diff --git a/core/src/main/java/com/scalar/db/api/AuthAdmin.java b/core/src/main/java/com/scalar/db/api/AuthAdmin.java index 4cd2b2b29e..d1954d561f 100644 --- a/core/src/main/java/com/scalar/db/api/AuthAdmin.java +++ b/core/src/main/java/com/scalar/db/api/AuthAdmin.java @@ -198,23 +198,23 @@ default void dropRole(String roleName) throws ExecutionException { } /** - * Retrieves a list of {@link RoleDetail}s. + * Retrieves a list of {@link Role}s. * - * @return a list of {@link RoleDetail}s + * @return a list of {@link Role}s * @throws ExecutionException if the operation fails */ - default List getRoles() throws ExecutionException { + default List getRoles() throws ExecutionException { throw new UnsupportedOperationException(CoreError.AUTH_NOT_ENABLED.buildMessage()); } /** - * Retrieves a list of {@link UserRoleDetail}s for the given user. + * Retrieves a list of {@link RoleForUser}s for the given user. * * @param username the username - * @return a list of {@link UserRoleDetail}s for the given user + * @return a list of {@link RoleForUser}s for the given user * @throws ExecutionException if the operation fails */ - default List getRolesForUser(String username) throws ExecutionException { + default List getRolesForUser(String username) throws ExecutionException { throw new UnsupportedOperationException(CoreError.AUTH_NOT_ENABLED.buildMessage()); } @@ -258,13 +258,13 @@ default void revokeAdminOptionFromUser(String username, String roleName) } /** - * Retrieves a list of {@link UserRole}s for the given role. + * Retrieves a list of {@link GranteeUserRef}s for the given role. * * @param roleName the role name - * @return a list of {@link UserRole}s for the given role + * @return a list of {@link GranteeUserRef}s for the given role * @throws ExecutionException if the operation fails */ - default List getUsersForRole(String roleName) throws ExecutionException { + default List getGranteeUsersForRole(String roleName) throws ExecutionException { throw new UnsupportedOperationException(CoreError.AUTH_NOT_ENABLED.buildMessage()); } @@ -399,53 +399,83 @@ default void revokePrivilegeFromRole( /** Represents a user. */ interface User { + /** + * Returns the username. + * + * @return the username + */ String getName(); + /** + * Returns whether the user is a superuser. + * + * @return whether the user is a superuser + */ boolean isSuperuser(); } - /** Represents a role. */ + /** Represents a role, including its granted roles. */ interface Role { + /** + * Returns the role name. + * + * @return the role name + */ String getName(); - } - - /** Represents a role with its hierarchy information. */ - interface RoleDetail { - Role getRole(); - List getRoleHierarchies(); + /** + * Returns the roles granted to the role. + * + * @return the roles granted to the role + */ + List getGrantedRoles(); } /** - * Represents a role detail for a specific user, including whether the user has admin option for + * Represents a role granted to a specific user, including whether the user has admin option for * this role. */ - interface UserRoleDetail extends RoleDetail { + interface RoleForUser extends Role { /** * Returns whether the user has admin option for this role. This is distinct from the admin * option in role hierarchies, which applies to role-to-role grants. + * + * @return whether the user has admin option for this role */ boolean hasAdminOptionOnUser(); } - /** Represents a user-role assignment. */ - interface UserRole { - String getUsername(); - - String getRoleName(); + /** A reference to a grantee user of a role. */ + interface GranteeUserRef { + /** + * Returns the username. + * + * @return the username + */ + String getName(); + /** + * Returns whether admin option is granted for this assignment. + * + * @return whether admin option is granted for this assignment + */ boolean hasAdminOption(); } - /** Represents a role hierarchy (role-to-role assignment). */ - interface RoleHierarchy { - /** Returns the role name. */ - String getRoleName(); - - /** Returns the member role name granted to the role. */ - String getMemberRoleName(); + /** A reference to a granted role. */ + interface GrantedRoleRef { + /** + * Returns the granted role name. + * + * @return the granted role name + */ + String getName(); - /** Returns whether admin option is granted for this hierarchy. */ + /** + * Returns whether admin option is granted for this role grant. + * + * @return whether admin option is granted for this role grant + */ boolean hasAdminOption(); } diff --git a/core/src/main/java/com/scalar/db/common/DecoratedDistributedTransactionAdmin.java b/core/src/main/java/com/scalar/db/common/DecoratedDistributedTransactionAdmin.java index c3fb55ae55..ee7deeb8c9 100644 --- a/core/src/main/java/com/scalar/db/common/DecoratedDistributedTransactionAdmin.java +++ b/core/src/main/java/com/scalar/db/common/DecoratedDistributedTransactionAdmin.java @@ -394,12 +394,12 @@ public void dropRole(String roleName) throws ExecutionException { } @Override - public List getRoles() throws ExecutionException { + public List getRoles() throws ExecutionException { return distributedTransactionAdmin.getRoles(); } @Override - public List getRolesForUser(String username) throws ExecutionException { + public List getRolesForUser(String username) throws ExecutionException { return distributedTransactionAdmin.getRolesForUser(username); } @@ -421,8 +421,8 @@ public void revokeAdminOptionFromUser(String username, String roleName) } @Override - public List getUsersForRole(String roleName) throws ExecutionException { - return distributedTransactionAdmin.getUsersForRole(roleName); + public List getGranteeUsersForRole(String roleName) throws ExecutionException { + return distributedTransactionAdmin.getGranteeUsersForRole(roleName); } @Override