ └── IndexerRequiredInPrivilege.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── indexer │ │ ├── TestIndexer.java │ │ └── TestIndexerBitFieldAction.java ├── sentry-core-model-kafka │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── kafka │ │ │ ├── Cluster.java │ │ │ ├── ConsumerGroup.java │ │ │ ├── Host.java │ │ │ ├── KafkaActionConstant.java │ │ │ ├── KafkaActionFactory.java │ │ │ ├── KafkaAuthorizable.java │ │ │ ├── KafkaModelAuthorizables.java │ │ │ ├── KafkaPrivilegeModel.java │ │ │ ├── Topic.java │ │ │ ├── TransactionalId.java │ │ │ └── validator │ │ │ └── KafkaPrivilegeValidator.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── model │ │ └── kafka │ │ ├── TestKafkaAction.java │ │ └── TestKafkaAuthorizable.java ├── sentry-core-model-solr │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── core │ │ │ └── model │ │ │ └── solr │ │ │ ├── AdminOperation.java │ │ │ ├── Collection.java │ │ │ ├── Config.java │ │ │ ├── Field.java │ │ │ ├── Schema.java │ │ │ ├── SolrActionFactory.java │ │ │ ├── SolrConstants.java │ │ │ ├── SolrModelAction.java │ │ │ ├── SolrModelAuthorizable.java │ │ │ ├── SolrModelAuthorizables.java │ │ │ ├── SolrPrivilegeModel.java │ │ │ └── validator │ │ │ └── SolrPrivilegeValidator.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── solr │ │ ├── TestCollection.java │ │ └── TestSolrBitFieldAction.java └── sentry-core-model-sqoop │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── core │ │ └── model │ │ └── sqoop │ │ ├── Connector.java │ │ ├── Job.java │ │ ├── Link.java │ │ ├── Server.java │ │ ├── SqoopActionConstant.java │ │ ├── SqoopActionFactory.java │ │ ├── SqoopAuthorizable.java │ │ ├── SqoopModelAuthorizables.java │ │ ├── SqoopPrivilegeModel.java │ │ └── validator │ │ └── ServerNameRequiredMatch.java │ └── test │ └── java │ └── org │ └── apache │ └── sentry │ └── core │ └── model │ └── sqoop │ ├── TestSqoopAction.java │ └── TestSqoopAuthorizable.java ├── sentry-dist ├── pom.xml └── src │ ├── license │ ├── THIRD-PARTY.ftl │ ├── THIRD-PARTY.properties │ └── override-THIRD-PARTY.properties │ └── main │ ├── assembly │ ├── bin.xml │ └── src.xml │ └── resources │ └── licences │ ├── BSD_2-clause.txt │ ├── BSD_License.txt │ ├── CDDL_1_0.txt │ ├── CDDL_1_1.txt │ ├── CDDL_2.txt │ ├── Eclipse_Public_License_-_Version_1_0.txt │ ├── MIT_License.txt │ ├── Mozilla_Public_License_Version_1_1.txt │ └── The_BSD_3-Clause_License.txt ├── sentry-hdfs ├── pom.xml ├── sentry-hdfs-common │ ├── pom.xml │ └── src │ │ ├── gen │ │ └── thrift │ │ │ └── gen-javabean │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── hdfs │ │ │ └── service │ │ │ └── thrift │ │ │ ├── SentryHDFSService.java │ │ │ ├── TAuthzUpdateRequest.java │ │ │ ├── TAuthzUpdateResponse.java │ │ │ ├── TPathChanges.java │ │ │ ├── TPathEntry.java │ │ │ ├── TPathsDump.java │ │ │ ├── TPathsUpdate.java │ │ │ ├── TPermissionsUpdate.java │ │ │ ├── TPrivilegeChanges.java │ │ │ ├── TPrivilegePrincipal.java │ │ │ ├── TPrivilegePrincipalType.java │ │ │ ├── TRoleChanges.java │ │ │ └── sentry_hdfs_serviceConstants.java │ │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── apache │ │ │ │ └── sentry │ │ │ │ └── hdfs │ │ │ │ ├── AuthzPaths.java │ │ │ │ ├── AuthzPathsDumper.java │ │ │ │ ├── AuthzPermissions.java │ │ │ │ ├── DeltaRetriever.java │ │ │ │ ├── HMSPaths.java │ │ │ │ ├── HMSPathsDumper.java │ │ │ │ ├── ImageRetriever.java │ │ │ │ ├── PathsUpdate.java │ │ │ │ ├── PermissionsUpdate.java │ │ │ │ ├── SentryAuthzUpdate.java │ │ │ │ ├── SentryMalformedPathException.java │ │ │ │ ├── ServiceConstants.java │ │ │ │ ├── ThriftSerializer.java │ │ │ │ ├── UniquePathsUpdate.java │ │ │ │ ├── Updateable.java │ │ │ │ └── UpdateableAuthzPaths.java │ │ └── resources │ │ │ └── sentry_hdfs_service.thrift │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── hdfs │ │ │ ├── TestHMSPaths.java │ │ │ ├── TestHMSPathsFullDump.java │ │ │ ├── TestPathsUpdate.java │ │ │ ├── TestPermissionUpdate.java │ │ │ └── TestUpdateableAuthzPaths.java │ │ └── resources │ │ └── hdfs-sentry.xml ├── sentry-hdfs-dist │ └── pom.xml ├── sentry-hdfs-namenode-plugin │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── hdfs │ │ │ ├── SentryAuthorizationConstants.java │ │ │ ├── SentryAuthorizationInfo.java │ │ │ ├── SentryINodeAttributesProvider.java │ │ │ ├── SentryPermissions.java │ │ │ ├── SentryUpdater.java │ │ │ └── UpdateableAuthzPermissions.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── hdfs │ │ │ ├── MockSentryINodeAttributesProvider.java │ │ │ ├── SentryAuthorizationInfoX.java │ │ │ ├── TestSentryINodeAttributesProvider.java │ │ │ └── TestSentryPermissions.java │ │ └── resources │ │ └── hdfs-sentry.xml └── sentry-hdfs-service │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── hdfs │ │ ├── DBUpdateForwarder.java │ │ ├── PathDeltaRetriever.java │ │ ├── PathImageRetriever.java │ │ ├── PermDeltaRetriever.java │ │ ├── PermImageRetriever.java │ │ ├── SentryHDFSServiceClient.java │ │ ├── SentryHDFSServiceClientDefaultImpl.java │ │ ├── SentryHDFSServiceClientFactory.java │ │ ├── SentryHDFSServiceProcessor.java │ │ ├── SentryHDFSServiceProcessorFactory.java │ │ ├── SentryHdfsMetricsUtil.java │ │ └── SentryPlugin.java │ └── test │ └── java │ └── org │ └── apache │ └── sentry │ └── hdfs │ ├── SentryHdfsServiceIntegrationBase.java │ ├── TestDBUpdateForwarder.java │ ├── TestDeltaRetriever.java │ ├── TestImageRetriever.java │ ├── TestKrbConnectionTimeout.java │ └── TestSentryHDFSServiceProcessor.java ├── sentry-policy ├── pom.xml ├── sentry-policy-common │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── policy │ │ │ └── common │ │ │ ├── CommonPrivilege.java │ │ │ ├── PolicyEngine.java │ │ │ ├── Privilege.java │ │ │ ├── PrivilegeFactory.java │ │ │ └── PrivilegeUtils.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── policy │ │ └── common │ │ ├── ModelForTest.java │ │ └── TestCommonPrivilege.java └── sentry-policy-engine │ ├── pom.xml │ └── src │ └── main │ └── java │ └── org │ └── apache │ └── sentry │ └── policy │ └── engine │ └── common │ ├── CommonPolicyEngine.java │ └── CommonPrivilegeFactory.java ├── sentry-provider ├── pom.xml ├── sentry-provider-cache │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── provider │ │ │ └── cache │ │ │ ├── FilteredPrivilegeCache.java │ │ │ ├── PrivilegeCache.java │ │ │ ├── SimpleCacheProviderBackend.java │ │ │ ├── SimpleFilteredPrivilegeCache.java │ │ │ ├── SimplePrivilegeCache.java │ │ │ ├── TreePrivilegeCache.java │ │ │ └── TreePrivilegeNode.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── provider │ │ │ └── cache │ │ │ ├── PrivilegeCacheTestImpl.java │ │ │ ├── TestCacheProvider.java │ │ │ ├── TestSimpleFilteredPrivilegeCache.java │ │ │ ├── TestSimplePrivilegeCache.java │ │ │ └── TestTreePrivilegeCache.java │ │ └── resources │ │ └── test-authz-provider-local-group-mapping.ini ├── sentry-provider-common │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── provider │ │ │ ├── common │ │ │ ├── AuthorizationComponent.java │ │ │ ├── AuthorizationProvider.java │ │ │ ├── CacheProvider.java │ │ │ ├── GroupMappingService.java │ │ │ ├── HadoopGroupMappingService.java │ │ │ ├── HadoopGroupResourceAuthorizationProvider.java │ │ │ ├── NoAuthorizationProvider.java │ │ │ ├── NoGroupMappingService.java │ │ │ ├── ProviderBackend.java │ │ │ ├── ProviderBackendContext.java │ │ │ ├── ResourceAuthorizationProvider.java │ │ │ └── TableCache.java │ │ │ └── file │ │ │ └── HadoopGroupResourceAuthorizationProvider.java │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── provider │ │ └── common │ │ ├── MockGroupMappingServiceProvider.java │ │ ├── TestGetGroupMapping.java │ │ └── TestNoAuthorizationProvider.java ├── sentry-provider-db │ ├── pom.xml │ └── src │ │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── apache │ │ │ │ └── sentry │ │ │ │ └── provider │ │ │ │ └── db │ │ │ │ ├── SentryMetastoreListenerPlugin.java │ │ │ │ ├── SimpleDBProviderBackend.java │ │ │ │ └── generic │ │ │ │ ├── SentryGenericProviderBackend.java │ │ │ │ └── UpdatableCache.java │ │ └── resources │ │ │ ├── 001-SENTRY-327.derby.sql │ │ │ ├── 001-SENTRY-327.mysql.sql │ │ │ ├── 001-SENTRY-327.oracle.sql │ │ │ ├── 001-SENTRY-327.postgres.sql │ │ │ ├── 002-SENTRY-339.derby.sql │ │ │ ├── 002-SENTRY-339.mysql.sql │ │ │ ├── 002-SENTRY-339.oracle.sql │ │ │ ├── 002-SENTRY-339.postgres.sql │ │ │ ├── 003-SENTRY-380.derby.sql │ │ │ ├── 003-SENTRY-380.mysql.sql │ │ │ ├── 003-SENTRY-380.oracle.sql │ │ │ ├── 003-SENTRY-380.postgres.sql │ │ │ ├── 004-SENTRY-74.derby.sql │ │ │ ├── 004-SENTRY-74.mysql.sql │ │ │ ├── 004-SENTRY-74.oracle.sql │ │ │ ├── 004-SENTRY-74.postgres.sql │ │ │ ├── 005-SENTRY-398.derby.sql │ │ │ ├── 005-SENTRY-398.mysql.sql │ │ │ ├── 005-SENTRY-398.oracle.sql │ │ │ ├── 005-SENTRY-398.postgres.sql │ │ │ ├── 006-SENTRY-711.derby.sql │ │ │ ├── 006-SENTRY-711.mysql.sql │ │ │ ├── 006-SENTRY-711.oracle.sql │ │ │ ├── 006-SENTRY-711.postgres.sql │ │ │ ├── 007-SENTRY-1365.derby.sql │ │ │ ├── 007-SENTRY-1365.mysql.sql │ │ │ ├── 007-SENTRY-1365.oracle.sql │ │ │ ├── 007-SENTRY-1365.postgres.sql │ │ │ ├── 008-SENTRY-1569.derby.sql │ │ │ ├── 008-SENTRY-1569.mysql.sql │ │ │ ├── 008-SENTRY-1569.oracle.sql │ │ │ ├── 008-SENTRY-1569.postgres.sql │ │ │ ├── 009-SENTRY-1805.derby.sql │ │ │ ├── 009-SENTRY-1805.mysql.sql │ │ │ ├── 009-SENTRY-1805.oracle.sql │ │ │ ├── 009-SENTRY-1805.postgres.sql │ │ │ ├── 010-SENTRY-2210.derby.sql │ │ │ ├── 010-SENTRY-2210.mysql.sql │ │ │ ├── 010-SENTRY-2210.oracle.sql │ │ │ ├── 010-SENTRY-2210.postgres.sql │ │ │ ├── 011-SENTRY-2154.derby.sql │ │ │ ├── 011-SENTRY-2154.mysql.sql │ │ │ ├── 011-SENTRY-2154.oracle.sql │ │ │ ├── 011-SENTRY-2154.postgres.sql │ │ │ ├── sentry-db2-1.4.0.sql │ │ │ ├── sentry-db2-1.5.0.sql │ │ │ ├── sentry-db2-1.6.0.sql │ │ │ ├── sentry-db2-1.7.0.sql │ │ │ ├── sentry-db2-1.8.0.sql │ │ │ ├── sentry-db2-2.0.0.sql │ │ │ ├── sentry-db2-2.1.0.sql │ │ │ ├── sentry-db2-2.2.0.sql │ │ │ ├── sentry-derby-1.4.0.sql │ │ │ ├── sentry-derby-1.5.0.sql │ │ │ ├── sentry-derby-1.6.0.sql │ │ │ ├── sentry-derby-1.7.0.sql │ │ │ ├── sentry-derby-1.8.0.sql │ │ │ ├── sentry-derby-2.0.0.sql │ │ │ ├── sentry-derby-2.1.0.sql │ │ │ ├── sentry-derby-2.2.0.sql │ │ │ ├── sentry-mysql-1.4.0.sql │ │ │ ├── sentry-mysql-1.5.0.sql │ │ │ ├── sentry-mysql-1.6.0.sql │ │ │ ├── sentry-mysql-1.7.0.sql │ │ │ ├── sentry-mysql-1.8.0.sql │ │ │ ├── sentry-mysql-2.0.0.sql │ │ │ ├── sentry-mysql-2.1.0.sql │ │ │ ├── sentry-mysql-2.2.0.sql │ │ │ ├── sentry-oracle-1.4.0.sql │ │ │ ├── sentry-oracle-1.5.0.sql │ │ │ ├── sentry-oracle-1.6.0.sql │ │ │ ├── sentry-oracle-1.7.0.sql │ │ │ ├── sentry-oracle-1.8.0.sql │ │ │ ├── sentry-oracle-2.0.0.sql │ │ │ ├── sentry-oracle-2.1.0.sql │ │ │ ├── sentry-oracle-2.2.0.sql │ │ │ ├── sentry-postgres-1.4.0.sql │ │ │ ├── sentry-postgres-1.5.0.sql │ │ │ ├── sentry-postgres-1.6.0.sql │ │ │ ├── sentry-postgres-1.7.0.sql │ │ │ ├── sentry-postgres-1.8.0.sql │ │ │ ├── sentry-postgres-2.0.0.sql │ │ │ ├── sentry-postgres-2.1.0.sql │ │ │ ├── sentry-postgres-2.2.0.sql │ │ │ ├── sentry-upgrade-db2-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-db2-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-db2-1.6.0-to-1.7.0.sql │ │ │ ├── sentry-upgrade-db2-1.7.0-to-1.8.0.sql │ │ │ ├── sentry-upgrade-db2-1.8.0-to-2.0.0.sql │ │ │ ├── sentry-upgrade-db2-2.0.0-to-2.1.0.sql │ │ │ ├── sentry-upgrade-db2-2.1.0-to-2.2.0.sql │ │ │ ├── sentry-upgrade-derby-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-derby-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-derby-1.6.0-to-1.7.0.sql │ │ │ ├── sentry-upgrade-derby-1.7.0-to-1.8.0.sql │ │ │ ├── sentry-upgrade-derby-1.8.0-to-2.0.0.sql │ │ │ ├── sentry-upgrade-derby-2.0.0-to-2.1.0.sql │ │ │ ├── sentry-upgrade-derby-2.1.0-to-2.2.0.sql │ │ │ ├── sentry-upgrade-mysql-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-mysql-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-mysql-1.6.0-to-1.7.0.sql │ │ │ ├── sentry-upgrade-mysql-1.7.0-to-1.8.0.sql │ │ │ ├── sentry-upgrade-mysql-1.8.0-to-2.0.0.sql │ │ │ ├── sentry-upgrade-mysql-2.0.0-to-2.1.0.sql │ │ │ ├── sentry-upgrade-mysql-2.1.0-to-2.2.0.sql │ │ │ ├── sentry-upgrade-oracle-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-oracle-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-oracle-1.6.0-to-1.7.0.sql │ │ │ ├── sentry-upgrade-oracle-1.7.0-to-1.8.0.sql │ │ │ ├── sentry-upgrade-oracle-1.8.0-to-2.0.0.sql │ │ │ ├── sentry-upgrade-oracle-2.0.0-to-2.1.0.sql │ │ │ ├── sentry-upgrade-oracle-2.1.0-to-2.2.0.sql │ │ │ ├── sentry-upgrade-postgres-1.4.0-to-1.5.0.sql │ │ │ ├── sentry-upgrade-postgres-1.5.0-to-1.6.0.sql │ │ │ ├── sentry-upgrade-postgres-1.6.0-to-1.7.0.sql │ │ │ ├── sentry-upgrade-postgres-1.7.0-to-1.8.0.sql │ │ │ ├── sentry-upgrade-postgres-1.8.0-to-2.0.0.sql │ │ │ ├── sentry-upgrade-postgres-2.0.0-to-2.1.0.sql │ │ │ ├── sentry-upgrade-postgres-2.1.0-to-2.2.0.sql │ │ │ ├── upgrade.order.db2 │ │ │ ├── upgrade.order.derby │ │ │ ├── upgrade.order.mysql │ │ │ ├── upgrade.order.oracle │ │ │ └── upgrade.order.postgres │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── provider │ │ │ └── db │ │ │ └── generic │ │ │ └── TestSentryGenericProviderBackend.java │ │ └── resources │ │ ├── cacerts.jks │ │ ├── keystore.jks │ │ └── log4j.properties └── sentry-provider-file │ ├── pom.xml │ └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── provider │ │ └── file │ │ ├── LocalGroupMappingService.java │ │ ├── LocalGroupResourceAuthorizationProvider.java │ │ ├── PolicyFile.java │ │ └── SimpleFileProviderBackend.java │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── provider │ │ └── file │ │ ├── TestLocalGroupMapping.java │ │ └── TestSimpleFileProvderBackend.java │ └── resources │ ├── log4j.properties │ └── test-authz-provider-local-group-mapping.ini ├── sentry-service ├── pom.xml ├── sentry-service-api │ ├── pom.xml │ └── src │ │ ├── gen │ │ └── thrift │ │ │ └── gen-javabean │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── api │ │ │ ├── generic │ │ │ │ └── thrift │ │ │ │ │ ├── SentryGenericPolicyService.java │ │ │ │ │ ├── TAlterSentryRoleAddGroupsRequest.java │ │ │ │ │ ├── TAlterSentryRoleAddGroupsResponse.java │ │ │ │ │ ├── TAlterSentryRoleDeleteGroupsRequest.java │ │ │ │ │ ├── TAlterSentryRoleDeleteGroupsResponse.java │ │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeRequest.java │ │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeResponse.java │ │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeRequest.java │ │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeResponse.java │ │ │ │ │ ├── TAuthorizable.java │ │ │ │ │ ├── TCreateSentryRoleRequest.java │ │ │ │ │ ├── TCreateSentryRoleResponse.java │ │ │ │ │ ├── TDropPrivilegesRequest.java │ │ │ │ │ ├── TDropPrivilegesResponse.java │ │ │ │ │ ├── TDropSentryRoleRequest.java │ │ │ │ │ ├── TDropSentryRoleResponse.java │ │ │ │ │ ├── TListSentryPrivilegesByAuthRequest.java │ │ │ │ │ ├── TListSentryPrivilegesByAuthResponse.java │ │ │ │ │ ├── TListSentryPrivilegesForProviderRequest.java │ │ │ │ │ ├── TListSentryPrivilegesForProviderResponse.java │ │ │ │ │ ├── TListSentryPrivilegesRequest.java │ │ │ │ │ ├── TListSentryPrivilegesResponse.java │ │ │ │ │ ├── TListSentryRolesRequest.java │ │ │ │ │ ├── TListSentryRolesResponse.java │ │ │ │ │ ├── TRenamePrivilegesRequest.java │ │ │ │ │ ├── TRenamePrivilegesResponse.java │ │ │ │ │ ├── TSentryActiveRoleSet.java │ │ │ │ │ ├── TSentryGrantOption.java │ │ │ │ │ ├── TSentryPrivilege.java │ │ │ │ │ ├── TSentryPrivilegeMap.java │ │ │ │ │ └── TSentryRole.java │ │ │ └── service │ │ │ │ └── thrift │ │ │ │ ├── SentryPolicyService.java │ │ │ │ ├── TAlterSentryRoleAddGroupsRequest.java │ │ │ │ ├── TAlterSentryRoleAddGroupsResponse.java │ │ │ │ ├── TAlterSentryRoleAddUsersRequest.java │ │ │ │ ├── TAlterSentryRoleAddUsersResponse.java │ │ │ │ ├── TAlterSentryRoleDeleteGroupsRequest.java │ │ │ │ ├── TAlterSentryRoleDeleteGroupsResponse.java │ │ │ │ ├── TAlterSentryRoleDeleteUsersRequest.java │ │ │ │ ├── TAlterSentryRoleDeleteUsersResponse.java │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeRequest.java │ │ │ │ ├── TAlterSentryRoleGrantPrivilegeResponse.java │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeRequest.java │ │ │ │ ├── TAlterSentryRoleRevokePrivilegeResponse.java │ │ │ │ ├── TCreateSentryRoleRequest.java │ │ │ │ ├── TCreateSentryRoleResponse.java │ │ │ │ ├── TDropPrivilegesRequest.java │ │ │ │ ├── TDropPrivilegesResponse.java │ │ │ │ ├── TDropSentryRoleRequest.java │ │ │ │ ├── TDropSentryRoleResponse.java │ │ │ │ ├── TIsSentryAdminRequest.java │ │ │ │ ├── TIsSentryAdminResponse.java │ │ │ │ ├── TListSentryPrivilegesByAuthRequest.java │ │ │ │ ├── TListSentryPrivilegesByAuthResponse.java │ │ │ │ ├── TListSentryPrivilegesByAuthUserRequest.java │ │ │ │ ├── TListSentryPrivilegesByAuthUserResponse.java │ │ │ │ ├── TListSentryPrivilegesForProviderRequest.java │ │ │ │ ├── TListSentryPrivilegesForProviderResponse.java │ │ │ │ ├── TListSentryPrivilegesRequest.java │ │ │ │ ├── TListSentryPrivilegesResponse.java │ │ │ │ ├── TListSentryRolesForUserRequest.java │ │ │ │ ├── TListSentryRolesRequest.java │ │ │ │ ├── TListSentryRolesResponse.java │ │ │ │ ├── TRenamePrivilegesRequest.java │ │ │ │ ├── TRenamePrivilegesResponse.java │ │ │ │ ├── TSentryActiveRoleSet.java │ │ │ │ ├── TSentryAuthorizable.java │ │ │ │ ├── TSentryConfigValueRequest.java │ │ │ │ ├── TSentryConfigValueResponse.java │ │ │ │ ├── TSentryExportMappingDataRequest.java │ │ │ │ ├── TSentryExportMappingDataResponse.java │ │ │ │ ├── TSentryGrantOption.java │ │ │ │ ├── TSentryGroup.java │ │ │ │ ├── TSentryHmsEventNotification.java │ │ │ │ ├── TSentryHmsEventNotificationResponse.java │ │ │ │ ├── TSentryImportMappingDataRequest.java │ │ │ │ ├── TSentryImportMappingDataResponse.java │ │ │ │ ├── TSentryMappingData.java │ │ │ │ ├── TSentryPrincipalType.java │ │ │ │ ├── TSentryPrivilege.java │ │ │ │ ├── TSentryPrivilegeMap.java │ │ │ │ ├── TSentryPrivilegesRequest.java │ │ │ │ ├── TSentryPrivilegesResponse.java │ │ │ │ ├── TSentryRole.java │ │ │ │ ├── TSentrySyncIDRequest.java │ │ │ │ └── TSentrySyncIDResponse.java │ │ │ └── service │ │ │ └── thrift │ │ │ ├── TSentryResponseStatus.java │ │ │ └── sentry_common_serviceConstants.java │ │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── apache │ │ │ │ └── sentry │ │ │ │ └── api │ │ │ │ ├── common │ │ │ │ ├── SentryServiceUtil.java │ │ │ │ ├── Status.java │ │ │ │ └── ThriftConstants.java │ │ │ │ ├── generic │ │ │ │ └── thrift │ │ │ │ │ ├── NotificationHandler.java │ │ │ │ │ ├── NotificationHandlerInvoker.java │ │ │ │ │ ├── SentryGenericPolicyProcessorWrapper.java │ │ │ │ │ ├── SentryGenericServiceClient.java │ │ │ │ │ ├── SentryGenericServiceClientDefaultImpl.java │ │ │ │ │ └── SentryGenericServiceClientFactory.java │ │ │ │ ├── service │ │ │ │ └── thrift │ │ │ │ │ ├── NotificationHandler.java │ │ │ │ │ ├── NotificationHandlerInvoker.java │ │ │ │ │ ├── SentryObjectPrivileges.java │ │ │ │ │ ├── SentryPolicyServiceClient.java │ │ │ │ │ ├── SentryPolicyServiceClientDefaultImpl.java │ │ │ │ │ ├── SentryProcessorWrapper.java │ │ │ │ │ └── validator │ │ │ │ │ ├── GrantPrivilegeRequestValidator.java │ │ │ │ │ └── RevokePrivilegeRequestValidator.java │ │ │ │ └── tools │ │ │ │ ├── GenericPrivilegeConverter.java │ │ │ │ └── TSentryPrivilegeConverter.java │ │ └── resources │ │ │ ├── sentry_common_service.thrift │ │ │ ├── sentry_generic_policy_service.thrift │ │ │ └── sentry_policy_service.thrift │ │ └── test │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── api │ │ ├── common │ │ └── TestSentryServiceUtil.java │ │ └── service │ │ └── thrift │ │ └── TestSentryPolicyServiceClientDefaultImpl.java ├── sentry-service-client │ ├── pom.xml │ └── src │ │ └── main │ │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── service │ │ └── thrift │ │ └── SentryServiceClientFactory.java ├── sentry-service-providers │ ├── pom.xml │ └── src │ │ └── main │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── server │ │ │ └── provider │ │ │ └── webservice │ │ │ ├── AttributeDesc.java │ │ │ ├── FilterDesc.java │ │ │ ├── ServletDesc.java │ │ │ ├── WebServiceProvider.java │ │ │ ├── WebServiceProviderFactory.java │ │ │ └── WebServiceSpi.java │ │ └── resources │ │ └── META-INF │ │ └── services │ │ └── org.apache.sentry.spi.Spi ├── sentry-service-server │ ├── pom.xml │ └── src │ │ ├── main │ │ ├── java │ │ │ └── org │ │ │ │ └── apache │ │ │ │ └── sentry │ │ │ │ ├── api │ │ │ │ ├── generic │ │ │ │ │ └── thrift │ │ │ │ │ │ ├── SentryGenericPolicyProcessor.java │ │ │ │ │ │ └── SentryGenericPolicyProcessorFactory.java │ │ │ │ └── service │ │ │ │ │ └── thrift │ │ │ │ │ ├── RolesServlet.java │ │ │ │ │ ├── SentryHealthCheckServletContextListener.java │ │ │ │ │ ├── SentryMetrics.java │ │ │ │ │ ├── SentryMetricsServletContextListener.java │ │ │ │ │ ├── SentryPolicyStoreProcessor.java │ │ │ │ │ ├── SentryPolicyStoreProcessorFactory.java │ │ │ │ │ ├── SentryPolicyStoreUtils.java │ │ │ │ │ └── SentryServiceWebServiceProvider.java │ │ │ │ ├── provider │ │ │ │ └── db │ │ │ │ │ ├── SentryPolicyStorePlugin.java │ │ │ │ │ ├── audit │ │ │ │ │ └── SentryAuditLogger.java │ │ │ │ │ ├── generic │ │ │ │ │ ├── service │ │ │ │ │ │ └── persistent │ │ │ │ │ │ │ ├── DelegateSentryStore.java │ │ │ │ │ │ │ ├── PrivilegeObject.java │ │ │ │ │ │ │ ├── PrivilegeOperatePersistence.java │ │ │ │ │ │ │ └── SentryStoreLayer.java │ │ │ │ │ └── tools │ │ │ │ │ │ ├── GenericPrivilegeConverter.java │ │ │ │ │ │ └── TSentryPrivilegeConverter.java │ │ │ │ │ ├── log │ │ │ │ │ ├── appender │ │ │ │ │ │ ├── AuditLoggerTestAppender.java │ │ │ │ │ │ └── RollingFileWithoutDeleteAppender.java │ │ │ │ │ ├── entity │ │ │ │ │ │ ├── AuditMetadataLogEntity.java │ │ │ │ │ │ ├── DBAuditMetadataLogEntity.java │ │ │ │ │ │ ├── GMAuditMetadataLogEntity.java │ │ │ │ │ │ ├── JsonLogEntity.java │ │ │ │ │ │ └── JsonLogEntityFactory.java │ │ │ │ │ └── util │ │ │ │ │ │ ├── CommandUtil.java │ │ │ │ │ │ └── Constants.java │ │ │ │ │ └── service │ │ │ │ │ ├── classification │ │ │ │ │ └── InterfaceAudience.java │ │ │ │ │ ├── model │ │ │ │ │ ├── MAuthzPathsMapping.java │ │ │ │ │ ├── MAuthzPathsSnapshotId.java │ │ │ │ │ ├── MPath.java │ │ │ │ │ ├── MSentryChange.java │ │ │ │ │ ├── MSentryGMPrivilege.java │ │ │ │ │ ├── MSentryGroup.java │ │ │ │ │ ├── MSentryHmsNotification.java │ │ │ │ │ ├── MSentryPathChange.java │ │ │ │ │ ├── MSentryPermChange.java │ │ │ │ │ ├── MSentryPrivilege.java │ │ │ │ │ ├── MSentryRole.java │ │ │ │ │ ├── MSentryUser.java │ │ │ │ │ ├── MSentryUtil.java │ │ │ │ │ ├── MSentryVersion.java │ │ │ │ │ └── package.jdo │ │ │ │ │ └── persistent │ │ │ │ │ ├── CounterWait.java │ │ │ │ │ ├── DeltaTransactionBlock.java │ │ │ │ │ ├── FixedJsonInstanceSerializer.java │ │ │ │ │ ├── HAContext.java │ │ │ │ │ ├── HMSFollower.java │ │ │ │ │ ├── LeaderStatusMonitor.java │ │ │ │ │ ├── NotificationProcessor.java │ │ │ │ │ ├── PathsImage.java │ │ │ │ │ ├── PermissionsImage.java │ │ │ │ │ ├── PrivilegePrincipal.java │ │ │ │ │ ├── QueryParamBuilder.java │ │ │ │ │ ├── SentryStore.java │ │ │ │ │ ├── SentryStoreInterface.java │ │ │ │ │ ├── SentryStoreSchemaInfo.java │ │ │ │ │ ├── SentryUpgradeOrder.java │ │ │ │ │ ├── TransactionBlock.java │ │ │ │ │ └── TransactionManager.java │ │ │ │ └── service │ │ │ │ └── thrift │ │ │ │ ├── DynamicProxy.java │ │ │ │ ├── FullUpdateInitializer.java │ │ │ │ ├── FullUpdateInitializerState.java │ │ │ │ ├── FullUpdateModifier.java │ │ │ │ ├── GSSCallback.java │ │ │ │ ├── HMSClient.java │ │ │ │ ├── HMSFollowerState.java │ │ │ │ ├── HiveConnectionFactory.java │ │ │ │ ├── HiveNotificationFetcher.java │ │ │ │ ├── HiveSimpleConnectionFactory.java │ │ │ │ ├── JaasConfiguration.java │ │ │ │ ├── KerberosConfiguration.java │ │ │ │ ├── ProcessorFactory.java │ │ │ │ ├── SentryHMSClient.java │ │ │ │ ├── SentryKerberosContext.java │ │ │ │ ├── SentryService.java │ │ │ │ ├── SentryServiceFactory.java │ │ │ │ ├── SentryServiceState.java │ │ │ │ ├── SentryState.java │ │ │ │ └── SentryStateBank.java │ │ ├── resources │ │ │ └── META-INF │ │ │ │ └── services │ │ │ │ └── org.apache.sentry.server.provider.webservice.WebServiceProviderFactory │ │ └── webapp │ │ │ └── SentryService.html │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ ├── api │ │ │ ├── generic │ │ │ │ └── thrift │ │ │ │ │ ├── SentryGenericServiceIntegrationBase.java │ │ │ │ │ ├── TestAuditLogForSentryGenericService.java │ │ │ │ │ ├── TestSentryGenericPolicyProcessor.java │ │ │ │ │ ├── TestSentryGenericServiceClient.java │ │ │ │ │ └── TestSentryGenericServiceIntegration.java │ │ │ └── service │ │ │ │ └── thrift │ │ │ │ ├── MockGroupMappingService.java │ │ │ │ ├── SentryMiniKdcTestcase.java │ │ │ │ ├── SentryPolicyStoreProcessorTestUtils.java │ │ │ │ ├── TestAuthorizingDDLAuditLogWithKerberos.java │ │ │ │ ├── TestConnectionWithTicketTimeout.java │ │ │ │ ├── TestNotificationHandlerInvoker.java │ │ │ │ ├── TestSentryPolicyServiceClient.java │ │ │ │ ├── TestSentryPolicyStoreProcessor.java │ │ │ │ ├── TestSentryServerForPoolWithoutKerberos.java │ │ │ │ ├── TestSentryServerLogLevel.java │ │ │ │ ├── TestSentryServerPubSub.java │ │ │ │ ├── TestSentryServerWithoutKerberos.java │ │ │ │ ├── TestSentryServiceClientPool.java │ │ │ │ ├── TestSentryServiceFailureCase.java │ │ │ │ ├── TestSentryServiceForPoolWithKerberos.java │ │ │ │ ├── TestSentryServiceImportExport.java │ │ │ │ ├── TestSentryServiceIntegration.java │ │ │ │ ├── TestSentryServiceMetrics.java │ │ │ │ ├── TestSentryServiceWithInvalidMsgSize.java │ │ │ │ ├── TestSentryServiceWithKerberos.java │ │ │ │ ├── TestSentryWebServerWithKerberos.java │ │ │ │ ├── TestSentryWebServerWithSSL.java │ │ │ │ ├── TestSentryWebServerWithoutSecurity.java │ │ │ │ └── TestSentryWebServiceForAuthTypeNone.java │ │ │ ├── provider │ │ │ └── db │ │ │ │ ├── generic │ │ │ │ └── service │ │ │ │ │ └── persistent │ │ │ │ │ ├── SentryStoreIntegrationBase.java │ │ │ │ │ ├── TestDelegateSentryStore.java │ │ │ │ │ ├── TestPrivilegeOperatePersistence.java │ │ │ │ │ ├── TestSentryGMPrivilege.java │ │ │ │ │ └── TestSentryRole.java │ │ │ │ ├── log │ │ │ │ ├── appender │ │ │ │ │ └── TestRollingFileWithoutDeleteAppender.java │ │ │ │ ├── entity │ │ │ │ │ ├── TestDbAuditMetadataLogEntity.java │ │ │ │ │ ├── TestGMAuditMetadataLogEntity.java │ │ │ │ │ ├── TestJsonLogEntityFactory.java │ │ │ │ │ └── TestJsonLogEntityFactoryGM.java │ │ │ │ └── util │ │ │ │ │ └── TestCommandUtil.java │ │ │ │ └── service │ │ │ │ ├── model │ │ │ │ └── TestMSentryUtil.java │ │ │ │ └── persistent │ │ │ │ ├── TestCounterWait.java │ │ │ │ ├── TestHMSFollower.java │ │ │ │ ├── TestHMSFollowerSentryStoreIntegration.java │ │ │ │ ├── TestLeaderStatusMonitor.java │ │ │ │ ├── TestNotificationProcessor.java │ │ │ │ ├── TestSentryPrivilege.java │ │ │ │ ├── TestSentryStore.java │ │ │ │ ├── TestSentryStoreImportExport.java │ │ │ │ ├── TestSentryStoreToAuthorizable.java │ │ │ │ ├── TestSentryUpgradeOrder.java │ │ │ │ └── TestSentryVersion.java │ │ │ └── service │ │ │ └── thrift │ │ │ ├── SentryServiceIntegrationBase.java │ │ │ ├── SentryStateBankTestHelper.java │ │ │ ├── SentryWebMetricParser.java │ │ │ ├── TestFullUpdateInitializer.java │ │ │ ├── TestFullUpdateModifier.java │ │ │ ├── TestGSSCallback.java │ │ │ ├── TestHiveNotificationFetcher.java │ │ │ ├── TestSentryHMSClient.java │ │ │ └── TestSentryStateBank.java │ │ └── resources │ │ ├── cacerts.jks │ │ ├── keystore.jks │ │ └── log4j.properties └── sentry-service-web │ ├── pom.xml │ └── src │ └── main │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── service │ │ └── web │ │ ├── ConfServlet.java │ │ ├── DefaultWebServicesProvider.java │ │ ├── LogLevelServlet.java │ │ ├── PubSubServlet.java │ │ ├── SentryAuthFilter.java │ │ └── SentryWebServer.java │ ├── resources │ └── META-INF │ │ └── services │ │ └── org.apache.sentry.server.provider.webservice.WebServiceProviderFactory │ └── webapp │ ├── index.html │ └── static │ ├── bootstrap │ ├── css │ │ ├── bootstrap-3.3.7.min.css │ │ └── bootstrap-theme-3.3.7.min.css │ ├── fonts │ │ └── glyphicons-halflings-regular.svg │ └── js │ │ ├── bootstrap-3.3.7.js │ │ ├── bootstrap-3.3.7.min.js │ │ └── npm.js │ ├── css │ └── sentry.css │ ├── images │ └── sentry.png │ └── materialdesign │ ├── css │ └── materialdesignicons.min.css │ └── fonts │ └── materialdesignicons-webfont.svg ├── sentry-solr ├── pom.xml └── solr-sentry-handlers │ ├── pom.xml │ └── src │ ├── main │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── solr │ │ │ └── handler │ │ │ └── component │ │ │ ├── CachingUserAttributeSource.java │ │ │ ├── DocAuthorizationComponent.java │ │ │ ├── FieldToAttributeMapping.java │ │ │ ├── LdapUserAttributeSource.java │ │ │ ├── LdapUserAttributeSourceParams.java │ │ │ ├── QueryDocAuthorizationComponent.java │ │ │ ├── SolrAttrBasedFilter.java │ │ │ ├── SubsetQueryPlugin.java │ │ │ ├── UserAttributeSource.java │ │ │ └── UserAttributeSourceParams.java │ └── resources │ │ ├── log4j.properties │ │ └── sentry-handlers │ │ ├── sentry │ │ └── test-authz-provider.ini │ │ └── solr │ │ └── collection1 │ │ ├── conf │ │ ├── schema-minimal.xml │ │ ├── solrconfig-secureadmin.xml │ │ └── solrconfig.xml │ │ └── lib │ │ └── README │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── solr │ │ └── handler │ │ └── component │ │ ├── CachingUserAttributeSourceTest.java │ │ ├── LdapRegexTest.java │ │ ├── MockUserAttributeSource.java │ │ └── SubsetQueryTest.java │ └── resources │ └── solr │ └── collection1 │ ├── schema-docValuesSubsetMatch.xml │ ├── solrconfig-subsetmatchcomponent.xml │ ├── solrconfig-subsetquery.xml │ └── solrconfig.snippet.randomindexconfig.xml ├── sentry-spi ├── pom.xml └── src │ ├── main │ └── java │ │ └── org │ │ └── apache │ │ └── sentry │ │ └── spi │ │ ├── DefaultProviderLoader.java │ │ ├── Provider.java │ │ ├── ProviderFactory.java │ │ ├── ProviderLoader.java │ │ ├── ProviderManager.java │ │ ├── Spi.java │ │ └── package-info.java │ └── test │ ├── java │ └── org │ │ └── apache │ │ └── sentry │ │ └── spi │ │ ├── SomeTestProvider.java │ │ ├── SomeTestProviderFactory.java │ │ ├── SomeTestProviderImplA.java │ │ ├── SomeTestProviderImplB.java │ │ ├── SomeTestProviderImplNotLoaded.java │ │ ├── SomeTestSpi.java │ │ └── TestProviderManager.java │ └── resources │ └── META-INF │ └── services │ ├── org.apache.sentry.spi.SomeTestProviderFactory │ └── org.apache.sentry.spi.Spi ├── sentry-tests ├── data │ └── xudf.jar ├── pom.xml ├── sentry-tests-hive │ ├── pom.xml │ └── src │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── tests │ │ │ └── e2e │ │ │ ├── dbprovider │ │ │ ├── AbstractTestWithDbProvider.java │ │ │ ├── TestColumnEndToEnd.java │ │ │ ├── TestConcurrentClients.java │ │ │ ├── TestDatabaseProvider.java │ │ │ ├── TestDbColumnLevelMetaDataOps.java │ │ │ ├── TestDbComplexView.java │ │ │ ├── TestDbConnections.java │ │ │ ├── TestDbCrossDbOps.java │ │ │ ├── TestDbCrossOperations.java │ │ │ ├── TestDbDDLAuditLog.java │ │ │ ├── TestDbEndToEnd.java │ │ │ ├── TestDbExportImportPrivileges.java │ │ │ ├── TestDbJDBCInterface.java │ │ │ ├── TestDbMetadataObjectRetrieval.java │ │ │ ├── TestDbMetadataPermissions.java │ │ │ ├── TestDbMovingToProduction.java │ │ │ ├── TestDbOperationsPart1.java │ │ │ ├── TestDbOperationsPart2.java │ │ │ ├── TestDbPrivilegeAtTransform.java │ │ │ ├── TestDbPrivilegeCleanupOnDrop.java │ │ │ ├── TestDbPrivilegesAtColumnScope.java │ │ │ ├── TestDbPrivilegesAtDatabaseScope.java │ │ │ ├── TestDbPrivilegesAtFunctionScope.java │ │ │ ├── TestDbPrivilegesAtTableScopePart1.java │ │ │ ├── TestDbPrivilegesAtTableScopePart2.java │ │ │ ├── TestDbRuntimeMetadataRetrieval.java │ │ │ ├── TestDbSandboxOps.java │ │ │ ├── TestDbSentryOnFailureHookLoading.java │ │ │ ├── TestDbUriPermissions.java │ │ │ ├── TestGrantUserToRole.java │ │ │ ├── TestHmsNotificationProcessing.java │ │ │ ├── TestHmsNotificationProcessingBase.java │ │ │ ├── TestHmsNotificationProcessingWithOutHdfsSync.java │ │ │ ├── TestHmsNotificationProcessingWithOutSyncOnCreate.java │ │ │ ├── TestHmsNotificationProcessingWithOutSyncOnDrop.java │ │ │ ├── TestOwnerPrivileges.java │ │ │ ├── TestOwnerPrivilegesWithGrantOption.java │ │ │ ├── TestPrivilegeWithGrantOption.java │ │ │ ├── TestPrivilegeWithHAGrantOption.java │ │ │ └── TestShowGrants.java │ │ │ ├── hdfs │ │ │ ├── TestDbHdfsBase.java │ │ │ ├── TestDbHdfsExtMaxGroups.java │ │ │ ├── TestDbHdfsMaxGroups.java │ │ │ ├── TestHDFSIntegrationAdvanced.java │ │ │ ├── TestHDFSIntegrationBase.java │ │ │ ├── TestHDFSIntegrationEnd2End.java │ │ │ ├── TestHDFSIntegrationTogglingConf.java │ │ │ └── TestHDFSIntegrationWithHA.java │ │ │ ├── hive │ │ │ ├── AbstractTestWithHiveServer.java │ │ │ ├── AbstractTestWithStaticConfiguration.java │ │ │ ├── Context.java │ │ │ ├── DummySentryOnFailureHook.java │ │ │ ├── PolicyFileEditor.java │ │ │ ├── PrivilegeResultSet.java │ │ │ ├── RulesForE2ETest.java │ │ │ ├── SlowE2ETest.java │ │ │ ├── StaticUserGroup.java │ │ │ ├── TestAllowedGrantPrivileges.java │ │ │ ├── TestConfigTool.java │ │ │ ├── TestCrossDbOps.java │ │ │ ├── TestCustomSerdePrivileges.java │ │ │ ├── TestDescribeMetadataPrivileges.java │ │ │ ├── TestEndToEnd.java │ │ │ ├── TestEndToEndWithSimpleCache.java │ │ │ ├── TestExportImportPrivileges.java │ │ │ ├── TestJDBCInterface.java │ │ │ ├── TestLockPrivileges.java │ │ │ ├── TestMetadataObjectRetrieval.java │ │ │ ├── TestMetadataPermissions.java │ │ │ ├── TestMovingToProduction.java │ │ │ ├── TestOperationsPart1.java │ │ │ ├── TestOperationsPart2.java │ │ │ ├── TestPerDBConfiguration.java │ │ │ ├── TestPerDatabasePolicyFile.java │ │ │ ├── TestPolicyImportExport.java │ │ │ ├── TestPrivilegeAtTransform.java │ │ │ ├── TestPrivilegesAtColumnScope.java │ │ │ ├── TestPrivilegesAtDatabaseScope.java │ │ │ ├── TestPrivilegesAtFunctionScope.java │ │ │ ├── TestPrivilegesAtTableScopePart1.java │ │ │ ├── TestPrivilegesAtTableScopePart2.java │ │ │ ├── TestReloadPrivileges.java │ │ │ ├── TestRuntimeMetadataRetrieval.java │ │ │ ├── TestSandboxOps.java │ │ │ ├── TestSentryOnFailureHookLoading.java │ │ │ ├── TestServerConfiguration.java │ │ │ ├── TestShowMetadataPrivileges.java │ │ │ ├── TestShowMetadataPrivilegesOnSelectOnly.java │ │ │ ├── TestUDF.java │ │ │ ├── TestUriPermissions.java │ │ │ ├── TestUserManagement.java │ │ │ ├── TestViewPrivileges.java │ │ │ ├── fs │ │ │ │ ├── AbstractDFS.java │ │ │ │ ├── ClusterDFS.java │ │ │ │ ├── DFS.java │ │ │ │ ├── DFSFactory.java │ │ │ │ ├── MiniDFS.java │ │ │ │ ├── S3DFS.java │ │ │ │ ├── TestFSBase.java │ │ │ │ ├── TestFSContants.java │ │ │ │ ├── TestHiveWarehouseOnExtFs.java │ │ │ │ └── TestTableOnExtFS.java │ │ │ └── hiveserver │ │ │ │ ├── AbstractHiveServer.java │ │ │ │ ├── EmbeddedHiveServer.java │ │ │ │ ├── ExternalHiveServer.java │ │ │ │ ├── HiveServer.java │ │ │ │ ├── HiveServerFactory.java │ │ │ │ ├── InternalHiveServer.java │ │ │ │ ├── InternalMetastoreServer.java │ │ │ │ └── UnmanagedHiveServer.java │ │ │ ├── metastore │ │ │ ├── AbstractMetastoreTestWithStaticConfiguration.java │ │ │ ├── SentryPolicyProviderForDb.java │ │ │ ├── TestAuthorizingObjectStore.java │ │ │ ├── TestDBNotificationListenerInBuiltDeserializer.java │ │ │ ├── TestMetaStoreWithPigHCat.java │ │ │ ├── TestMetastoreEndToEnd.java │ │ │ ├── TestMetastoreEndToEndWithSimpleCache.java │ │ │ └── TestURIMetastore.java │ │ │ ├── minisentry │ │ │ ├── InternalSentrySrv.java │ │ │ ├── SentrySrv.java │ │ │ └── SentrySrvFactory.java │ │ │ └── tools │ │ │ ├── CreateSentryTestScaleData.java │ │ │ ├── TestTools.java │ │ │ └── sentry_scale_test_config.xml │ │ └── resources │ │ ├── core-site-for-sentry-test.xml │ │ ├── emp.dat │ │ ├── hadoop │ │ ├── kv1.dat │ │ ├── log4j.properties │ │ ├── log4j2.properties │ │ ├── sentry-provider.ini │ │ ├── sentry-site.xml │ │ ├── testPolicyImport.ini │ │ ├── testPolicyImportAdmin.ini │ │ └── testPolicyImportError.ini ├── sentry-tests-kafka │ ├── pom.xml │ └── src │ │ ├── main │ │ └── java │ │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── tests │ │ │ └── e2e │ │ │ └── kafka │ │ │ ├── KafkaTestServer.java │ │ │ └── TestUtils.java │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── tests │ │ │ └── e2e │ │ │ └── kafka │ │ │ ├── AbstractKafkaSentryTestBase.java │ │ │ ├── StaticUserGroupRole.java │ │ │ ├── TestAclsCrud.java │ │ │ └── TestAuthorize.java │ │ └── resources │ │ ├── log4j.properties │ │ ├── test.crt │ │ ├── test.keystore.jks │ │ ├── test.truststore.jks │ │ ├── user1.crt │ │ ├── user1.keystore.jks │ │ ├── user1.truststore.jks │ │ ├── user2.crt │ │ ├── user2.keystore.jks │ │ └── user2.truststore.jks ├── sentry-tests-solr │ ├── pom.xml │ └── src │ │ └── test │ │ ├── java │ │ └── org │ │ │ └── apache │ │ │ └── sentry │ │ │ └── tests │ │ │ └── e2e │ │ │ └── solr │ │ │ ├── AbstractSolrSentryTestCase.java │ │ │ ├── DocLevelGenerator.java │ │ │ ├── DummyAuthPluginImpl.java │ │ │ ├── SolrSentryServiceTestBase.java │ │ │ ├── TestAbacOperations.java │ │ │ ├── TestDocLevelOperations.java │ │ │ ├── TestSentryServer.java │ │ │ ├── TestSolrAdminOperations.java │ │ │ ├── TestSolrCollectionOperations.java │ │ │ ├── TestSolrConfigOperations.java │ │ │ ├── TestSolrSchemaOperations.java │ │ │ ├── TestSolrWithSimpleFileProviderBackend.java │ │ │ └── TestSubsetQueryOperations.java │ │ └── resources │ │ ├── ldap │ │ ├── ldap.ldiff │ │ └── ldap.schema │ │ ├── log4j.properties │ │ └── solr │ │ ├── collection1 │ │ └── conf │ │ │ ├── admin-extra.html │ │ │ ├── admin-extra.menu-bottom.html │ │ │ ├── admin-extra.menu-top.html │ │ │ ├── currency.xml │ │ │ ├── elevate.xml │ │ │ ├── lang │ │ │ ├── contractions_ca.txt │ │ │ ├── contractions_fr.txt │ │ │ ├── contractions_ga.txt │ │ │ ├── contractions_it.txt │ │ │ ├── hyphenations_ga.txt │ │ │ ├── stemdict_nl.txt │ │ │ ├── stoptags_ja.txt │ │ │ ├── stopwords_ar.txt │ │ │ ├── stopwords_bg.txt │ │ │ ├── stopwords_ca.txt │ │ │ ├── stopwords_cz.txt │ │ │ ├── stopwords_da.txt │ │ │ ├── stopwords_de.txt │ │ │ ├── stopwords_el.txt │ │ │ ├── stopwords_en.txt │ │ │ ├── stopwords_es.txt │ │ │ ├── stopwords_eu.txt │ │ │ ├── stopwords_fa.txt │ │ │ ├── stopwords_fi.txt │ │ │ ├── stopwords_fr.txt │ │ │ ├── stopwords_ga.txt │ │ │ ├── stopwords_gl.txt │ │ │ ├── stopwords_hi.txt │ │ │ ├── stopwords_hu.txt │ │ │ ├── stopwords_hy.txt │ │ │ ├── stopwords_id.txt │ │ │ ├── stopwords_it.txt │ │ │ ├── stopwords_ja.txt │ │ │ ├── stopwords_lv.txt │ │ │ ├── stopwords_nl.txt │ │ │ ├── stopwords_no.txt │ │ │ ├── stopwords_pt.txt │ │ │ ├── stopwords_ro.txt │ │ │ ├── stopwords_ru.txt │ │ │ ├── stopwords_sv.txt │ │ │ ├── stopwords_th.txt │ │ │ ├── stopwords_tr.txt │ │ │ └── userdict_ja.txt │ │ │ ├── mapping-FoldToASCII.txt │ │ │ ├── mapping-ISOLatin1Accent.txt │ │ │ ├── protwords.txt │ │ │ ├── schema.xml │ │ │ ├── scripts.conf │ │ │ ├── solrconfig-doclevel.xml │ │ │ ├── solrconfig.xml │ │ │ ├── spellings.txt │ │ │ ├── stopwords.txt │ │ │ ├── synonyms.txt │ │ │ ├── update-script.js │ │ │ ├── velocity │ │ │ ├── README.txt │ │ │ ├── VM_global_library.vm │ │ │ ├── browse.vm │ │ │ ├── cluster.vm │ │ │ ├── cluster_results.vm │ │ │ ├── debug.vm │ │ │ ├── did_you_mean.vm │ │ │ ├── error.vm │ │ │ ├── facet_fields.vm │ │ │ ├── facet_pivot.vm │ │ │ ├── facet_queries.vm │ │ │ ├── facet_ranges.vm │ │ │ ├── facets.vm │ │ │ ├── footer.vm │ │ │ ├── head.vm │ │ │ ├── header.vm │ │ │ ├── hit.vm │ │ │ ├── hit_grouped.vm │ │ │ ├── hit_plain.vm │ │ │ ├── join_doc.vm │ │ │ ├── jquery.autocomplete.css │ │ │ ├── jquery.autocomplete.js │ │ │ ├── layout.vm │ │ │ ├── main.css │ │ │ ├── mime_type_lists.vm │ │ │ ├── pagination_bottom.vm │ │ │ ├── pagination_top.vm │ │ │ ├── product_doc.vm │ │ │ ├── query.vm │ │ │ ├── query_form.vm │ │ │ ├── query_group.vm │ │ │ ├── query_spatial.vm │ │ │ ├── results_list.vm │ │ │ ├── richtext_doc.vm │ │ │ ├── suggest.vm │ │ │ └── tabs.vm │ │ │ └── xslt │ │ │ ├── example.xsl │ │ │ ├── example_atom.xsl │ │ │ ├── example_rss.xsl │ │ │ ├── luke.xsl │ │ │ └── updateXml.xsl │ │ ├── configsets │ │ ├── cloud-managed │ │ │ └── conf │ │ │ │ ├── managed-schema │ │ │ │ └── solrconfig.xml │ │ ├── cloud-minimal │ │ │ └── conf │ │ │ │ ├── schema.xml │ │ │ │ └── solrconfig.xml │ │ ├── cloud-minimal_abac │ │ │ └── conf │ │ │ │ ├── enumsConfig.xml │ │ │ │ ├── schema.xml │ │ │ │ └── solrconfig.xml │ │ ├── cloud-minimal_doc_level_security │ │ │ └── conf │ │ │ │ ├── schema.xml │ │ │ │ └── solrconfig.xml │ │ ├── cloud-minimal_subset_match │ │ │ └── conf │ │ │ │ ├── schema.xml │ │ │ │ └── solrconfig.xml │ │ └── cloud-minimal_subset_match_missing_false │ │ │ └── conf │ │ │ ├── schema.xml │ │ │ └── solrconfig.xml │ │ ├── security │ │ └── security.json │ │ ├── sentry │ │ └── test-authz-provider.ini │ │ └── solr-no-core.xml └── sentry-tests-sqoop │ ├── pom.xml │ └── src │ └── test │ └── java │ └── org │ └── apache │ └── sentry │ └── tests │ └── e2e │ └── sqoop │ ├── AbstractSqoopSentryTestBase.java │ ├── JettySqoopRunner.java │ ├── StaticUserGroupRole.java │ ├── TestConnectorEndToEnd.java │ ├── TestGrantPrivilege.java │ ├── TestJobEndToEnd.java │ ├── TestLinkEndToEnd.java │ ├── TestOwnerPrivilege.java │ ├── TestRevokePrivilege.java │ ├── TestRoleOperation.java │ ├── TestServerScopeEndToEnd.java │ └── TestShowPrivilege.java ├── sentry-thirdparty ├── pom.xml └── sentry-shaded │ └── pom.xml └── sentry-tools ├── pom.xml └── src ├── main └── java │ └── org │ └── apache │ └── sentry │ ├── SentryMain.java │ ├── cli │ └── tools │ │ ├── PermissionsMigrationToolCommon.java │ │ ├── PermissionsMigrationToolSolr.java │ │ ├── SentryConfigToolCommon.java │ │ ├── SentryConfigToolIndexer.java │ │ ├── SentryConfigToolSolr.java │ │ ├── SentrySchemaHelper.java │ │ ├── SentrySchemaTool.java │ │ ├── SentryShellCommon.java │ │ ├── SentryShellGeneric.java │ │ ├── SentryShellHive.java │ │ ├── SentryShellIndexer.java │ │ ├── ShellCommand.java │ │ └── command │ │ ├── GenericShellCommand.java │ │ └── hive │ │ ├── CommandUtil.java │ │ └── HiveShellCommand.java │ └── shell │ ├── GroupShell.java │ ├── PrivsShell.java │ ├── RolesShell.java │ ├── SentryCli.java │ └── TopLevelShell.java └── test ├── java └── org │ └── apache │ └── sentry │ └── cli │ └── tools │ ├── TestPermissionsMigrationToolSolr.java │ ├── TestSentryConfigToolIndexer.java │ ├── TestSentryConfigToolSolr.java │ ├── TestSentrySchemaTool.java │ ├── TestSentryShellHive.java │ ├── TestSentryShellIndexer.java │ ├── TestSentryShellKafka.java │ ├── TestSentryShellSolr.java │ └── TestSentryShellSqoop.java └── resources ├── cacerts.jks ├── indexer_case.ini ├── indexer_config_import_tool.ini ├── indexer_invalid.ini ├── keystore.jks ├── log4j.properties ├── solr_case.ini ├── solr_config_import_tool.ini └── solr_invalid.ini /.gitignore: -------------------------------------------------------------------------------- 1 | *.class 2 | classes/ 3 | target/ 4 | .classpath 5 | .project 6 | .settings 7 | .metadata 8 | .idea/ 9 | *.iml 10 | derby.log 11 | datanucleus.log 12 | sentry-core/sentry-core-common/src/gen 13 | **/TempStatsStore/ 14 | # Package Files # 15 | *.jar 16 | *.war 17 | *.ear 18 | test-output/ 19 | maven-repo/ 20 | *.orig 21 | *.rej 22 | .DS_Store 23 | **/thirdparty/* 24 | **/metastore_db/* 25 | *dependency-reduced-pom.xml 26 | *.attach* 27 | -------------------------------------------------------------------------------- /NOTICE.txt: -------------------------------------------------------------------------------- 1 | Apache Sentry 2 | Copyright 2019 The Apache Software Foundation 3 | 4 | This product includes software developed at 5 | The Apache Software Foundation (http://www.apache.org/). 6 | 7 | Portions of this software were developed at 8 | Cloudera, Inc. (http://www.cloudera.com/). 9 | 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | What is Sentry? 2 | 3 | Apache Sentry is a highly modular system for providing fine grained role based authorization to both data and metadata stored on an Apache Hadoop cluster. 4 | 5 | Contact us! 6 | 7 | * Mailing lists: https://cwiki.apache.org/confluence/display/SENTRY/Mailing+Lists 8 | 9 | Bug and Issues tracker 10 | 11 | * https://issues.apache.org/jira/browse/SENTRY 12 | 13 | Wiki 14 | 15 | * https://cwiki.apache.org/confluence/display/SENTRY/Home 16 | 17 | Building Sentry 18 | 19 | Building Sentry requires the following tools: 20 | 21 | * Apache Maven 3.2.5+ (Might hit issues with pentaho library with older maven versions) 22 | * Java JDK7 (can't access TBase errors with JDK8) 23 | 24 | To compile Sentry, run: 25 | 26 | mvn install -DskipTests 27 | 28 | To run Sentry tests, run: 29 | 30 | mvn test 31 | 32 | To build a distribution, run: 33 | 34 | mvn install 35 | 36 | The final Sentry distribution artifacts will be in $project/sentry-dist/target/. 37 | -------------------------------------------------------------------------------- /lombok.config: -------------------------------------------------------------------------------- 1 | ## 2 | ## Key : lombok.log.fieldName 3 | ## Type: string 4 | ## 5 | ## Use this name for the generated logger fields (default: 'log') 6 | ## 7 | ## Examples: 8 | # 9 | clear lombok.log.fieldName 10 | lombok.log.fieldName = LOGGER 11 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hbase-indexer/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hbase-indexer/src/test/resources/sentry-site-service.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.hbaseindexer.provider.backend 23 | org.apache.sentry.provider.db.generic.SentryGenericProviderBackend 24 | 25 | 26 | sentry.provider.backend.generic.service-name 27 | MyService 28 | 29 | 30 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hbase-indexer/src/test/resources/sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.provider 23 | org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider 24 | 25 | 26 | sentry.hbaseindexer.provider.resource 27 | classpath:test-authz-provider.ini 28 | 29 | 30 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive-common/src/main/java/org/apache/sentry/binding/hive/conf/InvalidConfigurationException.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.binding.hive.conf; 18 | 19 | public class InvalidConfigurationException extends Exception 20 | { 21 | private static final long serialVersionUID = 1L; 22 | 23 | //Parameterless Constructor 24 | public InvalidConfigurationException() {} 25 | 26 | //Constructor that accepts a message 27 | public InvalidConfigurationException(String message) 28 | { 29 | super(message); 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/main/java/org/apache/sentry/binding/hive/SentryHivePrivilegeObject.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license 3 | * agreements. See the NOTICE file distributed with this work for additional information regarding 4 | * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the 5 | * "License"); you may not use this file except in compliance with the License. You may obtain a 6 | * copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License 11 | * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 12 | * or implied. See the License for the specific language governing permissions and limitations under 13 | * the License. 14 | */ 15 | 16 | package org.apache.sentry.binding.hive; 17 | 18 | import org.apache.hadoop.hive.ql.security.authorization.plugin.HivePrivilegeObject; 19 | 20 | public class SentryHivePrivilegeObject extends HivePrivilegeObject { 21 | 22 | boolean isServer = false; 23 | 24 | boolean isUri = false; 25 | 26 | String objectName = ""; 27 | 28 | public SentryHivePrivilegeObject(HivePrivilegeObjectType type, String objectName) { 29 | super(type, null, objectName); 30 | } 31 | 32 | } 33 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/test/java/org/apache/sentry/binding/hive/MockUserToGroupMapping.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.binding.hive; 19 | 20 | import java.util.Set; 21 | 22 | import org.apache.sentry.provider.common.GroupMappingService; 23 | 24 | import com.google.common.collect.Sets; 25 | 26 | public class MockUserToGroupMapping implements GroupMappingService { 27 | 28 | // User to group 1-to-1 map 29 | @Override 30 | public Set getGroups(String user) { 31 | return Sets.newHashSet(user); 32 | } 33 | 34 | } 35 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/test/resources/hive-policy-test-authz-provider-other-group.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | other_group = analyst_role 20 | 21 | [roles] 22 | analyst_role = server=server1->db=other_group_db->table=purchases->action=select -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-hive/src/test/resources/sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.provider 23 | org.apache.sentry.provider.file.fooProvider 24 | 25 | 26 | sentry.hive.provider.resource 27 | classpath:test-authz-provider.ini 28 | 29 | 30 | 31 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-kafka/src/test/resources/core-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | hadoop.security.group.mapping 23 | org.apache.sentry.kafka.MockGroupMappingServiceProvider 24 | 25 | 26 | 27 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-solr/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-solr/src/test/resources/sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.provider 23 | org.apache.sentry.provider.file.LocalGroupResourceAuthorizationProvider 24 | 25 | 26 | sentry.solr.provider.resource 27 | classpath:test-authz-provider.ini 28 | 29 | 30 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-solr/src/test/resources/solr-policy-test-authz-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | manager = analyst_role, junior_analyst_role 20 | analyst = analyst_role 21 | jranalyst = junior_analyst_role 22 | admin = admin 23 | 24 | [roles] 25 | analyst_role = collection=purchases->action=update, \ 26 | collection=analyst1, \ 27 | collection=jranalyst1->action=*, \ 28 | collection=tmpcollection->action=update, \ 29 | collection=tmpcollection->action=query 30 | junior_analyst_role = collection=jranalyst1, collection=purchases_partial->action=query 31 | admin = collection=* 32 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-sqoop/src/test/java/org/apache/sentry/sqoop/MockAuthenticationProvider.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.sqoop; 18 | 19 | import org.apache.sqoop.security.AuthenticationProvider; 20 | 21 | public class MockAuthenticationProvider extends AuthenticationProvider { 22 | 23 | @Override 24 | public String[] getGroupNames() { 25 | return new String[]{""}; 26 | } 27 | 28 | @Override 29 | public String getUserName() { 30 | return ""; 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /sentry-binding/sentry-binding-sqoop/src/test/resources/no-configure-sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/Command.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry; 19 | 20 | 21 | public interface Command { 22 | void run(String[] args) throws Exception; 23 | } 24 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Action.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common; 18 | 19 | public interface Action { 20 | String ALL = "*"; 21 | String getValue(); 22 | } 23 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Authorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common; 18 | 19 | public interface Authorizable { 20 | String getName(); 21 | 22 | String getTypeName(); 23 | } 24 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/ImplyMethodType.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common; 18 | 19 | public enum ImplyMethodType { 20 | STRING, 21 | STRING_CASE_SENSITIVE, 22 | URL, 23 | ACTION, 24 | } 25 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/Model.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common; 18 | 19 | import java.util.Map; 20 | 21 | // The interface is used for define the authorization model for different component 22 | public interface Model { 23 | // The authorizableTypeName is the key of map, and the ImplyMethodType is the value. 24 | Map getImplyMethodMap(); 25 | 26 | BitFieldActionFactory getBitFieldActionFactory(); 27 | 28 | // TODO: add interface to validate the hierarchy for the resources 29 | } 30 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/exception/MissingConfigurationException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | *

