sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From shreepa...@apache.org
Subject [10/13] SENTRY-143: Merge db_policy_store branch into master (Brock Noland via Shreepadma Venugopalan)
Date Thu, 13 Mar 2014 21:21:25 GMT
http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
index 4887678..cd6f8a1 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/AuthorizationProvider.java
@@ -19,25 +19,34 @@ package org.apache.sentry.provider.common;
 import java.util.List;
 import java.util.Set;
 
+import javax.annotation.concurrent.ThreadSafe;
+
 import org.apache.sentry.core.common.Action;
+import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.SentryConfigurationException;
 import org.apache.sentry.core.common.Subject;
 
+/**
+ * Implementations of AuthorizationProvider must be threadsafe.
+ */
+@ThreadSafe
 public interface AuthorizationProvider {
 
   /***
    * Returns validate subject privileges on given Authorizable object
    *
    * @param subject: UserID to validate privileges
-   * @param authorizableHierarchy : List of object accroding to namespace hierarchy.
+   * @param authorizableHierarchy : List of object according to namespace hierarchy.
    *        eg. Server->Db->Table or Server->Function
    *        The privileges will be validated from the higher to lower scope
    * @param actions : Privileges to validate
+   * @param roleSet : Roles which should be used when obtaining privileges
    * @return
    *        True if the subject is authorized to perform requested action on the given object
    */
-  public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
Set<? extends Action> actions);
+  public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
+      Set<? extends Action> actions, ActiveRoleSet roleSet);
 
   /***
    * Get the GroupMappingService used by the AuthorizationProvider
@@ -59,7 +68,7 @@ public interface AuthorizationProvider {
    * @return
    * @throws SentryConfigurationException
    */
-  public Set<String> listPermissionsForSubject(Subject subject) throws SentryConfigurationException;
+  public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException;
 
   /**
    * Returns the list privileges for the given group
@@ -67,11 +76,11 @@ public interface AuthorizationProvider {
    * @return
    * @throws SentryConfigurationException
    */
-  public Set<String> listPermissionsForGroup(String groupName) throws SentryConfigurationException;
+  public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException;
 
   /***
    * Returns the list of missing privileges of the last access request
    * @return
    */
-  public List<String> getLastFailedPermissions();
+  public List<String> getLastFailedPrivileges();
 }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
index 226cc88..22371d1 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/GroupMappingService.java
@@ -16,15 +16,20 @@
  */
 package org.apache.sentry.provider.common;
 
-import java.util.List;
+import java.util.Set;
+
+import javax.annotation.concurrent.ThreadSafe;
 
 /**
  * Interface so the Groups class is easier to unit test with.
+ * Implementations of this class are expected to be thread safe
+ * after construction.
  */
+@ThreadSafe
 public interface GroupMappingService {
 
   /**
    * @return non-null list of groups for user
    */
-  public List<String> getGroups(String user);
+  public Set<String> getGroups(String user);
 }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
index 8f18926..ed32224 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoAuthorizationProvider.java
@@ -22,6 +22,7 @@ import java.util.List;
 import java.util.Set;
 
 import org.apache.sentry.core.common.Action;
+import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.Authorizable;
 import org.apache.sentry.core.common.SentryConfigurationException;
 import org.apache.sentry.core.common.Subject;
@@ -31,7 +32,7 @@ public class NoAuthorizationProvider implements AuthorizationProvider {
 
   @Override
   public boolean hasAccess(Subject subject, List<? extends Authorizable> authorizableHierarchy,
-      Set<? extends Action> actions) {
+      Set<? extends Action> actions, ActiveRoleSet roleSet) {
     return false;
   }
 
@@ -46,19 +47,19 @@ public class NoAuthorizationProvider implements AuthorizationProvider
{
   }
 
   @Override
-  public Set<String> listPermissionsForSubject(Subject subject)
+  public Set<String> listPrivilegesForSubject(Subject subject)
       throws SentryConfigurationException {
     return new HashSet<String>();
   }
 
   @Override
-  public Set<String> listPermissionsForGroup(String groupName)
+  public Set<String> listPrivilegesForGroup(String groupName)
       throws SentryConfigurationException {
     return new HashSet<String>();
   }
 
