sentry-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From co...@apache.org
Subject [25/49] sentry git commit: SENTRY-1286: Create sentry-service-common module(Colin Ma, reviewed by Dapeng Sun)
Date Thu, 16 Jun 2016 03:12:19 GMT
http://git-wip-us.apache.org/repos/asf/sentry/blob/f5368df5/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift
b/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift
deleted file mode 100644
index db107bf..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_generic_policy_service.thrift
+++ /dev/null
@@ -1,279 +0,0 @@
-#!/usr/local/bin/thrift -java
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#
-# Thrift Service that the MetaStore is built on
-#
-
-include "share/fb303/if/fb303.thrift"
-include "sentry_common_service.thrift"
-include "sentry_policy_service.thrift"
-
-namespace java org.apache.sentry.provider.db.generic.service.thrift
-namespace php sentry.provider.db.service.db.generic.serivce.thrift
-namespace cpp Apache.Sentry.Provider.Db.Generic.Service.Thrift
-
-typedef sentry_common_service.TSentryResponseStatus TSentryResponseStatus
-
-# Represents a new generic model privilege for solr or other component in transport 
-# from the client to the server
-enum TSentryGrantOption {
-  TRUE = 1,
-  FALSE = 0,
-  UNSET = -1
-}
-
-# Represents a authorizable resource in the privilege
-# like DATABASE=db1 in the hive, COLLECTION=collection1 in the solr
-struct TAuthorizable {
-1: required string type,
-2: required string name
-}
-
-struct TSentryPrivilege {
-1: required string component,
-2: required string serviceName,
-3: required list<TAuthorizable> authorizables,
-4: required string action,
-5: optional i64 createTime, # Set on server side
-6: optional string grantorPrincipal, # Set on server side
-7: optional TSentryGrantOption grantOption = sentry_policy_service.TSentryGrantOption.FALSE
-}
-
-# CREATE ROLE r1
-struct TCreateSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component # The request is issued to which component
-}
-
-struct TCreateSentryRoleResponse {
-1: required TSentryResponseStatus status
-}
-
-# DROP ROLE r1
-struct TDropSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component # The request is issued to which component
-}
-
-struct TDropSentryRoleResponse {
-1: required TSentryResponseStatus status
-}
-
-# GRANT ROLE r1 TO GROUP g1
-struct TAlterSentryRoleAddGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required set<string> groups
-}
-struct TAlterSentryRoleAddGroupsResponse {
-1: required TSentryResponseStatus status
-}
-
-# REVOLE ROLE r1 FROM GROUP g1
-struct TAlterSentryRoleDeleteGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required set<string> groups
-}
-struct TAlterSentryRoleDeleteGroupsResponse {
-1: required TSentryResponseStatus status
-}
-
-# GRANT ... ON ... TO ROLE ...
-struct TAlterSentryRoleGrantPrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required TSentryPrivilege privilege
-}
-struct TAlterSentryRoleGrantPrivilegeResponse {
-1: required TSentryResponseStatus status
-}
-
-# REVOKE ... ON ... FROM ROLE ...
-struct TAlterSentryRoleRevokePrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required string component, # The request is issued to which component
-5: required TSentryPrivilege privilege
-}
-struct TAlterSentryRoleRevokePrivilegeResponse {
-1: required TSentryResponseStatus status
-}
-
-# SHOW ROLE GRANT
-struct TListSentryRolesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: optional string groupName, # for this group, or all roles for all groups if null
-4: required string component # The request is issued to which component
-}
-# used only for TListSentryRolesResponse
-struct TSentryRole {
-1: required string roleName,
-2: required set<string> groups
-}
-
-struct TListSentryRolesResponse {
-1: required TSentryResponseStatus status
-2: optional set<TSentryRole> roles
-}
-# SHOW GRANT
-struct TListSentryPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName, # get privileges assigned for this role
-4: required string component, # The request is issued to which component
-5: required string serviceName, # The privilege belongs to which service
-6: optional list<TAuthorizable> authorizables # get privileges assigned for this authorizable
hierarchys
-}
-
-struct TListSentryPrivilegesResponse {
-1: required TSentryResponseStatus status
-2: optional set<TSentryPrivilege> privileges
-}
-
-# Drop privilege
-struct TDropPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required TSentryPrivilege privilege
-4: required string component, # The request is issued to which component
-}
-
-struct TDropPrivilegesResponse {
-1: required TSentryResponseStatus status
-}
-
-# Rename privilege
-struct TRenamePrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string component, # The request is issued to which component
-4: required string serviceName, # The privilege belongs to which service
-5: required list<TAuthorizable>  oldAuthorizables, # get old privileges assigned for
this authorizable hierarchys
-6: required list<TAuthorizable>  newAuthorizables # change to new authorizable hierarchys
-}
-
-struct TRenamePrivilegesResponse {
-1: required TSentryResponseStatus status
-}
-
-# This API was created specifically for ProviderBackend.getPrivileges
-# and is not mean for general purpose privilege retrieval.
