Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[#4608] feat(core): Supports to load fields lazily #4875

Merged
merged 2 commits into from
Sep 8, 2024
Merged

[#4608] feat(core): Supports to load fields lazily #4875

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
289d5bd
[#4608] feat(core): Supports to load fields lazily (#4690)
jerqi Sep 6, 2024
94ae33c
Merge branch 'branch-0.6' into cherry-pick-branch-0.6-3ba729f249806c8…
jerryshao Sep 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 2 additions & 4 deletions ...er/src/main/java/org/apache/gravitino/authorization/ranger/RangerAuthorizationPlugin.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -194,8 +194,7 @@ public Boolean onOwnerSet(MetadataObject metadataObject, Owner preOwner, Owner n
UserEntity.builder()
.withId(1L)
.withName(newOwner.name())
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
onUserAdded(userEntity);
Expand All @@ -204,8 +203,7 @@ public Boolean onOwnerSet(MetadataObject metadataObject, Owner preOwner, Owner n
GroupEntity.builder()
.withId(1L)
.withName(newOwner.name())
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
onGroupAdded(groupEntity);
Expand Down
42 changes: 14 additions & 28 deletions ...rc/test/java/org/apache/gravitino/authorization/ranger/integration/test/RangerHiveIT.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -483,8 +483,7 @@ public void testOnGrantedRolesToUser() {
UserEntity.builder()
.withId(1L)
.withName(userName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -502,8 +501,7 @@ public void testOnGrantedRolesToUser() {
UserEntity.builder()
.withId(1L)
.withName(userName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -525,8 +523,7 @@ public void testOnRevokedRolesFromUser() {
UserEntity.builder()
.withId(1L)
.withName(userName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down Expand Up @@ -555,8 +552,7 @@ public void testOnGrantedRolesToGroup() {
GroupEntity.builder()
.withId(1L)
.withName(groupName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -574,8 +570,7 @@ public void testOnGrantedRolesToGroup() {
GroupEntity.builder()
.withId(1L)
.withName(groupName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -598,8 +593,7 @@ public void testOnRevokedRolesFromGroup() {
GroupEntity.builder()
.withId(1L)
.withName(groupName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down Expand Up @@ -680,8 +674,7 @@ public void testCreateUser() {
.withId(0L)
.withName(currentFunName())
.withAuditInfo(auditInfo)
.withRoleIds(null)
.withRoleNames(null)
.withRoles(Collections.emptyList())
.build();
Assertions.assertTrue(rangerAuthPlugin.onUserAdded(user));
Assertions.assertTrue(rangerAuthPlugin.onUserAcquired(user));
Expand All @@ -696,8 +689,7 @@ public void testCreateGroup() {
.withId(0L)
.withName(currentFunName())
.withAuditInfo(auditInfo)
.withRoleIds(null)
.withRoleNames(null)
.withRoles(Collections.emptyList())
.build();

Assertions.assertTrue(rangerAuthPlugin.onGroupAdded(group));
Expand Down Expand Up @@ -769,8 +761,7 @@ public void testCombinationOperation() {
UserEntity.builder()
.withId(1L)
.withName(userName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -786,8 +777,7 @@ public void testCombinationOperation() {
UserEntity.builder()
.withId(1L)
.withName(userName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -800,8 +790,7 @@ public void testCombinationOperation() {
UserEntity.builder()
.withId(1L)
.withName(userName3)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down Expand Up @@ -833,8 +822,7 @@ public void testCombinationOperation() {
GroupEntity.builder()
.withId(1L)
.withName(groupName1)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -852,8 +840,7 @@ public void testCombinationOperation() {
GroupEntity.builder()
.withId(1L)
.withName(groupName2)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand All @@ -871,8 +858,7 @@ public void testCombinationOperation() {
GroupEntity.builder()
.withId(1L)
.withName(groupName3)
.withRoleNames(Collections.emptyList())
.withRoleIds(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(auditInfo)
.build();
Assertions.assertTrue(
Expand Down
82 changes: 32 additions & 50 deletions core/src/main/java/org/apache/gravitino/authorization/PermissionManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,11 @@
import static org.apache.gravitino.authorization.AuthorizationUtils.USER_DOES_NOT_EXIST_MSG;

import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
import java.io.IOException;
import java.time.Instant;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import org.apache.commons.lang3.StringUtils;
Expand Down Expand Up @@ -70,14 +72,10 @@ User grantRolesToUser(String metalake, List<String> roles, String user) {
UserEntity.class,
Entity.EntityType.USER,
userEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (userEntity.roleNames() != null) {
for (String role : userEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
}
List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));
List<RoleEntity> roleEntities = Lists.newArrayList(userEntity.roleEntities());

List<Long> roleIds =
roleEntities.stream().map(RoleEntity::id).collect(Collectors.toList());

for (RoleEntity roleEntityToGrant : roleEntitiesToGrant) {
if (roleIds.contains(roleEntityToGrant.id())) {
Expand All @@ -87,8 +85,8 @@ User grantRolesToUser(String metalake, List<String> roles, String user) {
user,
metalake);
} else {
roleNames.add(roleEntityToGrant.name());
roleIds.add(roleEntityToGrant.id());
roleEntities.add(roleEntityToGrant);
}
}

Expand All @@ -104,8 +102,7 @@ User grantRolesToUser(String metalake, List<String> roles, String user) {
.withNamespace(userEntity.namespace())
.withId(userEntity.id())
.withName(userEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(roleEntities)
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -149,13 +146,8 @@ Group grantRolesToGroup(String metalake, List<String> roles, String group) {
GroupEntity.class,
Entity.EntityType.GROUP,
groupEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (groupEntity.roleNames() != null) {
for (String role : groupEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
}
List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<RoleEntity> roleEntities = Lists.newArrayList(groupEntity.roleEntities());

