org.apache.ambari.server.controller.internal

Class PrivilegeResourceProvider<T>

java.lang.Object

org.apache.ambari.server.controller.internal.BaseProvider

org.apache.ambari.server.controller.internal.AbstractResourceProvider

org.apache.ambari.server.controller.internal.AbstractAuthorizedResourceProvider

org.apache.ambari.server.controller.internal.PrivilegeResourceProvider<T>

All Implemented Interfaces:

ObservableResourceProvider, ResourceProvider

Direct Known Subclasses:

AmbariPrivilegeResourceProvider, ClusterPrivilegeResourceProvider, ViewPrivilegeResourceProvider

public abstract class PrivilegeResourceProvider<T>
extends AbstractAuthorizedResourceProvider

Abstract resource provider for privilege resources.

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.ambari.server.controller.internal.AbstractResourceProvider

AbstractResourceProvider.Command<T>

Field Summary

Fields

Modifier and Type	Field and Description
static String	PERMISSION_LABEL
static String	PERMISSION_LABEL_PROPERTY_ID
static String	PERMISSION_NAME
static String	PERMISSION_NAME_PROPERTY_ID
protected static PermissionDAO	permissionDAO Data access object used to obtain permission entities.
static String	PRINCIPAL_NAME
static String	PRINCIPAL_NAME_PROPERTY_ID
static String	PRINCIPAL_TYPE
static String	PRINCIPAL_TYPE_PROPERTY_ID
static String	PRIVILEGE_ID
static String	PRIVILEGE_ID_PROPERTY_ID
static String	PRIVILEGE_INFO
static String	TYPE_PROPERTY_ID
static String	VERSION_PROPERTY_ID

Fields inherited from class org.apache.ambari.server.controller.internal.AbstractResourceProvider

keyPropertyIds, LOG, PROPERTIES_ATTRIBUTES_REGEX

Constructor Summary

Constructors

Constructor and Description
PrivilegeResourceProvider(Set<String> propertyIds, Map<Resource.Type,String> keyPropertyIds, Resource.Type resourceType) Construct a privilege resource provider.

Method Summary

Modifier and Type	Method and Description
protected boolean	checkResourceTypes(PrivilegeEntity entity) Check to see if the given privilege entity's permission is allowable for the resource type.
RequestStatus	createResourcesAuthorized(Request request) Create the resources defined by the properties in the given request object if authorization was granted to the authenticated user.
RequestStatus	deleteResourcesAuthorized(Request request, Predicate predicate) Delete the resources selected by the given predicate if the authenticated user is authorized to do so.
protected PermissionEntity	getPermission(String permissionName, ResourceEntity resourceEntity)
protected Set<String>	getPKPropertyIds() Get the set of property ids that uniquely identify the resources of this provider.
abstract Map<Long,T>	getResourceEntities(Map<String,Object> properties) Get the entities for the owning resources from the given properties.
abstract Long	getResourceEntityId(Predicate predicate) Get the id for the resource specified by predicate.
Set<Resource>	getResourcesAuthorized(Request request, Predicate predicate) Get a set of resources based on the given request and predicate information if the authenticated user is authorized to do so.
static void	init(PrivilegeDAO privDAO, UserDAO usrDAO, GroupDAO grpDAO, PrincipalDAO prinDAO, PermissionDAO permDAO, ResourceDAO resDAO) Static initialization.
protected PrivilegeEntity	toEntity(Map<String,Object> properties, Long resourceId) Convert the given map of properties to a privilege entity for the resource identified by the given id.
protected Resource	toResource(PrivilegeEntity privilegeEntity, Map<Long,UserEntity> userEntities, Map<Long,GroupEntity> groupEntities, Map<Long,PermissionEntity> roleEntities, Map<Long,T> resourceEntities, Set<String> requestedIds) Convert the given privilege entity into a Resource.
RequestStatus	updateResourcesAuthorized(Request request, Predicate predicate) Update the resources selected by the given predicate with the properties from the given request object if the authenticated user is authorized to do so.

Methods inherited from class org.apache.ambari.server.controller.internal.AbstractAuthorizedResourceProvider

createResources, deleteResources, getRequiredCreateAuthorizations, getRequiredDeleteAuthorizations, getRequiredGetAuthorizations, getRequiredUpdateAuthorizations, getResourceId, getResources, getResourceType, isAuthorizedToCreateResources, isAuthorizedToDeleteResources, isAuthorizedToGetResources, isAuthorizedToUpdateResources, setRequiredCreateAuthorizations, setRequiredDeleteAuthorizations, setRequiredGetAuthorizations, setRequiredUpdateAuthorizations, updateResources

Methods inherited from class org.apache.ambari.server.controller.internal.AbstractResourceProvider

addObserver, createResources, getConfigurationRequests, getKeyPropertyIds, getPropertyMaps, getPropertyMaps, getQueryParameterValue, getRequestStatus, getRequestStatus, getRequestStatus, getResources, modifyResources, notifyCreate, notifyDelete, notifyUpdate, parseProperties, updateObservers

Methods inherited from class org.apache.ambari.server.controller.internal.BaseProvider

checkCategory, checkConfigPropertyIds, checkPropertyIds, containsArguments, getCategoryIds, getPropertyIds, getRegexEntry, getRegexGroups, getRequestPropertyIds, isPatternKey, isPropertyCategoryRequested, isPropertyEntryRequested, isPropertyRequested, setResourceProperty

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.ambari.server.controller.spi.ResourceProvider

checkPropertyIds

Field Detail

permissionDAO

protected static PermissionDAO permissionDAO

Data access object used to obtain permission entities.

