From c4f75c8066850e898ab9f0f83897afe3d35c34c6 Mon Sep 17 00:00:00 2001 From: fanng Date: Wed, 25 Dec 2024 15:52:55 +0800 Subject: [PATCH] xx --- .../CredentialOperationDispatcher.java | 23 +++++++++++++- .../gravitino/credential/CredentialUtils.java | 30 ------------------- .../MetadataObjectCredentialOperations.java | 13 ++++++-- 3 files changed, 33 insertions(+), 33 deletions(-) diff --git a/core/src/main/java/org/apache/gravitino/credential/CredentialOperationDispatcher.java b/core/src/main/java/org/apache/gravitino/credential/CredentialOperationDispatcher.java index 0df00483743..ad1b446bacd 100644 --- a/core/src/main/java/org/apache/gravitino/credential/CredentialOperationDispatcher.java +++ b/core/src/main/java/org/apache/gravitino/credential/CredentialOperationDispatcher.java @@ -19,6 +19,7 @@ package org.apache.gravitino.credential; +import java.util.HashSet; import java.util.List; import java.util.Map; import java.util.Objects; @@ -81,7 +82,7 @@ private Map getCredentialContexts( List pathWithCredentialTypes = ((SupportsPathBasedCredentials) baseCatalog.ops()) .getPathWithCredentialTypes(nameIdentifier); - return CredentialUtils.getPathBasedCredentialContexts(privilege, pathWithCredentialTypes); + return getPathBasedCredentialContexts(privilege, pathWithCredentialTypes); } throw new NotSupportedException( String.format("Catalog %s doesn't support generate credentials", baseCatalog.name())); @@ -95,6 +96,26 @@ private Map getCatalogCredentialContexts( return providers.stream().collect(Collectors.toMap(provider -> provider, provider -> context)); } + public static Map getPathBasedCredentialContexts( + CredentialPrivilege privilege, List pathWithCredentialTypes) { + return pathWithCredentialTypes.stream() + .collect( + Collectors.toMap( + pathWithCredentialType -> pathWithCredentialType.credentialType(), + pathWithCredentialType -> { + String path = pathWithCredentialType.path(); + Set writePaths = new HashSet<>(); + Set readPaths = new HashSet<>(); + if (CredentialPrivilege.WRITE.equals(privilege)) { + writePaths.add(path); + } else { + readPaths.add(path); + } + return new PathBasedCredentialContext( + PrincipalUtils.getCurrentUserName(), writePaths, readPaths); + })); + } + @SuppressWarnings("UnusedVariable") private CredentialPrivilege getCredentialPrivilege(String user, NameIdentifier identifier) throws NotAuthorizedException { diff --git a/core/src/main/java/org/apache/gravitino/credential/CredentialUtils.java b/core/src/main/java/org/apache/gravitino/credential/CredentialUtils.java index 6eb8fc98fc5..c13da367d4d 100644 --- a/core/src/main/java/org/apache/gravitino/credential/CredentialUtils.java +++ b/core/src/main/java/org/apache/gravitino/credential/CredentialUtils.java @@ -21,21 +21,15 @@ import com.google.common.base.Splitter; import com.google.common.collect.ImmutableSet; -import java.util.HashSet; -import java.util.List; import java.util.Map; import java.util.Set; import java.util.function.Supplier; import java.util.stream.Collectors; -import org.apache.gravitino.MetadataObject; -import org.apache.gravitino.connector.credential.PathWithCredentialType; import org.apache.gravitino.utils.PrincipalUtils; public class CredentialUtils { private static final Splitter splitter = Splitter.on(","); - private static final Set supportsCredentialMetadataTypes = - ImmutableSet.of(MetadataObject.Type.CATALOG, MetadataObject.Type.FILESET); public static Credential vendCredential(CredentialProvider credentialProvider, String[] path) { PathBasedCredentialContext pathBasedCredentialContext = @@ -44,30 +38,6 @@ public static Credential vendCredential(CredentialProvider credentialProvider, S return credentialProvider.getCredential(pathBasedCredentialContext); } - public static boolean supportsCredentialOperations(MetadataObject metadataObject) { - return supportsCredentialMetadataTypes.contains(metadataObject.type()); - } - - public static Map getPathBasedCredentialContexts( - CredentialPrivilege privilege, List pathWithCredentialTypes) { - return pathWithCredentialTypes.stream() - .collect( - Collectors.toMap( - pathWithCredentialType -> pathWithCredentialType.credentialType(), - pathWithCredentialType -> { - String path = pathWithCredentialType.path(); - Set writePaths = new HashSet<>(); - Set readPaths = new HashSet<>(); - if (CredentialPrivilege.WRITE.equals(privilege)) { - writePaths.add(path); - } else { - readPaths.add(path); - } - return new PathBasedCredentialContext( - PrincipalUtils.getCurrentUserName(), writePaths, readPaths); - })); - } - public static Map loadCredentialProviders( Map catalogProperties) { Set credentialProviders = diff --git a/server/src/main/java/org/apache/gravitino/server/web/rest/MetadataObjectCredentialOperations.java b/server/src/main/java/org/apache/gravitino/server/web/rest/MetadataObjectCredentialOperations.java index 514a82b7ab6..92758a1a0c6 100644 --- a/server/src/main/java/org/apache/gravitino/server/web/rest/MetadataObjectCredentialOperations.java +++ b/server/src/main/java/org/apache/gravitino/server/web/rest/MetadataObjectCredentialOperations.java @@ -21,8 +21,10 @@ import com.codahale.metrics.annotation.ResponseMetered; import com.codahale.metrics.annotation.Timed; +import com.google.common.collect.ImmutableSet; import java.util.List; import java.util.Locale; +import java.util.Set; import javax.inject.Inject; import javax.servlet.http.HttpServletRequest; import javax.ws.rs.GET; @@ -33,11 +35,11 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.Response; import org.apache.gravitino.MetadataObject; +import org.apache.gravitino.MetadataObject.Type; import org.apache.gravitino.MetadataObjects; import org.apache.gravitino.NameIdentifier; import org.apache.gravitino.credential.Credential; import org.apache.gravitino.credential.CredentialOperationDispatcher; -import org.apache.gravitino.credential.CredentialUtils; import org.apache.gravitino.dto.credential.CredentialDTO; import org.apache.gravitino.dto.responses.CredentialResponse; import org.apache.gravitino.dto.util.DTOConverters; @@ -53,6 +55,9 @@ public class MetadataObjectCredentialOperations { private static final Logger LOG = LoggerFactory.getLogger(MetadataObjectCredentialOperations.class); + private static final Set supportsCredentialMetadataTypes = + ImmutableSet.of(MetadataObject.Type.CATALOG, MetadataObject.Type.FILESET); + private CredentialOperationDispatcher credentialOperationDispatcher; @SuppressWarnings("unused") @@ -85,7 +90,7 @@ public Response getCredentials( MetadataObject object = MetadataObjects.parse( fullName, MetadataObject.Type.valueOf(type.toUpperCase(Locale.ROOT))); - if (!CredentialUtils.supportsCredentialOperations(object)) { + if (!supportsCredentialOperations(object)) { throw new NotSupportedException( "Doesn't support credential operations for metadata object type"); } @@ -103,4 +108,8 @@ public Response getCredentials( return ExceptionHandlers.handleCredentialException(OperationType.GET, fullName, e); } } + + private static boolean supportsCredentialOperations(MetadataObject metadataObject) { + return supportsCredentialMetadataTypes.contains(metadataObject.type()); + } }