-# This request/response pair are created specifically so we can
-# efficiently obtain the specific privilges for a user query
-struct TSentryActiveRoleSet {
-1: required bool all,
-2: required set<string> roles,
-}
-
-struct TListSentryPrivilegesForProviderRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string component, # The request is issued to which component
-3: required string serviceName, # The privilege belongs to which service
-4: required set<string> groups,
-5: required TSentryActiveRoleSet roleSet,
-6: optional list<TAuthorizable>  authorizables # authorizable hierarchys
-}
-
-struct TListSentryPrivilegesForProviderResponse {
-1: required TSentryResponseStatus status
-2: required set<string> privileges
-}
-
-# Map of role:set<privileges> for the given authorizable
-# Optionally use the set of groups to filter the roles
-struct TSentryPrivilegeMap {
-1: required map<string, set<TSentryPrivilege>> privilegeMap
-}
-
-struct TListSentryPrivilegesByAuthRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-
-# User on whose behalf the request is issued
-2: required string requestorUserName,
-
-# The request is issued to which component
-3: required string component,
-
-# The privilege belongs to which service
-4: required string serviceName,
-
-# The authorizable hierarchys, it is represented as a string. e.g
-# resourceType1=resourceName1->resourceType2=resourceName2->resourceType3=resourceName3
-5: required set<string> authorizablesSet,
-
-# The requested groups. For admin, the requested groups can be empty, if so it is
-# treated as a wildcard query. Otherwise, it is a query on this specifc groups.
-# For non-admin user, the requested groups must be the groups they are part of.
-6: optional set<string> groups,
-
-# The active role set.
-7: optional TSentryActiveRoleSet roleSet
-}
-
-struct TListSentryPrivilegesByAuthResponse {
-1: required sentry_common_service.TSentryResponseStatus status,
-
-# Will not be set in case of an error. Otherwise it will be a
-# <Authorizables, <Role, Set<Privileges>>> mapping. For non-admin
-# requestor, the roles are intersection of active roles and granted roles.
-# For admin requestor, the roles are filtered based on the active roles
-# and requested group from TListSentryPrivilegesByAuthRequest.
-# The authorizable hierarchys is represented as a string in the form
-# of the request.
-2: optional map<string, TSentryPrivilegeMap> privilegesMapByAuth
-}
-
-service SentryGenericPolicyService
-{
-  TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
-  TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
-
-  TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(1:TAlterSentryRoleGrantPrivilegeRequest
request)
-  TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(1:TAlterSentryRoleRevokePrivilegeRequest
request)
-
-  TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(1:TAlterSentryRoleAddGroupsRequest
request)
-  TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(1:TAlterSentryRoleDeleteGroupsRequest
request)
-
-  TListSentryRolesResponse list_sentry_roles_by_group(1:TListSentryRolesRequest request)
-
-  TListSentryPrivilegesResponse list_sentry_privileges_by_role(1:TListSentryPrivilegesRequest
request)
-
-  TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(1:TListSentryPrivilegesForProviderRequest
request)
-
-  TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(1:TListSentryPrivilegesByAuthRequest
request);
-
-  TDropPrivilegesResponse drop_sentry_privilege(1:TDropPrivilegesRequest request);
-
-  TRenamePrivilegesResponse rename_sentry_privilege(1:TRenamePrivilegesRequest request);
-}

http://git-wip-us.apache.org/repos/asf/sentry/blob/f5368df5/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
----------------------------------------------------------------------
diff --git a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
b/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
deleted file mode 100644
index 82cd947..0000000
--- a/sentry-provider/sentry-provider-db/src/main/resources/sentry_policy_service.thrift
+++ /dev/null
@@ -1,330 +0,0 @@
-#!/usr/local/bin/thrift -java
-
-/**
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#
-# Thrift Service that the MetaStore is built on
-#
-
-include "share/fb303/if/fb303.thrift"
-include "sentry_common_service.thrift"
-
-namespace java org.apache.sentry.provider.db.service.thrift
-namespace php sentry.provider.db.service.thrift
-namespace cpp Apache.Sentry.Provider.Db.Service.Thrift
-
-enum TSentryGrantOption {
-  TRUE = 1,
-  FALSE = 0,
-  # UNSET is used for revoke privilege, the component like 'hive'
-  # didn't support getting grant option, so use UNSET is stand
-  # for revoke both privileges with grant option and without grant
-  # option.