PRIVILEGE_INFO

public static final String PRIVILEGE_INFO

See Also:

Constant Field Values

PRIVILEGE_ID_PROPERTY_ID

public static final String PRIVILEGE_ID_PROPERTY_ID

See Also:

Constant Field Values

PERMISSION_NAME_PROPERTY_ID

public static final String PERMISSION_NAME_PROPERTY_ID

See Also:

Constant Field Values

PERMISSION_LABEL_PROPERTY_ID

public static final String PERMISSION_LABEL_PROPERTY_ID

See Also:

Constant Field Values

PRINCIPAL_NAME_PROPERTY_ID

public static final String PRINCIPAL_NAME_PROPERTY_ID

See Also:

Constant Field Values

PRINCIPAL_TYPE_PROPERTY_ID

public static final String PRINCIPAL_TYPE_PROPERTY_ID

See Also:

Constant Field Values

VERSION_PROPERTY_ID

public static final String VERSION_PROPERTY_ID

See Also:

Constant Field Values

TYPE_PROPERTY_ID

public static final String TYPE_PROPERTY_ID

See Also:

Constant Field Values

PRIVILEGE_ID

public static final String PRIVILEGE_ID

See Also:

Constant Field Values

PERMISSION_NAME

public static final String PERMISSION_NAME

See Also:

Constant Field Values

PERMISSION_LABEL

public static final String PERMISSION_LABEL

See Also:

Constant Field Values

PRINCIPAL_NAME

public static final String PRINCIPAL_NAME

See Also:

Constant Field Values

PRINCIPAL_TYPE

public static final String PRINCIPAL_TYPE

See Also:

Constant Field Values

Constructor Detail

PrivilegeResourceProvider

public PrivilegeResourceProvider(Set<String> propertyIds,
                                 Map<Resource.Type,String> keyPropertyIds,
                                 Resource.Type resourceType)

Construct a privilege resource provider.

Method Detail

init

public static void init(PrivilegeDAO privDAO,
                        UserDAO usrDAO,
                        GroupDAO grpDAO,
                        PrincipalDAO prinDAO,
                        PermissionDAO permDAO,
                        ResourceDAO resDAO)

Static initialization.

Parameters:

privDAO - the privilege data access object

usrDAO - the user data access object

grpDAO - the group data access object

prinDAO - the principal data access object

permDAO - the permission data access object

resDAO - the resource data access object

getResourceEntities

public abstract Map<Long,T> getResourceEntities(Map<String,Object> properties)
                                         throws org.apache.ambari.server.AmbariException

Get the entities for the owning resources from the given properties.

Parameters:

properties - the set of properties

Returns:

the entities

Throws:

org.apache.ambari.server.AmbariException - if resource entities were not found

getResourceEntityId

public abstract Long getResourceEntityId(Predicate predicate)

Get the id for the resource specified by predicate.

Parameters:

predicate - predicate

Returns:

the resource id

createResourcesAuthorized

public RequestStatus createResourcesAuthorized(Request request)
                                        throws SystemException,
                                               UnsupportedPropertyException,
                                               ResourceAlreadyExistsException,
                                               NoSuchParentResourceException

Description copied from class: AbstractAuthorizedResourceProvider

Create the resources defined by the properties in the given request object if authorization was granted to the authenticated user.

This method must be overwritten if AbstractAuthorizedResourceProvider.createResources(Request) is not overwritten.

Overrides:

createResourcesAuthorized in class AbstractAuthorizedResourceProvider

Parameters:

request - the request object which defines the set of properties for the resources to be created

Returns:

the request status

Throws:

SystemException - an internal system exception occurred

AuthorizationException - if the authenticated user is not authorized to perform this operation

UnsupportedPropertyException - the request contains unsupported property ids

ResourceAlreadyExistsException - attempted to create a resource which already exists

NoSuchParentResourceException - a parent resource of the resource to create doesn't exist

See Also:

AbstractAuthorizedResourceProvider.createResources(Request)

getResourcesAuthorized

public Set<Resource> getResourcesAuthorized(Request request,
                                            Predicate predicate)
                                     throws SystemException,
                                            UnsupportedPropertyException,
                                            NoSuchResourceException,
                                            NoSuchParentResourceException

Description copied from class: AbstractAuthorizedResourceProvider

Get a set of resources based on the given request and predicate information if the authenticated user is authorized to do so.

