Skip to content

Commit

Permalink
[apache#4608] feat(core): Supports to load fields lazily (apache#4690)
Browse files Browse the repository at this point in the history 
### What changes were proposed in this pull request?

Supports to load fields lazily.

### Why are the changes needed?

Fix: apache#4608

### Does this PR introduce _any_ user-facing change?
No.

### How was this patch tested?
Add new uts and pass the existing uts
  • Loading branch information
@jerqi
jerqi authored Sep 6, 2024
1 parent 3731e53 commit 3ba729f
Show file tree
Hide file tree
Showing 31 changed files with 555 additions and 870 deletions.
6 changes: 2 additions & 4 deletions ...er/src/main/java/org/apache/gravitino/authorization/ranger/RangerAuthorizationPlugin.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,8 +194,7 @@ public Boolean onOwnerSet(MetadataObject metadataObject, Owner preOwner, Owner n
UserEntity.builder()
.withId(1L)
.withName(newOwner.name())
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
onUserAdded(userEntity);
Expand All @@ -204,8 +203,7 @@ public Boolean onOwnerSet(MetadataObject metadataObject, Owner preOwner, Owner n
GroupEntity.builder()
.withId(1L)
.withName(newOwner.name())
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
onGroupAdded(groupEntity);
Expand Down
42 changes: 14 additions & 28 deletions ...rc/test/java/org/apache/gravitino/authorization/ranger/integration/test/RangerHiveIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,8 +483,7 @@ public void testOnGrantedRolesToUser() {
UserEntity.builder()
.withId(1L)
.withName(userName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -502,8 +501,7 @@ public void testOnGrantedRolesToUser() {
UserEntity.builder()
.withId(1L)
.withName(userName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -525,8 +523,7 @@ public void testOnRevokedRolesFromUser() {
UserEntity.builder()
.withId(1L)
.withName(userName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down Expand Up @@ -555,8 +552,7 @@ public void testOnGrantedRolesToGroup() {
GroupEntity.builder()
.withId(1L)
.withName(groupName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -574,8 +570,7 @@ public void testOnGrantedRolesToGroup() {
GroupEntity.builder()
.withId(1L)
.withName(groupName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -598,8 +593,7 @@ public void testOnRevokedRolesFromGroup() {
GroupEntity.builder()
.withId(1L)
.withName(groupName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down Expand Up @@ -680,8 +674,7 @@ public void testCreateUser() {
.withId(0L)
.withName(currentFunName())
.withAuditInfo(auditInfo)
.withRoleIds(null)
.withRoleNames(null)
.withRoles(Collections.emptyList())
.build();
Assertions.assertTrue(rangerAuthPlugin.onUserAdded(user));
Assertions.assertTrue(rangerAuthPlugin.onUserAcquired(user));
Expand All @@ -696,8 +689,7 @@ public void testCreateGroup() {
.withId(0L)
.withName(currentFunName())
.withAuditInfo(auditInfo)
.withRoleIds(null)
.withRoleNames(null)
.withRoles(Collections.emptyList())
.build();

Assertions.assertTrue(rangerAuthPlugin.onGroupAdded(group));
Expand Down Expand Up @@ -769,8 +761,7 @@ public void testCombinationOperation() {
UserEntity.builder()
.withId(1L)
.withName(userName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -786,8 +777,7 @@ public void testCombinationOperation() {
UserEntity.builder()
.withId(1L)
.withName(userName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -800,8 +790,7 @@ public void testCombinationOperation() {
UserEntity.builder()
.withId(1L)
.withName(userName3)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down Expand Up @@ -833,8 +822,7 @@ public void testCombinationOperation() {
GroupEntity.builder()
.withId(1L)
.withName(groupName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -852,8 +840,7 @@ public void testCombinationOperation() {
GroupEntity.builder()
.withId(1L)
.withName(groupName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -871,8 +858,7 @@ public void testCombinationOperation() {
GroupEntity.builder()
.withId(1L)
.withName(groupName3)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down
82 changes: 32 additions & 50 deletions core/src/main/java/org/apache/gravitino/authorization/PermissionManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,11 @@
import static org.apache.gravitino.authorization.AuthorizationUtils.USER_DOES_NOT_EXIST_MSG;

import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.io.IOException;
import java.time.Instant;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
Expand Down Expand Up @@ -70,14 +72,10 @@ User grantRolesToUser(String metalake, List<String> roles, String user) {
UserEntity.class,
Entity.EntityType.USER,
userEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (userEntity.roleNames() != null) {
for (String role : userEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
}
List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));
List<RoleEntity> roleEntities = Lists.newArrayList(userEntity.roleEntities());

List<Long> roleIds =
roleEntities.stream().map(RoleEntity::id).collect(Collectors.toList());

for (RoleEntity roleEntityToGrant : roleEntitiesToGrant) {
if (roleIds.contains(roleEntityToGrant.id())) {
Expand All @@ -87,8 +85,8 @@ User grantRolesToUser(String metalake, List<String> roles, String user) {
user,
metalake);
} else {
roleNames.add(roleEntityToGrant.name());
roleIds.add(roleEntityToGrant.id());
roleEntities.add(roleEntityToGrant);
}
}