   @Override
-  public List<String> getLastFailedPermissions() {
+  public List<String> getLastFailedPrivileges() {
     return new ArrayList<String>();
   }
 

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
index e1bc6d2..e44cbc4 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/NoGroupMappingService.java
@@ -16,8 +16,8 @@
  */
 package org.apache.sentry.provider.common;
 
-import java.util.LinkedList;
-import java.util.List;
+import java.util.HashSet;
+import java.util.Set;
 
 /**
  * GroupMappingService that always returns an empty list of groups
@@ -27,7 +27,7 @@ public class NoGroupMappingService implements GroupMappingService {
   /**
    * @return empty list of groups for every user
    */
-  public List<String> getGroups(String user) {
-    return new LinkedList<String>();
+  public Set<String> getGroups(String user) {
+    return new HashSet<String>();
   }
 }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
index 327a3a5..6d6da25 100644
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackend.java
@@ -16,31 +16,44 @@
  */
 package org.apache.sentry.provider.common;
 
-import javax.annotation.Nullable;
+import java.util.Set;
 
-import java.util.List;
+import javax.annotation.concurrent.ThreadSafe;
 
+import org.apache.sentry.core.common.ActiveRoleSet;
 import org.apache.sentry.core.common.SentryConfigurationException;
-import org.apache.sentry.policy.common.RoleValidator;
 
 import com.google.common.collect.ImmutableSet;
 
 /**
- * Interface for getting roles from a specific provider backend.
+ * Interface for getting roles from a specific provider backend. Implementations
+ * are expected to be thread safe after initialize() has
+ * been called.
  */
+@ThreadSafe
 public interface ProviderBackend {
+
   /**
-   * Process roles from the backend.  Checks the validity of each role
-   * by running it through each validator passed via validators.
+   * Set the privilege validators to be used on the backend. This is required
+   * because the Backend must be created before the policy engine and only the
+   * policy engine knows the validators. Ideally we could change but since
+   * both the policy engine and backend are exposed via configuration properties
+   * that would be backwards incompatible.
+   * @param validators
    */
-  public void process(List<? extends RoleValidator> validators);
+  public void initialize(ProviderBackendContext context);
 
   /**
-   * Get the roles from the backend.  Requires that process(...) is invoked at
-   * least once prior.
+   * Get the privileges from the backend.
    */
-  public Roles getRoles();
+  public ImmutableSet<String> getPrivileges(Set<String> groups, ActiveRoleSet
roleSet);
 
-  public void validatePolicy(List<? extends RoleValidator> validators, boolean strictValidation)
-      throws SentryConfigurationException;
+  /**
+   * If strictValidation is true then an error is thrown for warnings
+   * as well as errors.
+   *
+   * @param strictValidation
+   * @throws SentryConfigurationException
+   */
+  public void validatePolicy(boolean strictValidation) throws SentryConfigurationException;
 }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
new file mode 100644
index 0000000..f45d23d
--- /dev/null
+++ b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/ProviderBackendContext.java
@@ -0,0 +1,50 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sentry.provider.common;
+
+import org.apache.sentry.policy.common.PrivilegeValidator;
+
+import com.google.common.collect.ImmutableList;
+
+public class ProviderBackendContext {
+
+  private boolean allowPerDatabase;
+  private ImmutableList<PrivilegeValidator> validators;
+
+  public ProviderBackendContext() {
+    validators = ImmutableList.of();
+  }
+
+  public boolean isAllowPerDatabase() {
+    return allowPerDatabase;
+  }
+
+  public void setAllowPerDatabase(boolean allowPerDatabase) {
+    this.allowPerDatabase = allowPerDatabase;
+  }
+
+  public ImmutableList<PrivilegeValidator> getValidators() {
+    return validators;
+  }
+
+  public void setValidators(ImmutableList<PrivilegeValidator> validators) {
+    if (validators == null) {
+      validators = ImmutableList.of();
+    }
+    this.validators = validators;
+  }
+}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java
b/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java
deleted file mode 100644
index a8f36a3..0000000
--- a/sentry-provider/sentry-provider-common/src/main/java/org/apache/sentry/provider/common/Roles.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package org.apache.sentry.provider.common;
-
-import javax.annotation.Nullable;
-
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.ImmutableSetMultimap;
-
-/**
- * Class providing storage of roles
- */
-public class Roles {
-  private final ImmutableSetMultimap<String, String> globalRoles;
-  private final ImmutableMap<String, ImmutableSetMultimap<String, String>> perDatabaseRoles;
-
-  public Roles() {
-    this(ImmutableSetMultimap.<String, String>of(),
-        ImmutableMap.<String, ImmutableSetMultimap<String, String>>of());
-  }
-
-  public Roles(ImmutableSetMultimap<String, String> globalRoles,
-      ImmutableMap<String, ImmutableSetMultimap<String, String>> perDatabaseRoles)
{
-    this.globalRoles = globalRoles;
-    this.perDatabaseRoles = perDatabaseRoles;
-  }
-
-  public ImmutableSetMultimap<String, String> getGlobalRoles() {
-    return globalRoles;
-  }
-
-  public ImmutableMap<String, ImmutableSetMultimap<String, String>> getPerDatabaseRoles()
{
-    return perDatabaseRoles;
-  }
-}

