Package org.apache.iotdb.commons.auth.role

Class BasicRoleManager

java.lang.Object

org.apache.iotdb.commons.auth.role.BasicRoleManager

All Implemented Interfaces:

IRoleManager, SnapshotProcessor

Direct Known Subclasses:

LocalFileRoleManager

public abstract class BasicRoleManager
extends java.lang.Object
implements IRoleManager

This class reads roles from local files through LocalFileRoleAccessor and manages them in a hash map.

Field Summary

Fields

Modifier and Type	Field	Description
protected IRoleAccessor	accessor
protected HashLock	lock
protected java.util.Map<java.lang.String,Role>	roleMap

Method Summary

Modifier and Type	Method	Description
boolean	createRole(java.lang.String rolename)	Create a role with given rolename.
boolean	deleteRole(java.lang.String rolename)	Delete a role.
Role	getRole(java.lang.String rolename)	Get a role object.
boolean	grantPrivilegeToRole(java.lang.String rolename, PartialPath path, int privilegeId)	Grant a privilege on a seriesPath to a role.
java.util.List<java.lang.String>	listAllRoles()	List all roles in the database.
void	replaceAllRoles(java.util.Map<java.lang.String,Role> roles)	clear all old roles info, replace the old roles with the new one.
void	reset()	Re-initialize this object.
boolean	revokePrivilegeFromRole(java.lang.String rolename, PartialPath path, int privilegeId)	Revoke a privilege on seriesPath from a role.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.apache.iotdb.commons.snapshot.SnapshotProcessor

processLoadSnapshot, processTakeSnapshot

Field Detail

roleMap

protected java.util.Map<java.lang.String,Role> roleMap

accessor

protected IRoleAccessor accessor

lock

protected HashLock lock

Method Detail

getRole

public Role getRole(java.lang.String rolename)
             throws AuthException

Description copied from interface: IRoleManager

Get a role object.

Specified by:

getRole in interface IRoleManager

Parameters:

rolename - The name of the role.

Returns:

A role object whose name is rolename or null if such role does not exist.

Throws:

AuthException - if exception is raised while getting the role.

createRole

public boolean createRole(java.lang.String rolename)
                   throws AuthException

Description copied from interface: IRoleManager

Create a role with given rolename. New roles will only be granted no privileges.

Specified by:

createRole in interface IRoleManager

Parameters:

rolename - is not null or empty

Returns:

True if the role is successfully created, false when the role already exists.

Throws:

AuthException - f the given rolename is iIllegal.

deleteRole

public boolean deleteRole(java.lang.String rolename)
                   throws AuthException

Description copied from interface: IRoleManager

Delete a role.

Specified by:

deleteRole in interface IRoleManager

Parameters:

rolename - the rolename of the role.

Returns:

True if the role is successfully deleted, false if the role does not exists.

Throws:

AuthException - if exception is raised while finding the role.

grantPrivilegeToRole

public boolean grantPrivilegeToRole(java.lang.String rolename,
                                    PartialPath path,
                                    int privilegeId)
                             throws AuthException

Description copied from interface: IRoleManager

Grant a privilege on a seriesPath to a role.

Specified by:

grantPrivilegeToRole in interface IRoleManager

Parameters:

rolename - The rolename of the role to which the privilege should be added.

path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege, this should be "root".

privilegeId - An integer that represents a privilege.

Returns:

True if the permission is successfully added, false if the permission already exists.

Throws:

AuthException - If the role does not exist or the privilege or the seriesPath is illegal.

revokePrivilegeFromRole

public boolean revokePrivilegeFromRole(java.lang.String rolename,
                                       PartialPath path,
                                       int privilegeId)
                                throws AuthException

Description copied from interface: IRoleManager

Revoke a privilege on seriesPath from a role.

Specified by:

revokePrivilegeFromRole in interface IRoleManager

Parameters:

rolename - The rolename of the role from which the privilege should be removed.

path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege like 'CREATE_USER', this should be "root".

privilegeId - An integer that represents a privilege.

Returns:

True if the permission is successfully revoked, false if the permission does not exists.

Throws:

AuthException - If the role does not exist or the privilege or the seriesPath is illegal.

reset

public void reset()

Description copied from interface: IRoleManager

Re-initialize this object.

Specified by:

reset in interface IRoleManager

listAllRoles

public java.util.List<java.lang.String> listAllRoles()

Description copied from interface: IRoleManager

List all roles in the database.

Specified by:

listAllRoles in interface IRoleManager

Returns:

A list that contains names of all roles.

replaceAllRoles

public void replaceAllRoles(java.util.Map<java.lang.String,Role> roles)
                     throws AuthException

Description copied from interface: IRoleManager

clear all old roles info, replace the old roles with the new one. The caller should guarantee that no other methods of this interface are invoked concurrently when this method is called.

Specified by:

replaceAllRoles in interface IRoleManager

Parameters:

roles - new roles info

Throws:

AuthException