Package org.apache.iotdb.commons.auth.authorizer

Class BasicAuthorizer

    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      boolean checkUserPrivileges​(java.lang.String username, PartialPath path, int privilegeId)
      Check if the user have the privilege on the seriesPath.
      void createRole​(java.lang.String roleName)
      Add a role.
      void createUser​(java.lang.String username, java.lang.String password)
      Create a user with given username and password.
      void deleteRole​(java.lang.String roleName)
      Delete a role.
      void deleteUser​(java.lang.String username)
      Delete a user.
      java.util.Map<java.lang.String,​Role> getAllRoles()
      get all role
      java.util.Map<java.lang.String,​User> getAllUsers()
      get all user
      java.util.Map<java.lang.String,​java.lang.Boolean> getAllUserWaterMarkStatus()
      get all user water mark status
      ServiceType getID()
      Get the name of the the service.
      static IAuthorizer getInstance()
      Function for getting the instance of the local file authorizer.
      java.util.Set<java.lang.Integer> getPrivileges​(java.lang.String username, PartialPath path)
      Get the all the privileges of a user on a seriesPath.
      Role getRole​(java.lang.String roleName)
      Find a role by its name.
      User getUser​(java.lang.String username)
      Find a user by its name.
      void grantPrivilegeToRole​(java.lang.String roleName, PartialPath path, int privilegeId)
      Add a privilege on a seriesPath to a role.
      void grantPrivilegeToUser​(java.lang.String username, PartialPath path, int privilegeId)
      Grant a privilege on a seriesPath to a user.
      void grantRoleToUser​(java.lang.String roleName, java.lang.String username)
      Add a role to a user.
      protected void init()  
      boolean isUserUseWaterMark​(java.lang.String userName)
      Whether data water-mark is enabled for user 'userName'.
      java.util.List<java.lang.String> listAllRoles()
      List existing roles in the database.
      java.util.List<java.lang.String> listAllUsers()
      List existing users in the database.
      boolean login​(java.lang.String username, java.lang.String password)
      Login for a user.
      void processLoadSnapshot​(java.io.File snapshotDir)
      Load snapshot
      boolean processTakeSnapshot​(java.io.File snapshotDir)
      Take snapshot
      void replaceAllRoles​(java.util.Map<java.lang.String,​Role> roles)
      clear all old role info, replace the old roles with the new one
      void replaceAllUsers​(java.util.Map<java.lang.String,​User> users)
      clear all old user info, replace the old users with the new one
      void reset()
      Reset the Authorizer to initiative status.
      void revokePrivilegeFromRole​(java.lang.String roleName, PartialPath path, int privilegeId)
      Remove a privilege on a seriesPath from a role.
      void revokePrivilegeFromUser​(java.lang.String username, PartialPath path, int privilegeId)
      Revoke a privilege on seriesPath from a user.
      void revokeRoleFromUser​(java.lang.String roleName, java.lang.String username)
      Revoke a role from a user.
      void setUserUseWaterMark​(java.lang.String userName, boolean useWaterMark)
      Enable or disable data water-mark for user 'userName'.
      void start()
      Start current service.
      void stop()
      Stop current service.
      void updateUserPassword​(java.lang.String username, java.lang.String newPassword)
      Modify the password of a user.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Method Detail

      • getInstance

        public static IAuthorizer getInstance()
                               throws AuthException
        Function for getting the instance of the local file authorizer.
        Throws:
        AuthException - Failed to initialize authorizer

      • login

        public boolean login​(java.lang.String username,
                     java.lang.String password)
              throws AuthException
        Description copied from interface: IAuthorizer
        Login for a user.
        Specified by:
        login in interface IAuthorizer
        Parameters:
        username - The username of the user.
        password - The password of the user.
        Returns:
        True if such user exists and the given password is correct, else return false.
        Throws:
        AuthException - if exception raised when searching for the user.

      • createUser

        public void createUser​(java.lang.String username,
                       java.lang.String password)
                throws AuthException
        Description copied from interface: IAuthorizer
        Create a user with given username and password. New users will only be granted no privileges.
        Specified by:
        createUser in interface IAuthorizer
        Parameters:
        username - is not null or empty
        password - is not null or empty
        Throws:
        AuthException - if the given username or password is illegal or the user already exists.

      • deleteUser

        public void deleteUser​(java.lang.String username)
                throws AuthException
        Description copied from interface: IAuthorizer
        Delete a user.
        Specified by:
        deleteUser in interface IAuthorizer
        Parameters:
        username - the username of the user.
        Throws:
        AuthException - When attempting to delete the default administrator or the user does not exists.

      • grantPrivilegeToUser

        public void grantPrivilegeToUser​(java.lang.String username,
                                 PartialPath path,
                                 int privilegeId)
                          throws AuthException
        Description copied from interface: IAuthorizer
        Grant a privilege on a seriesPath to a user.
        Specified by:
        grantPrivilegeToUser in interface IAuthorizer
        Parameters:
        username - The username of the user to which the privilege should be added.
        path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege, this should be "root".
        privilegeId - An integer that represents a privilege.
        Throws:
        AuthException - If the user does not exist or the privilege or the seriesPath is illegal or the permission already exists.

