private Iterable<Privilege> getPrivileges(
Set<String> groups, ActiveRoleSet roleSet, Authorizable[] authorizables) {
return Iterables.transform(
appendDefaultDBPriv(policy.getPrivileges(groups, roleSet, authorizables), authorizables),
new Function<String, Privilege>() {
@Override
public Privilege apply(String privilege) {
return privilegeFactory.createPrivilege(privilege);
}
});
}
public ResourceAuthorizationProvider(PolicyEngine policy, GroupMappingService groupService) {
this.policy = policy;
this.groupService = groupService;
this.privilegeFactory = policy.getPrivilegeFactory();
this.lastFailedPrivileges =
new ThreadLocal<List<String>>() {
@Override
protected List<String> initialValue() {
return new ArrayList<String>();
}
};
}
@Override
public void close() {
if (policy != null) {
policy.close();
}
}
@Override
public Set<String> listPrivilegesForGroup(String groupName) throws SentryConfigurationException {
return policy.getPrivileges(Sets.newHashSet(groupName), ActiveRoleSet.ALL, null);
}
@Override
public Set<String> listPrivilegesForSubject(Subject subject) throws SentryConfigurationException {
return policy.getPrivileges(getGroups(subject), ActiveRoleSet.ALL, null);
}
@Override
public void validateResource(boolean strictValidation) throws SentryConfigurationException {
policy.validatePolicy(strictValidation);
}