Package org.apache.iotdb.commons.auth.role

Interface IRoleManager

    • Method Detail

      • getRole

        Role getRole​(java.lang.String rolename)
      throws AuthException
        Get a role object.
        Parameters:
        rolename - The name of the role.
        Returns:
        A role object whose name is rolename or null if such role does not exist.
        Throws:
        AuthException - if exception is raised while getting the role.

      • createRole

        boolean createRole​(java.lang.String rolename)
            throws AuthException
        Create a role with given rolename. New roles will only be granted no privileges.
        Parameters:
        rolename - is not null or empty
        Returns:
        True if the role is successfully created, false when the role already exists.
        Throws:
        AuthException - f the given rolename is iIllegal.

      • deleteRole

        boolean deleteRole​(java.lang.String rolename)
            throws AuthException
        Delete a role.
        Parameters:
        rolename - the rolename of the role.
        Returns:
        True if the role is successfully deleted, false if the role does not exists.
        Throws:
        AuthException - if exception is raised while finding the role.

      • grantPrivilegeToRole

        boolean grantPrivilegeToRole​(java.lang.String rolename,
                             PartialPath path,
                             int privilegeId)
                      throws AuthException
        Grant a privilege on a seriesPath to a role.
        Parameters:
        rolename - The rolename of the role to which the privilege should be added.
        path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege, this should be "root".
        privilegeId - An integer that represents a privilege.
        Returns:
        True if the permission is successfully added, false if the permission already exists.
        Throws:
        AuthException - If the role does not exist or the privilege or the seriesPath is illegal.

      • revokePrivilegeFromRole

        boolean revokePrivilegeFromRole​(java.lang.String rolename,
                                PartialPath path,
                                int privilegeId)
                         throws AuthException
        Revoke a privilege on seriesPath from a role.
        Parameters:
        rolename - The rolename of the role from which the privilege should be removed.
        path - The seriesPath on which the privilege takes effect. If the privilege is a seriesPath-free privilege like 'CREATE_USER', this should be "root".
        privilegeId - An integer that represents a privilege.
        Returns:
        True if the permission is successfully revoked, false if the permission does not exists.
        Throws:
        AuthException - If the role does not exist or the privilege or the seriesPath is illegal.

      • reset

        void reset()
        Re-initialize this object.

      • listAllRoles

        java.util.List<java.lang.String> listAllRoles()
        List all roles in the database.
        Returns:
        A list that contains names of all roles.

      • replaceAllRoles

        void replaceAllRoles​(java.util.Map<java.lang.String,​Role> roles)
              throws AuthException
        clear all old roles info, replace the old roles with the new one. The caller should guarantee that no other methods of this interface are invoked concurrently when this method is called.
        Parameters:
        roles - new roles info
        Throws:
        AuthException