diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlUtil.java index 53c4dd8..c6df5f8 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlUtil.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlUtil.java @@ -301,6 +301,45 @@ public class AccessControlUtil { throw new IllegalStateException("Unrecognize Perm Type: "+proto.getType()); } + public static TablePermission toTablePermission(org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.Permission proto) { + if(proto.getType() == org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.Permission.Type.Global) { + org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.GlobalPermission perm = proto.getGlobalPermission(); + List actions = toPermissionActionsShaded(perm.getActionList()); + + return new TablePermission(null, null, null, + actions.toArray(new Permission.Action[actions.size()])); + } + if(proto.getType() == org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.Permission.Type.Namespace) { + org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.NamespacePermission perm = proto.getNamespacePermission(); + List actions = toPermissionActionsShaded(perm.getActionList()); + + if(!proto.hasNamespacePermission()) { + throw new IllegalStateException("Namespace must not be empty in NamespacePermission"); + } + String namespace = perm.getNamespaceName().toStringUtf8(); + return new TablePermission(namespace, actions.toArray(new Permission.Action[actions.size()])); + } + if(proto.getType() == org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.Permission.Type.Table) { + org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.TablePermission perm = proto.getTablePermission(); + List actions = toPermissionActionsShaded(perm.getActionList()); + + byte[] qualifier = null; + byte[] family = null; + TableName table = null; + + if (!perm.hasTableName()) { + throw new IllegalStateException("TableName cannot be empty"); + } + table = org.apache.hadoop.hbase.shaded.protobuf.ProtobufUtil.toTableName(perm.getTableName()); + + if (perm.hasFamily()) family = perm.getFamily().toByteArray(); + if (perm.hasQualifier()) qualifier = perm.getQualifier().toByteArray(); + + return new TablePermission(table, family, qualifier, + actions.toArray(new Permission.Action[actions.size()])); + } + throw new IllegalStateException("Unrecognize Perm Type: "+proto.getType()); + } /** * Convert a client Permission to a Permission proto * @@ -377,6 +416,15 @@ public class AccessControlUtil { return actions; } + public static List toPermissionActionsShaded( + List protoActions) { + List actions = new ArrayList<>(protoActions.size()); + for (org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.Permission.Action a : protoActions) { + actions.add(toPermissionAction(a)); + } + return actions; + } + /** * Converts a Permission.Action proto to a client Permission.Action object. * @@ -401,6 +449,30 @@ public class AccessControlUtil { } /** + * Converts a Permission.Action proto to a client Permission.Action object. + * + * @param action the protobuf Action + * @return the converted Action + */ + public static Permission.Action toPermissionAction( + org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.Permission.Action action) { + switch (action) { + case READ: + return Permission.Action.READ; + case WRITE: + return Permission.Action.WRITE; + case EXEC: + return Permission.Action.EXEC; + case CREATE: + return Permission.Action.CREATE; + case ADMIN: + return Permission.Action.ADMIN; + } + throw new IllegalArgumentException("Unknown action value "+action.name()); + } + + + /** * Convert a client Permission.Action to a Permission.Action proto * * @param action the client Action @@ -460,6 +532,16 @@ public class AccessControlUtil { } /** + * Converts a user permission proto to a client user permission object. + * + * @param proto the protobuf UserPermission + * @return the converted UserPermission + */ + public static UserPermission toUserPermission(org.apache.hadoop.hbase.shaded.protobuf.generated.AccessControlProtos.UserPermission proto) { + return new UserPermission(proto.getUser().toByteArray(), + toTablePermission(proto.getPermission())); + } + /** * Convert a ListMultimap<String, TablePermission> where key is username * to a protobuf UserPermission *