Class ZKPermHandler
- java.lang.Object
-
- org.apache.accumulo.server.security.handler.ZKPermHandler
-
- All Implemented Interfaces:
PermissionHandler
public class ZKPermHandler extends Object implements PermissionHandler
-
-
Constructor Summary
Constructors Constructor Description ZKPermHandler()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidcleanNamespacePermissions(String namespace)Cleans up the permissions for a namespace.voidcleanTablePermissions(String table)Cleans up the permissions for a table.voidcleanUser(String user)Deletes a uservoidgrantNamespacePermission(String user, String namespace, NamespacePermission permission)Gives the user the given namespace permissionvoidgrantSystemPermission(String user, SystemPermission permission)Gives the user the given system permissionvoidgrantTablePermission(String user, String table, TablePermission permission)Gives the user the given table permissionbooleanhasCachedNamespacePermission(String user, String namespace, NamespacePermission permission)Used to get the namespace permission of a user for a namespace, with caching.booleanhasCachedSystemPermission(String user, SystemPermission permission)Used to get the system permission for the user, with caching due to high frequency operation.booleanhasCachedTablePermission(String user, String table, TablePermission permission)Used to get the table permission of a user for a table, with caching.booleanhasNamespacePermission(String user, String namespace, NamespacePermission permission)Used to get the namespace permission of a user for a namespacebooleanhasSystemPermission(String user, SystemPermission permission)Used to get the system permission for the userbooleanhasTablePermission(String user, String table, TablePermission permission)Used to get the table permission of a user for a tablevoidinitialize(ServerContext context)Sets up the permission handler for a new instance of AccumulovoidinitializeSecurity(TCredentials itw, String rootuser)Used to initialize security for the root uservoidinitUser(String user)Initializes a new uservoidrevokeNamespacePermission(String user, String namespace, NamespacePermission permission)Denies the user the given namespace permission.voidrevokeSystemPermission(String user, SystemPermission permission)Denies the user the given system permissionvoidrevokeTablePermission(String user, String table, TablePermission permission)Denies the user the given table permission.booleanvalidSecurityHandlers(Authenticator authent, Authorizor author)Used to validate that the Authorizor, Authenticator, and permission handler can coexist
-
-
-
Method Detail
-
initialize
public void initialize(ServerContext context)
Description copied from interface:PermissionHandlerSets up the permission handler for a new instance of Accumulo- Specified by:
initializein interfacePermissionHandler
-
hasTablePermission
public boolean hasTablePermission(String user, String table, TablePermission permission) throws TableNotFoundException
Description copied from interface:PermissionHandlerUsed to get the table permission of a user for a table- Specified by:
hasTablePermissionin interfacePermissionHandler- Throws:
TableNotFoundException
-
hasCachedTablePermission
public boolean hasCachedTablePermission(String user, String table, TablePermission permission)
Description copied from interface:PermissionHandlerUsed to get the table permission of a user for a table, with caching. This method is for high frequency operations- Specified by:
hasCachedTablePermissionin interfacePermissionHandler
-
hasNamespacePermission
public boolean hasNamespacePermission(String user, String namespace, NamespacePermission permission) throws NamespaceNotFoundException
Description copied from interface:PermissionHandlerUsed to get the namespace permission of a user for a namespace- Specified by:
hasNamespacePermissionin interfacePermissionHandler- Throws:
NamespaceNotFoundException
-
hasCachedNamespacePermission
public boolean hasCachedNamespacePermission(String user, String namespace, NamespacePermission permission)
Description copied from interface:PermissionHandlerUsed to get the namespace permission of a user for a namespace, with caching. This method is for high frequency operations- Specified by:
hasCachedNamespacePermissionin interfacePermissionHandler
-
grantSystemPermission
public void grantSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerGives the user the given system permission- Specified by:
grantSystemPermissionin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
grantTablePermission
public void grantTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerGives the user the given table permission- Specified by:
grantTablePermissionin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
grantNamespacePermission
public void grantNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerGives the user the given namespace permission- Specified by:
grantNamespacePermissionin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
revokeSystemPermission
public void revokeSystemPermission(String user, SystemPermission permission) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerDenies the user the given system permission- Specified by:
revokeSystemPermissionin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
revokeTablePermission
public void revokeTablePermission(String user, String table, TablePermission permission) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerDenies the user the given table permission.- Specified by:
revokeTablePermissionin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
revokeNamespacePermission
public void revokeNamespacePermission(String user, String namespace, NamespacePermission permission) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerDenies the user the given namespace permission.- Specified by:
revokeNamespacePermissionin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
cleanTablePermissions
public void cleanTablePermissions(String table) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerCleans up the permissions for a table. Used when a table gets deleted.- Specified by:
cleanTablePermissionsin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
cleanNamespacePermissions
public void cleanNamespacePermissions(String namespace) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerCleans up the permissions for a namespace. Used when a namespace gets deleted.- Specified by:
cleanNamespacePermissionsin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
initializeSecurity
public void initializeSecurity(TCredentials itw, String rootuser) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerUsed to initialize security for the root user- Specified by:
initializeSecurityin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
initUser
public void initUser(String user) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerInitializes a new user- Specified by:
initUserin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
cleanUser
public void cleanUser(String user) throws AccumuloSecurityException
Description copied from interface:PermissionHandlerDeletes a user- Specified by:
cleanUserin interfacePermissionHandler- Throws:
AccumuloSecurityException
-
hasSystemPermission
public boolean hasSystemPermission(String user, SystemPermission permission)
Description copied from interface:PermissionHandlerUsed to get the system permission for the user- Specified by:
hasSystemPermissionin interfacePermissionHandler
-
hasCachedSystemPermission
public boolean hasCachedSystemPermission(String user, SystemPermission permission)
Description copied from interface:PermissionHandlerUsed to get the system permission for the user, with caching due to high frequency operation. NOTE: At this time, this method is unused but is included just in case we need it in the future.- Specified by:
hasCachedSystemPermissionin interfacePermissionHandler
-
validSecurityHandlers
public boolean validSecurityHandlers(Authenticator authent, Authorizor author)
Description copied from interface:PermissionHandlerUsed to validate that the Authorizor, Authenticator, and permission handler can coexist- Specified by:
validSecurityHandlersin interfacePermissionHandler
-
-