1/** 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19option java_package = "org.apache.hadoop.hbase.protobuf.generated"; 20option java_outer_classname = "AccessControlProtos"; 21option java_generic_services = true; 22option java_generate_equals_and_hash = true; 23option optimize_for = SPEED; 24 25import "HBase.proto"; 26 27message Permission { 28 enum Action { 29 READ = 0; 30 WRITE = 1; 31 EXEC = 2; 32 CREATE = 3; 33 ADMIN = 4; 34 } 35 enum Type { 36 Global = 1; 37 Namespace = 2; 38 Table = 3; 39 } 40 required Type type = 1; 41 optional GlobalPermission global_permission = 2; 42 optional NamespacePermission namespace_permission = 3; 43 optional TablePermission table_permission = 4; 44} 45 46message TablePermission { 47 optional TableName table_name = 1; 48 optional bytes family = 2; 49 optional bytes qualifier = 3; 50 repeated Permission.Action action = 4; 51} 52 53message NamespacePermission { 54 optional bytes namespace_name = 1; 55 repeated Permission.Action action = 2; 56} 57 58message GlobalPermission { 59 repeated Permission.Action action = 1; 60} 61 62message UserPermission { 63 required bytes user = 1; 64 required Permission permission = 3; 65} 66 67/** 68 * Content of the /hbase/acl/<table or namespace> znode. 69 */ 70message UsersAndPermissions { 71 message UserPermissions { 72 required bytes user = 1; 73 repeated Permission permissions = 2; 74 } 75 76 repeated UserPermissions user_permissions = 1; 77} 78 79message GrantRequest { 80 required UserPermission user_permission = 1; 81} 82 83message GrantResponse { 84} 85 86message RevokeRequest { 87 required UserPermission user_permission = 1; 88} 89 90message RevokeResponse { 91} 92 93message GetUserPermissionsRequest { 94 optional Permission.Type type = 1; 95 optional TableName table_name = 2; 96 optional bytes namespace_name = 3; 97} 98 99message GetUserPermissionsResponse { 100 repeated UserPermission user_permission = 1; 101} 102 103message CheckPermissionsRequest { 104 repeated Permission permission = 1; 105} 106 107message CheckPermissionsResponse { 108} 109 110service AccessControlService { 111 rpc Grant(GrantRequest) 112 returns (GrantResponse); 113 114 rpc Revoke(RevokeRequest) 115 returns (RevokeResponse); 116 117 rpc GetUserPermissions(GetUserPermissionsRequest) 118 returns (GetUserPermissionsResponse); 119 120 rpc CheckPermissions(CheckPermissionsRequest) 121 returns (CheckPermissionsResponse); 122} 123