-  UNSET = -1
-}
-
-# Represents a Privilege in transport from the client to the server
-struct TSentryPrivilege {
-1: required string privilegeScope, # Valid values are SERVER, DATABASE, TABLE, COLUMN, URI
-3: required string serverName,
-4: optional string dbName = "",
-5: optional string tableName = "",
-6: optional string URI = "",
-7: required string action = "",
-8: optional i64 createTime, # Set on server side
-9: optional TSentryGrantOption grantOption = TSentryGrantOption.FALSE
-10: optional string columnName = "",
-}
-
-# TODO can this be deleted? it's not adding value to TAlterSentryRoleAddGroupsRequest
-struct TSentryGroup {
-1: required string groupName
-}
-
-# CREATE ROLE r1
-struct TCreateSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName, # TSentryRole is not required for this request
-}
-struct TCreateSentryRoleResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# DROP ROLE r1
-struct TDropSentryRoleRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName # role to drop
-}
-struct TDropSentryRoleResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# GRANT ROLE r1 TO GROUP g1
-struct TAlterSentryRoleAddGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: required set<TSentryGroup> groups
-}
-
-struct TAlterSentryRoleAddGroupsResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# GRANT ROLE r1 TO USER u1
-struct TAlterSentryRoleAddUsersRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required set<string> users
-}
-
-struct TAlterSentryRoleAddUsersResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# REVOKE ROLE r1 FROM GROUP g1
-struct TAlterSentryRoleDeleteGroupsRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: required set<TSentryGroup> groups
-}
-struct TAlterSentryRoleDeleteGroupsResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# REVOKE ROLE r1 FROM USER u1
-struct TAlterSentryRoleDeleteUsersRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-4: required set<string> users
-}
-struct TAlterSentryRoleDeleteUsersResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# GRANT ... ON ... TO ROLE ...
-struct TAlterSentryRoleGrantPrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: optional TSentryPrivilege privilege,
-6: optional set<TSentryPrivilege> privileges
-}
-struct TAlterSentryRoleGrantPrivilegeResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional TSentryPrivilege privilege
-3: optional set<TSentryPrivilege> privileges
-}
-
-# REVOKE ... ON ... FROM ROLE ...
-struct TAlterSentryRoleRevokePrivilegeRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string roleName,
-5: optional TSentryPrivilege privilege,
-6: optional set<TSentryPrivilege> privileges
-}
-struct TAlterSentryRoleRevokePrivilegeResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# SHOW ROLE GRANT
-struct TListSentryRolesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: optional string groupName # for this group, or all roles for all groups if null
-}
-
-struct TListSentryRolesForUserRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required string userName
-}
-
-# used only for TListSentryRolesResponse
-struct TSentryRole {
-1: required string roleName,
-2: required set<TSentryGroup> groups,
-3: required string grantorPrincipal #Deprecated
-}
-struct TListSentryRolesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional set<TSentryRole> roles
-}
-
-struct TSentryAuthorizable {
-1: required string server,
-2: optional string uri,
-3: optional string db,
-4: optional string table,
-5: optional string column,
-}
-
-# SHOW GRANT
-struct TListSentryPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-4: required string roleName, # get privileges assigned for this role
-5: optional TSentryAuthorizable authorizableHierarchy # get privileges assigned for this
role
-}
-struct TListSentryPrivilegesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional set<TSentryPrivilege> privileges
-}
-
-# Drop privilege
-struct TDropPrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required TSentryAuthorizable authorizable
-}
-
-struct TDropPrivilegesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-struct TRenamePrivilegesRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required TSentryAuthorizable oldAuthorizable
-4: required TSentryAuthorizable newAuthorizable
-}
-
-struct TRenamePrivilegesResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-# This API was created specifically for ProviderBackend.getPrivileges
-# and is not mean for general purpose privilege retrieval.