List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));

for (RoleEntity roleEntityToGrant : roleEntitiesToGrant) {
Expand All @@ -166,8 +158,8 @@ Group grantRolesToGroup(String metalake, List<String> roles, String group) {
group,
metalake);
} else {
roleNames.add(roleEntityToGrant.name());
roleIds.add(roleEntityToGrant.id());
roleEntities.add(roleEntityToGrant);
}
}

Expand All @@ -183,8 +175,7 @@ Group grantRolesToGroup(String metalake, List<String> roles, String group) {
.withId(groupEntity.id())
.withNamespace(groupEntity.namespace())
.withName(groupEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(roleEntities)
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -228,19 +219,18 @@ Group revokeRolesFromGroup(String metalake, List<String> roles, String group) {
GroupEntity.class,
Entity.EntityType.GROUP,
groupEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (groupEntity.roleNames() != null) {
for (String role : groupEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
List<RoleEntity> roleEntities = groupEntity.roleEntities();

// Avoid loading securable objects
Map<Long, RoleEntity> roleEntitiesMap = Maps.newHashMap();
for (RoleEntity entity : roleEntities) {
roleEntitiesMap.put(entity.id(), entity);
}
List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));

for (RoleEntity roleEntityToRevoke : roleEntitiesToRevoke) {
roleNames.remove(roleEntityToRevoke.name());
boolean removed = roleIds.remove(roleEntityToRevoke.id());
if (!removed) {
if (roleEntitiesMap.containsKey(roleEntityToRevoke.id())) {
roleEntitiesMap.remove(roleEntityToRevoke.id());
} else {
LOG.warn(
"Failed to revoke, role {} does not exist in the group {} of metalake {}",
roleEntityToRevoke.name(),
Expand All @@ -261,8 +251,7 @@ Group revokeRolesFromGroup(String metalake, List<String> roles, String group) {
.withNamespace(groupEntity.namespace())
.withId(groupEntity.id())
.withName(groupEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(Lists.newArrayList(roleEntitiesMap.values()))
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -308,20 +297,18 @@ User revokeRolesFromUser(String metalake, List<String> roles, String user) {
UserEntity.class,
Entity.EntityType.USER,
userEntity -> {
List<RoleEntity> roleEntities = Lists.newArrayList();
if (userEntity.roleNames() != null) {
for (String role : userEntity.roleNames()) {
roleEntities.add(roleManager.getRole(metalake, role));
}
}
List<RoleEntity> roleEntities = userEntity.roleEntities();

List<String> roleNames = Lists.newArrayList(toRoleNames(roleEntities));
List<Long> roleIds = Lists.newArrayList(toRoleIds(roleEntities));
// Avoid loading securable objects
Map<Long, RoleEntity> roleEntitiesMap = Maps.newHashMap();
for (RoleEntity entity : roleEntities) {
roleEntitiesMap.put(entity.id(), entity);
}

for (RoleEntity roleEntityToRevoke : roleEntitiesToRevoke) {
roleNames.remove(roleEntityToRevoke.name());
boolean removed = roleIds.remove(roleEntityToRevoke.id());
if (!removed) {
if (roleEntitiesMap.containsKey(roleEntityToRevoke.id())) {
roleEntitiesMap.remove(roleEntityToRevoke.id());
} else {
LOG.warn(
"Failed to revoke, role {} doesn't exist in the user {} of metalake {}",
roleEntityToRevoke.name(),
Expand All @@ -341,8 +328,7 @@ User revokeRolesFromUser(String metalake, List<String> roles, String user) {
.withId(userEntity.id())
.withNamespace(userEntity.namespace())
.withName(userEntity.name())
.withRoleNames(roleNames)
.withRoleIds(roleIds)
.withRoles(Lists.newArrayList(roleEntitiesMap.values()))
.withAuditInfo(auditInfo)
.build();
});
Expand Down Expand Up @@ -373,10 +359,6 @@ User revokeRolesFromUser(String metalake, List<String> roles, String user) {
}
}

private List<String> toRoleNames(List<RoleEntity> roleEntities) {
return roleEntities.stream().map(RoleEntity::name).collect(Collectors.toList());
}

private List<Long> toRoleIds(List<RoleEntity> roleEntities) {
return roleEntities.stream().map(RoleEntity::id).collect(Collectors.toList());
}
Expand Down
4 changes: 2 additions & 2 deletions core/src/main/java/org/apache/gravitino/authorization/UserGroupManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ User addUser(String metalake, String name) throws UserAlreadyExistsException {
.withId(idGenerator.nextId())
.withName(name)
.withNamespace(AuthorizationUtils.ofUserNamespace(metalake))
.withRoleNames(Lists.newArrayList())
.withRoles(Lists.newArrayList())
.withAuditInfo(
AuditInfo.builder()
.withCreator(PrincipalUtils.getCurrentPrincipal().getName())
Expand Down Expand Up @@ -117,7 +117,7 @@ Group addGroup(String metalake, String group) throws GroupAlreadyExistsException
.withId(idGenerator.nextId())
.withName(group)
.withNamespace(AuthorizationUtils.ofGroupNamespace(metalake))
.withRoleNames(Collections.emptyList())
.withRoles(Collections.emptyList())
.withAuditInfo(
AuditInfo.builder()
.withCreator(PrincipalUtils.getCurrentPrincipal().getName())
Expand Down
Loading
Loading