Expand All @@ -104,8 +102,7 @@ User grantRolesToUser(String metalake, List<String> roles, String user) {
.withNamespace(userEntity.namespace())
.withId(userEntity.id())
.withName(userEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(roleEntities)
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -149,13 +146,8 @@ Group grantRolesToGroup(String metalake, List<String> roles, String group) {
GroupEntity.class,
Entity.EntityType.GROUP,
groupEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (groupEntity.roleNames() != null) {
for (String role : groupEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
}
List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<RoleEntity> roleEntities = Lists.newArrayList(groupEntity.roleEntities());

List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));

for (RoleEntity roleEntityToGrant : roleEntitiesToGrant) {
Expand All @@ -166,8 +158,8 @@ Group grantRolesToGroup(String metalake, List<String> roles, String group) {
group,
metalake);
} else {
roleNames.add(roleEntityToGrant.name());
roleIds.add(roleEntityToGrant.id());
roleEntities.add(roleEntityToGrant);
}
}

Expand All @@ -183,8 +175,7 @@ Group grantRolesToGroup(String metalake, List<String> roles, String group) {
.withId(groupEntity.id())
.withNamespace(groupEntity.namespace())
.withName(groupEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(roleEntities)
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -228,19 +219,18 @@ Group revokeRolesFromGroup(String metalake, List<String> roles, String group) {
GroupEntity.class,
Entity.EntityType.GROUP,
groupEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (groupEntity.roleNames() != null) {
for (String role : groupEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
List<RoleEntity> roleEntities = groupEntity.roleEntities();

// Avoid loading securable objects
Map<Long, RoleEntity> roleEntitiesMap = Maps.newHashMap();
for (RoleEntity entity : roleEntities) {
roleEntitiesMap.put(entity.id(), entity);
}
List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));

for (RoleEntity roleEntityToRevoke : roleEntitiesToRevoke) {
roleNames.remove(roleEntityToRevoke.name());
boolean removed = roleIds.remove(roleEntityToRevoke.id());
if (!removed) {
if (roleEntitiesMap.containsKey(roleEntityToRevoke.id())) {
roleEntitiesMap.remove(roleEntityToRevoke.id());
} else {
LOG.warn(
"Failed to revoke, role {} does not exist in the group {} of metalake {}",
roleEntityToRevoke.name(),
Expand All @@ -261,8 +251,7 @@ Group revokeRolesFromGroup(String metalake, List<String> roles, String group) {
.withNamespace(groupEntity.namespace())
.withId(groupEntity.id())
.withName(groupEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(Lists.newArrayList(roleEntitiesMap.values()))
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -308,20 +297,18 @@ User revokeRolesFromUser(String metalake, List<String> roles, String user) {
UserEntity.class,
Entity.EntityType.USER,
userEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (userEntity.roleNames() != null) {
for (String role : userEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
}
List<RoleEntity> roleEntities = userEntity.roleEntities();

List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));
// Avoid loading securable objects
Map<Long, RoleEntity> roleEntitiesMap = Maps.newHashMap();
for (RoleEntity entity : roleEntities) {
roleEntitiesMap.put(entity.id(), entity);
}

for (RoleEntity roleEntityToRevoke : roleEntitiesToRevoke) {
roleNames.remove(roleEntityToRevoke.name());
boolean removed = roleIds.remove(roleEntityToRevoke.id());
if (!removed) {
if (roleEntitiesMap.containsKey(roleEntityToRevoke.id())) {
roleEntitiesMap.remove(roleEntityToRevoke.id());
} else {
LOG.warn(
"Failed to revoke, role {} doesn't exist in the user {} of metalake {}",
roleEntityToRevoke.name(),
Expand All @@ -341,8 +328,7 @@ User revokeRolesFromUser(String metalake, List<String> roles, String user) {
.withId(userEntity.id())
.withNamespace(userEntity.namespace())
.withName(userEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(Lists.newArrayList(roleEntitiesMap.values()))
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -373,10 +359,6 @@ User revokeRolesFromUser(String metalake, List<String> roles, String user) {
}
}

private List<String> toRoleNames(List<RoleEntity> roleEntities) {
return roleEntities.stream().map(RoleEntity::name).collect(Collectors.toList());
}

private List<Long> toRoleIds(List<RoleEntity> roleEntities) {
return roleEntities.stream().map(RoleEntity::id).collect(Collectors.toList());
}
Expand Down
4 changes: 2 additions & 2 deletions core/src/main/java/org/apache/gravitino/authorization/UserGroupManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ User addUser(String metalake, String name) throws UserAlreadyExistsException {
.withId(idGenerator.nextId())
.withName(name)
.withNamespace(AuthorizationUtils.ofUserNamespace(metalake))
.withRoleNames(Lists.newArrayList())
.withRoles(Lists.newArrayList())
.withAuditInfo(
AuditInfo.builder()
.withCreator(PrincipalUtils.getCurrentPrincipal().getName())
Expand Down Expand Up @@ -117,7 +117,7 @@ Group addGroup(String metalake, String group) throws GroupAlreadyExistsException
.withId(idGenerator.nextId())
.withName(group)
.withNamespace(AuthorizationUtils.ofGroupNamespace(metalake))
.withRoleNames(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(
AuditInfo.builder()
.withCreator(PrincipalUtils.getCurrentPrincipal().getName())
Expand Down
Loading

0 comments on commit 3ba729f

Please sign in to comment.