Package com.illumon.iris.db.v2.permissions

Class AclImporter

java.lang.Object
com.illumon.iris.db.v2.permissions.AclPorter
com.illumon.iris.db.v2.permissions.AclImporter
public class AclImporter extends AclPorter
A utility class for importing ACLS from an XML file generated by AclExporter.

Supports an optional continueAfterError mode (off by default) which, when enabled via setContinueAfterError(boolean), allows the import to log and skip individual records that fail validation rather than aborting the entire import. This is useful for streaming ACL updates from a primary cluster into a secondary one where some records may be invalid on the target (e.g. non-ASCII account names, invalid column ACLs such as column="*", or user-name group memberships that are no longer permitted).

After an import with continueAfterError enabled, callers can inspect skipped records via getErrors() and getErrorCount().

See Also:

  • Field Details

    • ACL_IMPORTER_PROTECTED_USERS_PROPERTY

      public static final String ACL_IMPORTER_PROTECTED_USERS_PROPERTY
      See Also:

  • Constructor Details

    • AclImporter

      public AclImporter(@NotNull DbAclWriter dbAclWriter, @NotNull DbAclProvider dbAclProvider, @NotNull DbAclGuiHelper dbAclGuiHelper, @NotNull AclImporter.Mode importMode, @NotNull com.fishlib.io.logger.Logger log)
      Create an ACLImporter for importing files from an AclExporter
      Parameters:
      dbAclWriter - the acl writer
      dbAclProvider - ther acl provider
      dbAclGuiHelper - the gui helper
      importMode - the import mode
      log - the logger

  • Method Details

    • getDefaultProtectedUsers

      public static String[] getDefaultProtectedUsers()
      Get the default set of protected users.
      Returns:
      the default set of protected users.

    • setContinueAfterError

      public void setContinueAfterError(boolean continueAfterError)
      Enable or disable continue-after-error mode. When enabled, import errors for individual records are logged as warnings and skipped, rather than aborting the entire import. This is useful for streaming ACL updates from a primary cluster where some records may be invalid on the target (e.g. non-ASCII account names, invalid column ACLs, or user-name group membership).
      Parameters:
      continueAfterError - true to skip bad records and continue, false to abort on first error (default)

    • isContinueAfterError

      public boolean isContinueAfterError()
      Returns:
      true if continue-after-error mode is enabled

    • getErrors

      public List<String> getErrors()
      Get the list of error messages from records that were skipped during import. Only populated when setContinueAfterError(boolean) is true.
      Returns:
      an unmodifiable list of error descriptions

    • getErrorCount

      public int getErrorCount()
      Returns:
      the number of records that were skipped due to errors

    • importAcls

      public void importAcls(String filename, String... types) throws IOException, AclStoreException
      Import the ACLs from the file.
      Parameters:
      filename - the file name.
      types - the types to import. See AclEntryTypes
      Throws:
      IOException
      AclStoreException

    • importAcls

      public void importAcls(Acl acl, String... types) throws AclStoreException
      Throws:
      AclStoreException

    • setProtectedUsers

      public void setProtectedUsers(String... users)
      Set the protected users. When importing ACLs, keys for these users will not be modified.
      Parameters:
      users - the users to protect

    • deleteAllAclData

      public void deleteAllAclData() throws AclStoreException
      Throws:
      AclStoreException