def get_checker(user, checker=None): cache_key = SENTRY_PRIVILEGE_CACHE_KEY % {'username': user.username} checker = checker or cache.get(cache_key) if not checker: checker = PrivilegeChecker(user=user) cache.set(cache_key, checker, PRIVILEGE_CHECKER_CACHING.get()) return checker
def _secure_results(self, results, checker=None): if NAVIGATOR.APPLY_SENTRY_PERMISSIONS.get(): cache_key = SENTRY_PRIVILEGE_CACHE_KEY % { 'username': self.user.username } checker = checker or cache.get(cache_key) if not checker: checker = PrivilegeChecker(user=self.user) cache.set(cache_key, checker, PRIVILEGE_CHECKER_CACHING.get()) action = 'SELECT' def getkey(result): key = {u'server': get_hive_sentry_provider()} if result['type'] == 'TABLE' or result['type'] == 'VIEW': key['db'] = result.get('parentPath', '') and result.get( 'parentPath', '').strip('/') key['table'] = result.get('originalName', '') elif result['type'] == 'DATABASE': key['db'] = result.get('originalName', '') elif result['type'] == 'FIELD': parents = result.get('parentPath', '').strip('/').split('/') if len(parents) == 2: key['db'], key['table'] = parents key['column'] = result.get('originalName', '') return key return checker.filter_objects(results, action, key=getkey) else: return results