-# This request/response pair are created specifically so we can
-# efficiently obtain the specific privilges for a user query
-struct TSentryActiveRoleSet {
-1: required bool all,
-2: required set<string> roles,
-}
-struct TListSentryPrivilegesForProviderRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required set<string> groups,
-3: required TSentryActiveRoleSet roleSet,
-4: optional TSentryAuthorizable authorizableHierarchy,
-5: optional set<string> users
-}
-struct TListSentryPrivilegesForProviderResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: required set<string> privileges
-}
-
-# List role:set<privileges> for the given authorizable
-# Optionally use the set of groups to filter the roles
-struct TSentryPrivilegeMap {
-1: required map<string, set<TSentryPrivilege>> privilegeMap
-}
-struct TListSentryPrivilegesByAuthRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required set<TSentryAuthorizable> authorizableSet,
-4: optional set<string> groups,
-5: optional TSentryActiveRoleSet roleSet
-}
-struct TListSentryPrivilegesByAuthResponse {
-1: required sentry_common_service.TSentryResponseStatus status,
-2: optional map<TSentryAuthorizable, TSentryPrivilegeMap> privilegesMapByAuth # will
not be set in case of an error
-}
-
-# Obtain a config value from the Sentry service
-struct TSentryConfigValueRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V2,
-2: required string propertyName, # Config attribute to obtain
-3: optional string defaultValue # Value if propertyName not found
-}
-struct TSentryConfigValueResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-2: optional string value
-}
-
-# struct for the mapping data like group to role, role to privilege
-struct TSentryMappingData {
-1: optional map<string, set<string>> groupRolesMap,                # for the
groupName -> role mapping
-2: optional map<string, set<TSentryPrivilege>>  rolePrivilegesMap, # for the
roleName -> privilege mapping
-3: optional map<string, set<string>> userRolesMap                  # for the
userName -> role mapping
-}
-
-struct TSentryExportMappingDataRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: optional string objectPath # for specific auth object
-}
-
-struct TSentryExportMappingDataResponse {
-1: required sentry_common_service.TSentryResponseStatus status,
-2: required TSentryMappingData mappingData
-}
-
-struct TSentryImportMappingDataRequest {
-1: required i32 protocol_version = sentry_common_service.TSENTRY_SERVICE_V1,
-2: required string requestorUserName, # user on whose behalf the request is issued
-3: required bool overwriteRole = false, # if overwrite the exist role with the imported privileges,
default is false 
-4: required TSentryMappingData mappingData
-}
-
-struct TSentryImportMappingDataResponse {
-1: required sentry_common_service.TSentryResponseStatus status
-}
-
-service SentryPolicyService
-{
-  TCreateSentryRoleResponse create_sentry_role(1:TCreateSentryRoleRequest request)
-  TDropSentryRoleResponse drop_sentry_role(1:TDropSentryRoleRequest request)
-
-  TAlterSentryRoleGrantPrivilegeResponse alter_sentry_role_grant_privilege(1:TAlterSentryRoleGrantPrivilegeRequest
request)
-  TAlterSentryRoleRevokePrivilegeResponse alter_sentry_role_revoke_privilege(1:TAlterSentryRoleRevokePrivilegeRequest
request)
-
-  TAlterSentryRoleAddGroupsResponse alter_sentry_role_add_groups(1:TAlterSentryRoleAddGroupsRequest
request)
-  TAlterSentryRoleDeleteGroupsResponse alter_sentry_role_delete_groups(1:TAlterSentryRoleDeleteGroupsRequest
request)
-
-  TAlterSentryRoleAddUsersResponse alter_sentry_role_add_users(1:TAlterSentryRoleAddUsersRequest
request)
-  TAlterSentryRoleDeleteUsersResponse alter_sentry_role_delete_users(1:TAlterSentryRoleDeleteUsersRequest
request)
-
-  TListSentryRolesResponse list_sentry_roles_by_group(1:TListSentryRolesRequest request)
-  TListSentryRolesResponse list_sentry_roles_by_user(1:TListSentryRolesForUserRequest request)
-
-  TListSentryPrivilegesResponse list_sentry_privileges_by_role(1:TListSentryPrivilegesRequest
request)
-
-  # For use with ProviderBackend.getPrivileges only
-  TListSentryPrivilegesForProviderResponse list_sentry_privileges_for_provider(1:TListSentryPrivilegesForProviderRequest
request)
-
-  TDropPrivilegesResponse drop_sentry_privilege(1:TDropPrivilegesRequest request);
-
-  TRenamePrivilegesResponse rename_sentry_privilege(1:TRenamePrivilegesRequest request);
-
-  TListSentryPrivilegesByAuthResponse list_sentry_privileges_by_authorizable(1:TListSentryPrivilegesByAuthRequest
request);
-
-  TSentryConfigValueResponse get_sentry_config_value(1:TSentryConfigValueRequest request);
-
-  # export the mapping data in sentry
-  TSentryExportMappingDataResponse export_sentry_mapping_data(1:TSentryExportMappingDataRequest
request);
-
-  # import the mapping data in sentry
-  TSentryImportMappingDataResponse import_sentry_mapping_data(1:TSentryImportMappingDataRequest
