Page History

...

Code Block

show role
show role -role_name admin
show role -principal_name sqoop -principal_type user
show role -privilege_name my_privilege
add role –role_name admin
update role -old_role_name admin -new_role_name developer
remove role -role_name admin
 
show principal
show principal -principal_name sqoop
show principal -principal_type user
show principal -principal_name sqoop -principal_type user
show principal -role_name admin
add principal –principal_name sqoop -principal_type user
update principal -old_principal_name sqoop -old_principal_type user -new_principal_name hadoop -new_principal_type group
remove principal -principal_name sqoop
remove principal -principal_type user
remove principal -principal_name sqoop -principal_type user


grant role –role_name admin -principal_name sqoop -principal_type user
revoke role –role_name admin -principal_name sqoop -principal_type user
 
show resource
show resource -resource_type link
show resource -resource_name 1 -resource_type link
add resource -resource_name 1 -resource_type link
update resource -old_resource_name 1 -old_resource_type link -new_resource_name 2 -new_resource_type link
remove resource -resource_type link
remove resource -resource_name 1 -resource_type link
 
show privilege
show privilege -privilege_name my_privilege
show privilege -resource_name 1 -resource_type link
show privilege -role_name admin
add privilege -privilege_name my_privilege -resource_name 1 -resource_type link -action create -with_grant_option true
update privilege -old_privilege_name my_privilege -old_resource_name 1 -old_resource_type link -old_action create -old_with_grant_option true -new_privilege_name others_privilege -new_resource_name 1 -new_resource_type link -new_action create -new_with_grant_option true
remove privilege -privilege_name my_privilege
remove privilege -resource_name 1 -resource_type link
remove privilege -resource_name 1 -resource_type link -action create -with_grant_option true
 
grant privilege –role_name admin -privilege_name my_privilege
revoke privilege –role_name admin -privilege_name my_privilege

Restful call API is handled by org.apache.sqoop.handler.AuthorizationEngine.java in sqoop-server
- GET /v1/role/{role_name}
  - Return details about one particular role with role_name
  - Return all of them if role_name is null
- GET /v1/role/principal/name/{name}/type/{type}
  - Return all roles the particular principal has with principal (name, type)
- GET /v1/role/privilege/{privilege_name}
  - Return all roles with the particular privilege (privilege_name)
- PUT /v1/role
  - Create new role with role_name. Put data of JsonObject role (role_name)
  - Update existing role with old_role_name and new_role_name. Put data of JsonObject old_role (role_name) and new_role (role_name)
- DELETE /v1/role/{role_name}
- GET /v1/principal/name/{name}/type/{type}
  - Return details about one particular principal with name and type
  - Return all of them if name is null or type is null or both are null
- GET /v1/principal/role/{role_name}
  - Return all principals with the particular role (role_name)
- PUT /v1/principal
  - Create new principal with name and type. Put data of JsonObject principal (name, type)
  - Update existing principal with old_name, old_type, new_name, new_type. Put data of JsonObject old_principal (name, type) and new_principal (name, type)
- DELETE /v1/principal/name/{name}/type/{type}
  - Delete all of them if name is null or type is null
- PUT /v1/grant_role
  - Grant a role to a user/group/role
  - PUT data of JsonObject role(role_name) and principal (name, type)
- PUT /v1/revoke_role
  - Revoke a role to a user/group/role
  - PUT data of JsonObject role(role_name) and principal (name, type)
- GET /v1/resource/name/{name}/type/{type}
  - Return details about one particular resource with name and type
  - Return all of them if name is null or type is null or both are null
- PUT /v1/resource
  - Create new resource with name and type. Put data of JsonObject resource (name, type)
  - Update existing resource with old_name, old_type, new_name, new_type. Put data of JsonObject old_resource (name, type) and new_resource (name, type)
- DELETE /v1/resource/name/{name}/type/{type}
  - Delete all of them if name is null or type is null
- GET /v1/privilege/{privilege_name}
  - Return details about one particular privilege with privilege_name
  - Return all of them if name is null or type is null or both are null
- GET /v1/privilege/resource/name/{name}/type/{type}
  - Return all privilege with the particular principal (name, type)
- GET /v1/privilege/role/{role_name}
  - Return all privilege with the particular role (role_name)
- PUT /v1/privilege
  - Create new privilege with resource, action and with_grant_option. Put data of JsonObject resource (name, type), action and with_grant_option
  - Update existing privilege with old_privilege_name, old_resource, old_action, old_with_grant_option, new_privilege_name, new_resource, new_action and new_with_grant_option. Put data of JsonObject old_privilege (name, resource (name, type), action, with_grant_option) and new_privilege (name, resource (name, type), action, with_grant_option)
- DELETE /v1/privilege/{privilege_name}
- DELETE /v1/resource/name/{name}/type/{type}DELETE /v1/resource/name/{name}/type/{type}/action/{action}/with_grant_option/{with_grant_option}
- PUT /v1/grant_privilege
  - Grant a privilege to a role
  - PUT data of JsonObject role(role_name) and privilege (name)
- PUT /v1/revoke_privilege
  - Revoke a privilege to a role
  - PUT data of JsonObject role(role_name) and privilege (name)

...

Child pages

Versions Compared

Old Version 16

New Version 17

Key