10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | *

12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.core.common.exception; 19 | 20 | /** 21 | * Signals that a mandatory property is missing from the configuration 22 | */ 23 | public class MissingConfigurationException extends RuntimeException { 24 | 25 | public MissingConfigurationException(String configParam) { 26 | super("Property '" + configParam + "' is missing in configuration"); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/exception/SentryAccessDeniedException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.core.common.exception; 19 | 20 | public class SentryAccessDeniedException extends SentryUserException { 21 | private static final long serialVersionUID = 2962080655835L; 22 | public SentryAccessDeniedException(String msg) { 23 | super(msg); 24 | } 25 | public SentryAccessDeniedException(String msg, String reason) { 26 | super(msg, reason); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/exception/SentryGrantDeniedException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.core.common.exception; 19 | 20 | public class SentryGrantDeniedException extends SentryAccessDeniedException { 21 | private static final long serialVersionUID = 1962330785835L; 22 | public SentryGrantDeniedException(String msg) { 23 | super(msg); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/exception/SentryHdfsServiceException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.core.common.exception; 20 | 21 | public class SentryHdfsServiceException extends Exception { 22 | private static final long serialVersionUID = 1511645864949767378L; 23 | 24 | public SentryHdfsServiceException(String message, Throwable cause) { 25 | super(message, cause); 26 | } 27 | 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/exception/SentrySiteConfigurationException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.core.common.exception; 19 | 20 | public class SentrySiteConfigurationException extends SentryUserException { 21 | private static final long serialVersionUID = 1298632655835L; 22 | public SentrySiteConfigurationException(String msg) { 23 | super(msg); 24 | } 25 | public SentrySiteConfigurationException(String msg, Throwable t) { 26 | super(msg, t); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/exception/SentryThriftAPIMismatchException.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.core.common.exception; 19 | 20 | public class SentryThriftAPIMismatchException extends SentryUserException { 21 | private static final long serialVersionUID = 7535410604425511738L; 22 | public SentryThriftAPIMismatchException(String msg) { 23 | super(msg); 24 | } 25 | public SentryThriftAPIMismatchException(String msg, String reason) { 26 | super(msg, reason); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-common/src/main/java/org/apache/sentry/core/common/validator/PrivilegeValidator.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.common.validator; 18 | 19 | import org.apache.shiro.config.ConfigurationException; 20 | 21 | public interface PrivilegeValidator { 22 | 23 | void validate(PrivilegeValidatorContext context) throws ConfigurationException; 24 | } 25 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/DBModelAuthorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.db; 18 | 19 | import org.apache.hadoop.classification.InterfaceAudience.Public; 20 | import org.apache.sentry.core.common.Authorizable; 21 | 22 | @Public 23 | public interface DBModelAuthorizable extends Authorizable { 24 | 25 | public enum AuthorizableType { 26 | Server, 27 | Db, 28 | Table, 29 | Column, 30 | View, 31 | URI 32 | }; 33 | 34 | AuthorizableType getAuthzType(); 35 | } 36 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/ServerResource.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.db; 18 | 19 | public enum ServerResource { 20 | UDFS(); 21 | } 22 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-db/src/main/java/org/apache/sentry/core/model/db/TableOrView.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.db; 18 | 19 | public interface TableOrView extends DBModelAuthorizable { 20 | 21 | } 22 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerConstants.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.indexer; 18 | 19 | public final class IndexerConstants { 20 | 21 | public static final String ALL = "*"; 22 | public static final String READ = "read"; 23 | public static final String WRITE = "write"; 24 | 25 | private IndexerConstants() { 26 | // Make constructor private to avoid instantiation 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-indexer/src/main/java/org/apache/sentry/core/model/indexer/IndexerModelAuthorizable.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.indexer; 18 | 19 | import org.apache.sentry.core.common.Authorizable; 20 | 21 | public interface IndexerModelAuthorizable extends Authorizable { 22 | 23 | public enum AuthorizableType { 24 | Indexer 25 | }; 26 | 27 | AuthorizableType getAuthzType(); 28 | } 29 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/Collection.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.solr; 18 | 19 | public class Collection extends SolrModelAuthorizable { 20 | 21 | /** 22 | * Represents all tables 23 | */ 24 | public static final Collection ALL = new Collection(SolrConstants.ALL); 25 | 26 | public Collection(String name) { 27 | super (AuthorizableType.Collection, name); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/Config.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license 3 | * agreements. See the NOTICE file distributed with this work for additional information regarding 4 | * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the 5 | * "License"); you may not use this file except in compliance with the License. You may obtain a 6 | * copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License 11 | * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 12 | * or implied. See the License for the specific language governing permissions and limitations under 13 | * the License. 14 | */ 15 | package org.apache.sentry.core.model.solr; 16 | 17 | /** 18 | * This class represents a Solr config-set. 19 | */ 20 | public class Config extends SolrModelAuthorizable { 21 | 22 | public static final Config ALL = new Config(SolrConstants.ALL); 23 | 24 | public Config(String name) { 25 | super (AuthorizableType.Config, name); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/Field.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license 3 | * agreements. See the NOTICE file distributed with this work for additional information regarding 4 | * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the 5 | * "License"); you may not use this file except in compliance with the License. You may obtain a 6 | * copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License 11 | * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 12 | * or implied. See the License for the specific language governing permissions and limitations under 13 | * the License. 14 | */ 15 | package org.apache.sentry.core.model.solr; 16 | 17 | /** 18 | * Represents the field authorizable in the solr model 19 | */ 20 | public class Field extends SolrModelAuthorizable { 21 | 22 | /** 23 | * Represents all fields 24 | */ 25 | public static final Field ALL = new Field(SolrConstants.ALL); 26 | 27 | public Field(String name) { 28 | super (AuthorizableType.Field, name); 29 | } 30 | } -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-solr/src/main/java/org/apache/sentry/core/model/solr/Schema.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license 3 | * agreements. See the NOTICE file distributed with this work for additional information regarding 4 | * copyright ownership. The ASF licenses this file to You under the Apache License, Version 2.0 (the 5 | * "License"); you may not use this file except in compliance with the License. You may obtain a 6 | * copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License 11 | * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 12 | * or implied. See the License for the specific language governing permissions and limitations under 13 | * the License. 14 | */ 15 | package org.apache.sentry.core.model.solr; 16 | 17 | /** 18 | * This class represents Solr collection/core schema 19 | */ 20 | public class Schema extends SolrModelAuthorizable { 21 | 22 | public static final Schema ALL = new Schema(SolrConstants.ALL); 23 | 24 | public Schema(String name) { 25 | super (AuthorizableType.Schema, name); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /sentry-core/sentry-core-model-sqoop/src/main/java/org/apache/sentry/core/model/sqoop/SqoopActionConstant.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.core.model.sqoop; 18 | 19 | public final class SqoopActionConstant { 20 | public static final String ALL = "*"; 21 | public static final String ALL_NAME = "ALL"; 22 | public static final String READ = "read"; 23 | public static final String WRITE = "write"; 24 | public static final String NAME = "action"; 25 | 26 | private SqoopActionConstant() { 27 | // Make constructor private to avoid instantiation 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /sentry-dist/src/license/override-THIRD-PARTY.properties: -------------------------------------------------------------------------------- 1 | org.codehaus.jackson--jackson-jaxrs--1.8.3=The Apache Software License, Version 2.0 2 | org.codehaus.jackson--jackson-xc--1.8.3=The Apache Software License, Version 2.0 3 | ant-contrib--ant-contrib--1.0b3=The Apache Software License, Version 1.1 4 | org.hamcrest--hamcrest-core--1.1=BSD License 5 | javax.servlet--javax.servlet-api--3.1.0=CDDL 2 6 | javax.xml.stream--stax-api--1.0-2=CDDL 1.0 7 | com.fasterxml.jackson.core--jackson-annotations--2.2.2=The Apache Software License, Version 2.0 8 | com.fasterxml.jackson.core--jackson-core--2.2.2=The Apache Software License, Version 2.0 9 | com.fasterxml.jackson.core--jackson-databind--2.2.2=The Apache Software License, Version 2.0 10 | com.sun.jersey--jersey-client--1.9=CDDL 1.1 11 | com.sun.jersey--jersey-core--1.9=CDDL 1.1 12 | com.sun.jersey--jersey-json--1.9=CDDL 1.1 13 | com.sun.jersey--jersey-server--1.9=CDDL 1.1 14 | com.sun.jersey.contribs--jersey-guice--1.9=CDDL 1.1 15 | com.sun.xml.bind--jaxb-impl--2.2.3-1=CDDL 1.1 16 | javax.xml.bind--jaxb-api--2.2.2=CDDL 1.1 17 | org.javassist--javassist--3.18.1-GA=The Apache Software License, Version 2.0 18 | dom4j--dom4j--1.6.1=BSD License -------------------------------------------------------------------------------- /sentry-dist/src/main/resources/licences/BSD_License.txt: -------------------------------------------------------------------------------- 1 | Copyright 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 4 | 5 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 6 | 7 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- /sentry-dist/src/main/resources/licences/CDDL_2.txt: -------------------------------------------------------------------------------- 1 | please refer https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html -------------------------------------------------------------------------------- /sentry-dist/src/main/resources/licences/MIT_License.txt: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2003-2017 Optimatika 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/gen/thrift/gen-javabean/org/apache/sentry/hdfs/service/thrift/TPrivilegePrincipalType.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Autogenerated by Thrift Compiler (0.9.3) 3 | * 4 | * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING 5 | * @generated 6 | */ 7 | package org.apache.sentry.hdfs.service.thrift; 8 | 9 | 10 | import java.util.Map; 11 | import java.util.HashMap; 12 | import org.apache.thrift.TEnum; 13 | 14 | public enum TPrivilegePrincipalType implements org.apache.thrift.TEnum { 15 | ROLE(0), 16 | USER(1), 17 | AUTHZ_OBJ(2); 18 | 19 | private final int value; 20 | 21 | private TPrivilegePrincipalType(int value) { 22 | this.value = value; 23 | } 24 | 25 | /** 26 | * Get the integer value of this enum value, as defined in the Thrift IDL. 27 | */ 28 | public int getValue() { 29 | return value; 30 | } 31 | 32 | /** 33 | * Find a the enum type by its integer value, as defined in the Thrift IDL. 34 | * @return null if the value is not found. 35 | */ 36 | public static TPrivilegePrincipalType findByValue(int value) { 37 | switch (value) { 38 | case 0: 39 | return ROLE; 40 | case 1: 41 | return USER; 42 | case 2: 43 | return AUTHZ_OBJ; 44 | default: 45 | return null; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/main/java/org/apache/sentry/hdfs/AuthzPermissions.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | import org.apache.hadoop.fs.permission.AclEntry; 21 | 22 | import java.util.List; 23 | 24 | public interface AuthzPermissions { 25 | 26 | List getAcls(String authzObj); 27 | 28 | } 29 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-common/src/test/resources/hdfs-sentry.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | 23 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-namenode-plugin/src/test/java/org/apache/sentry/hdfs/MockSentryINodeAttributesProvider.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.hdfs; 19 | 20 | public class MockSentryINodeAttributesProvider extends 21 | SentryINodeAttributesProvider { 22 | 23 | public MockSentryINodeAttributesProvider() { 24 | super(new SentryAuthorizationInfoX()); 25 | } 26 | } 27 | -------------------------------------------------------------------------------- /sentry-hdfs/sentry-hdfs-namenode-plugin/src/test/resources/hdfs-sentry.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.hdfs-plugin.path-prefixes 23 | /user/hive/dw 24 | 25 | 26 | sentry.hdfs-plugin.sentry-uri 27 | thrift://localhost:1234 28 | 29 | 30 | sentry.hdfs-plugin.stale-threshold.ms 31 | -1 32 | 33 | 34 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-common/src/main/java/org/apache/sentry/policy/common/PrivilegeFactory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.common; 18 | 19 | /** 20 | * Factory for creating Privilege 21 | */ 22 | public interface PrivilegeFactory { 23 | Privilege createPrivilege(String permission); 24 | } 25 | -------------------------------------------------------------------------------- /sentry-policy/sentry-policy-engine/src/main/java/org/apache/sentry/policy/engine/common/CommonPrivilegeFactory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.policy.engine.common; 18 | 19 | import org.apache.sentry.policy.common.CommonPrivilege; 20 | import org.apache.sentry.policy.common.Privilege; 21 | import org.apache.sentry.policy.common.PrivilegeFactory; 22 | 23 | public class CommonPrivilegeFactory implements PrivilegeFactory { 24 | 25 | @Override 26 | public Privilege createPrivilege(String privilege) { 27 | return new CommonPrivilege(privilege); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.provider.common; 18 | 19 | import java.util.HashSet; 20 | import java.util.Set; 21 | 22 | /** 23 | * GroupMappingService that always returns an empty list of groups 24 | */ 25 | public class NoGroupMappingService implements GroupMappingService { 26 | 27 | /** 28 | * @return empty list of groups for every user 29 | */ 30 | public Set getGroups(String user) { 31 | return new HashSet(); 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/TableCache.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE 3 | * file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file 4 | * to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the 5 | * License. You may obtain a copy of the License at 6 | *