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
index 806b42e..1e885f4 100644
--- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
+++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/MockGroupMappingServiceProvider.java
@@ -17,14 +17,13 @@
 package org.apache.sentry.provider.common;
 
 import java.util.Collection;
-import java.util.List;
+import java.util.Set;
 
-import org.apache.sentry.provider.common.GroupMappingService;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import com.google.common.collect.Lists;
 import com.google.common.collect.Multimap;
+import com.google.common.collect.Sets;
 
 public class MockGroupMappingServiceProvider implements GroupMappingService {
   private static final Logger LOGGER = LoggerFactory
@@ -36,10 +35,10 @@ public class MockGroupMappingServiceProvider implements GroupMappingService
{
   }
 
   @Override
-  public List<String> getGroups(String user) {
+  public Set<String> getGroups(String user) {
     Collection<String> groups = userToGroupMap.get(user);
     LOGGER.info("Mapping " + user + " to " + groups);
-    return Lists.newArrayList(groups);
+    return Sets.newHashSet(groups);
   }
 
 }

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
index 3f48f49..fe01b06 100644
--- a/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
+++ b/sentry-provider/sentry-provider-common/src/test/java/org/apache/sentry/provider/common/TestNoAuthorizationProvider.java
@@ -16,11 +16,11 @@
  */
 package org.apache.sentry.provider.common;
 
-import org.junit.Test;
-
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 
+import org.junit.Test;
+
 /**
  * Tests around the NoAuthorizationProvider
  */
@@ -29,7 +29,7 @@ public class TestNoAuthorizationProvider {
   @Test
   public void testNoAuthorizationProvider() {
     NoAuthorizationProvider nap = new NoAuthorizationProvider();
-    assertFalse(nap.hasAccess(null, null, null));
+    assertFalse(nap.hasAccess(null, null, null, null));
 
     GroupMappingService gms = nap.getGroupMapping();
     assertEquals(gms.getGroups(null).size(), 0);

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-db/.gitignore
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/.gitignore b/sentry-provider/sentry-provider-db/.gitignore
new file mode 100644
index 0000000..55b8677
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/.gitignore
@@ -0,0 +1 @@
+sentry_policy_db

