def get_checker(user, checker=None):
cache_key = SENTRY_PRIVILEGE_CACHE_KEY % {'username': user.username}
checker = checker or cache.get(cache_key)
if not checker:
checker = PrivilegeChecker(user=user)
cache.set(cache_key, checker, PRIVILEGE_CHECKER_CACHING.get())
return checker
def _secure_results(self, results, checker=None):
if NAVIGATOR.APPLY_SENTRY_PERMISSIONS.get():
cache_key = SENTRY_PRIVILEGE_CACHE_KEY % {
'username': self.user.username
}
checker = checker or cache.get(cache_key)
if not checker:
checker = PrivilegeChecker(user=self.user)
cache.set(cache_key, checker, PRIVILEGE_CHECKER_CACHING.get())
action = 'SELECT'
def getkey(result):
key = {u'server': get_hive_sentry_provider()}
if result['type'] == 'TABLE' or result['type'] == 'VIEW':
key['db'] = result.get('parentPath', '') and result.get(
'parentPath', '').strip('/')
key['table'] = result.get('originalName', '')
elif result['type'] == 'DATABASE':
key['db'] = result.get('originalName', '')
elif result['type'] == 'FIELD':
parents = result.get('parentPath',
'').strip('/').split('/')
if len(parents) == 2:
key['db'], key['table'] = parents
key['column'] = result.get('originalName', '')
return key
return checker.filter_objects(results, action, key=getkey)
else:
return results