7 | * http://www.apache.org/licenses/LICENSE-2.0 8 | *

9 | * Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on 10 | * an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the 11 | * specific language governing permissions and limitations under the License. 12 | */ 13 | package org.apache.sentry.provider.common; 14 | 15 | import com.google.common.collect.Table; 16 | 17 | import java.util.Set; 18 | 19 | public interface TableCache { 20 | /** 21 | * Returns backing cache. Caller must not modify the returned cache. 22 | * @return backing cache. 23 | */ 24 | Table> getCache(); 25 | } 26 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN WITH_GRANT_OPTION CHAR(1) NOT NULL DEFAULT 'N'; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD `WITH_GRANT_OPTION` CHAR(1) NOT NULL DEFAULT 'N'; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD WITH_GRANT_OPTION CHAR(1) DEFAULT 'N' NOT NULL; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/001-SENTRY-327.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-327 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD COLUMN "WITH_GRANT_OPTION" CHAR(1) NOT NULL DEFAULT 'N'; 3 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | DROP INDEX SENTRYPRIVILEGENAME; 3 | CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME",URI,"ACTION",WITH_GRANT_OPTION); 4 | 5 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP COLUMN PRIVILEGE_NAME; 6 | 7 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN DB_NAME SET DEFAULT '__NULL__'; 8 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN TABLE_NAME SET DEFAULT '__NULL__'; 9 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN URI SET DEFAULT '__NULL__'; 10 | 11 | UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null; 12 | UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null; 13 | UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null; 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP INDEX `SENTRY_DB_PRIV_PRIV_NAME_UNIQ`; 3 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`); 4 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP `PRIVILEGE_NAME`; 5 | 6 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN DB_NAME SET DEFAULT '__NULL__'; 7 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN TABLE_NAME SET DEFAULT '__NULL__'; 8 | ALTER TABLE SENTRY_DB_PRIVILEGE ALTER COLUMN URI SET DEFAULT '__NULL__'; 9 | 10 | UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null; 11 | UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null; 12 | UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null; 13 | 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" DROP INDEX; 3 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","URI","ACTION","WITH_GRANT_OPTION"); 4 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP COLUMN PRIVILEGE_NAME; 5 | 6 | ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY DB_NAME DEFAULT '__NULL__'; 7 | ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY TABLE_NAME DEFAULT '__NULL__'; 8 | ALTER TABLE SENTRY_DB_PRIVILEGE MODIFY URI DEFAULT '__NULL__'; 9 | 10 | UPDATE SENTRY_DB_PRIVILEGE SET DB_NAME = DEFAULT WHERE DB_NAME is null; 11 | UPDATE SENTRY_DB_PRIVILEGE SET TABLE_NAME = DEFAULT WHERE TABLE_NAME is null; 12 | UPDATE SENTRY_DB_PRIVILEGE SET URI = DEFAULT WHERE URI is null; 13 | 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/002-SENTRY-339.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-339 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ"; 3 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","URI", "ACTION","WITH_GRANT_OPTION"); 4 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP COLUMN "PRIVILEGE_NAME"; 5 | 6 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "DB_NAME" SET DEFAULT '__NULL__'; 7 | AlTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "TABLE_NAME" SET DEFAULT '__NULL__'; 8 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ALTER COLUMN "URI" SET DEFAULT '__NULL__'; 9 | 10 | UPDATE "SENTRY_DB_PRIVILEGE" SET "DB_NAME" = DEFAULT where "DB_NAME" is null; 11 | UPDATE "SENTRY_DB_PRIVILEGE" SET "TABLE_NAME" = DEFAULT where "TABLE_NAME" is null; 12 | UPDATE "SENTRY_DB_PRIVILEGE" SET "URI" = DEFAULT where "URI" is null; 13 | 14 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP GRANTOR_PRINCIPAL; 3 | ALTER TABLE SENTRY_ROLE DROP GRANTOR_PRINCIPAL; 4 | ALTER TABLE SENTRY_GROUP DROP GRANTOR_PRINCIPAL; 5 | 6 | ALTER TABLE SENTRY_ROLE_DB_PRIVILEGE_MAP ADD GRANTOR_PRINCIPAL VARCHAR(128); 7 | ALTER TABLE SENTRY_ROLE_GROUP_MAP ADD GRANTOR_PRINCIPAL VARCHAR(128); 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP `GRANTOR_PRINCIPAL`; 3 | ALTER TABLE `SENTRY_ROLE` DROP `GRANTOR_PRINCIPAL`; 4 | ALTER TABLE `SENTRY_GROUP` DROP `GRANTOR_PRINCIPAL`; 5 | 6 | ALTER TABLE `SENTRY_ROLE_DB_PRIVILEGE_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin; 7 | ALTER TABLE `SENTRY_ROLE_GROUP_MAP` ADD `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP COLUMN "GRANTOR_PRINCIPAL"; 3 | ALTER TABLE "SENTRY_ROLE" DROP COLUMN "GRANTOR_PRINCIPAL"; 4 | ALTER TABLE "SENTRY_GROUP" DROP COLUMN "GRANTOR_PRINCIPAL"; 5 | 6 | ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" ADD "GRANTOR_PRINCIPAL" VARCHAR2(128); 7 | ALTER TABLE "SENTRY_ROLE_GROUP_MAP" ADD "GRANTOR_PRINCIPAL" VARCHAR2(128); 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/003-SENTRY-380.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-380 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP "GRANTOR_PRINCIPAL"; 3 | ALTER TABLE "SENTRY_ROLE" DROP "GRANTOR_PRINCIPAL"; 4 | ALTER TABLE "SENTRY_GROUP" DROP "GRANTOR_PRINCIPAL"; 5 | 6 | ALTER TABLE "SENTRY_ROLE_DB_PRIVILEGE_MAP" ADD "GRANTOR_PRINCIPAL" character varying(128); 7 | ALTER TABLE "SENTRY_ROLE_GROUP_MAP" ADD "GRANTOR_PRINCIPAL" character varying(128); 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.derby.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN COLUMN_NAME VARCHAR(4000) DEFAULT '__NULL__'; 3 | DROP INDEX SENTRYPRIVILEGENAME; 4 | CREATE UNIQUE INDEX SENTRYPRIVILEGENAME ON SENTRY_DB_PRIVILEGE ("SERVER_NAME",DB_NAME,"TABLE_NAME","COLUMN_NAME",URI,"ACTION",WITH_GRANT_OPTION); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.mysql.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD `COLUMN_NAME` VARCHAR(128) DEFAULT '__NULL__'; 3 | ALTER TABLE `SENTRY_DB_PRIVILEGE` DROP INDEX `SENTRY_DB_PRIV_PRIV_NAME_UNIQ`; 4 | ALTER TABLE `SENTRY_DB_PRIVILEGE` ADD UNIQUE `SENTRY_DB_PRIV_PRIV_NAME_UNIQ` (`SERVER_NAME`,`DB_NAME`,`TABLE_NAME`,`COLUMN_NAME`,`URI`(250),`ACTION`,`WITH_GRANT_OPTION`); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.oracle.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD COLUMN_NAME VARCHAR2(128) DEFAULT '__NULL__'; 3 | ALTER TABLE SENTRY_DB_PRIVILEGE DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" DROP INDEX; 4 | ALTER TABLE SENTRY_DB_PRIVILEGE ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI","ACTION","WITH_GRANT_OPTION"); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/004-SENTRY-74.postgres.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-74 2 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD COLUMN "COLUMN_NAME" character varying(128) DEFAULT '__NULL__'; 3 | ALTER TABLE "SENTRY_DB_PRIVILEGE" DROP CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ"; 4 | ALTER TABLE "SENTRY_DB_PRIVILEGE" ADD CONSTRAINT "SENTRY_DB_PRIV_PRIV_NAME_UNIQ" UNIQUE ("SERVER_NAME","DB_NAME","TABLE_NAME","COLUMN_NAME","URI", "ACTION","WITH_GRANT_OPTION"); 5 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.derby.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE SENTRY_USER 2 | ( 3 | USER_ID BIGINT NOT NULL generated always as identity (start with 1), 4 | CREATE_TIME BIGINT NOT NULL, 5 | USER_NAME VARCHAR(128) 6 | ); 7 | 8 | ALTER TABLE SENTRY_USER ADD CONSTRAINT SENTRY_USER_PK PRIMARY KEY (USER_ID); 9 | 10 | CREATE UNIQUE INDEX SENTRYUSERNAME ON SENTRY_USER (USER_NAME); 11 | 12 | CREATE TABLE SENTRY_ROLE_USER_MAP 13 | ( 14 | USER_ID BIGINT NOT NULL, 15 | ROLE_ID BIGINT NOT NULL, 16 | GRANTOR_PRINCIPAL VARCHAR(128) 17 | ); 18 | 19 | ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_PK PRIMARY KEY (USER_ID,ROLE_ID); 20 | 21 | CREATE INDEX SENTRY_ROLE_USER_MAP_N49 ON SENTRY_ROLE_USER_MAP (USER_ID); 22 | 23 | CREATE INDEX SENTRY_ROLE_USER_MAP_N50 ON SENTRY_ROLE_USER_MAP (ROLE_ID); 24 | 25 | ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ; 26 | 27 | ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK1 FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER (USER_ID) ; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.mysql.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE `SENTRY_USER` ( 2 | `USER_ID` BIGINT NOT NULL, 3 | `USER_NAME` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin NOT NULL, 4 | `CREATE_TIME` BIGINT NOT NULL 5 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; 6 | 7 | ALTER TABLE `SENTRY_USER` 8 | ADD CONSTRAINT `SENTRY_USER_PK` PRIMARY KEY (`USER_ID`); 9 | 10 | ALTER TABLE `SENTRY_USER` 11 | ADD CONSTRAINT `SENTRY_USER_USER_NAME_UNIQUE` UNIQUE (`USER_NAME`); 12 | 13 | CREATE TABLE `SENTRY_ROLE_USER_MAP` ( 14 | `ROLE_ID` BIGINT NOT NULL, 15 | `USER_ID` BIGINT NOT NULL, 16 | `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin 17 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; 18 | 19 | ALTER TABLE `SENTRY_ROLE_USER_MAP` 20 | ADD CONSTRAINT `SENTRY_ROLE_USER_MAP_PK` PRIMARY KEY (`ROLE_ID`,`USER_ID`); 21 | 22 | ALTER TABLE `SENTRY_ROLE_USER_MAP` 23 | ADD CONSTRAINT `SEN_ROLE_USER_MAP_SEN_ROLE_FK` 24 | FOREIGN KEY (`ROLE_ID`) REFERENCES `SENTRY_ROLE`(`ROLE_ID`); 25 | 26 | ALTER TABLE `SENTRY_ROLE_USER_MAP` 27 | ADD CONSTRAINT `SEN_ROLE_USER_MAP_SEN_USER_FK` 28 | FOREIGN KEY (`USER_ID`) REFERENCES `SENTRY_USER`(`USER_ID`); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.oracle.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE "SENTRY_USER" ( 2 | "USER_ID" NUMBER NOT NULL, 3 | "USER_NAME" VARCHAR2(128) NOT NULL, 4 | "CREATE_TIME" NUMBER NOT NULL 5 | ); 6 | 7 | ALTER TABLE "SENTRY_USER" 8 | ADD CONSTRAINT "SENTRY_USER_PK" PRIMARY KEY ("USER_ID"); 9 | 10 | ALTER TABLE "SENTRY_USER" 11 | ADD CONSTRAINT "SENTRY_USER_USER_NAME_UNIQUE" UNIQUE ("USER_NAME"); 12 | 13 | CREATE TABLE "SENTRY_ROLE_USER_MAP" ( 14 | "ROLE_ID" NUMBER NOT NULL, 15 | "USER_ID" NUMBER NOT NULL, 16 | "GRANTOR_PRINCIPAL" VARCHAR2(128) 17 | ); 18 | 19 | ALTER TABLE "SENTRY_ROLE_USER_MAP" 20 | ADD CONSTRAINT "SENTRY_ROLE_USER_MAP_PK" PRIMARY KEY ("ROLE_ID","USER_ID"); 21 | 22 | ALTER TABLE "SENTRY_ROLE_USER_MAP" 23 | ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_ROLE_FK" 24 | FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") INITIALLY DEFERRED; 25 | 26 | ALTER TABLE "SENTRY_ROLE_USER_MAP" 27 | ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_USER_FK" 28 | FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") INITIALLY DEFERRED; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/006-SENTRY-711.postgres.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE "SENTRY_USER" ( 2 | "USER_ID" BIGINT NOT NULL, 3 | "USER_NAME" character varying(128) NOT NULL, 4 | "CREATE_TIME" BIGINT NOT NULL 5 | ); 6 | 7 | ALTER TABLE ONLY "SENTRY_USER" 8 | ADD CONSTRAINT "SENTRY_USER_PK" PRIMARY KEY ("USER_ID"); 9 | 10 | ALTER TABLE ONLY "SENTRY_USER" 11 | ADD CONSTRAINT "SENTRY_USER_USER_NAME_UNIQUE" UNIQUE ("USER_NAME"); 12 | 13 | CREATE TABLE "SENTRY_ROLE_USER_MAP" ( 14 | "ROLE_ID" BIGINT NOT NULL, 15 | "USER_ID" BIGINT NOT NULL, 16 | "GRANTOR_PRINCIPAL" character varying(128) 17 | ); 18 | 19 | ALTER TABLE "SENTRY_ROLE_USER_MAP" 20 | ADD CONSTRAINT "SENTRY_ROLE_USER_MAP_PK" PRIMARY KEY ("ROLE_ID","USER_ID"); 21 | 22 | ALTER TABLE ONLY "SENTRY_ROLE_USER_MAP" 23 | ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_ROLE_FK" 24 | FOREIGN KEY ("ROLE_ID") REFERENCES "SENTRY_ROLE"("ROLE_ID") DEFERRABLE; 25 | 26 | ALTER TABLE ONLY "SENTRY_ROLE_USER_MAP" 27 | ADD CONSTRAINT "SEN_ROLE_USER_MAP_SEN_USER_FK" 28 | FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") DEFERRABLE; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.derby.sql: -------------------------------------------------------------------------------- 1 | -- Table AUTHZ_PATHS_MAPPING for classes [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 2 | CREATE TABLE AUTHZ_PATHS_MAPPING 3 | ( 4 | AUTHZ_OBJ_ID BIGINT NOT NULL generated always as identity (start with 1), 5 | AUTHZ_OBJ_NAME VARCHAR(384) NOT NULL, 6 | CREATE_TIME_MS BIGINT NOT NULL, 7 | AUTHZ_SNAPSHOT_ID BIGINT NOT NULL 8 | ); 9 | 10 | ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHS_MAPPING_PK PRIMARY KEY (AUTHZ_OBJ_ID); 11 | 12 | -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 13 | CREATE INDEX AUTHZ_SNAPSHOT_ID_INDEX ON AUTHZ_PATHS_MAPPING (AUTHZ_SNAPSHOT_ID); 14 | 15 | -- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath] 16 | CREATE TABLE AUTHZ_PATH 17 | ( 18 | PATH_ID BIGINT NOT NULL, 19 | PATH_NAME VARCHAR(4000), 20 | AUTHZ_OBJ_ID BIGINT 21 | ); 22 | 23 | -- Constraints for table `AUTHZ_PATH` 24 | ALTER TABLE AUTHZ_PATH 25 | ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID); 26 | 27 | ALTER TABLE AUTHZ_PATH 28 | ADD CONSTRAINT AUTHZ_PATH_FK 29 | FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID); 30 | 31 | ------------------------------------------------------------------ 32 | -- Sequences and SequenceTables -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.mysql.sql: -------------------------------------------------------------------------------- 1 | -- Table `AUTHZ_PATHS_MAPPING` for classes [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 2 | CREATE TABLE `AUTHZ_PATHS_MAPPING` 3 | ( 4 | `AUTHZ_OBJ_ID` BIGINT NOT NULL AUTO_INCREMENT, 5 | `AUTHZ_OBJ_NAME` VARCHAR(384) BINARY NOT NULL, 6 | `CREATE_TIME_MS` BIGINT NOT NULL, 7 | `AUTHZ_SNAPSHOT_ID` BIGINT NOT NULL, 8 | CONSTRAINT `AUTHZ_PATHS_MAPPING_PK` PRIMARY KEY (`AUTHZ_OBJ_ID`) 9 | ) ENGINE=INNODB; 10 | 11 | -- Constraints for table `AUTHZ_PATHS_MAPPING` for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 12 | CREATE INDEX `AUTHZ_SNAPSHOT_ID_INDEX` ON `AUTHZ_PATHS_MAPPING` (`AUTHZ_SNAPSHOT_ID`); 13 | 14 | -- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath] 15 | CREATE TABLE `AUTHZ_PATH` ( 16 | `PATH_ID` BIGINT NOT NULL, 17 | `PATH_NAME` VARCHAR(4000) CHARACTER SET utf8 COLLATE utf8_bin, 18 | `AUTHZ_OBJ_ID` BIGINT 19 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; 20 | 21 | -- Constraints for table `AUTHZ_PATH` 22 | ALTER TABLE `AUTHZ_PATH` 23 | ADD CONSTRAINT `AUTHZ_PATH_PK` PRIMARY KEY (`PATH_ID`); 24 | 25 | ALTER TABLE `AUTHZ_PATH` 26 | ADD CONSTRAINT `AUTHZ_PATH_FK` 27 | FOREIGN KEY (`AUTHZ_OBJ_ID`) REFERENCES `AUTHZ_PATHS_MAPPING`(`AUTHZ_OBJ_ID`); 28 | 29 | -- Sequences and SequenceTables -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.oracle.sql: -------------------------------------------------------------------------------- 1 | -- Table AUTHZ_PATHS_MAPPING for classes [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 2 | CREATE TABLE AUTHZ_PATHS_MAPPING 3 | ( 4 | AUTHZ_OBJ_ID NUMBER NOT NULL, 5 | AUTHZ_OBJ_NAME VARCHAR2(384) NOT NULL, 6 | CREATE_TIME_MS NUMBER NOT NULL, 7 | AUTHZ_SNAPSHOT_ID NUMBER NOT NULL 8 | ); 9 | 10 | ALTER TABLE AUTHZ_PATHS_MAPPING ADD CONSTRAINT AUTHZ_PATHS_MAPPING_PK PRIMARY KEY (AUTHZ_OBJ_ID); 11 | 12 | -- Constraints for table AUTHZ_PATHS_MAPPING for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 13 | CREATE INDEX AUTHZ_SNAPSHOT_ID_INDEX ON AUTHZ_PATHS_MAPPING (AUTHZ_SNAPSHOT_ID); 14 | 15 | -- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath] 16 | CREATE TABLE AUTHZ_PATH 17 | ( 18 | PATH_ID NUMBER NOT NULL, 19 | PATH_NAME VARCHAR(4000), 20 | AUTHZ_OBJ_ID NUMBER 21 | ); 22 | 23 | -- Constraints for table `AUTHZ_PATH` 24 | ALTER TABLE AUTHZ_PATH 25 | ADD CONSTRAINT AUTHZ_PATH_PK PRIMARY KEY (PATH_ID); 26 | 27 | ALTER TABLE AUTHZ_PATH 28 | ADD CONSTRAINT AUTHZ_PATH_FK 29 | FOREIGN KEY (AUTHZ_OBJ_ID) REFERENCES AUTHZ_PATHS_MAPPING (AUTHZ_OBJ_ID); 30 | ------------------------------------------------------------------ 31 | -- Sequences and SequenceTables -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/007-SENTRY-1365.postgres.sql: -------------------------------------------------------------------------------- 1 | -- Table "AUTHZ_PATHS_MAPPING" for classes [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 2 | CREATE TABLE "AUTHZ_PATHS_MAPPING" 3 | ( 4 | "AUTHZ_OBJ_ID" SERIAL, 5 | "AUTHZ_OBJ_NAME" varchar(384) NOT NULL, 6 | "CREATE_TIME_MS" int8 NOT NULL, 7 | "AUTHZ_SNAPSHOT_ID" bigint NOT NULL, 8 | CONSTRAINT "AUTHZ_PATHS_MAPPING_PK" PRIMARY KEY ("AUTHZ_OBJ_ID") 9 | ); 10 | 11 | -- Constraints for table "AUTHZ_PATHS_MAPPING" for class(es) [org.apache.sentry.provider.db.service.model.MAuthzPathsMapping] 12 | CREATE INDEX "AUTHZ_SNAPSHOT_ID_INDEX" ON "AUTHZ_PATHS_MAPPING" ("AUTHZ_SNAPSHOT_ID"); 13 | 14 | -- Table `AUTHZ_PATH` for classes [org.apache.sentry.provider.db.service.model.MPath] 15 | CREATE TABLE "AUTHZ_PATH" 16 | ( 17 | "PATH_ID" BIGINT NOT NULL, 18 | "PATH_NAME" varchar(4000), 19 | "AUTHZ_OBJ_ID" BIGINT 20 | ); 21 | 22 | -- Constraints for table `AUTHZ_PATH` 23 | ALTER TABLE "AUTHZ_PATH" 24 | ADD CONSTRAINT "AUTHZ_PATH_PK" PRIMARY KEY ("PATH_ID"); 25 | 26 | ALTER TABLE "AUTHZ_PATH" 27 | ADD CONSTRAINT "AUTHZ_PATH_FK" 28 | FOREIGN KEY ("AUTHZ_OBJ_ID") REFERENCES "AUTHZ_PATHS_MAPPING" ("AUTHZ_OBJ_ID") DEFERRABLE; 29 | ------------------------------------------------------------------ 30 | -- Sequences and SequenceTables -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/008-SENTRY-1569.derby.sql: -------------------------------------------------------------------------------- 1 | -- Table SENTRY_PERM_CHANGE for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange] 2 | CREATE TABLE SENTRY_PERM_CHANGE 3 | ( 4 | CHANGE_ID BIGINT NOT NULL, 5 | CREATE_TIME_MS BIGINT NOT NULL, 6 | PERM_CHANGE VARCHAR(4000) NOT NULL 7 | ); 8 | 9 | ALTER TABLE SENTRY_PERM_CHANGE ADD CONSTRAINT SENTRY_PERM_CHANGE_PK PRIMARY KEY (CHANGE_ID); 10 | 11 | -- Table SENTRY_PATH_CHANGE for classes [org.apache.sentry.provider.db.service.model.MSentryPathChange] 12 | CREATE TABLE SENTRY_PATH_CHANGE 13 | ( 14 | CHANGE_ID BIGINT NOT NULL, 15 | NOTIFICATION_HASH CHAR(40) NOT NULL, 16 | CREATE_TIME_MS BIGINT NOT NULL, 17 | PATH_CHANGE CLOB NOT NULL 18 | ); 19 | 20 | -- Constraints for table SENTRY_PATH_CHANGE for class [org.apache.sentry.provider.db.service.model.MSentryPathChange] 21 | ALTER TABLE SENTRY_PATH_CHANGE ADD CONSTRAINT SENTRY_PATH_CHANGE_PK PRIMARY KEY (CHANGE_ID); 22 | 23 | CREATE UNIQUE INDEX NOTIFICATION_HASH_INDEX ON SENTRY_PATH_CHANGE (NOTIFICATION_HASH); 24 | 25 | -- Table SENTRY_HMS_NOTIFICATION_ID for classes [org.apache.sentry.provider.db.service.model.MSentryHmsNotification] 26 | CREATE TABLE SENTRY_HMS_NOTIFICATION_ID 27 | ( 28 | NOTIFICATION_ID BIGINT NOT NULL 29 | ); 30 | 31 | CREATE INDEX SENTRY_HMS_NOTIF_ID_INDEX ON SENTRY_HMS_NOTIFICATION_ID (NOTIFICATION_ID); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/008-SENTRY-1569.oracle.sql: -------------------------------------------------------------------------------- 1 | -- Table "SENTRY_PERM_CHANGE" for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange] 2 | CREATE TABLE "SENTRY_PERM_CHANGE" 3 | ( 4 | "CHANGE_ID" NUMBER NOT NULL, 5 | "CREATE_TIME_MS" NUMBER NOT NULL, 6 | "PERM_CHANGE" VARCHAR2(4000) NOT NULL 7 | ); 8 | 9 | ALTER TABLE "SENTRY_PERM_CHANGE" ADD CONSTRAINT "SENTRY_PERM_CHANGE_PK" PRIMARY KEY ("CHANGE_ID"); 10 | 11 | -- Table "SENTRY_PATH_CHANGE" for classes [org.apache.sentry.provider.db.service.model.MSentryPathChange] 12 | CREATE TABLE "SENTRY_PATH_CHANGE" 13 | ( 14 | "CHANGE_ID" NUMBER NOT NULL, 15 | "NOTIFICATION_HASH" CHAR(40) NOT NULL, 16 | "CREATE_TIME_MS" NUMBER NOT NULL, 17 | "PATH_CHANGE" CLOB NOT NULL 18 | ); 19 | 20 | -- Constraints for table SENTRY_PATH_CHANGE for class [org.apache.sentry.provider.db.service.model.MSentryPathChange] 21 | CREATE UNIQUE INDEX "NOTIFICATION_HASH_INDEX" ON "SENTRY_PATH_CHANGE" ("NOTIFICATION_HASH"); 22 | ALTER TABLE "SENTRY_PATH_CHANGE" ADD CONSTRAINT SENTRY_PATH_CHANGE_PK PRIMARY KEY ("CHANGE_ID"); 23 | 24 | -- Table SENTRY_HMS_NOTIFICATION_ID for classes [org.apache.sentry.provider.db.service.model.MSentryHmsNotification] 25 | CREATE TABLE "SENTRY_HMS_NOTIFICATION_ID" 26 | ( 27 | "NOTIFICATION_ID" NUMBER NOT NULL 28 | ); 29 | 30 | CREATE INDEX "SENTRY_HMS_NOTIF_ID_INDEX" ON "SENTRY_HMS_NOTIFICATION_ID" ("NOTIFICATION_ID"); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/008-SENTRY-1569.postgres.sql: -------------------------------------------------------------------------------- 1 | -- Table `SENTRY_PERM_CHANGE` for classes [org.apache.sentry.provider.db.service.model.MSentryPermChange] 2 | CREATE TABLE "SENTRY_PERM_CHANGE" 3 | ( 4 | "CHANGE_ID" bigint NOT NULL, 5 | "CREATE_TIME_MS" bigint NOT NULL, 6 | "PERM_CHANGE" VARCHAR(4000) NOT NULL, 7 | CONSTRAINT "SENTRY_PERM_CHANGE_PK" PRIMARY KEY ("CHANGE_ID") 8 | ); 9 | 10 | -- Table `SENTRY_PATH_CHANGE` for classes [org.apache.sentry.provider.db.service.model.MSentryPathChange] 11 | CREATE TABLE "SENTRY_PATH_CHANGE" 12 | ( 13 | "CHANGE_ID" bigint NOT NULL, 14 | "NOTIFICATION_HASH" char(40) NOT NULL, 15 | "CREATE_TIME_MS" bigint NOT NULL, 16 | "PATH_CHANGE" text NOT NULL, 17 | CONSTRAINT "SENTRY_PATH_CHANGE_PK" PRIMARY KEY ("CHANGE_ID") 18 | ); 19 | 20 | -- Constraints for table SENTRY_PATH_CHANGE for class [org.apache.sentry.provider.db.service.model.MSentryPathChange] 21 | CREATE UNIQUE INDEX "NOTIFICATION_HASH_INDEX" ON "SENTRY_PATH_CHANGE" ("NOTIFICATION_HASH"); 22 | 23 | -- Table SENTRY_HMS_NOTIFICATION_ID for classes [org.apache.sentry.provider.db.service.model.MSentryHmsNotification] 24 | CREATE TABLE "SENTRY_HMS_NOTIFICATION_ID" 25 | ( 26 | "NOTIFICATION_ID" bigint NOT NULL 27 | ); 28 | 29 | CREATE INDEX "SENTRY_HMS_NOTIF_ID_INDEX" ON "SENTRY_HMS_NOTIFICATION_ID" ("NOTIFICATION_ID"); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/009-SENTRY-1805.derby.sql: -------------------------------------------------------------------------------- 1 | -- Table AUTHZ_PATHS_SNAPSHOT_ID for class [org.apache.sentry.provider.db.service.model.MAuthzPathsSnapshotId] 2 | CREATE TABLE AUTHZ_PATHS_SNAPSHOT_ID 3 | ( 4 | AUTHZ_SNAPSHOT_ID BIGINT NOT NULL 5 | ); 6 | 7 | -- Constraints for table AUTHZ_PATHS_SNAPSHOT_ID for class [org.apache.sentry.provider.db.service.model.MAuthzPathsSnapshotId] 8 | ALTER TABLE AUTHZ_PATHS_SNAPSHOT_ID ADD CONSTRAINT AUTHZ_SNAPSHOT_ID_PK PRIMARY KEY (AUTHZ_SNAPSHOT_ID); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/009-SENTRY-1805.mysql.sql: -------------------------------------------------------------------------------- 1 | -- Table AUTHZ_PATHS_SNAPSHOT_ID for class [org.apache.sentry.provider.db.service.model.MAuthzPathsSnapshotId] 2 | CREATE TABLE `AUTHZ_PATHS_SNAPSHOT_ID` 3 | ( 4 | `AUTHZ_SNAPSHOT_ID` BIGINT NOT NULL, 5 | CONSTRAINT `AUTHZ_SNAPSHOT_ID_PK` PRIMARY KEY (`AUTHZ_SNAPSHOT_ID`) 6 | )ENGINE=INNODB; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/009-SENTRY-1805.oracle.sql: -------------------------------------------------------------------------------- 1 | -- Table AUTHZ_PATHS_SNAPSHOT_ID for class [org.apache.sentry.provider.db.service.model.MAuthzPathsSnapshotId] 2 | CREATE TABLE AUTHZ_PATHS_SNAPSHOT_ID 3 | ( 4 | AUTHZ_SNAPSHOT_ID NUMBER NOT NULL 5 | ); 6 | 7 | -- Constraints for table AUTHZ_PATHS_SNAPSHOT_ID for class [org.apache.sentry.provider.db.service.model.MAuthzPathsSnapshotId] 8 | ALTER TABLE AUTHZ_PATHS_SNAPSHOT_ID ADD CONSTRAINT AUTHZ_SNAPSHOT_ID_PK PRIMARY KEY (AUTHZ_SNAPSHOT_ID); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/009-SENTRY-1805.postgres.sql: -------------------------------------------------------------------------------- 1 | -- Table AUTHZ_PATHS_SNAPSHOT_ID for class [org.apache.sentry.provider.db.service.model.MAuthzPathsSnapshotId] 2 | CREATE TABLE "AUTHZ_PATHS_SNAPSHOT_ID" 3 | ( 4 | "AUTHZ_SNAPSHOT_ID" bigint NOT NULL, 5 | CONSTRAINT "AUTHZ_SNAPSHOT_ID_PK" PRIMARY KEY ("AUTHZ_SNAPSHOT_ID") 6 | ); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/010-SENTRY-2210.derby.sql: -------------------------------------------------------------------------------- 1 | -- create index for foreign key AUTHZ_OBJ_ID 2 | CREATE INDEX AUTHZ_PATH_FK_IDX ON AUTHZ_PATH (AUTHZ_OBJ_ID); 3 | 4 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/010-SENTRY-2210.mysql.sql: -------------------------------------------------------------------------------- 1 | -- create index for foreign key AUTHZ_OBJ_ID 2 | CREATE INDEX `AUTHZ_PATH_FK_IDX` ON `AUTHZ_PATH` (`AUTHZ_OBJ_ID`); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/010-SENTRY-2210.oracle.sql: -------------------------------------------------------------------------------- 1 | -- create index for foreign key AUTHZ_OBJ_ID 2 | set serveroutput on 3 | declare 4 | already_exists exception; 5 | columns_indexed exception; 6 | pragma exception_init( already_exists, -955 ); 7 | pragma exception_init(columns_indexed, -1408); 8 | begin 9 | execute immediate 'CREATE INDEX "AUTHZ_PATH_FK_IDX" ON "AUTHZ_PATH" ("AUTHZ_OBJ_ID")'; 10 | dbms_output.put_line( 'created' ); 11 | exception 12 | when already_exists or columns_indexed then 13 | dbms_output.put_line( 'skipped' ); 14 | end; 15 | / -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/010-SENTRY-2210.postgres.sql: -------------------------------------------------------------------------------- 1 | -- create index for foreign key AUTHZ_OBJ_ID 2 | DO $BLOCK$ 3 | BEGIN 4 | BEGIN 5 | CREATE INDEX "AUTHZ_PATH_FK_IDX" ON "AUTHZ_PATH"( "AUTHZ_OBJ_ID" ); 6 | EXCEPTION 7 | WHEN duplicate_table 8 | THEN RAISE NOTICE 'index ''AUTHZ_PATH_FK_IDX '' on ''AUTHZ_PATH'' already exists, skipping'; 9 | END; 10 | END; 11 | $BLOCK$; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/011-SENTRY-2154.derby.sql: -------------------------------------------------------------------------------- 1 | -- Table SENTRY_USER_DB_PRIVILEGE_MAP for join relationship 2 | CREATE TABLE SENTRY_USER_DB_PRIVILEGE_MAP ( 3 | USER_ID BIGINT NOT NULL, 4 | DB_PRIVILEGE_ID BIGINT NOT NULL, 5 | GRANTOR_PRINCIPAL VARCHAR(128) 6 | ); 7 | 8 | ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP 9 | ADD CONSTRAINT SENTRY_USR_DB_PRV_MAP_PK PRIMARY KEY (USER_ID,DB_PRIVILEGE_ID); 10 | 11 | ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP 12 | ADD CONSTRAINT SEN_USR_DB_PRV_MAP_SN_USR_FK 13 | FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER(USER_ID); 14 | 15 | ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP 16 | ADD CONSTRAINT SEN_USR_DB_PRV_MAP_DB_PRV_FK 17 | FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE(DB_PRIVILEGE_ID); 18 | 19 | CREATE INDEX SEN_USR_DB_PRV_MAP_USR_FK_IDX ON SENTRY_USER_DB_PRIVILEGE_MAP (USER_ID); 20 | 21 | CREATE INDEX SEN_USR_DB_PRV_MAP_PRV_FK_IDX ON SENTRY_USER_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID); 22 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/011-SENTRY-2154.mysql.sql: -------------------------------------------------------------------------------- 1 | -- Table SENTRY_USER_DB_PRIVILEGE_MAP for join relationship 2 | CREATE TABLE `SENTRY_USER_DB_PRIVILEGE_MAP` ( 3 | `USER_ID` BIGINT NOT NULL, 4 | `DB_PRIVILEGE_ID` BIGINT NOT NULL, 5 | `GRANTOR_PRINCIPAL` VARCHAR(128) CHARACTER SET utf8 COLLATE utf8_bin 6 | ) ENGINE=InnoDB DEFAULT CHARSET=utf8; 7 | 8 | ALTER TABLE `SENTRY_USER_DB_PRIVILEGE_MAP` 9 | ADD CONSTRAINT `SENTRY_USR_DB_PRV_MAP_PK` PRIMARY KEY (`USER_ID`,`DB_PRIVILEGE_ID`); 10 | 11 | ALTER TABLE `SENTRY_USER_DB_PRIVILEGE_MAP` 12 | ADD CONSTRAINT `SEN_USR_DB_PRV_MAP_SN_USR_FK` 13 | FOREIGN KEY (`USER_ID`) REFERENCES `SENTRY_USER`(`USER_ID`); 14 | 15 | ALTER TABLE `SENTRY_USER_DB_PRIVILEGE_MAP` 16 | ADD CONSTRAINT `SEN_USR_DB_PRV_MAP_DB_PRV_FK` 17 | FOREIGN KEY (`DB_PRIVILEGE_ID`) REFERENCES `SENTRY_DB_PRIVILEGE`(`DB_PRIVILEGE_ID`); 18 | 19 | CREATE INDEX `SEN_USR_DB_PRV_MAP_USR_FK_IDX` ON `SENTRY_USER_DB_PRIVILEGE_MAP` (`USER_ID`); 20 | 21 | CREATE INDEX `SEN_USR_DB_PRV_MAP_PRV_FK_IDX` ON `SENTRY_USER_DB_PRIVILEGE_MAP` (`DB_PRIVILEGE_ID`); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/011-SENTRY-2154.oracle.sql: -------------------------------------------------------------------------------- 1 | CREATE TABLE "SENTRY_USER_DB_PRIVILEGE_MAP" ( 2 | "USER_ID" NUMBER NOT NULL, 3 | "DB_PRIVILEGE_ID" NUMBER NOT NULL, 4 | "GRANTOR_PRINCIPAL" VARCHAR2(128) 5 | ); 6 | 7 | ALTER TABLE "SENTRY_USER_DB_PRIVILEGE_MAP" 8 | ADD CONSTRAINT "SENTRY_USR_DB_PRV_MAP_PK" PRIMARY KEY ("USER_ID","DB_PRIVILEGE_ID"); 9 | 10 | ALTER TABLE "SENTRY_USER_DB_PRIVILEGE_MAP" 11 | ADD CONSTRAINT "SEN_USR_DB_PRV_MAP_SN_USR_FK" 12 | FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") INITIALLY DEFERRED; 13 | 14 | ALTER TABLE "SENTRY_USER_DB_PRIVILEGE_MAP" 15 | ADD CONSTRAINT "SEN_USR_DB_PRV_MAP_DB_PRV_FK" 16 | FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") INITIALLY DEFERRED; 17 | 18 | CREATE INDEX "SEN_USR_DB_PRV_MAP_USR_FK_IDX" ON "SENTRY_USER_DB_PRIVILEGE_MAP" ("USER_ID"); 19 | 20 | CREATE INDEX "SEN_USR_DB_PRV_MAP_PRV_FK_IDX" ON "SENTRY_USER_DB_PRIVILEGE_MAP" ("DB_PRIVILEGE_ID"); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/011-SENTRY-2154.postgres.sql: -------------------------------------------------------------------------------- 1 | -- Table SENTRY_USER_DB_PRIVILEGE_MAP for join relationship 2 | CREATE TABLE "SENTRY_USER_DB_PRIVILEGE_MAP" ( 3 | "USER_ID" BIGINT NOT NULL, 4 | "DB_PRIVILEGE_ID" BIGINT NOT NULL, 5 | "GRANTOR_PRINCIPAL" character varying(128) 6 | ); 7 | 8 | ALTER TABLE "SENTRY_USER_DB_PRIVILEGE_MAP" 9 | ADD CONSTRAINT "SENTRY_USR_DB_PRV_MAP_PK" PRIMARY KEY ("USER_ID","DB_PRIVILEGE_ID"); 10 | 11 | ALTER TABLE ONLY "SENTRY_USER_DB_PRIVILEGE_MAP" 12 | ADD CONSTRAINT "SN_USR_DB_PRV_MAP_SN_USER_FK" 13 | FOREIGN KEY ("USER_ID") REFERENCES "SENTRY_USER"("USER_ID") DEFERRABLE; 14 | 15 | ALTER TABLE ONLY "SENTRY_USER_DB_PRIVILEGE_MAP" 16 | ADD CONSTRAINT "SEN_USR_DB_PRV_MAP_DB_PRV_FK" 17 | FOREIGN KEY ("DB_PRIVILEGE_ID") REFERENCES "SENTRY_DB_PRIVILEGE"("DB_PRIVILEGE_ID") DEFERRABLE; 18 | 19 | CREATE INDEX "SEN_USR_DB_PRV_MAP_USR_FK_IDX" ON "SENTRY_USER_DB_PRIVILEGE_MAP" ("USER_ID"); 20 | 21 | CREATE INDEX "SEN_USR_DB_PRV_MAP_PRV_FK_IDX" ON "SENTRY_USER_DB_PRIVILEGE_MAP" ("DB_PRIVILEGE_ID"); -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.6.0-to-1.7.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-1.7.0-to-1.8.0.sql: -------------------------------------------------------------------------------- 1 | -- SENTRY-711 2 | CREATE TABLE SENTRY_USER 3 | ( 4 | USER_ID BIGINT NOT NULL generated always as identity (start with 1), 5 | CREATE_TIME BIGINT NOT NULL, 6 | USER_NAME VARCHAR(128) 7 | ); 8 | 9 | ALTER TABLE SENTRY_USER ADD CONSTRAINT SENTRY_USER_PK PRIMARY KEY (USER_ID); 10 | 11 | CREATE UNIQUE INDEX SENTRYUSERNAME ON SENTRY_USER (USER_NAME); 12 | 13 | CREATE TABLE SENTRY_ROLE_USER_MAP 14 | ( 15 | USER_ID BIGINT NOT NULL, 16 | ROLE_ID BIGINT NOT NULL, 17 | GRANTOR_PRINCIPAL VARCHAR(128) 18 | ); 19 | 20 | ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_PK PRIMARY KEY (USER_ID,ROLE_ID); 21 | 22 | CREATE INDEX SENTRY_ROLE_USER_MAP_N49 ON SENTRY_ROLE_USER_MAP (USER_ID); 23 | 24 | CREATE INDEX SENTRY_ROLE_USER_MAP_N50 ON SENTRY_ROLE_USER_MAP (ROLE_ID); 25 | 26 | ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK2 FOREIGN KEY (ROLE_ID) REFERENCES SENTRY_ROLE (ROLE_ID) ; 27 | 28 | ALTER TABLE SENTRY_ROLE_USER_MAP ADD CONSTRAINT SENTRY_ROLE_USER_MAP_FK1 FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER (USER_ID) ; 29 | 30 | -- Version update 31 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-2.0.0-to-2.1.0.sql: -------------------------------------------------------------------------------- 1 | -- create index for foreign key AUTHZ_OBJ_ID 2 | CREATE INDEX AUTHZ_PATH_FK_IDX ON AUTHZ_PATH (AUTHZ_OBJ_ID); 3 | 4 | -- Table SENTRY_USER_DB_PRIVILEGE_MAP for join relationship 5 | CREATE TABLE SENTRY_USER_DB_PRIVILEGE_MAP 6 | ( 7 | USER_ID BIGINT NOT NULL, 8 | DB_PRIVILEGE_ID BIGINT NOT NULL, 9 | GRANTOR_PRINCIPAL VARCHAR(128) 10 | ); 11 | 12 | -- Constraints for table SENTRY_USER_DB_PRIVILEGE_MAP 13 | ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP ADD CONSTRAINT SENTRY_USR_DB_PRV_MAP_PK PRIMARY KEY (USER_ID,DB_PRIVILEGE_ID); 14 | 15 | CREATE INDEX SENTRY_USER_DB_PRIVILEGE_MAP_N50 ON SENTRY_USER_DB_PRIVILEGE_MAP (USER_ID); 16 | 17 | CREATE INDEX SENTRY_USER_DB_PRIVILEGE_MAP_N49 ON SENTRY_USER_DB_PRIVILEGE_MAP (DB_PRIVILEGE_ID); 18 | 19 | ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP ADD CONSTRAINT SEN_USR_DB_PRV_MAP_DB_PRV_FK FOREIGN KEY (DB_PRIVILEGE_ID) REFERENCES SENTRY_DB_PRIVILEGE (DB_PRIVILEGE_ID) ; 20 | 21 | ALTER TABLE SENTRY_USER_DB_PRIVILEGE_MAP ADD CONSTRAINT SEN_USR_DB_PRV_MAP_SN_USR_FK FOREIGN KEY (USER_ID) REFERENCES SENTRY_USER (USER_ID) ; 22 | 23 | -- Version update 24 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.1.0', VERSION_COMMENT='Sentry release version 2.1.0' WHERE VER_ID=1; 25 | 26 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-db2-2.1.0-to-2.2.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.2.0', VERSION_COMMENT='Sentry release version 2.2.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | RUN '001-SENTRY-327.derby.sql'; 2 | RUN '002-SENTRY-339.derby.sql'; 3 | RUN '003-SENTRY-380.derby.sql'; 4 | RUN '004-SENTRY-74.derby.sql'; 5 | RUN '005-SENTRY-398.derby.sql'; 6 | 7 | -- Version update 8 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1; 9 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.6.0-to-1.7.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.7.0-to-1.8.0.sql: -------------------------------------------------------------------------------- 1 | RUN '006-SENTRY-711.derby.sql'; 2 | 3 | -- Version update 4 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-1.8.0-to-2.0.0.sql: -------------------------------------------------------------------------------- 1 | RUN '007-SENTRY-1365.derby.sql'; 2 | RUN '008-SENTRY-1569.derby.sql'; 3 | RUN '009-SENTRY-1805.derby.sql'; 4 | 5 | -- Version update 6 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.0.0', VERSION_COMMENT='Sentry release version 2.0.0' WHERE VER_ID=1; 7 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-2.0.0-to-2.1.0.sql: -------------------------------------------------------------------------------- 1 | RUN '010-SENTRY-2210.derby.sql'; 2 | RUN '011-SENTRY-2154.derby.sql'; 3 | 4 | -- Version update 5 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.1.0', VERSION_COMMENT='Sentry release version 2.1.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-derby-2.1.0-to-2.2.0.sql: -------------------------------------------------------------------------------- 1 | -- Version update 2 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.2.0', VERSION_COMMENT='Sentry release version 2.2.0' WHERE VER_ID=1; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0' AS ' '; 2 | SOURCE 001-SENTRY-327.mysql.sql; 3 | SOURCE 002-SENTRY-339.mysql.sql; 4 | SOURCE 003-SENTRY-380.mysql.sql; 5 | SOURCE 004-SENTRY-74.mysql.sql; 6 | SOURCE 005-SENTRY-398.mysql.sql; 7 | 8 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1; 9 | SELECT 'Finish upgrading Sentry store schema from 1.4.0 to 1.5.0' AS ' '; 10 | 11 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0' AS ' '; 2 | 3 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; 4 | 5 | SELECT 'Finish upgrading Sentry store schema from 1.5.0 to 1.6.0' AS ' '; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.6.0-to-1.7.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.6.0 to 1.7.0' AS ' '; 2 | 3 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1; 4 | 5 | SELECT 'Finish upgrading Sentry store schema from 1.6.0 to 1.7.0' AS ' '; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.7.0-to-1.8.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.7.0 to 1.8.0' AS ' '; 2 | SOURCE 006-SENTRY-711.mysql.sql; 3 | 4 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1; 5 | 6 | SELECT 'Finish upgrading Sentry store schema from 1.7.0 to 1.8.0' AS ' '; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-1.8.0-to-2.0.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.8.0 to 2.0.0' AS ' '; 2 | SOURCE 007-SENTRY-1365.mysql.sql; 3 | SOURCE 008-SENTRY-1569.mysql.sql; 4 | SOURCE 009-SENTRY-1805.mysql.sql; 5 | 6 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.0.0', VERSION_COMMENT='Sentry release version 2.0.0' WHERE VER_ID=1; 7 | 8 | SELECT 'Finish upgrading Sentry store schema from 1.8.0 to 2.0.0' AS ' '; 9 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-2.0.0-to-2.1.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 2.0.0 to 2.1.0' AS ' '; 2 | SOURCE 010-SENTRY-2210.mysql.sql; 3 | SOURCE 011-SENTRY-2154.mysql.sql; 4 | 5 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.1.0', VERSION_COMMENT='Sentry release version 2.1.0' WHERE VER_ID=1; 6 | 7 | SELECT 'Finish upgrading Sentry store schema from 2.0.0 to 2.1.0' AS ' '; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-mysql-2.1.0-to-2.2.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 2.1.0 to 2.2.0' AS ' '; 2 | 3 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.2.0', VERSION_COMMENT='Sentry release version 2.2.0' WHERE VER_ID=1; 4 | 5 | SELECT 'Finish upgrading Sentry store schema from 2.1.0 to 2.2.0' AS ' '; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0' AS Status from dual; 2 | @001-SENTRY-327.oracle.sql; 3 | @002-SENTRY-339.oracle.sql; 4 | @003-SENTRY-380.oracle.sql; 5 | @004-SENTRY-74.oracle.sql; 6 | @005-SENTRY-398.oracle.sql; 7 | 8 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.5.0', VERSION_COMMENT='Sentry release version 1.5.0' WHERE VER_ID=1; 9 | SELECT 'Finished upgrading Sentry store schema from 1.4.0 to 1.5.0' AS Status from dual; 10 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0' AS Status from dual; 2 | 3 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.6.0', VERSION_COMMENT='Sentry release version 1.6.0' WHERE VER_ID=1; 4 | 5 | SELECT 'Finished upgrading Sentry store schema from 1.5.0 to 1.6.0' AS Status from dual; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.6.0-to-1.7.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.6.0 to 1.7.0' AS Status from dual; 2 | 3 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.7.0', VERSION_COMMENT='Sentry release version 1.7.0' WHERE VER_ID=1; 4 | 5 | SELECT 'Finished upgrading Sentry store schema from 1.6.0 to 1.7.0' AS Status from dual; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.7.0-to-1.8.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.7.0 to 1.8.0' AS Status from dual; 2 | @006-SENTRY-711.oracle.sql; 3 | 4 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='1.8.0', VERSION_COMMENT='Sentry release version 1.8.0' WHERE VER_ID=1; 5 | 6 | SELECT 'Finished upgrading Sentry store schema from 1.7.0 to 1.8.0' AS Status from dual; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-1.8.0-to-2.0.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.8.0 to 2.0.0' AS Status from dual; 2 | @007-SENTRY-1365.oracle.sql; 3 | @008-SENTRY-1569.oracle.sql; 4 | @009-SENTRY-1805.oracle.sql; 5 | 6 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.0.0', VERSION_COMMENT='Sentry release version 2.0.0' WHERE VER_ID=1; 7 | 8 | SELECT 'Finished upgrading Sentry store schema from 1.8.0 to 2.0.0' AS Status from dual; 9 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-2.0.0-to-2.1.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 2.0.0 to 2.1.0' AS Status from dual; 2 | @010-SENTRY-2210.oracle.sql; 3 | @011-SENTRY-2154.oracle.sql; 4 | 5 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.1.0', VERSION_COMMENT='Sentry release version 2.1.0' WHERE VER_ID=1; 6 | 7 | SELECT 'Finished upgrading Sentry store schema from 2.0.0 to 2.1.0' AS Status from dual; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-oracle-2.1.0-to-2.2.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 2.1.0 to 2.2.0' AS Status from dual; 2 | 3 | 4 | UPDATE SENTRY_VERSION SET SCHEMA_VERSION='2.2.0', VERSION_COMMENT='Sentry release version 2.2.0' WHERE VER_ID=1; 5 | 6 | SELECT 'Finished upgrading Sentry store schema from 2.010 to 2.2.0' AS Status from dual; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.4.0-to-1.5.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.4.0 to 1.5.0'; 2 | \i 001-SENTRY-327.postgres.sql; 3 | \i 002-SENTRY-339.postgres.sql; 4 | \i 003-SENTRY-380.postgres.sql; 5 | \i 004-SENTRY-74.postgres.sql; 6 | \i 005-SENTRY-398.postgres.sql; 7 | 8 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.5.0', "VERSION_COMMENT"='Sentry release version 1.5.0' WHERE "VER_ID"=1; 9 | SELECT 'Finished upgrading Sentry store schema from 1.4.0 to 1.5.0'; 10 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.5.0-to-1.6.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.5.0 to 1.6.0'; 2 | 3 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.6.0', "VERSION_COMMENT"='Sentry release version 1.6.0' WHERE "VER_ID"=1; 4 | 5 | SELECT 'Finished upgrading Sentry store schema from 1.5.0 to 1.6.0'; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.6.0-to-1.7.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.6.0 to 1.7.0'; 2 | 3 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.7.0', "VERSION_COMMENT"='Sentry release version 1.7.0' WHERE "VER_ID"=1; 4 | 5 | SELECT 'Finished upgrading Sentry store schema from 1.6.0 to 1.7.0'; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.7.0-to-1.8.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.7.0 to 1.8.0'; 2 | \i 006-SENTRY-711.postgres.sql; 3 | 4 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='1.8.0', "VERSION_COMMENT"='Sentry release version 1.8.0' WHERE "VER_ID"=1; 5 | 6 | SELECT 'Finished upgrading Sentry store schema from 1.7.0 to 1.8.0'; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-1.8.0-to-2.0.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 1.8.0 to 2.0.0'; 2 | \i 007-SENTRY-1365.postgres.sql; 3 | \i 008-SENTRY-1569.postgres.sql; 4 | \i 009-SENTRY-1805.postgres.sql; 5 | 6 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='2.0.0', "VERSION_COMMENT"='Sentry release version 2.0.0' WHERE "VER_ID"=1; 7 | 8 | SELECT 'Finished upgrading Sentry store schema from 1.8.0 to 2.0.0'; 9 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-2.0.0-to-2.1.