/** * Removes the role with the given name from the AuthorizationPolicy. Returns the removed role * with an incremented catalog version, or null if no role with this name exists. */ public Role removeRole(String roleName) { catalogLock_.writeLock().lock(); try { Role role = authPolicy_.removeRole(roleName); if (role == null) return null; role.setCatalogVersion(incrementAndGetCatalogVersion()); return role; } finally { catalogLock_.writeLock().unlock(); } }
/** * Removes a grant group from the given role name and returns the modified Role with an updated * catalog version. If the role does not exist a CatalogException is thrown. */ public Role removeRoleGrantGroup(String roleName, String groupName) throws CatalogException { catalogLock_.writeLock().lock(); try { Role role = authPolicy_.removeGrantGroup(roleName, groupName); Preconditions.checkNotNull(role); role.setCatalogVersion(incrementAndGetCatalogVersion()); return role; } finally { catalogLock_.writeLock().unlock(); } }
/** * Adds a new role with the given name and grant groups to the AuthorizationPolicy. If a role with * the same name already exists it will be overwritten. */ public Role addRole(String roleName, Set<String> grantGroups) { catalogLock_.writeLock().lock(); try { Role role = new Role(roleName, grantGroups); role.setCatalogVersion(incrementAndGetCatalogVersion()); authPolicy_.addRole(role); return role; } finally { catalogLock_.writeLock().unlock(); } }