http://git-wip-us.apache.org/repos/asf/incubator-sentry/blob/644e8be3/sentry-provider/sentry-provider-db/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/pom.xml b/sentry-provider/sentry-provider-db/pom.xml
new file mode 100644
index 0000000..aa511c8
--- /dev/null
+++ b/sentry-provider/sentry-provider-db/pom.xml
@@ -0,0 +1,243 @@
+<?xml version="1.0"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.apache.sentry</groupId>
+    <artifactId>sentry-provider</artifactId>
+    <version>1.3.0-incubating-SNAPSHOT</version>
+  </parent>
+
+  <artifactId>sentry-provider-db</artifactId>
+  <name>Sentry Provider DB</name>
+
+  <dependencies>
+    <dependency>
+      <groupId>commons-cli</groupId>
+      <artifactId>commons-cli</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.hadoop</groupId>
+      <artifactId>hadoop-common</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.derby</groupId>
+      <artifactId>derby</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>log4j</groupId>
+      <artifactId>log4j</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.shiro</groupId>
+      <artifactId>shiro-core</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>slf4j-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>slf4j-log4j12</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.sentry</groupId>
+      <artifactId>sentry-core-common</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.sentry</groupId>
+      <artifactId>sentry-provider-common</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.hive</groupId>
+      <artifactId>hive-metastore</artifactId>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.hive</groupId>
+      <artifactId>hive-shims</artifactId>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.thrift</groupId>
+      <artifactId>libfb303</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.thrift</groupId>
+      <artifactId>libthrift</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>ant-contrib</groupId>
+      <artifactId>ant-contrib</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.hadoop</groupId>
+      <artifactId>hadoop-minikdc</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>javax.jdo</groupId>
+      <artifactId>jdo-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.datanucleus</groupId>
+      <artifactId>datanucleus-core</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.datanucleus</groupId>
+      <artifactId>datanucleus-api-jdo</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.datanucleus</groupId>
+      <artifactId>datanucleus-rdbms</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.mockito</groupId>
+      <artifactId>mockito-all</artifactId>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <sourceDirectory>${basedir}/src/main/java</sourceDirectory>
+    <testSourceDirectory>${basedir}/src/test/java</testSourceDirectory>
+    <resources>
+      <resource>
+        <directory>${basedir}/src/main/java/org/apache/sentry/provider/db/service/model</directory>
+        <includes>
+          <include>package.jdo</include>
+        </includes>
+      </resource>
+    </resources>
+    <plugins>
+      <plugin>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>build-helper-maven-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>add-source</id>
+            <phase>generate-sources</phase>
+            <goals>
+              <goal>add-source</goal>
+            </goals>
+            <configuration>
+              <sources>
+                <source>src/gen/thrift/gen-javabean</source>
+              </sources>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+      <plugin>
+        <groupId>org.datanucleus</groupId>
+        <artifactId>datanucleus-maven-plugin</artifactId>
+        <configuration>
+          <api>JDO</api>
+          <metadataIncludes>**/*.jdo</metadataIncludes>
+          <verbose>true</verbose>
+        </configuration>
+        <executions>
+          <execution>
+            <phase>process-classes</phase>
+            <goals>
+              <goal>enhance</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+  <profiles>
+    <profile>
+      <id>thriftif</id>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-antrun-plugin</artifactId>
+            <executions>
+              <execution>
+                <id>generate-thrift-sources</id>
+                <phase>generate-sources</phase>
+                <configuration>
+                  <target>
+                    <taskdef name="for" classname="net.sf.antcontrib.logic.ForTask"
+                      classpathref="maven.plugin.classpath" />
+                    <property name="thrift.args" value="-I ${thrift.home} --gen java:beans,hashcode"/>
+                    <property name="thrift.gen.dir" value="${basedir}/src/gen/thrift"/>
+                    <delete dir="${thrift.gen.dir}"/>
+                    <mkdir dir="${thrift.gen.dir}"/>
+                    <for param="thrift.file">
+                      <path>
+                        <fileset dir="${basedir}/src/main/resources/" includes="**/*.thrift"
/>
+                      </path>
+                      <sequential>
+                        <echo message="Generating Thrift code for @{thrift.file}"/>
+                        <exec executable="${thrift.home}/bin/thrift"  failonerror="true"
dir=".">
+                          <arg line="${thrift.args} -I ${basedir}/src/main/resources/
-o ${thrift.gen.dir} @{thrift.file} " />
+                        </exec>
+                      </sequential>
+                    </for>
+                  </target>
+                </configuration>
+                <goals>
+                  <goal>run</goal>
+                </goals>
+              </execution>
+            </executions>
+          </plugin>
+          <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-enforcer-plugin</artifactId>
+            <executions>
+              <execution>
+                <id>enforce-property</id>
+                <goals>
+                  <goal>enforce</goal>
+                </goals>
+                <configuration>
+                  <rules>
+                    <requireProperty>
+                      <property>thrift.home</property>
+                    </requireProperty>
+                  </rules>
+                  <fail>true</fail>
+                </configuration>
+              </execution>
+            </executions>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+  </profiles>
+
+</project>


Mime
View raw message