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 2.0.0 to 2.1.0'; 2 | \i 010-SENTRY-2210.postgres.sql; 3 | \i 011-SENTRY-2154.postgres.sql; 4 | 5 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='2.1.0', "VERSION_COMMENT"='Sentry release version 2.1.0' WHERE "VER_ID"=1; 6 | 7 | SELECT 'Finished upgrading Sentry store schema from 2.0.0 to 2.1.0'; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/sentry-upgrade-postgres-2.1.0-to-2.2.0.sql: -------------------------------------------------------------------------------- 1 | SELECT 'Upgrading Sentry store schema from 2.1.0 to 2.2.0'; 2 | 3 | 4 | UPDATE "SENTRY_VERSION" SET "SCHEMA_VERSION"='2.2.0', "VERSION_COMMENT"='Sentry release version 2.2.0' WHERE "VER_ID"=1; 5 | 6 | SELECT 'Finished upgrading Sentry store schema from 2.1.0 to 2.2.0'; -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.db2: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | 1.6.0-to-1.7.0 4 | 1.7.0-to-1.8.0 5 | 1.8.0-to-2.0.0 6 | 2.0.0-to-2.1.0 7 | 2.1.0-to-2.2.0 -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.derby: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | 1.6.0-to-1.7.0 4 | 1.7.0-to-1.8.0 5 | 1.8.0-to-2.0.0 6 | 2.0.0-to-2.1.0 7 | 2.1.0-to-2.2.0 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.mysql: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | 1.6.0-to-1.7.0 4 | 1.7.0-to-1.8.0 5 | 1.8.0-to-2.0.0 6 | 2.0.0-to-2.1.0 7 | 2.1.0-to-2.2.0 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.oracle: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | 1.6.0-to-1.7.0 4 | 1.7.0-to-1.8.0 5 | 1.8.0-to-2.0.0 6 | 2.0.0-to-2.1.0 7 | 2.1.0-to-2.2.0 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/main/resources/upgrade.order.postgres: -------------------------------------------------------------------------------- 1 | 1.4.0-to-1.5.0 2 | 1.5.0-to-1.6.0 3 | 1.6.0-to-1.7.0 4 | 1.7.0-to-1.8.0 5 | 1.8.0-to-2.0.0 6 | 2.0.0-to-2.1.0 7 | 2.1.0-to-2.2.0 8 | -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/test/resources/cacerts.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-provider/sentry-provider-db/src/test/resources/cacerts.jks -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-db/src/test/resources/keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-provider/sentry-provider-db/src/test/resources/keystore.jks -------------------------------------------------------------------------------- /sentry-provider/sentry-provider-file/src/test/resources/log4j.properties: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, 13 | # software distributed under the License is distributed on an 14 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | # KIND, either express or implied. See the License for the 16 | # specific language governing permissions and limitations 17 | # under the License. 18 | # 19 | 20 | # Define some default values that can be overridden by system properties. 21 | # 22 | # For testing, it may also be convenient to specify 23 | 24 | log4j.rootLogger=DEBUG,console 25 | 26 | log4j.appender.console=org.apache.log4j.ConsoleAppender 27 | log4j.appender.console.target=System.err 28 | log4j.appender.console.layout=org.apache.log4j.PatternLayout 29 | log4j.appender.console.layout.ConversionPattern=%d (%t) [%p - %l] %m%n 30 | 31 | log4j.logger.org.apache.hadoop.conf.Configuration=INFO 32 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/generic/thrift/TSentryGrantOption.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Autogenerated by Thrift Compiler (0.9.3) 3 | * 4 | * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING 5 | * @generated 6 | */ 7 | package org.apache.sentry.api.generic.thrift; 8 | 9 | 10 | import java.util.Map; 11 | import java.util.HashMap; 12 | import org.apache.thrift.TEnum; 13 | 14 | public enum TSentryGrantOption implements org.apache.thrift.TEnum { 15 | TRUE(1), 16 | FALSE(0), 17 | UNSET(-1); 18 | 19 | private final int value; 20 | 21 | private TSentryGrantOption(int value) { 22 | this.value = value; 23 | } 24 | 25 | /** 26 | * Get the integer value of this enum value, as defined in the Thrift IDL. 27 | */ 28 | public int getValue() { 29 | return value; 30 | } 31 | 32 | /** 33 | * Find a the enum type by its integer value, as defined in the Thrift IDL. 34 | * @return null if the value is not found. 35 | */ 36 | public static TSentryGrantOption findByValue(int value) { 37 | switch (value) { 38 | case 1: 39 | return TRUE; 40 | case 0: 41 | return FALSE; 42 | case -1: 43 | return UNSET; 44 | default: 45 | return null; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TSentryGrantOption.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Autogenerated by Thrift Compiler (0.9.3) 3 | * 4 | * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING 5 | * @generated 6 | */ 7 | package org.apache.sentry.api.service.thrift; 8 | 9 | 10 | import java.util.Map; 11 | import java.util.HashMap; 12 | import org.apache.thrift.TEnum; 13 | 14 | public enum TSentryGrantOption implements org.apache.thrift.TEnum { 15 | TRUE(1), 16 | FALSE(0), 17 | UNSET(-1); 18 | 19 | private final int value; 20 | 21 | private TSentryGrantOption(int value) { 22 | this.value = value; 23 | } 24 | 25 | /** 26 | * Get the integer value of this enum value, as defined in the Thrift IDL. 27 | */ 28 | public int getValue() { 29 | return value; 30 | } 31 | 32 | /** 33 | * Find a the enum type by its integer value, as defined in the Thrift IDL. 34 | * @return null if the value is not found. 35 | */ 36 | public static TSentryGrantOption findByValue(int value) { 37 | switch (value) { 38 | case 1: 39 | return TRUE; 40 | case 0: 41 | return FALSE; 42 | case -1: 43 | return UNSET; 44 | default: 45 | return null; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-api/src/gen/thrift/gen-javabean/org/apache/sentry/api/service/thrift/TSentryPrincipalType.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Autogenerated by Thrift Compiler (0.9.3) 3 | * 4 | * DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING 5 | * @generated 6 | */ 7 | package org.apache.sentry.api.service.thrift; 8 | 9 | 10 | import java.util.Map; 11 | import java.util.HashMap; 12 | import org.apache.thrift.TEnum; 13 | 14 | public enum TSentryPrincipalType implements org.apache.thrift.TEnum { 15 | NONE(0), 16 | ROLE(1), 17 | USER(2); 18 | 19 | private final int value; 20 | 21 | private TSentryPrincipalType(int value) { 22 | this.value = value; 23 | } 24 | 25 | /** 26 | * Get the integer value of this enum value, as defined in the Thrift IDL. 27 | */ 28 | public int getValue() { 29 | return value; 30 | } 31 | 32 | /** 33 | * Find a the enum type by its integer value, as defined in the Thrift IDL. 34 | * @return null if the value is not found. 35 | */ 36 | public static TSentryPrincipalType findByValue(int value) { 37 | switch (value) { 38 | case 0: 39 | return NONE; 40 | case 1: 41 | return ROLE; 42 | case 2: 43 | return USER; 44 | default: 45 | return null; 46 | } 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-api/src/main/java/org/apache/sentry/api/common/ThriftConstants.java: -------------------------------------------------------------------------------- 1 | /* 2 | * 3 | * Licensed to the Apache Software Foundation (ASF) under one 4 | * or more contributor license agreements. See the NOTICE file 5 | * distributed with this work for additional information 6 | * regarding copyright ownership. The ASF licenses this file 7 | * to you under the Apache License, Version 2.0 (the 8 | * "License"); you may not use this file except in compliance 9 | * with the License. You may obtain a copy of the License at 10 | * 11 | * http://www.apache.org/licenses/LICENSE-2.0 12 | * 13 | * Unless required by applicable law or agreed to in writing, software 14 | * distributed under the License is distributed on an "AS IS" BASIS, 15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 16 | * See the License for the specific language governing permissions and 17 | * limitations under the License. 18 | */ 19 | 20 | package org.apache.sentry.api.common; 21 | 22 | import org.apache.sentry.service.thrift.sentry_common_serviceConstants; 23 | 24 | /** 25 | * Thrift generates terrible constant class names 26 | */ 27 | public class ThriftConstants extends sentry_common_serviceConstants { 28 | public static final int TSENTRY_SERVICE_VERSION_CURRENT = sentry_common_serviceConstants.TSENTRY_SERVICE_V2; 29 | } 30 | 31 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/AttributeDesc.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.server.provider.webservice; 21 | 22 | import lombok.Data; 23 | import lombok.RequiredArgsConstructor; 24 | 25 | /** 26 | * Bean for definition of Servlet Attributes to be defined by WebServiceProvider 27 | */ 28 | @Data 29 | @RequiredArgsConstructor(staticName = "of") 30 | public class AttributeDesc { 31 | private final String name; 32 | private final Object attribute; 33 | } 34 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-providers/src/main/java/org/apache/sentry/server/provider/webservice/WebServiceProviderFactory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.server.provider.webservice; 21 | 22 | import org.apache.hadoop.conf.Configuration; 23 | import org.apache.sentry.spi.ProviderFactory; 24 | 25 | /** 26 | * Sentry Web Service Provider Factory interface 27 | */ 28 | public interface WebServiceProviderFactory extends ProviderFactory { 29 | void init(Configuration config); 30 | } 31 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-providers/src/main/resources/META-INF/services/org.apache.sentry.spi.Spi: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | # 19 | 20 | org.apache.sentry.server.provider.webservice.WebServiceSpi -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/log/entity/JsonLogEntity.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.provider.db.log.entity; 20 | 21 | public interface JsonLogEntity { 22 | 23 | String toJsonFormatLog() throws Exception; 24 | 25 | } 26 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/main/java/org/apache/sentry/provider/db/service/model/MSentryChange.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | package org.apache.sentry.provider.db.service.model; 19 | 20 | /** 21 | * The base class for various delta changes stored in Sentry DB. 22 | */ 23 | public interface MSentryChange { 24 | long getChangeID(); 25 | } 26 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/SentryServiceFactory.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.service.thrift; 20 | 21 | import org.apache.hadoop.conf.Configuration; 22 | 23 | public class SentryServiceFactory { 24 | public static SentryService create(Configuration conf) throws Exception { 25 | return new SentryService(conf); 26 | } 27 | } -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/main/java/org/apache/sentry/service/thrift/SentryState.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license 3 | * agreements. See the NOTICE file distributed with this work for additional information regarding 4 | * copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 5 | * (the "License"); you may not use this file except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License 11 | * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 12 | * or implied. See the License for the specific language governing permissions and limitations under 13 | * the License. 14 | */ 15 | 16 | package org.apache.sentry.service.thrift; 17 | 18 | /** 19 | * Interface for SentryState enums. 20 | */ 21 | public interface SentryState { 22 | 23 | /** 24 | * This gets the Bitmask value associated with the state. 25 | */ 26 | long getValue(); 27 | } 28 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/main/resources/META-INF/services/org.apache.sentry.server.provider.webservice.WebServiceProviderFactory: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | # 19 | 20 | org.apache.sentry.api.service.thrift.SentryServiceWebServiceProvider -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServerForPoolWithoutKerberos.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless createRequired by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.api.service.thrift; 20 | 21 | import org.junit.BeforeClass; 22 | 23 | public class TestSentryServerForPoolWithoutKerberos extends TestSentryServerWithoutKerberos { 24 | 25 | @BeforeClass 26 | public static void setup() throws Exception { 27 | kerberos = false; 28 | pooled = true; 29 | beforeSetup(); 30 | setupConf(); 31 | startSentryService(); 32 | afterSetup(); 33 | } 34 | 35 | } -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/test/java/org/apache/sentry/api/service/thrift/TestSentryServiceForPoolWithKerberos.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless createRequired by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | */ 18 | 19 | package org.apache.sentry.api.service.thrift; 20 | 21 | import org.junit.BeforeClass; 22 | 23 | public class TestSentryServiceForPoolWithKerberos extends TestSentryServiceWithKerberos { 24 | 25 | @BeforeClass 26 | public static void setup() throws Exception { 27 | kerberos = true; 28 | pooled = true; 29 | beforeSetup(); 30 | setupConf(); 31 | startSentryService(); 32 | afterSetup(); 33 | } 34 | 35 | } -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/test/java/org/apache/sentry/service/thrift/SentryStateBankTestHelper.java: -------------------------------------------------------------------------------- 1 | /** 2 | * Licensed to the Apache Software Foundation (ASF) under one or more contributor license 3 | * agreements. See the NOTICE file distributed with this work for additional information regarding 4 | * copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 5 | * (the "License"); you may not use this file except in compliance with the License. You may obtain 6 | * a copy of the License at 7 | * 8 | * http://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software distributed under the License 11 | * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express 12 | * or implied. See the License for the specific language governing permissions and limitations under 13 | * the License. 14 | */ 15 | package org.apache.sentry.service.thrift; 16 | 17 | /** 18 | * 19 | */ 20 | public class SentryStateBankTestHelper { 21 | 22 | public static void clearAllStates() { 23 | SentryStateBank.clearAllStates(); 24 | } 25 | 26 | public static void resetComponentState(String component) { 27 | SentryStateBank.resetComponentState(component); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/test/resources/cacerts.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-service/sentry-service-server/src/test/resources/cacerts.jks -------------------------------------------------------------------------------- /sentry-service/sentry-service-server/src/test/resources/keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-service/sentry-service-server/src/test/resources/keystore.jks -------------------------------------------------------------------------------- /sentry-service/sentry-service-web/src/main/resources/META-INF/services/org.apache.sentry.server.provider.webservice.WebServiceProviderFactory: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | # 19 | 20 | org.apache.sentry.service.web.DefaultWebServicesProvider -------------------------------------------------------------------------------- /sentry-service/sentry-service-web/src/main/webapp/static/images/sentry.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-service/sentry-service-web/src/main/webapp/static/images/sentry.png -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/java/org/apache/solr/handler/component/UserAttributeSourceParams.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.solr.handler.component; 18 | 19 | import org.apache.solr.common.params.SolrParams; 20 | 21 | /** 22 | * Params interface to hold named key-value pairs for configuring {@link UserAttributeSource} subclasses 23 | * To be initialized from a {@link SolrParams} object. 24 | */ 25 | public interface UserAttributeSourceParams { 26 | 27 | /** 28 | * @param solrParams from which to initialize this object 29 | */ 30 | void init(SolrParams solrParams); 31 | } 32 | -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/resources/sentry-handlers/solr/collection1/conf/schema-minimal.xml: -------------------------------------------------------------------------------- 1 | 2 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | -------------------------------------------------------------------------------- /sentry-solr/solr-sentry-handlers/src/main/resources/sentry-handlers/solr/collection1/lib/README: -------------------------------------------------------------------------------- 1 | 17 | 18 | Items under this directory are used by TestConfig.testLibs() 19 | -------------------------------------------------------------------------------- /sentry-spi/src/main/java/org/apache/sentry/spi/Provider.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.spi; 21 | 22 | /** 23 | * The main Provider interface. 24 | * 25 | * This was borrowed from and inspired by the Keycloak SPI implmentation 26 | * http://www.keycloak.org 27 | * original Author Stian Thorgersen 28 | */ 29 | public interface Provider { 30 | 31 | 32 | default void close() { 33 | 34 | } 35 | 36 | 37 | } 38 | -------------------------------------------------------------------------------- /sentry-spi/src/test/java/org/apache/sentry/spi/SomeTestProvider.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.spi; 21 | 22 | /** 23 | * Simple Test Provider interface 24 | */ 25 | public interface SomeTestProvider extends Provider { 26 | 27 | } 28 | -------------------------------------------------------------------------------- /sentry-spi/src/test/java/org/apache/sentry/spi/SomeTestProviderFactory.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.spi; 21 | 22 | /** 23 | * Simple Test Provider Factory Interface 24 | */ 25 | public interface SomeTestProviderFactory extends ProviderFactory { 26 | 27 | } 28 | -------------------------------------------------------------------------------- /sentry-spi/src/test/java/org/apache/sentry/spi/SomeTestProviderImplA.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.spi; 21 | 22 | /** 23 | * Implementation of SomeTestProvider 24 | */ 25 | public class SomeTestProviderImplA implements SomeTestProviderFactory, SomeTestProvider { 26 | 27 | @Override 28 | public Provider create() { 29 | return this; 30 | } 31 | 32 | @Override 33 | public String getId() { 34 | return "A"; 35 | } 36 | 37 | @Override 38 | public void close() { 39 | 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /sentry-spi/src/test/java/org/apache/sentry/spi/SomeTestProviderImplB.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.spi; 21 | 22 | /** 23 | * Implementation of SomeTestProvider 24 | */ 25 | public class SomeTestProviderImplB implements SomeTestProviderFactory, SomeTestProvider { 26 | 27 | @Override 28 | public Provider create() { 29 | return this; 30 | } 31 | 32 | @Override 33 | public String getId() { 34 | return "B"; 35 | } 36 | 37 | @Override 38 | public void close() { 39 | 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /sentry-spi/src/test/java/org/apache/sentry/spi/SomeTestProviderImplNotLoaded.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one 3 | * or more contributor license agreements. See the NOTICE file 4 | * distributed with this work for additional information 5 | * regarding copyright ownership. The ASF licenses this file 6 | * to you under the Apache License, Version 2.0 (the 7 | * "License"); you may not use this file except in compliance 8 | * with the License. You may obtain a copy of the License at 9 | * 10 | * http://www.apache.org/licenses/LICENSE-2.0 11 | * 12 | * Unless required by applicable law or agreed to in writing, software 13 | * distributed under the License is distributed on an "AS IS" BASIS, 14 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | * See the License for the specific language governing permissions and 16 | * limitations under the License. 17 | * 18 | */ 19 | 20 | package org.apache.sentry.spi; 21 | 22 | /** 23 | * Unused Implementation of SomeTestProvider 24 | */ 25 | public class SomeTestProviderImplNotLoaded implements SomeTestProviderFactory, SomeTestProvider { 26 | 27 | @Override 28 | public Provider create() { 29 | return this; 30 | } 31 | 32 | @Override 33 | public String getId() { 34 | return "NotLoaded"; 35 | } 36 | 37 | @Override 38 | public void close() { 39 | 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /sentry-spi/src/test/resources/META-INF/services/org.apache.sentry.spi.SomeTestProviderFactory: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | # 19 | org.apache.sentry.spi.SomeTestProviderImplA 20 | org.apache.sentry.spi.SomeTestProviderImplB -------------------------------------------------------------------------------- /sentry-spi/src/test/resources/META-INF/services/org.apache.sentry.spi.Spi: -------------------------------------------------------------------------------- 1 | # 2 | # Licensed to the Apache Software Foundation (ASF) under one 3 | # or more contributor license agreements. See the NOTICE file 4 | # distributed with this work for additional information 5 | # regarding copyright ownership. The ASF licenses this file 6 | # to you under the Apache License, Version 2.0 (the 7 | # "License"); you may not use this file except in compliance 8 | # with the License. You may obtain a copy of the License at 9 | # 10 | # http://www.apache.org/licenses/LICENSE-2.0 11 | # 12 | # Unless required by applicable law or agreed to in writing, software 13 | # distributed under the License is distributed on an "AS IS" BASIS, 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 | # See the License for the specific language governing permissions and 16 | # limitations under the License. 17 | # 18 | # 19 | 20 | org.apache.sentry.spi.SomeTestSpi 21 | -------------------------------------------------------------------------------- /sentry-tests/data/xudf.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tests/data/xudf.jar -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hdfs/TestHDFSIntegrationWithHA.