1 /*
2 * Licensed to the Apache Software Foundation (ASF) under one
3 * or more contributor license agreements. See the NOTICE file
4 * distributed with this work for additional information
5 * regarding copyright ownership. The ASF licenses this file
6 * to you under the Apache License, Version 2.0 (the
7 * "License"); you may not use this file except in compliance
8 * with the License. You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 */
18
19 package org.apache.hadoop.hbase.security.access;
20
21 import org.apache.commons.logging.Log;
22 import org.apache.commons.logging.LogFactory;
23 import org.apache.hadoop.hbase.TableName;
24 import org.apache.hadoop.hbase.util.Bytes;
25
26 import java.io.DataInput;
27 import java.io.DataOutput;
28 import java.io.IOException;
29
30 /**
31 * Represents an authorization for access over the given table, column family
32 * plus qualifier, for the given user.
33 */
34 public class UserPermission extends TablePermission {
35 private static Log LOG = LogFactory.getLog(UserPermission.class);
36
37 private byte[] user;
38
39 /** Nullary constructor for Writable, do not use */
40 public UserPermission() {
41 super();
42 }
43
44 /**
45 * Creates a new instance for the given user.
46 * @param user the user
47 * @param assigned the list of allowed actions
48 */
49 public UserPermission(byte[] user, Action... assigned) {
50 super(null, null, null, assigned);
51 this.user = user;
52 }
53
54 /**
55 * Creates a new instance for the given user,
56 * matching the actions with the given codes.
57 * @param user the user
58 * @param actionCodes the list of allowed action codes
59 */
60 public UserPermission(byte[] user, byte[] actionCodes) {
61 super(null, null, null, actionCodes);
62 this.user = user;
63 }
64
65 /**
66 * Creates a new instance for the given user.
67 * @param user the user
68 * @param namespace
69 * @param assigned the list of allowed actions
70 */
71 public UserPermission(byte[] user, String namespace, Action... assigned) {
72 super(namespace, assigned);
73 this.user = user;
74 }
75
76 /**
77 * Creates a new instance for the given user,
78 * matching the actions with the given codes.
79 * @param user the user
80 * @param namespace
81 * @param actionCodes the list of allowed action codes
82 */
83 public UserPermission(byte[] user, String namespace, byte[] actionCodes) {
84 super(namespace, actionCodes);
85 this.user = user;
86 }
87
88 /**
89 * Creates a new instance for the given user, table and column family.
90 * @param user the user
91 * @param table the table
92 * @param family the family, can be null if action is allowed over the entire
93 * table
94 * @param assigned the list of allowed actions
95 */
96 public UserPermission(byte[] user, TableName table, byte[] family,
97 Action... assigned) {
98 super(table, family, assigned);
99 this.user = user;
100 }
101
102 /**
103 * Creates a new permission for the given user, table, column family and
104 * column qualifier.
105 * @param user the user
106 * @param table the table
107 * @param family the family, can be null if action is allowed over the entire
108 * table
109 * @param qualifier the column qualifier, can be null if action is allowed
110 * over the entire column family
111 * @param assigned the list of allowed actions
112 */
113 public UserPermission(byte[] user, TableName table, byte[] family,
114 byte[] qualifier, Action... assigned) {
115 super(table, family, qualifier, assigned);
116 this.user = user;
117 }
118
119 /**
120 * Creates a new instance for the given user, table, column family and
121 * qualifier, matching the actions with the given codes.
122 * @param user the user
123 * @param table the table
124 * @param family the family, can be null if action is allowed over the entire
125 * table
126 * @param qualifier the column qualifier, can be null if action is allowed
127 * over the entire column family
128 * @param actionCodes the list of allowed action codes
129 */
130 public UserPermission(byte[] user, TableName table, byte[] family,
131 byte[] qualifier, byte[] actionCodes) {
132 super(table, family, qualifier, actionCodes);
133 this.user = user;
134 }
135
136 /**
137 * Creates a new instance for the given user, table, column family and
138 * qualifier, matching the actions with the given codes.
139 * @param user the user
140 * @param perm a TablePermission
141 */
142 public UserPermission(byte[] user, TablePermission perm) {
143 super(perm.getNamespace(), perm.getTable(), perm.getFamily(), perm.getQualifier(),
144 perm.actions);
145 this.user = user;
146 }
147
148 public byte[] getUser() {
149 return user;
150 }
151
152 /**
153 * Returns true if this permission describes a global user permission.
154 */
155 public boolean isGlobal() {
156 return(!hasTable() && !hasNamespace());
157 }
158
159 @Override
160 public boolean equals(Object obj) {
161 if (!(obj instanceof UserPermission)) {
162 return false;
163 }
164 UserPermission other = (UserPermission)obj;
165
166 if ((Bytes.equals(user, other.getUser()) &&
167 super.equals(obj))) {
168 return true;
169 } else {
170 return false;
171 }
172 }
173
174 @Override
175 public int hashCode() {
176 final int prime = 37;
177 int result = super.hashCode();
178 if (user != null) {
179 result = prime * result + Bytes.hashCode(user);
180 }
181 return result;
182 }
183
184 public String toString() {
185 StringBuilder str = new StringBuilder("UserPermission: ")
186 .append("user=").append(Bytes.toString(user))
187 .append(", ").append(super.toString());
188 return str.toString();
189 }
190
191 @Override
192 public void readFields(DataInput in) throws IOException {
193 super.readFields(in);
194 user = Bytes.readByteArray(in);
195 }
196
197 @Override
198 public void write(DataOutput out) throws IOException {
199 super.write(out);
200 Bytes.writeByteArray(out, user);
201 }
202 }