      • revokePrivilegeFromUser

        public void revokePrivilegeFromUser​(java.lang.String username,
                                    PartialPath path,
                                    int privilegeId)
                             throws AuthException
        Description copied from interface: IAuthorizer
        Revoke a privilege on seriesPath from a user.
        Specified by:
        revokePrivilegeFromUser in interface IAuthorizer
        Parameters:
        username - The username of the user from which the privilege should be removed.
        path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege, this should be "root".
        privilegeId - An integer that represents a privilege.
        Throws:
        AuthException - If the user does not exist or the privilege or the seriesPath is illegal or if the permission does not exist.

      • createRole

        public void createRole​(java.lang.String roleName)
                throws AuthException
        Description copied from interface: IAuthorizer
        Add a role.
        Specified by:
        createRole in interface IAuthorizer
        Parameters:
        roleName - the name of the role to be added.
        Throws:
        AuthException - if exception raised when adding the role or the role already exists.

      • deleteRole

        public void deleteRole​(java.lang.String roleName)
                throws AuthException
        Description copied from interface: IAuthorizer
        Delete a role.
        Specified by:
        deleteRole in interface IAuthorizer
        Parameters:
        roleName - the name of the role tobe deleted.
        Throws:
        AuthException - if exception raised when deleting the role or the role does not exists.

      • grantPrivilegeToRole

        public void grantPrivilegeToRole​(java.lang.String roleName,
                                 PartialPath path,
                                 int privilegeId)
                          throws AuthException
        Description copied from interface: IAuthorizer
        Add a privilege on a seriesPath to a role.
        Specified by:
        grantPrivilegeToRole in interface IAuthorizer
        Parameters:
        roleName - The name of the role to which the privilege is added.
        path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege, this should be "root".
        privilegeId - An integer that represents a privilege.
        Throws:
        AuthException - If the role does not exist or the privilege or the seriesPath is illegal or the privilege already exists.

      • revokePrivilegeFromRole

        public void revokePrivilegeFromRole​(java.lang.String roleName,
                                    PartialPath path,
                                    int privilegeId)
                             throws AuthException
        Description copied from interface: IAuthorizer
        Remove a privilege on a seriesPath from a role.
        Specified by:
        revokePrivilegeFromRole in interface IAuthorizer
        Parameters:
        roleName - The name of the role from which the privilege is removed.
        path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege, this should be "root".
        privilegeId - An integer that represents a privilege.
        Throws:
        AuthException - If the role does not exist or the privilege or the seriesPath is illegal or the privilege does not exists.

      • grantRoleToUser

        public void grantRoleToUser​(java.lang.String roleName,
                            java.lang.String username)
                     throws AuthException
        Description copied from interface: IAuthorizer
        Add a role to a user.
        Specified by:
        grantRoleToUser in interface IAuthorizer
        Parameters:
        roleName - The name of the role to be added.
        username - The name of the user to which the role is added.
        Throws:
        AuthException - If either the role or the user does not exist or the role already exists.

      • revokeRoleFromUser

        public void revokeRoleFromUser​(java.lang.String roleName,
                               java.lang.String username)
                        throws AuthException
        Description copied from interface: IAuthorizer
        Revoke a role from a user.
        Specified by:
        revokeRoleFromUser in interface IAuthorizer
        Parameters:
        roleName - The name of the role to be removed.
        username - The name of the user from which the role is removed.
        Throws:
        AuthException - If either the role or the user does not exist or the role already exists.

      • getPrivileges

        public java.util.Set<java.lang.Integer> getPrivileges​(java.lang.String username,
                                                      PartialPath path)
                                               throws AuthException
        Description copied from interface: IAuthorizer
        Get the all the privileges of a user on a seriesPath.
        Specified by:
        getPrivileges in interface IAuthorizer
        Parameters:
        username - The user whose privileges are to be queried.
        path - The seriesPath on which the privileges take effect. If the privilege is a seriesPath-free privilege, this should be "root".
        Returns:
        A set of integers each present a privilege.
        Throws:
        AuthException - if exception raised when finding the privileges.

      • updateUserPassword

        public void updateUserPassword​(java.lang.String username,
                               java.lang.String newPassword)
                        throws AuthException
        Description copied from interface: IAuthorizer
        Modify the password of a user.
        Specified by:
        updateUserPassword in interface IAuthorizer
        Parameters:
        username - The user whose password is to be modified.
        newPassword - The new password.
        Throws:
        AuthException - If the user does not exists or the new password is illegal.

      • checkUserPrivileges

        public boolean checkUserPrivileges​(java.lang.String username,
                                   PartialPath path,
                                   int privilegeId)
                            throws AuthException
        Description copied from interface: IAuthorizer
        Check if the user have the privilege on the seriesPath.
        Specified by:
        checkUserPrivileges in interface IAuthorizer
        Parameters:
        username - The name of the user whose privileges are checked.
        path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege, this should be "root".
        privilegeId - An integer that represents a privilege.
        Returns:
        True if the user has such privilege, false if the user does not have such privilege.
        Throws:
        AuthException - If the seriesPath or the privilege is illegal.