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.tests.e2e.hdfs; 19 | 20 | import org.junit.BeforeClass; 21 | 22 | public class TestHDFSIntegrationWithHA extends TestHDFSIntegrationEnd2End { 23 | @BeforeClass 24 | public static void setup() throws Exception { 25 | hdfsSyncEnabled = true; 26 | TestHDFSIntegrationBase.testSentryHA = true; 27 | TestHDFSIntegrationBase.setup(); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/SlowE2ETest.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.tests.e2e.hive; 19 | 20 | import java.lang.annotation.Retention; 21 | import java.lang.annotation.RetentionPolicy; 22 | 23 | @Retention(value=RetentionPolicy.RUNTIME) 24 | public @interface SlowE2ETest { 25 | // Just for tagging a test class and method to adapt the timeout 26 | } 27 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestEndToEndWithSimpleCache.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.tests.e2e.hive; 18 | 19 | import org.junit.BeforeClass; 20 | 21 | public class TestEndToEndWithSimpleCache extends TestEndToEnd { 22 | @BeforeClass 23 | public static void setupTestStaticConfiguration() throws Exception { 24 | cacheClassName = "org.apache.sentry.provider.cache.SimplePrivilegeCache"; 25 | TestEndToEnd.setupTestStaticConfiguration(); 26 | } 27 | } 28 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/TestUDF.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.tests.e2e.hive; 18 | 19 | import org.apache.hadoop.hive.ql.exec.UDF; 20 | import org.apache.hadoop.io.Text; 21 | 22 | 23 | public final class TestUDF extends UDF { 24 | 25 | public Text evaluate(final Text s) { 26 | if (s == null) { return null; } 27 | return new Text(s.toString().toUpperCase()); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/java/org/apache/sentry/tests/e2e/hive/hiveserver/HiveServer.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | 18 | package org.apache.sentry.tests.e2e.hive.hiveserver; 19 | 20 | import java.sql.Connection; 21 | 22 | public interface HiveServer { 23 | 24 | void start() throws Exception; 25 | 26 | void shutdown() throws Exception; 27 | 28 | String getURL(); 29 | 30 | String getProperty(String key); 31 | 32 | Connection createConnection(String user, String password) throws Exception; 33 | 34 | String getOrgWarehouseDir(); 35 | } 36 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/emp.dat: -------------------------------------------------------------------------------- 1 | 16|john 2 | 17|robert 3 | 18|andrew 4 | 19|katty 5 | 21|tom 6 | 22|tim 7 | 23|james 8 | 24|paul 9 | 27|edward 10 | 29|alan 11 | 31|kerry 12 | 34|terri -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/sentry-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | foo = all_default 20 | 21 | [roles] 22 | all_default = server=server1->db=default 23 | 24 | [users] 25 | foo = foo 26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/sentry-site.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 19 | 20 | 21 | 22 | sentry.provider 23 | invalid 24 | 25 | 26 | sentry.hive.provider.resource 27 | invalid 28 | 29 | 30 | sentry.hive.server 31 | myHS2 32 | 33 | 34 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/testPolicyImportAdmin.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | admin=adminRole 20 | 21 | [roles] 22 | adminRole=server=server1 23 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-hive/src/test/resources/testPolicyImportError.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | group1=roleImport1 20 | [roles] 21 | roleImport1=server->db=db_1 22 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/main/java/org/apache/sentry/tests/e2e/kafka/TestUtils.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Licensed to the Apache Software Foundation (ASF) under one or more 3 | * contributor license agreements. See the NOTICE file distributed with 4 | * this work for additional information regarding copyright ownership. 5 | * The ASF licenses this file to You under the Apache License, Version 2.0 6 | * (the "License"); you may not use this file except in compliance with 7 | * the License. You may obtain a copy of the License at 8 | * 9 | * http://www.apache.org/licenses/LICENSE-2.0 10 | * 11 | * Unless required by applicable law or agreed to in writing, software 12 | * distributed under the License is distributed on an "AS IS" BASIS, 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 | * See the License for the specific language governing permissions and 15 | * limitations under the License. 16 | */ 17 | package org.apache.sentry.tests.e2e.kafka; 18 | 19 | import java.io.IOException; 20 | import java.net.ServerSocket; 21 | 22 | public class TestUtils { 23 | public static int getFreePort() throws IOException { 24 | synchronized (TestUtils.class) { 25 | ServerSocket serverSocket = new ServerSocket(0); 26 | int port = serverSocket.getLocalPort(); 27 | serverSocket.close(); 28 | return port; 29 | } 30 | } 31 | } 32 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/test.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICxzCCAa+gAwIBAgIEK13qfTANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlzdXBlcnVzZXIw 3 | HhcNMTUxMjE1MjMzNTAzWhcNMTYwMzE0MjMzNTAzWjAUMRIwEAYDVQQDEwlzdXBlcnVzZXIwggEi 4 | MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChGUnirhdFKW6OXbPBqQ1tWEFrxvCHr51uVU9H 5 | V2aqO+Q02a+Vzyb24dzyqnbM5uOeGqAyTFXpCPOK0oxTCvf/0idmHIcgt40797I7rxWDJw9/wYos 6 | UGkqizAb878LaFScIo6Phu6zjdj/J16vd5KiWN5pzOLnwO8DebzO5s+N34VuNZ8s45zemq2bES9Z 7 | z8mMolTkZS4d8wGExC93n5oiNrPGUneKRZJYukv3SiDMajaOTqnI4Xo/LIs3dynq8dTBQPTtUwnA 8 | UZz8kpew6PfxDYYHjg2eHli/6Dopmur/R27xuxn5VnJHnxgL5mbxrRgAidGN6CwJFA7ZxSBn67pr 9 | AgMBAAGjITAfMB0GA1UdDgQWBBTxczVGKoS4NuNIPlS4yJfm8fSj3zANBgkqhkiG9w0BAQsFAAOC 10 | AQEAC4PSVAzUVGqhESIGDpJ6kbHzw/wBUmrjceTDQv9cVPNrHlMWoG67nM45tECWud3osB57nunV 11 | vcwSNXxhf4M+IPK1BoT2awUjEfWN+F7guxFXpU2lQpmHPj+015g9pGvvneRLZj8VfdFo8PuyDeRy 12 | V0HuG7xJ2xZMM8XpgL9BHrgD/4CITzRkaHnyuYb+Yz5GUFYOpLn0ANNm3gfW+eMiE/38zc+o23wJ 13 | V49hAKGqalJUATWVzq7iCqTqxeIQ2RQyJ9O5p82Y5CIG1Tp07zdCPVqkKz7NAbt2K0ZW5/5qc5V/ 14 | y88rnXWj9nZPYwyVj5rxqB8h2WDLDmxr1JuwuMOlYw== 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/test.keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tests/sentry-tests-kafka/src/test/resources/test.keystore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/test.truststore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tests/sentry-tests-kafka/src/test/resources/test.truststore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user1.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICvzCCAaegAwIBAgIEWaKEszANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDEwV1c2VyMTAeFw0x 3 | NTEyMTUyMzQyNTlaFw0xNjAzMTQyMzQyNTlaMBAxDjAMBgNVBAMTBXVzZXIxMIIBIjANBgkqhkiG 4 | 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDzGn4VvJnROVCC+CR77DfqmF1wkNUrOiaLL9qufoRi9DuZU 5 | epmqebg0YyCQVyuIUe1p7qhnOGNnFN0nJC75C4MbCDX/s2+gxUBb6iaP7pwmdKzprvP3YGQrQXo/ 6 | pv+zV9EH1P5JP+27B6NVGTGJPUP4UqZF2uyhNOHIcB9sMvZTnyfDLs+8o9dCv3bFPpwEGZnk3I1I 7 | xD1cYSz+qb3E3M68L6cFVSo1qnK0QN8eBXXB/ljCHaQ47jLfZrJjjiRKA1YOnY+sRCbQDv4wU+dc 8 | oOenLzLikrMdVyONokbkneS/LnwjmNev2i9I9NA0D3bZvJuN/DkuQ245iXgdnqOvJwIDAQABoyEw 9 | HzAdBgNVHQ4EFgQUfzocV1Og4CsGte7Ux4luCVA3TTYwDQYJKoZIhvcNAQELBQADggEBAEeemqwJ 10 | eY/GahjPesuyJKiIfH4MgMGvZ19441WnKG1CuHrtwMES8Znxc+iS4hutPX6I/Mvb9HMg8M3u9B7W 11 | 1dj4QOvi5iZuWqrV2bhBrFoUV7fXPjjMfu15i/CX5Lfu56cBeyKshq674rQ4AWn1k5saxa6Jhaao 12 | 6ceFfnTldgVSSS0rBFyz1fBj7dLXnS8MmxN0cmDO1jVXu2Tfjw0ofRmLxD1SCMEwrNEcERRUWudm 13 | nIy1Q14xCYmTnGEf9uG8TmHO/y5Elc/jcMN2mGwb8N0FIV7nh1HLyAmR6O7JPrQ3QWR4Vr5tMH/K 14 | 3b9N51c0enX9UZedGYVc+qlLJ/P6B5w= 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user1.keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tests/sentry-tests-kafka/src/test/resources/user1.keystore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user1.truststore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tests/sentry-tests-kafka/src/test/resources/user1.truststore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user2.crt: -------------------------------------------------------------------------------- 1 | -----BEGIN CERTIFICATE----- 2 | MIICvzCCAaegAwIBAgIEC6qUijANBgkqhkiG9w0BAQsFADAQMQ4wDAYDVQQDEwV1c2VyMjAeFw0x 3 | NTEyMTUyMzQ0MjVaFw0xNjAzMTQyMzQ0MjVaMBAxDjAMBgNVBAMTBXVzZXIyMIIBIjANBgkqhkiG 4 | 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhm2vitVj2xApz7ZtaWNcqegodc9nFY+HCcIx2WqoUzQTXZ8q 5 | Fm6H6blKrL+xJXY7ZlEB8nMdfWFfOdS2zX6hutkstkwId5MSceWUb5GUzdClUQAS8DGMtQdU3LlY 6 | EcIgz9fim6/Ad0ZIKwyAc47HJLd/nQOozAaDDnWdLbhRymv/PNEt5IndkeTfbFd1uWgpV9vhfLWN 7 | 3FmXOksVoIKR+l9YBOmAUIjstK2Tq8b/q4Dbcp82X1nPW12fG2FlowgolWEOlaCbSGwN60LjoP69 8 | 1azAFU5IPaxmQ46oZpb7jMCRrHgdx+zhjRxjY9PpTCYWdtBHqnLyuckl/mpOxS64vwIDAQABoyEw 9 | HzAdBgNVHQ4EFgQUHaTI3Xl/CjJLhVCZto5ZJBCTaLUwDQYJKoZIhvcNAQELBQADggEBAEg/SxvT 10 | +NLmh7tWF0QZR2S6wl+UgJIqiS6NlEk3Te6TdPda2t2K8cmFndBcAmZqvLkz7dIkeDwa507SbrTg 11 | NJXcOycpH1s15VjiVRF8dXqflLCEcBUNw8h4AENsdVcNKliR+YXLk1i/x5jVfncQps6Zxj68NFoN 12 | h6tf7KyBHT4DvekYocjdXDQ/tPdvPqokYIM/q0K7NRZvDg6yUYukkFjta9D9623PwydtA/t75AEb 13 | zOJra5A6qp/qo/U1UyLzEkwSlWaLaOa7MrNaFy/OQbkVncP+6jFCIXlWpQ+TqyUmTfwmL+A2oJWW 14 | l3Ziy62zAfuaJ1EwY4zwFlZHJR4lF7E= 15 | -----END CERTIFICATE----- 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user2.keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tests/sentry-tests-kafka/src/test/resources/user2.keystore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-kafka/src/test/resources/user2.truststore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tests/sentry-tests-kafka/src/test/resources/user2.truststore.jks -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/admin-extra.html: -------------------------------------------------------------------------------- 1 | 17 | 18 | 25 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/admin-extra.menu-bottom.html: -------------------------------------------------------------------------------- 1 | 17 | 18 | 19 | 26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/admin-extra.menu-top.html: -------------------------------------------------------------------------------- 1 | 17 | 18 | 19 | 26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_ca.txt: -------------------------------------------------------------------------------- 1 | # Set of Catalan contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | d 4 | l 5 | m 6 | n 7 | s 8 | t 9 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_fr.txt: -------------------------------------------------------------------------------- 1 | # Set of French contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | l 4 | m 5 | t 6 | qu 7 | n 8 | s 9 | j 10 | d 11 | c 12 | jusqu 13 | quoiqu 14 | lorsqu 15 | puisqu 16 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_ga.txt: -------------------------------------------------------------------------------- 1 | # Set of Irish contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | d 4 | m 5 | b 6 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/contractions_it.txt: -------------------------------------------------------------------------------- 1 | # Set of Italian contractions for ElisionFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | c 4 | l 5 | all 6 | dall 7 | dell 8 | nell 9 | sull 10 | coll 11 | pell 12 | gl 13 | agl 14 | dagl 15 | degl 16 | negl 17 | sugl 18 | un 19 | m 20 | t 21 | s 22 | v 23 | d 24 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/hyphenations_ga.txt: -------------------------------------------------------------------------------- 1 | # Set of Irish hyphenations for StopFilter 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | h 4 | n 5 | t 6 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stemdict_nl.txt: -------------------------------------------------------------------------------- 1 | # Set of overrides for the dutch stemmer 2 | # TODO: load this as a resource from the analyzer and sync it in build.xml 3 | fiets fiets 4 | bromfiets bromfiets 5 | ei eier 6 | kind kinder 7 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_el.txt: -------------------------------------------------------------------------------- 1 | # Lucene Greek Stopwords list 2 | # Note: by default this file is used after GreekLowerCaseFilter, 3 | # so when modifying this file use 'σ' instead of 'ς' 4 | ο 5 | η 6 | το 7 | οι 8 | τα 9 | του 10 | τησ 11 | των 12 | τον 13 | την 14 | και 15 | κι 16 | κ 17 | ειμαι 18 | εισαι 19 | ειναι 20 | ειμαστε 21 | ειστε 22 | στο 23 | στον 24 | στη 25 | στην 26 | μα 27 | αλλα 28 | απο 29 | για 30 | προσ 31 | με 32 | σε 33 | ωσ 34 | παρα 35 | αντι 36 | κατα 37 | μετα 38 | θα 39 | να 40 | δε 41 | δεν 42 | μη 43 | μην 44 | επι 45 | ενω 46 | εαν 47 | αν 48 | τοτε 49 | που 50 | πωσ 51 | ποιοσ 52 | ποια 53 | ποιο 54 | ποιοι 55 | ποιεσ 56 | ποιων 57 | ποιουσ 58 | αυτοσ 59 | αυτη 60 | αυτο 61 | αυτοι 62 | αυτων 63 | αυτουσ 64 | αυτεσ 65 | αυτα 66 | εκεινοσ 67 | εκεινη 68 | εκεινο 69 | εκεινοι 70 | εκεινεσ 71 | εκεινα 72 | εκεινων 73 | εκεινουσ 74 | οπωσ 75 | ομωσ 76 | ισωσ 77 | οσο 78 | οτι 79 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_eu.txt: -------------------------------------------------------------------------------- 1 | # example set of basque stopwords 2 | al 3 | anitz 4 | arabera 5 | asko 6 | baina 7 | bat 8 | batean 9 | batek 10 | bati 11 | batzuei 12 | batzuek 13 | batzuetan 14 | batzuk 15 | bera 16 | beraiek 17 | berau 18 | berauek 19 | bere 20 | berori 21 | beroriek 22 | beste 23 | bezala 24 | da 25 | dago 26 | dira 27 | ditu 28 | du 29 | dute 30 | edo 31 | egin 32 | ere 33 | eta 34 | eurak 35 | ez 36 | gainera 37 | gu 38 | gutxi 39 | guzti 40 | haiei 41 | haiek 42 | haietan 43 | hainbeste 44 | hala 45 | han 46 | handik 47 | hango 48 | hara 49 | hari 50 | hark 51 | hartan 52 | hau 53 | hauei 54 | hauek 55 | hauetan 56 | hemen 57 | hemendik 58 | hemengo 59 | hi 60 | hona 61 | honek 62 | honela 63 | honetan 64 | honi 65 | hor 66 | hori 67 | horiei 68 | horiek 69 | horietan 70 | horko 71 | horra 72 | horrek 73 | horrela 74 | horretan 75 | horri 76 | hortik 77 | hura 78 | izan 79 | ni 80 | noiz 81 | nola 82 | non 83 | nondik 84 | nongo 85 | nor 86 | nora 87 | ze 88 | zein 89 | zen 90 | zenbait 91 | zenbat 92 | zer 93 | zergatik 94 | ziren 95 | zituen 96 | zu 97 | zuek 98 | zuen 99 | zuten 100 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_ga.txt: -------------------------------------------------------------------------------- 1 | 2 | a 3 | ach 4 | ag 5 | agus 6 | an 7 | aon 8 | ar 9 | arna 10 | as 11 | b' 12 | ba 13 | beirt 14 | bhúr 15 | caoga 16 | ceathair 17 | ceathrar 18 | chomh 19 | chtó 20 | chuig 21 | chun 22 | cois 23 | céad 24 | cúig 25 | cúigear 26 | d' 27 | daichead 28 | dar 29 | de 30 | deich 31 | deichniúr 32 | den 33 | dhá 34 | do 35 | don 36 | dtí 37 | dá 38 | dár 39 | dó 40 | faoi 41 | faoin 42 | faoina 43 | faoinár 44 | fara 45 | fiche 46 | gach 47 | gan 48 | go 49 | gur 50 | haon 51 | hocht 52 | i 53 | iad 54 | idir 55 | in 56 | ina 57 | ins 58 | inár 59 | is 60 | le 61 | leis 62 | lena 63 | lenár 64 | m' 65 | mar 66 | mo 67 | mé 68 | na 69 | nach 70 | naoi 71 | naonúr 72 | ná 73 | ní 74 | níor 75 | nó 76 | nócha 77 | ocht 78 | ochtar 79 | os 80 | roimh 81 | sa 82 | seacht 83 | seachtar 84 | seachtó 85 | seasca 86 | seisear 87 | siad 88 | sibh 89 | sinn 90 | sna 91 | sé 92 | sí 93 | tar 94 | thar 95 | thú 96 | triúr 97 | trí 98 | trína 99 | trínár 100 | tríocha 101 | tú 102 | um 103 | ár 104 | é 105 | éis 106 | í 107 | ó 108 | ón 109 | óna 110 | ónár 111 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/stopwords_hy.txt: -------------------------------------------------------------------------------- 1 | # example set of Armenian stopwords. 2 | այդ 3 | այլ 4 | այն 5 | այս 6 | դու 7 | դուք 8 | եմ 9 | են 10 | ենք 11 | ես 12 | եք 13 | է 14 | էի 15 | էին 16 | էինք 17 | էիր 18 | էիք 19 | էր 20 | ըստ 21 | թ 22 | ի 23 | ին 24 | իսկ 25 | իր 26 | կամ 27 | համար 28 | հետ 29 | հետո 30 | մենք 31 | մեջ 32 | մի 33 | ն 34 | նա 35 | նաև 36 | նրա 37 | նրանք 38 | որ 39 | որը 40 | որոնք 41 | որպես 42 | ու 43 | ում 44 | պիտի 45 | վրա 46 | և 47 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/lang/userdict_ja.txt: -------------------------------------------------------------------------------- 1 | # 2 | # This is a sample user dictionary for Kuromoji (JapaneseTokenizer) 3 | # 4 | # Add entries to this file in order to override the statistical model in terms 5 | # of segmentation, readings and part-of-speech tags. Notice that entries do 6 | # not have weights since they are always used when found. This is by-design 7 | # in order to maximize ease-of-use. 8 | # 9 | # Entries are defined using the following CSV format: 10 | # , ... , ... , 11 | # 12 | # Notice that a single half-width space separates tokens and readings, and 13 | # that the number tokens and readings must match exactly. 14 | # 15 | # Also notice that multiple entries with the same is undefined. 16 | # 17 | # Whitespace only lines are ignored. Comments are not allowed on entry lines. 18 | # 19 | 20 | # Custom segmentation for kanji compounds 21 | 日本経済新聞,日本 経済 新聞,ニホン ケイザイ シンブン,カスタム名詞 22 | 関西国際空港,関西 国際 空港,カンサイ コクサイ クウコウ,カスタム名詞 23 | 24 | # Custom segmentation for compound katakana 25 | トートバッグ,トート バッグ,トート バッグ,かずカナ名詞 26 | ショルダーバッグ,ショルダー バッグ,ショルダー バッグ,かずカナ名詞 27 | 28 | # Custom reading for former sumo wrestler 29 | 朝青龍,朝青龍,アサショウリュウ,カスタム人名 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/protwords.txt: -------------------------------------------------------------------------------- 1 | # The ASF licenses this file to You under the Apache License, Version 2.0 2 | # (the "License"); you may not use this file except in compliance with 3 | # the License. You may obtain a copy of the License at 4 | # 5 | # http://www.apache.org/licenses/LICENSE-2.0 6 | # 7 | # Unless required by applicable law or agreed to in writing, software 8 | # distributed under the License is distributed on an "AS IS" BASIS, 9 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 10 | # See the License for the specific language governing permissions and 11 | # limitations under the License. 12 | 13 | #----------------------------------------------------------------------- 14 | # Use a protected word file to protect against the stemmer reducing two 15 | # unrelated words to the same base word. 16 | 17 | # Some non-words that normally won't be encountered, 18 | # just to test that they won't be stemmed. 19 | dontstems 20 | zwhacky 21 | 22 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/scripts.conf: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | 16 | user= 17 | solr_hostname=localhost 18 | solr_port=8983 19 | rsyncd_port=18983 20 | data_dir= 21 | webapp_name=solr 22 | master_host= 23 | master_data_dir= 24 | master_status_dir= 25 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/spellings.txt: -------------------------------------------------------------------------------- 1 | pizza 2 | history 3 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/stopwords.txt: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one or more 2 | # contributor license agreements. See the NOTICE file distributed with 3 | # this work for additional information regarding copyright ownership. 4 | # The ASF licenses this file to You under the Apache License, Version 2.0 5 | # (the "License"); you may not use this file except in compliance with 6 | # the License. You may obtain a copy of the License at 7 | # 8 | # http://www.apache.org/licenses/LICENSE-2.0 9 | # 10 | # Unless required by applicable law or agreed to in writing, software 11 | # distributed under the License is distributed on an "AS IS" BASIS, 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | # See the License for the specific language governing permissions and 14 | # limitations under the License. 15 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/synonyms.txt: -------------------------------------------------------------------------------- 1 | # The ASF licenses this file to You under the Apache License, Version 2.0 2 | # (the "License"); you may not use this file except in compliance with 3 | # the License. You may obtain a copy of the License at 4 | # 5 | # http://www.apache.org/licenses/LICENSE-2.0 6 | # 7 | # Unless required by applicable law or agreed to in writing, software 8 | # distributed under the License is distributed on an "AS IS" BASIS, 9 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 10 | # See the License for the specific language governing permissions and 11 | # limitations under the License. 12 | 13 | #----------------------------------------------------------------------- 14 | #some test synonym mappings unlikely to appear in real input text 15 | aaafoo => aaabar 16 | bbbfoo => bbbfoo bbbbar 17 | cccfoo => cccbar cccbaz 18 | fooaaa,baraaa,bazaaa 19 | 20 | # Some synonym groups specific to this example 21 | GB,gib,gigabyte,gigabytes 22 | MB,mib,megabyte,megabytes 23 | Television, Televisions, TV, TVs 24 | #notice we use "gib" instead of "GiB" so any WordDelimiterFilter coming 25 | #after us won't split it into two words. 26 | 27 | # Synonym mappings can be used for spelling correction too 28 | pixima => pixma 29 | 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/browse.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Main entry point into the /browse templates 3 | *# 4 | 5 | #set($searcher = $request.searcher) 6 | #set($params = $request.params) 7 | #set($clusters = $response.response.clusters) 8 | #set($mltResults = $response.response.get("moreLikeThis")) 9 | #set($annotate = $params.get("annotateBrowse")) 10 | #parse('query_form.vm') 11 | #parse('did_you_mean.vm') 12 | 13 |