This method must be overwritten if AbstractAuthorizedResourceProvider.getResources(Request, Predicate) is not overwritten.

Overrides:

getResourcesAuthorized in class AbstractAuthorizedResourceProvider

Parameters:

request - the request object which defines the desired set of properties

predicate - the predicate object which can be used to filter which resources are returned

Returns:

a set of resources based on the given request and predicate information

Throws:

SystemException - an internal system exception occurred

AuthorizationException - if the authenticated user is not authorized to perform this operation

UnsupportedPropertyException - the request contains unsupported property ids

NoSuchResourceException - the requested resource instance doesn't exist

NoSuchParentResourceException - a parent resource of the requested resource doesn't exist

See Also:

AbstractAuthorizedResourceProvider.getResources(Request, Predicate)

updateResourcesAuthorized

public RequestStatus updateResourcesAuthorized(Request request,
                                               Predicate predicate)
                                        throws SystemException,
                                               UnsupportedPropertyException,
                                               NoSuchResourceException,
                                               NoSuchParentResourceException

Description copied from class: AbstractAuthorizedResourceProvider

Update the resources selected by the given predicate with the properties from the given request object if the authenticated user is authorized to do so.

This method must be overwritten if AbstractAuthorizedResourceProvider.updateResources(Request, Predicate) is not overwritten.

Overrides:

updateResourcesAuthorized in class AbstractAuthorizedResourceProvider

Parameters:

request - the request object which defines the set of properties for the resources to be updated

predicate - the predicate object which can be used to filter which resources are updated

Returns:

the request status

Throws:

SystemException - an internal system exception occurred

AuthorizationException - if the authenticated user is not authorized to perform this operation

UnsupportedPropertyException - the request contains unsupported property ids

NoSuchResourceException - the resource instance to be updated doesn't exist

NoSuchParentResourceException - a parent resource of the resource doesn't exist

See Also:

AbstractAuthorizedResourceProvider.updateResources(Request, Predicate)

deleteResourcesAuthorized

public RequestStatus deleteResourcesAuthorized(Request request,
                                               Predicate predicate)
                                        throws SystemException,
                                               UnsupportedPropertyException,
                                               NoSuchResourceException,
                                               NoSuchParentResourceException

Description copied from class: AbstractAuthorizedResourceProvider

Delete the resources selected by the given predicate if the authenticated user is authorized to do so.

This method must be overwritten if ResourceProvider.deleteResources(Request, Predicate) is not overwritten.

Overrides:

deleteResourcesAuthorized in class AbstractAuthorizedResourceProvider

predicate - the predicate object which can be used to filter which resources are deleted

Returns:

the request status

Throws:

SystemException - an internal system exception occurred

AuthorizationException - if the authenticated user is not authorized to perform this operation

UnsupportedPropertyException - the request contains unsupported property ids

NoSuchResourceException - the resource instance to be deleted doesn't exist

NoSuchParentResourceException - a parent resource of the resource doesn't exist

See Also:

ResourceProvider.deleteResources(Request, Predicate)

getPKPropertyIds

protected Set<String> getPKPropertyIds()

Description copied from class: AbstractResourceProvider

Get the set of property ids that uniquely identify the resources of this provider.

Specified by:

getPKPropertyIds in class AbstractResourceProvider

Returns:

the set of primary key properties

checkResourceTypes

protected boolean checkResourceTypes(PrivilegeEntity entity)
                              throws org.apache.ambari.server.AmbariException

Check to see if the given privilege entity's permission is allowable for the resource type.

Parameters:

entity - the privilege entity

Throws:

org.apache.ambari.server.AmbariException - if the the privilege permission is not allowable for the resource type

toResource

protected Resource toResource(PrivilegeEntity privilegeEntity,
                              Map<Long,UserEntity> userEntities,
                              Map<Long,GroupEntity> groupEntities,
                              Map<Long,PermissionEntity> roleEntities,
                              Map<Long,T> resourceEntities,
                              Set<String> requestedIds)

Convert the given privilege entity into a Resource.

Parameters:

privilegeEntity - the privilege entity to be converted

userEntities - the map of user entities keyed by resource id

groupEntities - the map of group entities keyed by resource id

roleEntities - the map of role entities keyed by resource id

resourceEntities - the map of resource entities keyed by resource id

requestedIds - the requested property ids

Returns:

the resource

toEntity

protected PrivilegeEntity toEntity(Map<String,Object> properties,
                                   Long resourceId)
                            throws org.apache.ambari.server.AmbariException

Convert the given map of properties to a privilege entity for the resource identified by the given id.

Parameters:

properties - the property map

resourceId - the resource id

Returns:

the new privilege entity

Throws:

org.apache.ambari.server.AmbariException

getPermission

protected PermissionEntity getPermission(String permissionName,
                                         ResourceEntity resourceEntity)
                                  throws org.apache.ambari.server.AmbariException

Throws:

org.apache.ambari.server.AmbariException