Search in sources :

Example 1 with GrantInfo

use of com.facebook.presto.spi.security.GrantInfo in project presto by prestodb.

the class HiveMetadata method buildGrants.

private List<GrantInfo> buildGrants(ConnectorSession session, SchemaTableName tableName, PrestoPrincipal principal) {
    ImmutableList.Builder<GrantInfo> result = ImmutableList.builder();
    MetastoreContext metastoreContext = getMetastoreContext(session);
    Set<HivePrivilegeInfo> hivePrivileges = metastore.listTablePrivileges(metastoreContext, tableName.getSchemaName(), tableName.getTableName(), principal);
    for (HivePrivilegeInfo hivePrivilege : hivePrivileges) {
        Set<PrivilegeInfo> prestoPrivileges = hivePrivilege.toPrivilegeInfo();
        for (PrivilegeInfo prestoPrivilege : prestoPrivileges) {
            GrantInfo grant = new GrantInfo(prestoPrivilege, hivePrivilege.getGrantee(), tableName, Optional.of(hivePrivilege.getGrantor()), Optional.empty());
            result.add(grant);
        }
    }
    return result.build();
}
Also used : HivePrivilegeInfo(com.facebook.presto.hive.metastore.HivePrivilegeInfo) ImmutableList(com.google.common.collect.ImmutableList) ImmutableList.toImmutableList(com.google.common.collect.ImmutableList.toImmutableList) MetastoreContext(com.facebook.presto.hive.metastore.MetastoreContext) GrantInfo(com.facebook.presto.spi.security.GrantInfo) HivePrivilegeInfo(com.facebook.presto.hive.metastore.HivePrivilegeInfo) PrivilegeInfo(com.facebook.presto.spi.security.PrivilegeInfo)

Example 2 with GrantInfo

use of com.facebook.presto.spi.security.GrantInfo in project presto by prestodb.

the class HiveMetadata method listTablePrivileges.

@Override
public List<GrantInfo> listTablePrivileges(ConnectorSession session, SchemaTablePrefix schemaTablePrefix) {
    MetastoreContext metastoreContext = getMetastoreContext(session);
    Set<PrestoPrincipal> principals = listEnabledPrincipals(metastore, session.getIdentity(), metastoreContext).collect(toImmutableSet());
    boolean isAdminRoleSet = hasAdminRole(principals);
    ImmutableList.Builder<GrantInfo> result = ImmutableList.builder();
    for (SchemaTableName tableName : listTables(session, schemaTablePrefix)) {
        if (isAdminRoleSet) {
            result.addAll(buildGrants(session, tableName, null));
        } else {
            for (PrestoPrincipal grantee : principals) {
                result.addAll(buildGrants(session, tableName, grantee));
            }
        }
    }
    return result.build();
}
Also used : ImmutableList(com.google.common.collect.ImmutableList) ImmutableList.toImmutableList(com.google.common.collect.ImmutableList.toImmutableList) MetastoreContext(com.facebook.presto.hive.metastore.MetastoreContext) GrantInfo(com.facebook.presto.spi.security.GrantInfo) SchemaTableName(com.facebook.presto.spi.SchemaTableName) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal)

Example 3 with GrantInfo

use of com.facebook.presto.spi.security.GrantInfo in project presto by prestodb.

the class MetadataManager method listTablePrivileges.

@Override
public List<GrantInfo> listTablePrivileges(Session session, QualifiedTablePrefix prefix) {
    requireNonNull(prefix, "prefix is null");
    SchemaTablePrefix tablePrefix = prefix.asSchemaTablePrefix();
    Optional<CatalogMetadata> catalog = getOptionalCatalogMetadata(session, prefix.getCatalogName());
    ImmutableSet.Builder<GrantInfo> grantInfos = ImmutableSet.builder();
    if (catalog.isPresent()) {
        CatalogMetadata catalogMetadata = catalog.get();
        ConnectorSession connectorSession = session.toConnectorSession(catalogMetadata.getConnectorId());
        for (ConnectorId connectorId : catalogMetadata.listConnectorIds()) {
            ConnectorMetadata metadata = catalogMetadata.getMetadataFor(connectorId);
            grantInfos.addAll(metadata.listTablePrivileges(connectorSession, tablePrefix));
        }
    }
    return ImmutableList.copyOf(grantInfos.build());
}
Also used : ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) ImmutableSet(com.google.common.collect.ImmutableSet) SchemaTablePrefix(com.facebook.presto.spi.SchemaTablePrefix) ConnectorSession(com.facebook.presto.spi.ConnectorSession) ConnectorMetadata(com.facebook.presto.spi.connector.ConnectorMetadata) GrantInfo(com.facebook.presto.spi.security.GrantInfo) ConnectorId(com.facebook.presto.spi.ConnectorId)

Aggregations

GrantInfo (com.facebook.presto.spi.security.GrantInfo)3 MetastoreContext (com.facebook.presto.hive.metastore.MetastoreContext)2 ImmutableList (com.google.common.collect.ImmutableList)2 ImmutableList.toImmutableList (com.google.common.collect.ImmutableList.toImmutableList)2 HivePrivilegeInfo (com.facebook.presto.hive.metastore.HivePrivilegeInfo)1 ConnectorId (com.facebook.presto.spi.ConnectorId)1 ConnectorSession (com.facebook.presto.spi.ConnectorSession)1 SchemaTableName (com.facebook.presto.spi.SchemaTableName)1 SchemaTablePrefix (com.facebook.presto.spi.SchemaTablePrefix)1 ConnectorMetadata (com.facebook.presto.spi.connector.ConnectorMetadata)1 PrestoPrincipal (com.facebook.presto.spi.security.PrestoPrincipal)1 PrivilegeInfo (com.facebook.presto.spi.security.PrivilegeInfo)1 ImmutableSet (com.google.common.collect.ImmutableSet)1 ImmutableSet.toImmutableSet (com.google.common.collect.ImmutableSet.toImmutableSet)1