14 | #parse("facets.vm") 15 |
16 | 17 | 20 | 21 | ## Show Error Message, if any 22 |
23 | #parse("error.vm") 24 |
25 | 26 | ## Render Results, actual matching docs 27 |
28 | #parse("results_list.vm") 29 |
30 | 31 | 34 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/cluster.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Check if Clustering is Enabled and then 3 | * call cluster_results.vm 4 | *# 5 | 6 |

7 | Clusters 8 |

9 | 10 | ## Div tag has placeholder text by default 11 |
12 | Run Solr with java -Dsolr.clustering.enabled=true -jar start.jar to see results 13 |
14 | 15 | ## Replace the div content *if* Carrot^2 is available 16 | 20 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/cluster_results.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Actual rendering of Clusters 3 | *# 4 | 5 | ## For each cluster 6 | #foreach ($clusters in $response.response.clusters) 7 | 8 | #set($labels = $clusters.get('labels')) 9 | #set($docs = $clusters.get('docs')) 10 | 11 | ## This Cluster's Heading 12 |

13 | #foreach ($label in $labels) 14 | ## Keep the following line together to prevent 15 | ## a space appearing before each comma 16 | $label#if( $foreach.hasNext ),#end 17 | #end 18 |

19 | 20 | ## This Cluster's Documents 21 |
    22 | ## For each doc in this cluster 23 | #foreach ($cluDoc in $docs) 24 |
  1. 25 | 26 | $cluDoc 27 |
    2. 28 | #end 29 |
30 | 31 | #end ## end for each Cluster 32 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/debug.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Show Debugging Information, if enabled 3 | *# 4 | 5 | #if( $params.getBool("debugQuery",false) ) 6 | 7 | toggle explain 8 | 9 | 
10 |     $response.getExplainMap().get($doc.getFirstValue('id'))
11 |
12 | 13 | 14 | toggle all fields 15 | 16 | 17 | #foreach($fieldname in $doc.fieldNames) 18 |
19 | $fieldname : 20 | 21 | #foreach($value in $doc.getFieldValues($fieldname)) 22 | $esc.html($value) 23 | #end 24 | 25 |
26 | #end 27 | 28 | #end 29 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/did_you_mean.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Hyperlinked spelling suggestions in results list 3 | *# 4 | 5 | #set($dym = $response.response.spellcheck.suggestions.collation.collationQuery) 6 | #if($dym) 7 | Did you mean 8 | $esc.html($dym)? 9 | #end 10 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/error.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Show Error Message, if any 3 | *# 4 | 5 | ## Show Error Message, if any 6 | ## Usually rendered inside div class=error 7 | 8 | #if( $response.response.error.code ) 9 |

ERROR $response.response.error.code

10 | $response.response.error.msg 11 | #end 12 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_fields.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display facets based on field values 3 | * e.g.: fields specified by &facet.field= 4 | *# 5 | 6 | #if($response.facetFields) 7 |

8 | Field Facets 9 |

10 | #foreach($field in $response.facetFields) 11 | ## Hide facets without value 12 | #if($field.values.size() > 0) 13 | $field.name 14 | 21 | #end ## end if > 0 22 | #end ## end for each facet field 23 | #end ## end if response has facet fields 24 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_pivot.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display Pivot-Based Facets 3 | * e.g.: facets specified by &facet.pivot= 4 | *# 5 | 6 |

7 | Pivot Facets 8 |

9 | 10 | #set($pivot = $response.response.facet_counts.facet_pivot) 11 | 12 | #display_facet_pivot($pivot, "") 13 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_queries.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display facets based on specific facet queries 3 | * e.g.: facets specified by &facet.query= 4 | *# 5 | 6 | #set($field = $response.response.facet_counts.facet_queries) 7 | 8 |

9 | Query Facets 10 |

11 | 12 | #display_facet_query($field, "", "") 13 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facet_ranges.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display facets based on ranges of values, AKA "Bukets" 3 | * e.g.: ranges specified by &facet.range= 4 | *# 5 | 6 |

7 | Range Facets 8 |

9 | 10 | #foreach ($field in $response.response.facet_counts.facet_ranges) 11 | ## Hide facets without value 12 | #if($field.value.counts.size() > 0) 13 | #set($name = $field.key) 14 | #set($display = $name) 15 | #set($f = $field.value.counts) 16 | #set($start = $field.value.start) 17 | #set($end = $field.value.end) 18 | #set($gap = $field.value.gap) 19 | #set($before = $field.value.before) 20 | #set($after = $field.value.after) 21 | #display_facet_range($f, $display, $name, $start, $end, $gap, $before, $after) 22 | #end ## end if has any values 23 | #end ## end for each facet range 24 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/facets.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Overall Facet display block 3 | * Invokes the 4 facet and 1 cluster template 4 | *# 5 | 6 | #parse('facet_fields.vm') 7 | #parse('facet_queries.vm') 8 | #parse('facet_ranges.vm') 9 | #parse('facet_pivot.vm') 10 | #parse('cluster.vm') 11 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/header.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Render the top section of the page visible to users 3 | *# 4 | 5 | 8 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/hit.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Called for each matching document but then 3 | * calls one of product_doc, join_doc or richtext_doc 4 | * depending on which fields the doc has 5 | *# 6 | 7 | #set($docId = $doc.getFieldValue('id')) 8 | 9 |
10 | 11 | ## Has a "name" field ? 12 | #if($doc.getFieldValue('name')) 13 | #parse("product_doc.vm") 14 | 15 | ## Has a "compName_s" field ? 16 | #elseif($doc.getFieldValue('compName_s')) 17 | #parse("join_doc.vm") 18 | 19 | ## Fallback to richtext_doc 20 | #else 21 | #parse("richtext_doc.vm") 22 | 23 | #end 24 | 25 |
26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/hit_plain.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * An extremely plain / debug version of hit.vm 3 | *# 4 | 5 | 6 | ## For each field 7 | #foreach( $fieldName in $doc.fieldNames ) 8 | ## For each value 9 | #foreach( $value in $doc.getFieldValues($fieldName) ) 10 | 11 | ## Field Name 12 | 17 | ## Field Value(s) 18 | 21 | 22 | #end ## end for each value 23 | #end ## end for each field 24 |
13 | #if( $foreach.count == 1 ) 14 | $fieldName: 15 | #end 16 | 19 | $esc.html($value)
20 |
25 |
26 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/join_doc.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Display documents that are joined to other documents 3 | *# 4 | 5 |
6 | #field('compName_s') 7 |
8 | 9 |
10 | Id: #field('id') 11 | (company-details document for 12 | join 13 | ) 14 |
15 | 16 |
17 | Address: #field('address_s') 18 |
19 | 20 | #parse('debug.vm') 21 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/jquery.autocomplete.css: -------------------------------------------------------------------------------- 1 | .ac_results { 2 | padding: 0px; 3 | border: 1px solid black; 4 | background-color: white; 5 | overflow: hidden; 6 | z-index: 99999; 7 | } 8 | 9 | .ac_results ul { 10 | width: 100%; 11 | list-style-position: outside; 12 | list-style: none; 13 | padding: 0; 14 | margin: 0; 15 | } 16 | 17 | .ac_results li { 18 | margin: 0px; 19 | padding: 2px 5px; 20 | cursor: default; 21 | display: block; 22 | /* 23 | if width will be 100% horizontal scrollbar will apear 24 | when scroll mode will be used 25 | */ 26 | /*width: 100%;*/ 27 | font: menu; 28 | font-size: 12px; 29 | /* 30 | it is very important, if line-height not setted or setted 31 | in relative units scroll will be broken in firefox 32 | */ 33 | line-height: 16px; 34 | overflow: hidden; 35 | } 36 | 37 | .ac_loading { 38 | background: white url('indicator.gif') right center no-repeat; 39 | } 40 | 41 | .ac_odd { 42 | background-color: #eee; 43 | } 44 | 45 | .ac_over { 46 | background-color: #0A246A; 47 | color: white; 48 | } 49 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/layout.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Overall HTML page layout 3 | *# 4 | 5 | 6 | 7 | #parse("head.vm") 8 | 9 | 10 | 11 | 14 |
15 | #parse("tabs.vm") 16 |
17 |
18 | $content 19 |
20 | 23 | 24 | 25 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/pagination_bottom.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Paging and Statistics at bottom of results 3 | *# 4 | 5 | ## Usually rendered in pagination div tag 6 | 7 | #if($response.response.get('grouped')) 8 | ## pass 9 | #else 10 | 11 | #link_to_previous_page("previous") 12 | 13 | $page.results_found 14 | results found. 15 | 16 | Page $page.current_page_number 17 | of $page.page_count 18 | 19 | #link_to_next_page("next") 20 | 21 | #end 22 |
23 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/pagination_top.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Paging and Statistics at top of results 3 | *# 4 | 5 | ## Usually rendered in pagination div tag 6 | 7 | ## Grouped Results / Not Paginated 8 | #if($response.response.get('grouped')) 9 | 10 | 11 | 12 | $response.response.get('grouped').size() group(s) 13 | 14 | found in ${response.responseHeader.QTime} ms 15 | 16 | 17 | ## Regular Results / Use Paging Links if needed 18 | #else 19 | 20 | 21 | $page.results_found 22 | results found in 23 | ${response.responseHeader.QTime} ms 24 | 25 | 26 | Page $page.current_page_number 27 | of $page.page_count 28 | 29 | #end ## end else non-grouped results, normal pagination 30 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/query_group.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Query settings for grouping by fields, 3 | * e.g.: Manufacturer or Popularity 4 | *# 5 | 6 | #set($queryOpts = $params.get("queryOpts")) 7 | 8 | #if($queryOpts == "group") 9 |
10 | #set($groupF = $request.params.get('group.field')) 11 | 12 | 38 | 39 | 40 | 41 |
42 | 43 | #end 44 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/results_list.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Render the main Results List 3 | *# 4 | 5 | ## Usually displayed inside
6 | 7 | #if($response.response.get('grouped')) 8 | 9 | #foreach($grouping in $response.response.get('grouped')) 10 | #parse("hit_grouped.vm") 11 | #end 12 | 13 | #else 14 | 15 | #foreach($doc in $response.results) 16 | #parse("hit.vm") 17 | ## Can get an extremely simple view of the doc 18 | ## which might be nicer for debugging 19 | ##parse("hit_plain.vm") 20 | #end 21 | 22 | #end 23 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/collection1/conf/velocity/suggest.vm: -------------------------------------------------------------------------------- 1 | #** 2 | * Provides cynamic spelling suggestions 3 | * as you type in the search form 4 | *# 5 | 6 | #foreach($t in $response.response.terms.name) 7 | $t.key 8 | #end 9 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/security/security.json: -------------------------------------------------------------------------------- 1 | { 2 | "authentication": { 3 | "class": "org.apache.sentry.tests.e2e.solr.DummyAuthPluginImpl" 4 | }, 5 | "authorization": { 6 | "class": "org.apache.sentry.binding.solr.authz.SentrySolrPluginImpl", 7 | "sysPropPrefix": "solr.", 8 | "authConfigs": [ 9 | "authorization.sentry.site", 10 | "authorization.superuser", 11 | "authorization.enable.auditlog" 12 | ], 13 | "defaultConfigs": { 14 | "authorization.superuser" : "solr", 15 | "authorization.enable.auditlog" : "true" 16 | } 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /sentry-tests/sentry-tests-solr/src/test/resources/solr/sentry/test-authz-provider.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | junit = junit_role 20 | admin = admin_role 21 | foo = foo_role 22 | 23 | [roles] 24 | junit_role = collection=testCollectionOperations_s, collection=testCollectionOperations_f 25 | admin_role = admin=collections, admin=cores, collection=testCollectionOperations_s, collection=testCollectionOperations_f 26 | 27 | [users] 28 | junit = junit 29 | admin = admin 30 | foo = foo 31 | -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/cacerts.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tools/src/test/resources/cacerts.jks -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/indexer_case.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | groupa = RoLe1 20 | groupb = rOlE1 21 | groupc = ROLE2 22 | 23 | [roles] 24 | RoLe1 = indexer=* 25 | rOlE1 = indexer=* 26 | ROLE2 = indexer=* 27 | -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/indexer_config_import_tool.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | corporal = corporal_role 20 | sergeant = corporal_role, sergeant_role 21 | general = corporal_role, sergeant_role, general_role 22 | commander_in_chief = corporal_role, sergeant_role, general_role, commander_in_chief_role 23 | 24 | [roles] 25 | corporal_role = indexer=info->action=read, \ 26 | indexer=info->action=write 27 | sergeant_role = indexer=info->action=write 28 | general_role = indexer=info->action=* 29 | commander_in_chief_role = indexer=* 30 | -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/indexer_invalid.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | 20 | [roles] 21 | 22 | -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/keystore.jks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/apache/sentry/ae2e91fd2e06ba6c2fedd5e5d6efdea164daf176/sentry-tools/src/test/resources/keystore.jks -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/solr_case.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | groupa = RoLe1 20 | groupb = rOlE1 21 | groupc = ROLE2 22 | 23 | [roles] 24 | RoLe1 = collection=* 25 | rOlE1 = collection=* 26 | ROLE2 = collection=* 27 | -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/solr_config_import_tool.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | corporal = corporal_role 20 | sergeant = corporal_role, sergeant_role 21 | general = corporal_role, sergeant_role, general_role 22 | commander_in_chief = corporal_role, sergeant_role, general_role, commander_in_chief_role 23 | 24 | [roles] 25 | corporal_role = collection=info->action=query, \ 26 | collection=info->action=update 27 | sergeant_role = collection=info->action=update 28 | general_role = collection=info->action=* 29 | commander_in_chief_role = collection=* 30 | -------------------------------------------------------------------------------- /sentry-tools/src/test/resources/solr_invalid.ini: -------------------------------------------------------------------------------- 1 | # Licensed to the Apache Software Foundation (ASF) under one 2 | # or more contributor license agreements. See the NOTICE file 3 | # distributed with this work for additional information 4 | # regarding copyright ownership. The ASF licenses this file 5 | # to you under the Apache License, Version 2.0 (the 6 | # "License"); you may not use this file except in compliance 7 | # with the License. You may obtain a copy of the License at 8 | # 9 | # http://www.apache.org/licenses/LICENSE-2.0 10 | # 11 | # Unless required by applicable law or agreed to in writing, 12 | # software distributed under the License is distributed on an 13 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 14 | # KIND, either express or implied. See the License for the 15 | # specific language governing permissions and limitations 16 | # under the License. 17 | 18 | [groups] 19 | 20 | [roles] 21 | 22 | --------------------------------------------------------------------------------