def rename_sentry_privilege(self, oldAuthorizable, newAuthorizable): oldAuthorizable = TAuthorizable(**oldAuthorizable) newAuthorizable = TAuthorizable(**newAuthorizable) request = TRenamePrivilegesRequest(requestorUserName=self.username, component=self.component, oldAuthorizable=oldAuthorizable, newAuthorizable=newAuthorizable) return self.client.rename_sentry_privilege(request)
def list_sentry_privileges_for_provider(self, groups, roleSet=None, authorizableHierarchy=None): """ struct TSentryActiveRoleSet { 1: required bool all, 2: required set<string> roles, } struct TListSentryPrivilegesForProviderResponse { 1: required sentry_common_service.TSentryResponseStatus status 2: required set<string> privileges } """ if roleSet is not None: roleSet = TSentryActiveRoleSet(**roleSet) if authorizableHierarchy is not None: authorizableHierarchy = TAuthorizable(**authorizableHierarchy) request = TListSentryPrivilegesForProviderRequest( component=self.component, groups=groups, roleSet=roleSet, authorizableHierarchy=authorizableHierarchy) return self.client.list_sentry_privileges_for_provider(request)
def list_sentry_privileges_by_role(self, serviceName, roleName, authorizables=None): if authorizables is not None: authorizables = TAuthorizable(**authorizables) request = TListSentryPrivilegesRequest(requestorUserName=self.username, component=self.component, roleName=roleName, serviceName=serviceName, authorizables=authorizables) return self.client.list_sentry_privileges_by_role(request)
def alter_sentry_role_grant_privilege(self, roleName, tSentryPrivilege): tSentryPrivilege['authorizables'] = [ TAuthorizable(type=_auth['type'], name=_auth['name']) for _auth in tSentryPrivilege['authorizables'] ] tSentryPrivilege = TSentryPrivilege(**tSentryPrivilege) request = TAlterSentryRoleGrantPrivilegeRequest( requestorUserName=self.username, component=self.component, roleName=roleName, privilege=tSentryPrivilege) return self.client.alter_sentry_role_grant_privilege(request)
def drop_sentry_privilege(self, authorizable): authorizable = TAuthorizable(**authorizable) request = TDropPrivilegesRequest(requestorUserName=self.username, component=self.component, authorizable=authorizable) return self.client.drop_sentry_privilege(request)