request);
-}

http://git-wip-us.apache.org/repos/asf/sentry/blob/f5368df5/sentry-service/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-service/pom.xml b/sentry-service/pom.xml
new file mode 100644
index 0000000..bea89e5
--- /dev/null
+++ b/sentry-service/pom.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+  <modelVersion>4.0.0</modelVersion>
+
+  <parent>
+    <groupId>org.apache.sentry</groupId>
+    <artifactId>sentry</artifactId>
+    <version>1.8.0-SNAPSHOT</version>
+  </parent>
+
+  <artifactId>sentry-service</artifactId>
+  <name>Sentry Service</name>
+  <packaging>pom</packaging>
+
+  <modules>
+    <module>sentry-service-common</module>
+  </modules>
+
+</project>

http://git-wip-us.apache.org/repos/asf/sentry/blob/f5368df5/sentry-service/sentry-service-common/pom.xml
----------------------------------------------------------------------
diff --git a/sentry-service/sentry-service-common/pom.xml b/sentry-service/sentry-service-common/pom.xml
new file mode 100644
index 0000000..d47cafa
--- /dev/null
+++ b/sentry-service/sentry-service-common/pom.xml
@@ -0,0 +1,143 @@
+<?xml version="1.0"?>
+<!--
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>org.apache.sentry</groupId>
+    <artifactId>sentry-service</artifactId>
+    <version>1.8.0-SNAPSHOT</version>
+  </parent>
+
+  <artifactId>sentry-service-common</artifactId>
+  <name>Sentry Service Common</name>
+
+  <dependencies>
+    <dependency>
+      <groupId>commons-lang</groupId>
+      <artifactId>commons-lang</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>slf4j-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.slf4j</groupId>
+      <artifactId>slf4j-log4j12</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.thrift</groupId>
+      <artifactId>libfb303</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.thrift</groupId>
+      <artifactId>libthrift</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.sentry</groupId>
+      <artifactId>sentry-core-common</artifactId>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>build-helper-maven-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>add-source</id>
+            <phase>generate-sources</phase>
+            <goals>
+              <goal>add-source</goal>
+            </goals>
+            <configuration>
+              <sources>
+                <source>src/gen/thrift/gen-javabean</source>
+              </sources>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+
+  <profiles>
+    <profile>
+      <id>thriftif</id>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-antrun-plugin</artifactId>
+            <executions>
+              <execution>
+                <id>generate-thrift-sources</id>
+                <phase>generate-sources</phase>
+                <configuration>
+                  <target>
+                    <taskdef name="for" classname="net.sf.antcontrib.logic.ForTask"
+                             classpathref="maven.plugin.classpath" />
+                    <property name="thrift.args" value="-I ${thrift.home} --gen java:beans,hashcode"/>
+                    <property name="thrift.gen.dir" value="${basedir}/src/gen/thrift"/>
+                    <delete dir="${thrift.gen.dir}"/>
+                    <mkdir dir="${thrift.gen.dir}"/>
+                    <for param="thrift.file">
+                      <path>
+                        <fileset dir="${basedir}/src/main/resources/" includes="**/*.thrift"
/>
+                      </path>
+                      <sequential>
+                        <echo message="Generating Thrift code for @{thrift.file}"/>
+                        <exec executable="${thrift.home}/bin/thrift"  failonerror="true"
dir=".">
+                          <arg line="${thrift.args} -I ${basedir}/src/main/resources/
-o ${thrift.gen.dir} @{thrift.file} " />
+                        </exec>
+                      </sequential>
+                    </for>
+                  </target>
+                </configuration>
+                <goals>
+                  <goal>run</goal>
+                </goals>
+              </execution>
+            </executions>
+          </plugin>
+          <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-enforcer-plugin</artifactId>
+            <executions>
+              <execution>
+                <id>enforce-property</id>
+                <goals>
+                  <goal>enforce</goal>
+                </goals>
+                <configuration>
+                  <rules>
+                    <requireProperty>
+                      <property>thrift.home</property>
+                    </requireProperty>
+                  </rules>
+                  <fail>true</fail>
+                </configuration>
+              </execution>
+            </executions>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+  </profiles>
+</project>
\ No newline at end of file


Mime
View raw message