      • getAllUserWaterMarkStatus

        public java.util.Map<java.lang.String,​java.lang.Boolean> getAllUserWaterMarkStatus()
        Description copied from interface: IAuthorizer
        get all user water mark status
        Specified by:
        getAllUserWaterMarkStatus in interface IAuthorizer
        Returns:
        key->userName, value->useWaterMark or not

      • getAllUsers

        public java.util.Map<java.lang.String,​User> getAllUsers()
        Description copied from interface: IAuthorizer
        get all user
        Specified by:
        getAllUsers in interface IAuthorizer
        Returns:
        key-> userName, value->user

      • getAllRoles

        public java.util.Map<java.lang.String,​Role> getAllRoles()
        Description copied from interface: IAuthorizer
        get all role
        Specified by:
        getAllRoles in interface IAuthorizer
        Returns:
        key->userName, value->role

      • stop

        public void stop()
        Description copied from interface: IService
        Stop current service. If current service uses thread or thread pool, current service should guarantee to putBack thread or thread pool.
        Specified by:
        stop in interface IService

      • getID

        public ServiceType getID()
        Description copied from interface: IService
        Get the name of the the service.
        Specified by:
        getID in interface IService
        Returns:
        current service name

      • listAllUsers

        public java.util.List<java.lang.String> listAllUsers()
        Description copied from interface: IAuthorizer
        List existing users in the database.
        Specified by:
        listAllUsers in interface IAuthorizer
        Returns:
        A list contains all usernames.

      • listAllRoles

        public java.util.List<java.lang.String> listAllRoles()
        Description copied from interface: IAuthorizer
        List existing roles in the database.
        Specified by:
        listAllRoles in interface IAuthorizer
        Returns:
        A list contains all roleNames.

      • getRole

        public Role getRole​(java.lang.String roleName)
             throws AuthException
        Description copied from interface: IAuthorizer
        Find a role by its name.
        Specified by:
        getRole in interface IAuthorizer
        Parameters:
        roleName - the name of the role.
        Returns:
        A role whose name is roleName or null if such role does not exist.
        Throws:
        AuthException

      • getUser

        public User getUser​(java.lang.String username)
             throws AuthException
        Description copied from interface: IAuthorizer
        Find a user by its name.
        Specified by:
        getUser in interface IAuthorizer
        Parameters:
        username - the name of the user.
        Returns:
        A user whose name is username or null if such user does not exist.
        Throws:
        AuthException

      • isUserUseWaterMark

        public boolean isUserUseWaterMark​(java.lang.String userName)
                           throws AuthException
        Description copied from interface: IAuthorizer
        Whether data water-mark is enabled for user 'userName'.
        Specified by:
        isUserUseWaterMark in interface IAuthorizer
        Parameters:
        userName - the name of user
        Throws:
        AuthException - if the user does not exist

      • setUserUseWaterMark

        public void setUserUseWaterMark​(java.lang.String userName,
                                boolean useWaterMark)
                         throws AuthException
        Description copied from interface: IAuthorizer
        Enable or disable data water-mark for user 'userName'.
        Specified by:
        setUserUseWaterMark in interface IAuthorizer
        Parameters:
        userName - the name of user
        useWaterMark - whether to use water-mark or not
        Throws:
        AuthException - if the user does not exist.

      • replaceAllUsers

        public void replaceAllUsers​(java.util.Map<java.lang.String,​User> users)
                     throws AuthException
        Description copied from interface: IAuthorizer
        clear all old user info, replace the old users with the new one
        Specified by:
        replaceAllUsers in interface IAuthorizer
        Parameters:
        users - new users info
        Throws:
        AuthException - IOException

      • replaceAllRoles

        public void replaceAllRoles​(java.util.Map<java.lang.String,​Role> roles)
                     throws AuthException
        Description copied from interface: IAuthorizer
        clear all old role info, replace the old roles with the new one
        Specified by:
        replaceAllRoles in interface IAuthorizer
        Parameters:
        roles - new roles info
        Throws:
        AuthException - IOException

      • processTakeSnapshot

        public boolean processTakeSnapshot​(java.io.File snapshotDir)
                            throws org.apache.thrift.TException,
                                   java.io.IOException
        Description copied from interface: SnapshotProcessor
        Take snapshot
        Specified by:
        processTakeSnapshot in interface SnapshotProcessor
        Parameters:
        snapshotDir - Where snapshot files are stored.
        Returns:
        Whether the snapshot is successfully executed
        Throws:
        org.apache.thrift.TException - Exception occurred during the thrift serialize struct
        java.io.IOException - Exception related to file read and write

      • processLoadSnapshot

        public void processLoadSnapshot​(java.io.File snapshotDir)
                         throws org.apache.thrift.TException,
                                java.io.IOException
        Description copied from interface: SnapshotProcessor
        Load snapshot
        Specified by:
        processLoadSnapshot in interface SnapshotProcessor
        Parameters:
        snapshotDir - Load snapshot from here
        Throws:
        org.apache.thrift.TException - Exception occurred during the thrift deserialize struct
        java.io.IOException - Exception related to file read and write